Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot Run Anti-virus, No Internet Connection, Not Valid Win32 Apps...ugghh


  • Please log in to reply
1 reply to this topic

#1 ethanfloyd

ethanfloyd

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:37 PM

Posted 31 March 2008 - 07:16 PM

Hello BC experts,
This is my second time here at Bleeping Computer asking for help. I found my roommate was using p2p on my machine, so I decided to run a manual scan on the folder for the incoming files to ensure everything was fine. I was running AVG Free Edition, and when it found 2 infected files, my machine rebooted automatically before I could delete them. Now, my machine is running like crap, and I can't get an internet connection, or install any additional AV software.

I tried running HIJackthis, but received "not a valid Win32 application". I searched around and found some instructions for WinPatrol, so I was able to obtain a log, and I have pasted it below. Thanks in advance for your help. When appropriate, I'd also like your thoughts on which Anti-Virus software I should use.

Log created by WinPatrol version 14.0.2007.1:14.0.2007.1
Scan saved at 8:02:37 PM, on 3/31/2008
Platform: Windows XP SP2 Service Pack 2 (Build 2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRAM FILES\WINDOWS STEADYSTATE\SCTSvc.exe
C:\PROGRAM FILES\Lavasoft\AD-AWARE 2007\AAWSERVICE.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAM FILES\COMMON FILES\Apple\MOBILE DEVICE SUPPORT\bin\APPLEMOBILEDEVICESERVICE.EXE
C:\PROGRAM FILES\Symantec\LIVEUPDATE\ALUSCHEDULERSVC.EXE
C:\WINDOWS\eHome\ehsched.exe
C:\PROGRAM FILES\COMMON FILES\SONY SHARED\WMPlugIn\SONICSTAGEMONITORING.EXE
C:\PROGRAM FILES\Sony\SONY TV TUNER LIBRARY\SMceMan.exe
C:\PROGRAM FILES\CHECKPOINT\SECUREMOTE\bin\SR_SERVICE.EXE
C:\PROGRAM FILES\CHECKPOINT\SECUREMOTE\bin\SR_WATCHDOG.EXE
C:\PROGRAM FILES\Sony\VAIO MEDIA INTEGRATED SERVER\Photo\appsrv\PHOTOAPPSRV.EXE
C:\PROGRAM FILES\Sony\VAIO MEDIA INTEGRATED SERVER\Video\GPVSvr.exe
C:\PROGRAM FILES\VIEWPOINT\Common\VIEWPOINTSERVICE.EXE
C:\PROGRAM FILES\Sony\VAIO MEDIA INTEGRATED SERVER\Platform\SV_Httpd.exe
C:\PROGRAM FILES\Sony\VAIO MEDIA INTEGRATED SERVER\Platform\UPNPFRAMEWORK.EXE
C:\PROGRAM FILES\Sony\SONY TV TUNER LIBRARY\RM_SV.exe
C:\PROGRAM FILES\CHECKPOINT\SECUREMOTE\bin\SR_GUI.exe
C:\WINDOWS\eHome\ehtray.exe
C:\PROGRAM FILES\Sony\sHotKey\SHOTKEY.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRAM FILES\WINDOWS STEADYSTATE\Bubble.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRAM FILES\iTunes\ITUNESHELPER.EXE
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\PROGRAM FILES\Java\JRE1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAM FILES\DYNDNS UPDATER\DynDNS.exe
C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\wcescomm.exe
C:\PROGRAM FILES\DNA\btdna.exe
C:\Program Files\Microsoft ActiveSync\rapimgr.exe
C:\PROGRAM FILES\2BRIGHTSPARKS\SyncBack\SyncBack.exe
C:\PROGRAM FILES\iPod\bin\IPODSERVICE.EXE
C:\WINDOWS\explorer.exe
C:\DOCUMENTS AND SETTINGS\ETHAN FLOYD\APPLICATION DATA\U3\000018372771B30A\LAUNCHPAD.EXE
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -
O4 - HKLM\..\Run: [ehTray]C:\WINDOWS\eHome\ehtray.exe
O4 - HKLM\..\Run: [ATIModeChange]Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA]C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [sHotKey]C:\Program Files\Sony\sHotKey\SHOTKEY.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px]C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [VAIO Recovery]C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [Bubble]%ProgramFiles%\Windows SteadyState\Bubble.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent]bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper]C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task]C:\Program Files\QuickTime\qttask.exe -atboottime
O4 - HKLM\..\Run: [AVG7_CC]C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NapsterShell]C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [WinPatrol]C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [ctfmon.exe]C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DynDNS Updater]C:\Program Files\DynDNS Updater\DynDNS.exe
O4 - HKCU\..\Run: [H/PC Connection Agent]C:\Program Files\Microsoft ActiveSync\wcescomm.exe
O4 - HKCU\..\Run: [BitTorrent DNA]C:\Program Files\DNA\btdna.exe
O4 - Global Startup: SyncBack.lnk=C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O11 - Options group: [Java (Sun)] Java (Sun) - C:\Program Files\Java\jre1.6.0_02\bin
O14 - IERESET.INF: START_PAGE_URL = http://www.sony.com/vaiopeople
O14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/4.../OGAControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/9/b...heckControl.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} (http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo) - http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} (http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM) - http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1191898964126
O16 - DPF: {7FE26BE2-B923-4B41-9834-E84DA1CC1F96} (Maid Control) - http://vsp.closetmaid.com/vsp/cmaidctl_vsp..._downloader.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_02) - http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} (http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim) - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_a...asyInstallX.CAB
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.5.0_01) - http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) - http://java.sun.com/products/plugin/autodl...indows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) - http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Ad-Aware 2007 Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\logishrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - - C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: Sony SPTI Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Check Point SecuRemote Service - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 - Service: Check Point SecuRemote WatchDog - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
O23 - Service: UPnPDevService - - C:\Program Files\Common Files\PnpManager\upnpmngr.exe
O23 - Service: VAIO Media Music Server - - C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName=VAIO Media Music Server
O23 - Service: VAIO Media Music Server (HTTP) - - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot=Software\Sony Corporation\VAIO Media Platform\2.0 /RegExt=Applications\MusicServer\HTTP
O23 - Service: VAIO Media Music Server (UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) - - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot=SOFTWARE\Sony Corporation\VAIO Media Platform\2.0 /RegExt=\Applications\PhotoServer\HTTP
O23 - Service: VAIO Media Photo Server (UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server - - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName=VAIO Media Video Server
O23 - Service: VAIO Media Video Server (HTTP) - - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot=SOFTWARE\Sony Corporation\VAIO Media Platform\2.0 /RegExt=\Applications\VideoServer\HTTP
O23 - Service: VAIO Media Video Server (UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--- Additional WinPatrol Info ---
Default Browser: Windows® Internet Explorer - Internet Explorer version 7.00.6000.16574
MSIE: Internet Explorer (7.00.6000.16574)
Firefox 2.0.0.13 installed in C:\Program Files\Mozilla Firefox.
873 IE Cookies in Folder: C:\Documents and Settings\Ethan Floyd\Cookies\
144 Mozilla Cookies in Folder: C:\Documents and Settings\Ethan Floyd\Application Data\Mozilla\FireFox\Profiles\l9xdm0qh.default

WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP00 - HKLM\CS2: BootExecute = autocheck autochk *
WP00 - HKLM\CS3: BootExecute = autocheck autochk *
WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe

WP03 - Windows Automatic Update = 1:Turn off Automatic Updates.


WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = http://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www = http://

WP31 - Scheduled Tasks: [User_Feed_Synchronization-{A67D12D9-68A8-4F33-B97B-9B1934F1A5E8}.job]C:\WINDOWS\system32\msfeedssync.exe 03/31/2008 5:47 PM
WP31 - Scheduled Tasks: [MP Scheduled Scan.job]C:\Program Files\Windows Defender\MpCmdRun.exe 03/31/2008 2:26 AM

WP32 - Hidden File: C:\boot.ini
WP32 - Hidden File: C:\hiberfil.sys
WP32 - Hidden File: C:\IO.SYS
WP32 - Hidden File: C:\MSDOS.SYS
WP32 - Hidden File: C:\NTDETECT.COM
WP32 - Hidden File: C:\ntldr
WP32 - Hidden File: C:\pagefile.sys
WP32 - Hidden File: C:\WINDOWS\QTFont.qfn
WP32 - Hidden File: C:\WINDOWS\Thumbs.db
WP32 - Hidden File: C:\WINDOWS\WindowsShell.Manifest
WP32 - Hidden File: C:\WINDOWS\winnt.bmp
WP32 - Hidden File: C:\WINDOWS\winnt256.bmp
WP32 - Hidden File: C:\WINDOWS\system32\cdplayer.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32\config\default.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\default.tmp.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SAM.tmp.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\SECURITY.tmp.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\software.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\software.tmp.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\system.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\system.tmp.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\TempKey.LOG
WP32 - Hidden File: C:\WINDOWS\system32\config\userdiff.LOG
WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox.dat
WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox.idx
WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox2.dat
WP32 - Hidden File: C:\WINDOWS\system32\drivers\fidbox2.idx
WP32 - Hidden File: C:\WINDOWS\system32\drivers\Sony_PCV-RZ44G(UC)_.mrk
WP32 - Hidden File: C:\WINDOWS\system32\logonui.exe.manifest
WP32 - Hidden File: C:\WINDOWS\system32\ncpa.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\nwc.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\Restore\filelist.xml
WP32 - Hidden File: C:\WINDOWS\system32\sapi.cpl.manifest
WP32 - Hidden File: C:\WINDOWS\system32\WindowsLogon.manifest
WP32 - Hidden File: C:\WINDOWS\system32\wuaucpl.cpl.manifest

WP33 - File Type .AVI: [Video Clip]C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:8 /Open %L
WP33 - File Type .BAT: [MS-DOS Batch File]%1 %*
WP33 - File Type .CAB: [Cabinet File]C:\WINDOWS\Explorer.exe /idlist,%I,%L
WP33 - File Type .CAT: [Security Catalog]rundll32.exe cryptext.dll,CryptExtOpenCAT %1
WP33 - File Type .CHM: [Compiled HTML Help file]C:\WINDOWS\hh.exe %1
WP33 - File Type .COM: [MS-DOS Application]%1 %*
WP33 - File Type .CMD: [Windows NT Command Script]%1 %*
WP33 - File Type .CSS: [Cascading Style Sheet Document]C:\PROGRA~1\MICROS~3\OFFICE11\FRONTPG.EXE %1
WP33 - File Type .DOC: [Microsoft Word Document]C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /n /dde
WP33 - File Type .EML: [Internet E-Mail Message]C:\Program Files\Outlook Express\msimn.exe /eml:%1
WP33 - File Type .EXE: [Application]%1 %*
WP33 - File Type .INF: [Setup Information]C:\WINDOWS\System32\NOTEPAD.EXE %1
WP33 - File Type .JS: [JavaScript Source Code]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .LOG: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .MSI: [Windows Installer Package]C:\WINDOWS\System32\msiexec.exe /i %1 %*
WP33 - File Type .MSG: [Outlook Item]C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /f %1
WP33 - File Type .MID: [MIDI Sequence]C:\Program Files\Windows Media Player\wmplayer.exe /Open %L
WP33 - File Type .MP3: [MPEG Layer 3 Audio]C:\Program Files\iTunes\iTunes.exe /open %L
WP33 - File Type .PIF: [Shortcut to MS-DOS Program]%1 %*
WP33 - File Type .RAM: [RealOne Player Presentation]C:\Program Files\Real\RealOne Player\RealPlay.exe %1
WP33 - File Type .REG: [Registration Entries]regedit.exe %1
WP33 - File Type .RTF: [Rich Text Format]C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /n /dde
WP33 - File Type .SBS: [Spyware supplemental file]C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe %1
WP33 - File Type .SCR: [Screen Saver]%1 /S
WP33 - File Type .TXT: [Text Document]C:\WINDOWS\system32\NOTEPAD.EXE %1
WP33 - File Type .URL: [Internet Shortcut]rundll32.exe ieframe.dll,OpenURL %l
WP33 - File Type .VBS: [VBScript Script File]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .VBE: [VBScript Encoded Script File]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSF: [Windows Script File]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .WSH: [Windows Script Host Settings File]C:\WINDOWS\System32\WScript.exe %1 %*
WP33 - File Type .XLS: [Microsoft Excel Worksheet]C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE /e

Memory currently in use: 66%
Physical Memory Free: 177,764 KB
Paging File Free: 1,719,716 KB
Virtual Memory Free: 2,053,848 KB


--
End of file

BC AdBot (Login to Remove)

 


#2 katana

katana

    MRU Expert


  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manchester (UK)
  • Local time:06:37 PM

Posted 12 April 2008 - 05:12 AM

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic.
3. Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those three things, everything should go smoothly :D

I apologize for the delay in responding, but as you can probably see the forums are quite busy.
Unfortunately there are far more people needing help than there are helpers.

If you still require help please can you give an update on your problems

Edited by katana, 12 April 2008 - 05:12 AM.

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users