Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Still getting Google Redirects after MalwareBytes removed System Smart


  • Please log in to reply

#1
Mag82

Mag82

    New Member

  • Member
  • Pip
  • 1 posts
I got fake security virus and search engine redirects. Firefox and IE8.
I ran malwarebytes and got rid of a couple of viruses - system smart and HIjack search page.
Seemed ok - but kknow the redirects are back - I tried to run TDssskiller - it stops at 80% and I have to reboot to clear it.
I booted to repair console - ran FIXMBR - Still no change.

So I did some dumb stuff like run StopZilla, SAS, ComboFix and Combofix /u and some thing called regrun69 I had read about on a forum.
Nothing seemes to help.

I uninstalled AVG for combofix, uninstalled SAS, StopZilla, RegRun69, Combofix.
I could really use the help of someone who acctually knows what to do.
Thanks in advance!

I will attach logs from Malwarebytes and OTL....
Thanks again for being here.

-----------1st MBAM scan-------------------------------
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6981

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/29/2011 5:19:13 PM
mbam-log-2011-06-29 (17-19-13).txt

Scan type: Quick scan
Objects scanned: 194535
Time elapsed: 4 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 17
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\System Smart Security (Rogue.SystemSmartSecurity) -> Value: System Smart Security -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\0 (Security.Hijack) -> Value: 0 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\1 (Security.Hijack) -> Value: 1 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\2 (Security.Hijack) -> Value: 2 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\3 (Security.Hijack) -> Value: 3 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\4 (Security.Hijack) -> Value: 4 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\5 (Security.Hijack) -> Value: 5 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\6 (Security.Hijack) -> Value: 6 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\7 (Security.Hijack) -> Value: 7 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\8 (Security.Hijack) -> Value: 8 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\9 (Security.Hijack) -> Value: 9 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\10 (Security.Hijack) -> Value: 10 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\11 (Security.Hijack) -> Value: 11 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\12 (Security.Hijack) -> Value: 12 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\13 (Security.Hijack) -> Value: 13 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\14 (Security.Hijack) -> Value: 14 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\15 (Security.Hijack) -> Value: 15 -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CLASSES_ROOT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/...q={searchTerms}) Good: (http://www.google.co...age={startPage}) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\all users\application data\c8a313\ssc8a_287.exe (Rogue.SystemSmartSecurity) -> Quarantined and deleted successfully.

---------2nd MBAM scan --------------------------------
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6981

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/29/2011 5:27:00 PM
mbam-log-2011-06-29 (17-27-00).txt

Scan type: Quick scan
Objects scanned: 194596
Time elapsed: 4 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

----------------------OTL Log----------------------------------------------


OTL logfile created on: 7/1/2011 2:33:19 PM - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = C:\Documents and Settings\Lisette\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 80.93% Memory free
2.52 Gb Paging File | 2.33 Gb Available in Paging File | 92.57% Paging File free
Paging file location(s): C:\pagefile.sys 750 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 180.89 Gb Total Space | 145.60 Gb Free Space | 80.49% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.40 Gb Free Space | 74.98% Space Free | Partition Type: FAT32
Drive H: | 5.41 Gb Total Space | 3.93 Gb Free Space | 72.72% Space Free | Partition Type: NTFS
Drive I: | 589.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: USER-A453EA188F | User Name: Lisette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/30 21:35:26 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lisette\Desktop\OTL.exe
PRC - [2010/05/20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2008/09/20 15:47:24 | 000,334,968 | ---- | M] (The Neat Company) -- C:\Program Files\NeatWorks\exec\NeatWorksDatabaseController.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/08 13:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
PRC - [2007/09/05 09:53:48 | 000,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe


========== Modules (SafeList) ==========

MOD - [2011/06/30 21:35:26 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lisette\Desktop\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (SupportSoft RemoteAssist)
SRV - [2010/05/20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009/07/13 14:04:00 | 000,598,696 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\mldocoms.exe -- (mldo_device)
SRV - [2008/09/20 15:47:24 | 000,334,968 | ---- | M] (The Neat Company) [Auto | Running] -- C:\Program Files\NeatWorks\exec\NeatWorksDatabaseController.exe -- (NeatWorksDatabaseController)
SRV - [2008/01/08 13:02:16 | 001,213,728 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe -- (sprtlisten)
SRV - [2007/09/05 09:53:48 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/06/04 22:14:50 | 000,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007/06/04 22:14:50 | 000,131,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2007/05/24 07:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2006/09/13 10:32:12 | 000,128,536 | ---- | M] (iAnywhere Solutions, Inc.) [Auto | Stopped] -- C:\Program Files\Intuit\QuickBooks 2008\QBDBMgrN.exe -- (QuickBooksDB18)


========== Driver Services (SafeList) ==========

DRV - [2011/06/30 23:16:00 | 000,024,416 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\regguard.sys -- (RegGuard)
DRV - [2010/05/20 16:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2007/07/05 22:33:38 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CdaC15BA.SYS -- (CdaC15BA)
DRV - [2007/07/03 17:59:10 | 000,086,824 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV - [2007/07/03 17:58:20 | 000,106,792 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 17:57:24 | 000,011,944 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 17:54:24 | 000,080,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/05/31 15:08:08 | 000,219,520 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sndmi13.sys -- (SNDMI13) Mega Pixel Camera (8105 SXGA)
DRV - [2005/04/20 12:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/04/12 12:42:16 | 000,011,904 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/04/12 12:08:44 | 000,247,296 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/08/03 15:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2003/09/19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1E 49 CA D7 9B 37 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {C7E0B063-1DC2-4DD0-A502-1D67957B9ADE}:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/05/06 18:28:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/21 20:29:42 | 000,000,000 | ---D | M]

[2008/06/29 13:48:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lisette\Application Data\Mozilla\Extensions
[2011/01/03 12:33:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lisette\Application Data\Mozilla\Firefox\Profiles\izp3k5oz.default\extensions
[2009/11/11 11:57:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lisette\Application Data\Mozilla\Firefox\Profiles\izp3k5oz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/11/18 10:20:36 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Lisette\Application Data\Mozilla\Firefox\Profiles\izp3k5oz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/01/03 11:52:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/12/17 21:27:30 | 000,000,000 | ---D | M] (OneStepSearch) -- C:\Program Files\Mozilla Firefox\extensions\{C7E0B063-1DC2-4DD0-A502-1D67957B9ADE}
[2008/12/17 21:27:14 | 000,001,726 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\onestep196.xml
[2009/01/08 04:04:47 | 000,001,726 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\onestep210.xml

O1 HOSTS File: ([2011/07/01 00:56:49 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett_Packard\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\Hewlett_Packard\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - No CLSID value found.
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\Hewlett_Packard\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\Hewlett_Packard\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} http://dlm.tools.aka...vex-2.2.1.0.cab (DownloadManager Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1134606037609 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.87.69.146 10.1.10.40 10.1.10.2
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Lisette\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lisette\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {F552DDE6-2090-4bf4-B924-6141E87789A5} - C:\Program Files\Greatis\RegRunSuite\RRShell.dll (Greatis Software, LLC)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2005/12/14 17:15:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/06/30 23:11:44 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/06/30 23:11:46 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2011/06/30 23:11:46 | 000,000,000 | RHSD | M] - H:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008/04/14 05:00:00 | 000,000,110 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/07/01 14:33:04 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lisette\Desktop\OTL.exe
[2011/07/01 02:17:55 | 001,448,752 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Lisette\Desktop\TDSSKiller.exe
[2011/07/01 02:17:49 | 000,607,017 | R--- | C] (Swearware) -- C:\Documents and Settings\Lisette\Desktop\dds.scr
[2011/07/01 01:32:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Lisette\Recent
[2011/06/30 23:16:00 | 000,024,416 | ---- | C] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2011/06/30 23:15:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Lisette\Start Menu\Programs\Disabled Startup Items
[2011/06/30 23:15:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Disabled Startup Items
[2011/06/30 23:11:44 | 000,000,000 | RHSD | C] -- C:\comment.htt
[2011/06/30 23:11:44 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2011/06/30 23:11:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lisette\My Documents\RegRun2
[2011/06/30 23:10:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\regruninfo
[2011/06/30 23:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\Greatis
[2011/06/30 21:46:14 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/06/30 20:41:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/06/30 20:32:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/06/30 18:49:33 | 000,000,000 | ---D | C] -- C:\0898ddf3d0db7db437
[2011/06/29 21:11:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/06/15 12:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/02/04 18:06:05 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\mldocoms.exe
[2011/02/04 18:06:05 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\mldoprox.dll
[2011/02/04 18:06:03 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\mldocomm.dll
[2011/02/04 18:06:02 | 000,954,368 | ---- | C] ( ) -- C:\WINDOWS\System32\mldousb1.dll
[2011/02/04 18:06:02 | 000,651,264 | ---- | C] ( ) -- C:\WINDOWS\System32\mldopmui.dll
[2011/02/04 18:06:02 | 000,369,320 | ---- | C] ( ) -- C:\WINDOWS\System32\mldocfg.exe
[2011/02/04 18:06:02 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\mldoiesc.dll
[2011/02/04 18:06:01 | 001,069,056 | ---- | C] ( ) -- C:\WINDOWS\System32\mldoserv.dll
[2011/02/04 18:06:01 | 000,856,064 | ---- | C] ( ) -- C:\WINDOWS\System32\mldocomc.dll
[2011/02/04 18:06:01 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\mldohbn3.dll
[2011/02/04 18:06:01 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\mldolmpm.dll
[2011/02/04 18:06:01 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\mldoinpa.dll
[2011/02/04 18:06:01 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\mldoih.exe
[2007/07/05 22:21:06 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2007/01/10 16:52:13 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csndmi13.dll
[2007/01/10 16:52:13 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsndmi13.dll
[2005/12/26 12:18:29 | 000,090,112 | R--- | C] ( ) -- C:\WINDOWS\System32\SCCD3X02.DLL
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/01 14:27:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/01 13:40:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2011/07/01 05:03:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/01 05:03:20 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/01 04:58:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/01 01:59:00 | 000,195,368 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/01 01:06:22 | 000,000,744 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/07/01 00:56:49 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/30 23:16:00 | 000,024,416 | ---- | M] (Greatis Software) -- C:\WINDOWS\System32\drivers\regguard.sys
[2011/06/30 23:15:49 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/06/30 23:15:49 | 000,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/06/30 23:15:49 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[2011/06/30 21:35:26 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lisette\Desktop\OTL.exe
[2011/06/30 04:48:04 | 000,607,017 | R--- | M] (Swearware) -- C:\Documents and Settings\Lisette\Desktop\dds.scr
[2011/06/29 17:22:11 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Lisette\Desktop\Shortcut to mbam.exe.lnk
[2011/06/28 19:13:28 | 001,448,752 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Lisette\Desktop\TDSSKiller.exe
[2011/06/27 09:42:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/15 12:43:50 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/01 02:17:46 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Lisette\Desktop\gmer.exe
[2011/07/01 01:05:36 | 000,000,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2011/06/30 23:11:44 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2011/06/30 23:10:22 | 000,057,556 | ---- | C] () -- C:\WINDOWS\guard.bmp
[2011/06/29 17:22:11 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Lisette\Desktop\Shortcut to mbam.exe.lnk
[2011/06/15 12:43:50 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/05/17 16:34:13 | 000,013,790 | -HS- | C] () -- C:\Documents and Settings\Lisette\Local Settings\Application Data\e14d740ogtqp53m3h02k070s66p503jed8e
[2011/05/17 16:34:13 | 000,013,790 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\e14d740ogtqp53m3h02k070s66p503jed8e
[2011/02/10 11:36:32 | 000,033,952 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/04 18:06:05 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\mldoinsb.dll
[2011/02/04 18:06:05 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\mldoinsr.dll
[2011/02/04 18:06:05 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\mldocur.dll
[2011/02/04 18:06:03 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\mldocu.dll
[2011/02/04 18:06:02 | 000,503,808 | ---- | C] () -- C:\WINDOWS\System32\mldoutil.dll
[2011/02/04 18:06:02 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\mldogrd.dll
[2011/02/04 18:06:02 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\mldoins.dll
[2011/02/04 18:06:01 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\mldocoin.dll
[2011/02/04 18:06:01 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\mldojswr.dll
[2011/02/04 18:06:01 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\mldocub.dll
[2011/02/04 18:06:01 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\mldovs.dll
[2011/01/04 18:10:33 | 000,363,008 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/10/10 08:02:19 | 000,000,032 | ---- | C] () -- C:\WINDOWS\actval.ini
[2010/05/18 17:38:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Game.INI
[2009/11/11 04:03:27 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/03/01 12:54:43 | 000,222,552 | ---- | C] () -- C:\WINDOWS\RM.exe
[2009/02/05 21:20:08 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\TTSServer.dll
[2008/10/07 19:34:04 | 000,151,427 | ---- | C] () -- C:\WINDOWS\hpwins11.dat
[2008/10/07 19:34:03 | 000,000,522 | ---- | C] () -- C:\WINDOWS\hpwmdl11.dat
[2008/06/29 13:48:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/01/26 19:34:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/12/25 18:27:02 | 000,000,611 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007/11/14 21:36:18 | 000,000,061 | ---- | C] () -- C:\WINDOWS\FSaver.ini
[2007/11/14 21:36:17 | 000,000,103 | ---- | C] () -- C:\WINDOWS\FPU.ini
[2007/07/26 13:11:34 | 000,000,063 | ---- | C] () -- C:\WINDOWS\MADCCS.INI
[2007/07/26 13:11:15 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007/06/27 10:24:54 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Lisette\Local Settings\Application Data\fusioncache.dat
[2007/01/11 11:28:20 | 000,000,071 | ---- | C] () -- C:\WINDOWS\pex.INI
[2007/01/11 11:25:34 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2007/01/10 16:52:16 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\sndmi13.dll
[2007/01/10 16:52:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\vsndmi13.exe
[2007/01/10 16:52:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\dsndmi13.dll
[2007/01/10 16:52:15 | 000,015,523 | ---- | C] () -- C:\WINDOWS\sndmi13.ini
[2007/01/10 16:52:14 | 000,219,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\sndmi13.sys
[2007/01/10 16:52:13 | 000,020,480 | ---- | C] () -- C:\WINDOWS\dsndmi13.exe
[2006/10/24 19:47:36 | 000,001,371 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/05/26 16:24:23 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/05/16 13:06:23 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/03/28 19:35:18 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2006/03/03 18:23:13 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/17 20:39:04 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/01/15 11:39:38 | 000,000,208 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2005/12/30 13:07:14 | 000,000,150 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/12/26 12:18:29 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\SCCD3X01.DLL
[2005/12/22 17:00:04 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\launch.xml
[2005/12/22 17:00:02 | 000,000,329 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\launcherData.xml
[2005/12/17 10:44:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Setup32.INI
[2005/12/14 22:35:57 | 000,019,790 | ---- | C] () -- C:\WINDOWS\HPHins02.dat
[2005/12/14 22:35:57 | 000,004,284 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat
[2005/12/14 22:35:38 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\hphped05.exe
[2005/12/14 22:35:33 | 000,006,478 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2005/12/14 17:26:15 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Lisette\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/14 17:17:25 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/12/14 17:12:19 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/12/14 09:05:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/12/14 09:04:38 | 000,195,368 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/04/08 12:52:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2004/08/03 18:07:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/03 18:07:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/03 18:07:00 | 000,491,832 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/03 18:07:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/03 18:07:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/03 18:07:00 | 000,090,402 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/03 18:07:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/03 18:07:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/03 18:07:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/03 18:07:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/03 18:07:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/03 18:07:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/11/26 17:10:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2003/11/26 17:10:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 12:00:00 | 000,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FEBEC560

< End of report >

----------------------OTL Extras------------------------------

OTL Extras logfile created on: 7/1/2011 2:33:19 PM - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = C:\Documents and Settings\Lisette\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 80.93% Memory free
2.52 Gb Paging File | 2.33 Gb Available in Paging File | 92.57% Paging File free
Paging file location(s): C:\pagefile.sys 750 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 180.89 Gb Total Space | 145.60 Gb Free Space | 80.49% Space Free | Partition Type: NTFS
Drive D: | 1.87 Gb Total Space | 1.40 Gb Free Space | 74.98% Space Free | Partition Type: FAT32
Drive H: | 5.41 Gb Total Space | 3.93 Gb Free Space | 72.72% Space Free | Partition Type: NTFS
Drive I: | 589.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: USER-A453EA188F | User Name: Lisette | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Hello\Hello.exe" = C:\Program Files\Hello\Hello.exe:*:Disabled:Hello! -- (Picasa, Inc.)
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- ()
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Program Files\Intuit\QuickBooks 2008\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2008\QBDBMgrN.exe:*:Enabled:QuickBooks 2008 Data Manager -- (iAnywhere Solutions, Inc.)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Documents and Settings\Lisette\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Lisette\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\mldocoms.exe" = C:\WINDOWS\system32\mldocoms.exe:*:Enabled:BARBIE DOLL'D UP NAILS Server -- ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\mldopswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\mldopswx.exe:*:Enabled:Printer Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\mldotime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\mldotime.exe:*:Enabled:Time Executable -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\mldojswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\mldojswx.exe:*:Enabled:Job Status Window Interface -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04E35C27-EB24-4DC5-94F4-3108B83E6994}" = Barbie Doll'd Up Nails Printer Driver
"{0684EECC-380C-4B97-8C51-5BDB9E4D679C}" = ArcSoft Software Suite
"{0CA49C4E-7B1C-460c-9DB8-4A7160CDF8D1}" = ProductContext
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411" = CanoScan LiDE 70
"{12E3B2CD-530F-4643-9A64-23E0D214A79D}" = ScanSoft PDF Professional 4
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1DEF8B27-D75B-4f2a-B723-C506047D1438}" = K8600
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{253FCC55-E03D-40D4-A407-3470BE4101C0}" = VistaPrint Electronic Business Card
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (NR2007)
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{369B36BE-3D64-4641-9AEA-808D436FE130}" = Microsoft Picture It! Express 7.0
"{3A98125E-B0AC-47E4-80D7-75DF75B13AA1}" = BPDSoftware_Ini
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{44B44E0E-B7F8-45D2-9B1F-B073D337A097}" = BPD_HPSU
"{4B8AB184-EE5E-4277-BB68-C352BE13DD7B}" = 8600_Help
"{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{647B6F8B-645C-4992-99D8-49202C689C05}" = Microsoft Text To Speech Engine
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69B078F7-E057-4488-AE6B-CB7BBEEE8DA6}" = HP Officejet Pro K8600 Series
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{746FB02B-1D03-43B7-917A-E1341AB69A00}" = Qwest Personal Digital Vault™
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BD1EAE4-2E08-4087-8600-44B0ACB0C887}" = NeatWorks Core Files
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D10D317-F8E0-4493-99AE-F6ADBB223553}" = BPDSoftware
"{8ECB8220-F422-4BEB-9596-97033C533702}" = QuickBooks Pro 2008
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90260409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3942004-F1ED-4099-B11F-E4AD507779E6}" = NeatScan To Office
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A4ECF10E-8914-4E29-9E48-8BE2F57558DC}" = ResumeMaker
"{A63E18AC-B504-4045-AFE6-A279BBABB988}" = Qwest QuickAssist Desktop Tools
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.1
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{BAB0F8F5-282A-45F1-B31A-EB894827456B}" = MPM
"{BD4FE0CD-7F6D-4E94-A48E-A4DD81F98DBD}" = Barbie Doll'd Up Nails
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C73F2967-062E-48F2-A462-D335B8950183}" = Safari
"{C96FF998-45BD-411E-9253-B7F2660FE280}" = Qwest Installer
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3894BF-96CD-4022-927E-286893ED91C9}" = Mega Pixel Camera (8105 SXGA)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF0EDB56-BBF6-3C9F-9C50-2E3B3D444641}" = Google Talk Plugin
"{CFB61C36-61C9-46E9-8AA3-6E5A896AC989}" = 8600_Readme
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 SE Basic
"{DC5A3749-4535-4EAD-842A-DDE976CC6B38}" = PS7900
"{DE2EBD6F-81B6-4E9A-B137-C11FD6790CFF}" = PSShortcutsP
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"{EFE26D3B-2789-4068-A5BB-77E389FAEB98}" = PSUsage
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F818A41D-3535-4949-83BB-E41121697A97}" = Sprint Desktop Sync
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"562F5F12C292EA241533CB07B24789FC68761A27" = Windows Driver Package - MATTEL Inkjet Drivers Printer (07/06/2009 1.0.1.22)
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"CCleaner" = CCleaner (remove only)
"Click&Create" = Click&Create
"High Flying Act - Interactive Storybook" = High Flying Act - Interactive Storybook
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{04E35C27-EB24-4DC5-94F4-3108B83E6994}" = Barbie Doll'd Up Nails Printer Driver
"InstallShield_{BD4FE0CD-7F6D-4E94-A48E-A4DD81F98DBD}" = Barbie Doll'd Up Nails
"InstallShield_{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"Kid Pix Deluxe 3" = Kid Pix Deluxe 3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NeatWorks" = NeatWorks
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Reader Rabbit 1st Grade" = Reader Rabbit 1st Grade
"Reader Rabbit Math Ages 6-9" = Reader Rabbit Math Ages 6-9
"Reader Rabbit Toddler" = Reader Rabbit Toddler
"Reader Rabbit® I Can Read! With Phonics" = Reader Rabbit® I Can Read! With Phonics
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"V5150s Digital Camera Driver" = V5150s Digital Camera Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.5.0.457
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/15/2011 9:54:10 PM | Computer Name = USER-A453EA188F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4297

Error - 5/15/2011 9:54:10 PM | Computer Name = USER-A453EA188F | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4297

Error - 5/16/2011 6:00:31 PM | Computer Name = USER-A453EA188F | Source = QuickBooks | ID = 4
Description =

Error - 5/16/2011 6:00:31 PM | Computer Name = USER-A453EA188F | Source = QuickBooks | ID = 4
Description =

Error - 5/16/2011 6:00:31 PM | Computer Name = USER-A453EA188F | Source = QuickBooks | ID = 4
Description =

Error - 5/16/2011 6:00:39 PM | Computer Name = USER-A453EA188F | Source = QuickBooks | ID = 4
Description =

Error - 5/21/2011 11:26:17 PM | Computer Name = USER-A453EA188F | Source = Application Error | ID = 1000
Description = Faulting application componentlauncher.exe, version 3.2.0.12228, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x00010a19.

Error - 6/11/2011 2:24:43 PM | Computer Name = USER-A453EA188F | Source = Application Error | ID = 1000
Description = Faulting application kpd3.exe, version 0.1.0.0, faulting module kpd3.exe,
version 0.1.0.0, fault address 0x000a030a.

Error - 6/27/2011 8:04:56 PM | Computer Name = USER-A453EA188F | Source = Microsoft Office 11 | ID = 2000
Description =

Error - 7/1/2011 12:58:21 AM | Computer Name = USER-A453EA188F | Source = MsiInstaller | ID = 11722
Description = Product: STOPzilla -- Message 1722. STOPzilla has canceled the removal
process!

[ OSession Events ]
Error - 11/8/2007 3:49:19 PM | Computer Name = USER-A453EA188F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 156
seconds with 60 seconds of active time. This session ended with a crash.

Error - 1/31/2008 7:44:27 PM | Computer Name = USER-A453EA188F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 56
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/5/2008 12:23:06 PM | Computer Name = USER-A453EA188F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 1039
seconds with 60 seconds of active time. This session ended with a crash.

Error - 10/7/2008 10:29:24 PM | Computer Name = USER-A453EA188F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1249
seconds with 180 seconds of active time. This session ended with a crash.

Error - 2/18/2009 10:24:35 PM | Computer Name = USER-A453EA188F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6541
seconds with 1560 seconds of active time. This session ended with a crash.

Error - 6/12/2009 5:35:34 PM | Computer Name = USER-A453EA188F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 3989 seconds with 2640 seconds of active time. This session ended with a
crash.

Error - 8/11/2009 2:08:54 PM | Computer Name = USER-A453EA188F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3704
seconds with 420 seconds of active time. This session ended with a crash.

Error - 11/29/2009 1:02:44 AM | Computer Name = USER-A453EA188F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 29527
seconds with 300 seconds of active time. This session ended with a crash.

Error - 3/14/2011 1:34:31 PM | Computer Name = USER-A453EA188F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 654
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/14/2011 1:41:23 PM | Computer Name = USER-A453EA188F | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1069
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7/1/2011 7:23:26 AM | Computer Name = USER-A453EA188F | Source = Service Control Manager | ID = 7000
Description = The QuickBooksDB18 service failed to start due to the following error:
%%1069

Error - 7/1/2011 7:32:49 AM | Computer Name = USER-A453EA188F | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 7/1/2011 7:32:49 AM | Computer Name = USER-A453EA188F | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 7/1/2011 7:33:33 AM | Computer Name = USER-A453EA188F | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 7/1/2011 7:34:09 AM | Computer Name = USER-A453EA188F | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips Processor

Error - 7/1/2011 7:55:26 AM | Computer Name = USER-A453EA188F | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 7/1/2011 7:59:12 AM | Computer Name = USER-A453EA188F | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 7/1/2011 7:59:12 AM | Computer Name = USER-A453EA188F | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 7/1/2011 7:59:14 AM | Computer Name = USER-A453EA188F | Source = Service Control Manager | ID = 7038
Description = The QuickBooksDB18 service was unable to log on as .\QBDataServiceUser18
with the currently configured password due to the following error: %%1326 To ensure
that the service is configured properly, use the Services snap-in in Microsoft Management
Console
(MMC).

Error - 7/1/2011 7:59:14 AM | Computer Name = USER-A453EA188F | Source = Service Control Manager | ID = 7000
Description = The QuickBooksDB18 service failed to start due to the following error:
%%1069


< End of report >

Attached Files


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP