PhilliePhan
Central Scrutinizer
Moderator
1,942 posts since Dec 2006
Reputation Points: 184
Solved Threads: 110
Hardware and Software
>
Microsoft Windows
>
Viruses, Spyware and other Nasties
>
The File does not have a program associated with it for performing this action.
Have something to say? Contribute New Article Reply to this Article The File does not have a program associated with it for performing this action.
Running Win XP Home, SP-3 and, without any warning, suddenly got "The file does not have a program associated with it for performing this action. Create an association in the folder options panel" error message with almost everything I try to light up from Desktop or the start tower. Not everything, mind you, but more than half of my programs. I've researched until I'm blue in the face -- nothing works. I can use My Computer and do a work-around to get everything, but it's a royal pain having to take that many steps to open a file like My Documents, My Pictures, etc. If this is the wrong forum, I apologize. I have absolutely no clue as to where this query should go.
Running Win XP Home, SP-3 and, without any warning, suddenly got "The file does not have a program associated with it for performing this action. Create an association in the folder options panel" error message with almost everything I try to light up from Desktop or the start tower. Not everything, mind you, but more than half of my programs. I've researched until I'm blue in the face -- nothing works. I can use My Computer and do a work-around to get everything, but it's a royal pain having to take that many steps to open a file like My Documents, My Pictures, etc. If this is the wrong forum, I apologize. I have absolutely no clue as to where this query should go.
I tried very hard to follow all of your instructions, but I'm afraid there were just to many for an old man to comprehend. I ran the MS Malicious Removal Tool and it reported no errors found. I downloaded and ran two (the first two) of the three programs you asked for and ran both of them. I lost track of the what to do with them so I Emailed both logs to myself (Sorry, I couldn't think of any other way to save them and I'm obviously not a geek). The third program (gt500.org MBA-M) timed out three consecutive tries and wouldn't download and I don't have a clue in the world was DDS.txt is, how to find it and anything else about it. Far too complicated for this old man. I guess I'm a hopeless cause, huh? Thanks for your time, anyway.
Far too complicated for this old man. I guess I'm a hopeless cause, huh? Thanks for your time, anyway.
Nah - nobody is hopeless :)
Hang in there - we can talk you through most of this stuff, if need be.
-- Did you trySystem Restore and restoring your computer to a time when all was working as it should?
That would be a good step - let us know if you need help trying that.
Also, try this:
Download OTL.exe to the Desktop.
-- Run it and click Scan All Users and then hit Quick Scan and post me the Two resulting logs. They should open automatically in notepad. They should also be saved next to OTL.exe
Just copy and paste them into the thread here for us.
PP:)
PhilliePhan
Central Scrutinizer
Moderator
1,942 posts since Dec 2006
Reputation Points: 184
Solved Threads: 110
I hope this is what you want....
OTL logfile created on: 2/15/2011 10:32:57 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Dell\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 23.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 40.17 Gb Free Space | 53.94% Space Free | Partition Type: NTFS
Computer Name: DELLHILL | User Name: Dell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/02/15 22:32:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
PRC - [2011/01/22 08:59:46 | 006,416,120 | ---- | M] (Prevx) -- C:\Program Files\Prevx\prevx.exe
PRC - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/01/10 09:24:20 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/01/10 09:24:20 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010/12/03 14:35:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/03 14:35:08 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/10/15 15:05:25 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/08/30 08:25:04 | 000,025,976 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2008/04/17 03:33:14 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/12/30 16:43:58 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
========== Modules (SafeList) ==========
MOD - [2011/02/15 22:32:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (SolutoService)
SRV - File not found [On_Demand | Stopped] -- -- (ServiceLayer)
SRV - File not found [Disabled | Stopped] -- -- (AOL TopSpeedMonitor)
SRV - File not found [Auto | Stopped] -- -- (AntiVirUpgradeService)
SRV - File not found [Auto | Stopped] -- -- (0254121294069036mcinstcleanup) McAfee Application Installer Cleanup (0254121294069036)
SRV - [2011/01/22 08:59:46 | 006,416,120 | ---- | M] (Prevx) [Auto | Running] -- C:\Program Files\Prevx\prevx.exe -- (CSIScanner)
SRV - [2011/01/10 09:24:20 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/01/10 09:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/04/17 03:33:14 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2003/03/03 14:33:40 | 000,143,360 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
========== Driver Services (SafeList) ==========
DRV - [2011/02/15 07:04:16 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1209F0C6-A8E6-4716-8786-4E7511A452F9}\MpKslb60d81a3.sys -- (MpKslb60d81a3)
DRV - [2011/01/22 08:59:47 | 000,076,696 | ---- | M] (Prevx) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pxrts.sys -- (pxrts)
DRV - [2011/01/22 08:59:47 | 000,032,008 | ---- | M] (Prevx) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\pxscan.sys -- (pxscan)
DRV - [2011/01/22 08:59:46 | 000,026,096 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pxkbf.sys -- (pxkbf)
DRV - [2010/11/01 20:50:32 | 000,181,704 | ---- | M] (Soluto LTD.) [File_System | Boot | Stopped] -- C:\WINDOWS\system32\DRIVERS\PCGenFAM.sys -- (PCGenFAM)
DRV - [2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\psi_mf.sys -- (PSI)
DRV - [2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ccdcmb.sys -- (nmwcd)
DRV - [2009/01/11 14:49:46 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/10/03 18:29:30 | 003,331,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/20 13:09:04 | 000,093,544 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/06 11:51:14 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2007/06/06 18:52:14 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2007/06/06 18:52:12 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2006/10/19 11:11:40 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gan_adapter.sys -- (hamachi_oem)
DRV - [2006/08/11 08:42:42 | 003,958,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2004/08/04 00:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 00:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 00:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 00:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 00:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 00:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 00:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 00:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 00:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 00:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/04/13 20:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/11/08 14:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/08/30 07:58:32 | 000,026,921 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2002/08/30 07:58:04 | 002,166,454 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2002/08/30 07:49:48 | 000,447,921 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52) Intel(R)
DRV - [2002/08/29 06:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKNB.SYS -- (NwlnkNb)
DRV - [2002/08/29 06:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NWLNKSPX.SYS -- (NwlnkSpx)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.foxnews.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: [email]jqs@sun.com[/email]:1.0
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email]bkmrksync@nokia.com[/email]:1.0.0.732
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {6e098d65-7d2d-46d4-ada0-2f882a29f795}:0.2.3
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - HKLM\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/30 14:56:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/06/24 21:13:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/22 21:18:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/27 23:14:46 | 000,000,000 | ---D | M]
[2008/06/17 17:26:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Extensions
[2011/02/15 19:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions
[2010/04/28 08:40:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/09 15:25:56 | 000,000,000 | ---D | M] (CHM Reader) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{6e098d65-7d2d-46d4-ada0-2f882a29f795}
[2010/02/19 11:12:12 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2010/12/24 01:41:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/07/11 08:48:16 | 000,000,000 | ---D | M] ("Better Gmail 2") -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\bettergmail2@ginatrapani(2).org
[2005/11/09 09:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\extensions\temp
[2008/08/07 14:09:29 | 000,002,432 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\searchplugins\google-windows-related-site-search.xml
[2008/08/07 14:09:18 | 000,002,011 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\searchplugins\support-alert.xml
[2008/08/07 14:09:08 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Mozilla\Firefox\Profiles\oc92awt8.default\searchplugins\windowssecretscom.xml
[2011/02/15 19:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/17 16:15:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/13 11:36:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/03 19:29:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/23 23:03:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/03/30 14:56:01 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX
[2010/04/17 16:14:54 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/06/24 21:13:28 | 000,000,000 | ---D | M] (PC Sync 2 Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 7\BKMRKSYNC
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/06/03 19:47:44 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2008/06/14 10:10:36 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2010/11/20 04:37:49 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
O1 HOSTS File: ([2011/02/12 00:13:14 | 000,430,398 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 14818 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SafeOnline BHO) - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\WINDOWS\SYSTEM32\PxSecure.dll (Prevx)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [IntelliType] C:\Program Files\Microsoft Hardware\Keyboard\type32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SYSTEM32\nwprovau.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([fighterace] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([primary] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: ketsujin.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: myfoxdfw.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: nascar.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: redsox.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: shavlik.com ([it] https in Local intranet)
O15 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\..Trusted Domains: stormofaces.com ([www] https in Trusted sites)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} https://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab (Reg Error: Value error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} Reg Error: Value error. (WUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38029.4850231481 (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} http://download.abacast.com/download/files/abasetup145.cab (Reg Error: Value error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:1 (Intelligent Desktop - intelligentdesktop.com) - http://active.intelligentdesktop.com/active/?18124967
O24 - Desktop WallPaper: C:\Documents and Settings\Dell\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dell\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 09:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{512fd52c-e472-11de-a3da-000cf1894cea}\Shell - "" = AutoRun
O33 - MountPoints2\{512fd52c-e472-11de-a3da-000cf1894cea}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (pgdfgsvc C 1) - C:\WINDOWS\System32\pgdfgsvc.exe (Sysinternals - www.sysinternals.com )
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-1161000041-103622024-1128190783-1008\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/02/15 22:32:22 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
[2011/02/01 22:27:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell\Application Data\Foxit Software
[2011/01/27 23:13:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2011/01/27 22:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell\Local Settings\Application Data\Secunia PSI
[2011/01/27 22:51:59 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/01/27 21:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/01/26 10:21:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2011/01/25 02:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dell\My Documents\Carolyn
[2011/01/24 23:38:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/01/22 08:59:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Prevx 3.0
[2011/01/22 08:59:48 | 000,071,880 | ---- | C] (Prevx) -- C:\WINDOWS\System32\PxSecure.dll
[2011/01/22 08:59:47 | 000,076,696 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2011/01/22 08:59:47 | 000,032,008 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys
[2011/01/22 08:59:46 | 000,026,096 | ---- | C] (Prevx) -- C:\WINDOWS\System32\drivers\pxkbf.sys
[2011/01/22 08:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\Prevx
[2011/01/22 08:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2009/07/22 10:58:32 | 218,123,672 | ---- | C] (Microsoft Corporation) -- C:\Program Files\fsx_sp1_ENU.exe
[2008/01/29 00:07:04 | 005,152,645 | ---- | C] (WSI ) -- C:\Program Files\IntellicastDesktopSetup.exe
[2008/01/27 18:52:57 | 000,210,416 | ---- | C] (Check Point Software Technologies LTD) -- C:\Program Files\zaSetup_en.exe
[2007/07/11 00:24:22 | 005,388,088 | ---- | C] (Google Inc.) -- C:\Program Files\picasaweb-current-setup.exe
[2007/07/02 18:10:09 | 027,024,112 | ---- | C] (Microsoft Corporation) -- C:\Program Files\PowerPointViewer.exe
[2006/12/05 10:33:41 | 012,684,992 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp532_full_bundle_emusic-7plus.exe
[2006/10/03 02:15:25 | 000,243,512 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jre-1_5_0_06-windows-i586-p-iftw.exe
[2006/08/31 16:05:24 | 001,813,480 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msnsusii.exe
[2006/07/01 10:47:55 | 004,908,904 | ---- | C] (Google Inc.) -- C:\Program Files\picasa2Setup.exe
[2006/02/03 03:19:08 | 000,174,952 | ---- | C] (CoreStreet, Ltd.) -- C:\Program Files\spoofstick-ie.exe
[2004/01/20 11:48:18 | 016,706,160 | ---- | C] (Netopsystems AG) -- C:\Program Files\AdbeRdr60_enu_full.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/02/15 22:32:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dell\Desktop\OTL.exe
[2011/02/15 22:10:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/15 21:10:11 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\g8krz21g.exe
[2011/02/15 21:09:48 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\dds(2).scr
[2011/02/15 21:09:40 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\dds.scr
[2011/02/15 18:00:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2011/02/15 16:10:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/15 13:29:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/02/15 06:57:43 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/02/15 06:53:17 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/02/15 06:51:01 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job
[2011/02/15 06:50:52 | 000,056,728 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2011/02/15 06:50:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/02/15 00:33:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2011/02/12 11:32:16 | 000,007,460 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo2.jpg
[2011/02/12 11:15:14 | 000,013,280 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo.jpg
[2011/02/12 08:59:33 | 000,050,475 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\the maxwellian cheese dog.jpg
[2011/02/12 00:13:14 | 000,430,398 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\HOSTS
[2011/02/11 20:22:20 | 000,248,169 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\Carolyn Obit(2).jpg
[2011/02/11 15:00:01 | 000,019,067 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Arizona-Warning-Sign.jpg
[2011/02/09 10:00:35 | 000,283,720 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/09 09:58:59 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/06 22:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2011/02/06 11:52:07 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\Dell\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/06 11:27:00 | 000,592,760 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\HPIM2399.JPG
[2011/02/06 11:14:00 | 000,516,801 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\HPIM2400.JPG
[2011/02/04 21:30:30 | 000,019,896 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Buddy Holly and Tommy Allsup.jpg
[2011/02/04 16:07:06 | 000,094,760 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Katrina2005.jpg
[2011/02/01 13:34:20 | 000,664,576 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\MicrosoftFixit50602.msi
[2011/01/30 13:10:23 | 000,083,801 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\mideastm.jpg
[2011/01/29 23:35:06 | 000,058,753 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\freud-fear-of-weapons.jpg
[2011/01/28 02:29:46 | 000,429,737 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.20110212-001314.backup
[2011/01/27 23:51:08 | 001,346,612 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\pc-decrapifier-2.2.5.exe
[2011/01/27 23:10:15 | 000,000,937 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2011/01/27 22:52:36 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/01/27 21:26:57 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/01/27 21:26:15 | 000,001,716 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\Microsoft Security Essentials.lnk
[2011/01/26 13:42:06 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Some women are just lucky.doc
[2011/01/26 13:24:22 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2011/01/26 10:22:53 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/01/25 17:00:54 | 000,076,273 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\prom-date.jpg
[2011/01/24 23:31:23 | 000,000,211 | RHS- | M] () -- C:\BOOT.INI
[2011/01/24 14:32:09 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Dell\Desktop\default-to-filext.exe
[2011/01/24 01:50:22 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Prevx 3.0.lnk
[2011/01/23 00:22:52 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/01/22 21:18:03 | 000,001,656 | ---- | M] () -- C:\Documents and Settings\Dell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/22 21:18:03 | 000,001,638 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/22 08:59:48 | 000,071,880 | ---- | M] (Prevx) -- C:\WINDOWS\System32\PxSecure.dll
[2011/01/22 08:59:47 | 000,076,696 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxrts.sys
[2011/01/22 08:59:47 | 000,032,008 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxscan.sys
[2011/01/22 08:59:46 | 000,026,096 | ---- | M] (Prevx) -- C:\WINDOWS\System32\drivers\pxkbf.sys
[2011/01/22 08:59:34 | 000,000,212 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2011/01/19 13:36:02 | 000,429,177 | R--- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts.20110128-022946.backup
[2011/01/17 15:03:50 | 000,012,756 | ---- | M] () -- C:\Documents and Settings\Dell\My Documents\Tea Party MassacreFB.jpg
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/02/15 21:10:00 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\g8krz21g.exe
[2011/02/15 21:09:43 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\dds(2).scr
[2011/02/15 21:09:16 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\dds.scr
[2011/02/12 17:40:26 | 000,007,460 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo2.jpg
[2011/02/12 17:40:15 | 000,013,280 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\RedSoxLogo.jpg
[2011/02/12 17:40:05 | 000,050,475 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\the maxwellian cheese dog.jpg
[2011/02/12 00:08:32 | 000,019,067 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Arizona-Warning-Sign.jpg
[2011/02/11 20:22:19 | 000,248,169 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\Carolyn Obit(2).jpg
[2011/02/06 11:53:14 | 003,390,035 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\Men's Auxiliary Patch.jpg
[2011/02/06 11:53:03 | 000,516,801 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\HPIM2400.JPG
[2011/02/06 11:52:50 | 000,592,760 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\HPIM2399.JPG
[2011/02/05 02:48:55 | 000,094,760 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Katrina2005.jpg
[2011/02/05 02:48:47 | 000,019,896 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Buddy Holly and Tommy Allsup.jpg
[2011/02/02 20:53:06 | 000,118,680 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Picture 001.jpg
[2011/02/02 20:52:59 | 000,192,438 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Picture 004.jpg
[2011/02/02 20:52:54 | 000,182,998 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Picture 003.jpg
[2011/02/01 13:34:16 | 000,664,576 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\MicrosoftFixit50602.msi
[2011/01/31 20:41:00 | 000,083,801 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\mideastm.jpg
[2011/01/30 13:56:23 | 000,058,753 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\freud-fear-of-weapons.jpg
[2011/01/27 23:51:05 | 001,346,612 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\pc-decrapifier-2.2.5.exe
[2011/01/27 22:52:36 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/01/27 22:52:36 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2011/01/27 21:31:42 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/01/27 21:26:57 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/01/27 21:26:15 | 000,001,716 | ---- | C] () -- C:\Documents and Settings\Dell\Desktop\Microsoft Security Essentials.lnk
[2011/01/26 13:10:20 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Some women are just lucky.doc
[2011/01/26 10:21:53 | 000,002,561 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
[2011/01/25 20:48:56 | 000,076,273 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\prom-date.jpg
[2011/01/24 01:50:22 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Prevx 3.0.lnk
[2011/01/18 03:31:34 | 000,012,756 | ---- | C] () -- C:\Documents and Settings\Dell\My Documents\Tea Party MassacreFB.jpg
[2011/01/06 13:57:18 | 000,006,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/06 13:55:41 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/03/16 20:26:34 | 000,001,616 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\monFDE.log
[2010/02/18 13:59:04 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Pt.dll
[2010/01/09 15:56:57 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/01/09 15:55:11 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\swk.ini
[2009/12/08 22:30:37 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Dell\Application Data\monFDE.log
[2009/01/11 14:49:45 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/16 18:15:48 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2008/10/29 23:51:04 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2008/04/03 16:32:58 | 046,804,880 | ---- | C] () -- C:\Program Files\zlsSetup_70_470_000_en.exe
[2008/01/27 17:34:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2007/09/27 12:16:39 | 004,310,568 | ---- | C] () -- C:\Program Files\Garmin WebUpdater_241.exe
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/03/29 11:14:57 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/03/29 11:14:56 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/03/29 11:14:56 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/03/29 11:14:56 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/03/29 11:14:44 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/03/29 11:14:39 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2007/03/29 11:14:38 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007/02/18 16:55:19 | 011,739,056 | ---- | C] () -- C:\Program Files\ndntenst.exe
[2007/01/17 12:43:06 | 001,067,016 | ---- | C] () -- C:\Program Files\advisor.exe
[2006/11/04 22:59:14 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Dell\Local Settings\Application Data\fusioncache.dat
[2006/02/03 03:19:48 | 000,015,404 | ---- | C] () -- C:\Program Files\spoofstick-firefox.xpi
[2005/08/31 12:43:32 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\resourceGeneric.dll
[2004/08/02 15:35:54 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\tr98s2n61c.dll
[2004/03/08 08:01:21 | 002,674,213 | ---- | C] () -- C:\Program Files\aida32ne_393.exe
[2004/02/21 01:48:26 | 000,000,512 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2004/02/21 01:48:26 | 000,000,031 | ---- | C] () -- C:\WINDOWS\wisec.ini
[2004/02/21 01:48:26 | 000,000,017 | ---- | C] () -- C:\WINDOWS\WINTOYS.INI
[2004/02/21 01:48:25 | 000,271,264 | ---- | C] () -- C:\WINDOWS\VBRUN100.DLL
[2004/02/21 01:48:25 | 000,019,200 | ---- | C] () -- C:\WINDOWS\WEPUTIL.DLL
[2004/02/21 01:48:25 | 000,000,212 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/02/21 01:48:25 | 000,000,152 | ---- | C] () -- C:\WINDOWS\upst.ini
[2004/02/21 01:48:25 | 000,000,028 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/02/21 01:48:24 | 000,000,823 | ---- | C] () -- C:\WINDOWS\tsc.ini
[2004/02/21 01:48:23 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingox.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo5c.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo2x.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo2.INI
[2004/02/21 01:48:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\slingo.INI
[2004/02/21 01:48:15 | 000,000,041 | ---- | C] () -- C:\WINDOWS\Piggybak.ini
[2004/02/21 01:48:15 | 000,000,032 | ---- | C] () -- C:\WINDOWS\PBUpdate.ini
[2004/02/21 01:48:14 | 000,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini
[2004/02/21 01:48:14 | 000,000,020 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/02/21 01:48:13 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2004/02/21 01:48:12 | 000,071,749 | ---- | C] () -- C:\WINDOWS\hcextoutput.dll
[2004/02/21 01:48:12 | 000,003,999 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2004/02/21 01:48:12 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2004/02/21 01:48:12 | 000,000,223 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI
[2004/02/21 01:48:12 | 000,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/02/21 01:48:12 | 000,000,155 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2004/02/21 01:48:11 | 000,000,070 | ---- | C] () -- C:\WINDOWS\7532E836.ini
[2004/02/21 01:48:11 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/01/25 17:04:50 | 000,038,747 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/01/03 21:58:36 | 000,002,530 | ---- | C] () -- C:\WINDOWS\FiveCardFrenzy.ini
[2004/01/03 13:59:59 | 000,003,953 | R--- | C] () -- C:\WINDOWS\System32\coinst.dll
[2004/01/03 07:01:48 | 000,000,075 | ---- | C] () -- C:\WINDOWS\USBBC.ini
[2004/01/03 07:01:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MDI.INI
[2004/01/02 10:07:20 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\gicscal.dll
[2004/01/02 10:07:20 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\ICSHLink.dll
[2004/01/02 10:07:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Calendar.INI
[2003/12/28 11:05:20 | 000,000,044 | ---- | C] () -- C:\WINDOWS\PhotoFantasy.ini
[2003/12/28 11:04:37 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2003/12/26 14:18:40 | 000,000,054 | ---- | C] () -- C:\WINDOWS\autmtst.ini
[2003/12/26 11:14:30 | 000,068,100 | ---- | C] () -- C:\WINDOWS\System32\Cheetah2.DLL
[2003/12/26 10:01:15 | 000,000,026 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/11/22 04:03:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/11/22 04:02:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/11/22 03:53:20 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/11/22 03:37:37 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/11/22 03:26:54 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/10/11 23:32:13 | 000,000,174 | ---- | C] () -- C:\WINDOWS\System32\mcini.ini
[2003/10/11 23:13:05 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Dell\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/03/27 14:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2002/12/10 00:00:00 | 001,708,032 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[2002/12/10 00:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[2002/12/10 00:00:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[2002/09/18 16:10:08 | 000,001,305 | ---- | C] () -- C:\Program Files\Readme.txt
[2002/09/18 16:08:26 | 000,000,359 | ---- | C] () -- C:\Program Files\File_ID.DIZ
[2002/09/03 09:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/08/29 06:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_007354_.tmp.dll
[2002/08/29 06:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_007322_.tmp.dll
[2000/04/14 16:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[1999/07/23 13:46:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 10:53:20 | 000,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\sysres.dll
[1998/06/11 14:08:06 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[1996/05/08 17:38:40 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\UNRAR.dll
[1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
========== LOP Check ==========
[2010/01/09 18:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2009/03/23 22:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2010/02/19 17:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2010/06/25 15:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008/01/27 18:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MailFrontier
[2009/12/08 22:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2010/06/25 15:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2008/05/11 15:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OLYMPUS
[2010/01/09 15:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/06/24 21:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/02/13 08:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrevxCSI
[2008/02/12 23:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Retrospect
[2008/12/16 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/05/10 15:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2011/02/15 00:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/05/10 17:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2008/01/27 16:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visual Networks
[2008/12/06 09:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2008/11/17 23:36:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2010/03/23 10:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2009/10/01 08:37:51 | 000,000,252 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2003/10/08 01:08:18 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 1.job
[2011/02/15 06:57:43 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/02/15 18:00:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration.job
[2011/02/15 00:33:00 | 000,000,414 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version2.job
[2011/02/15 06:51:01 | 000,000,262 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job
[2011/02/06 22:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 155 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >
Your doing well for an "old timer" :) I'll let PhilliePhan complete this but it appears your registry might need some attention. System restore could fix it but as I say let Phillie take a look first.
Thanks for your encouraging words. It really isn't easy when the nomenclature gets reduced to code after code after code and a lot of people assume that you know what they're talking about -- and you're totally lost. I've run this same machine for 11 years and figured out how to solve any and all problems to date, but this one has me beating my head against the wall. I'll await further instructions from PhilliePhan.
I've run this same machine for 11 years and figured out how to solve any and all problems to date, but this one has me beating my head against the wall. I'll await further instructions from PhilliePhan.
I am going to need some time to run through the log - bit overextended at the moment.
With any luck, one of the other volunteers can chime in. If not, no worries - Iwill get back to you as soon as I am able.
-- Did you try a System Restore? Is that a viable option for you? Do you need help with that?
In cases such as this, it is usually a good place to start.
Hang in there :)
PP
PhilliePhan
Central Scrutinizer
Moderator
1,942 posts since Dec 2006
Reputation Points: 184
Solved Threads: 110
If it's any consolation I had the same problem with Windows 7 up to a week ago when finally I found an answer. It was a registry problem which is what leads me to thinking there may be similarities. Took two weeks of searching but I got it. I too am a self directed learner so you are not alone. At least your in the right place.
Yes, I tried System Restore as one of my first efforts to cure the problem. I tried all of the available dates listed...to no avail.
Yes, I tried System Restore as one of my first efforts to cure the problem. I tried all of the available dates listed...to no avail.
Two quick questions:
-- What is this?
C:\Program Files\Soluto
-- Can you get a command prompt?
START > RUN > type CMD and hit Enter
PhilliePhan
Central Scrutinizer
Moderator
1,942 posts since Dec 2006
Reputation Points: 184
Solved Threads: 110
Two quick questions:
-- What is this?
C:\Program Files\Soluto
A software pgm that monitored startup programs. I tried it; didn't like it and removed it.
-- Can you get a command prompt?
START > RUN > type CMD and hit Enter
Yes, I can get a CMD Prompt window open.
A software pgm that monitored startup programs. I tried it; didn't like it and removed it.
Looks like that left some damage in a critical part of the registry. Let's do this:
Open a command prompt and type or Copy&Paste the following:REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V "Userinit" /D "C:\WINDOWS\system32\userinit.exe," /F
Then, hit Enter and then REBOOT your machine and let me know if that helped.
Probably best to copy&paste, if possible so there are no errors.
If you type it, be advised that there are spaces in the command and all the punctuation is necessary:
REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V "Userinit" /D "C:\WINDOWS\system32\userinit.exe," /F
Let me know how that all shakes out and if you had any problems along the way - I'll have to check back Wednesday evening EST.
Best Luck :)
PP
PhilliePhan
Central Scrutinizer
Moderator
1,942 posts since Dec 2006
Reputation Points: 184
Solved Threads: 110
Looks like that left some damage in a critical part of the registry. Let's do this:
Open a command prompt and type or Copy&Paste the following:
REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V "Userinit" /D "C:\WINDOWS\system32\userinit.exe," /F
Then, hit Enter and then REBOOT your machine and let me know if that helped.
Nope. I did as instructed (C & P) and it was successful. On reboot, same problem.
I'm retired, so any time you can help, I'll be here. Thanks!
I would still do a backup of the registry before you do anything but you most likely would do that anyway.
I would still do a backup of the registry before you do anything but you most likely would do that anyway.
That is definitely something to consider if we do anything drastic there. ERUNT is a good tool for that.
I'm retired, so any time you can help, I'll be here. Thanks!
Great - these problems sometimes take a while to figure out. With any luck, we'll both learn something in the process :)
Open a command prompt and type:assoc >>C:\log.txt ENTER
Please copy&paste the C:\log.txt for me.
Note: the command is assoc >>C:\log.txt
Let's see what that says - I think I might be barking up the wrong tree, though.
-- Did you try changing the file associations via Folder Options > File Types Tab?
I'll check it tonight when I get home.
PP:)
PhilliePhan
Central Scrutinizer
Moderator
1,942 posts since Dec 2006
Reputation Points: 184
Solved Threads: 110
"Open a command prompt and type:
assoc >>C:\log.txt ENTER"
I did the above and nothing happened. The cursor simply dropped down as though it wanted another command.
I looked at the Folder Option in the Control Panel but immediately became totally confused and got my butt out of there before I did more damage. We're talking about the file extensions for just about every Windows service and -- having NO knowledge of that -- I backed out.
ERUNT is on board and running.
So you were able to use it to backup the registry with no problems?I did the above and nothing happened. The cursor simply dropped down as though it wanted another command.
Right - The log will be at C:\log.txt . Just navigate to that and post the Log.txt.
Actually, let's do this:
Fire up another command prompt and type or Copy&Paste the commands in red (being careful of the spaces if you type them):
REG QUERY "HKEY_CLASSES_ROOT\Exefile\Shell\Open" >>C:\Log.txt
Hit ENTER
REG QUERY "HKEY_CLASSES_ROOT\Exefile\Shell\Open\Command" >>C:\Log.txt
Hit ENTER
Notepad C:\Log.txt
Hit ENTER
This will add to the existing C:\log.txt and should pop the log right up for you - copy and paste the contents for me.
-- This is curious - the values look OK in the OTL log + you are able to run the programs, just not form those locations.
Hang in there :)
PP
PhilliePhan
Central Scrutinizer
Moderator
1,942 posts since Dec 2006
Reputation Points: 184
Solved Threads: 110
This question has already been solved
You
View similar articles that have also been tagged:
winxp
© 2012 DaniWeb® LLC
