Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Programs need to be opend from an open list


  • This topic is locked This topic is locked
2 replies to this topic

#1 idontknowwhattosay

idontknowwhattosay

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:09:42 PM

Posted 02 April 2010 - 02:15 PM

I guess i need to tell you that this never happend befor my computer got that xp security 2010, which i removed with spyware doctor, and malwares' anti-malware, and being myself, a little deleting of stuff. Im also not a real computer wizz or anything, but since i deleted some files, including Av.exe and AVE.exe, and the rest of those hidden files i can no longer open programs without being brought to a open with list, worst of all i can not click the "use this as default opener" or what ever it says. I would really like to know if there are any fixes for this.

DDS (Ver_10-03-17.01) - NTFSx86
Run by Maxwell at 14:41:43.44 on Fri 04/02/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.563 [GMT -4:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Documents and Settings\Maxwell\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearch Page =
uDefault_Page_URL = hxxp://www.msn.com
uSearch Bar =
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
mWinlogon: UIHost=c:\windows\system32\logonuiX.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSN Optimized;US)" -"http://www.maidmarion.com/MOONBASE.htm"
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [D-Link Wireless G WDA-1320] c:\program files\d-link\wireless g wda-1320\AirGCFG.exe
mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
mRun: [Motorola Wireless Manager UI] c:\windows\system32\WLTRAY
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [LogonStudio] "c:\program files\wincustomize\logonstudio\logonstudio.exe" /RANDOM
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Odolume] rundll32.exe "c:\windows\ezemipob.dll",Startup
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
IE: &Search - http://edits.mywebsearch.com/toolbaredits/...mp;n=2010031917
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\maxwell\start menu\programs\imvu\Run IMVU.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
Notify: zzop93 - zzop93.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-4-1 207280]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2003-3-31 14336]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-19 54752]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-4-1 365280]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-4-1 1141712]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-4-1 112592]
S2 SSHNAS;SSHNAS;c:\windows\system32\svchost.exe -k netsvcs [2003-3-31 14336]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-11-14 38224]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

============== File Associations ===============

.exe=secfile

=============== Created Last 30 ================

2010-04-02 18:40:17 0 ----a-w- c:\documents and settings\maxwell\defogger_reenable
2010-04-02 18:31:30 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-04-02 00:18:35 767952 ----a-w- c:\windows\BDTSupport.dll.old
2010-04-02 00:18:35 767952 ----a-w- c:\windows\BDTSupport.dll
2010-04-02 00:18:34 882 ----a-w- c:\windows\RegSDImport.xml
2010-04-02 00:18:34 879 ----a-w- c:\windows\RegISSImport.xml
2010-04-02 00:18:34 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-04-02 00:18:34 131 ----a-w- c:\windows\IDB.zip
2010-04-02 00:18:33 1152444 ----a-w- c:\windows\UDB.zip
2010-04-02 00:18:32 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-04-02 00:18:32 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-04-02 00:18:32 1640400 ----a-w- c:\windows\PCTBDCore.dll.old
2010-04-02 00:16:59 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat
2010-04-02 00:16:59 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-04-02 00:16:39 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-04-02 00:16:39 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat
2010-04-02 00:16:39 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat
2010-04-02 00:16:39 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-04-02 00:16:22 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat
2010-04-02 00:16:22 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-04-02 00:15:59 0 d-----w- c:\program files\Spyware Doctor
2010-04-02 00:15:59 0 d-----w- c:\program files\common files\PC Tools
2010-04-02 00:15:59 0 d-----w- c:\docume~1\maxwell\applic~1\PC Tools
2010-04-02 00:15:59 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2010-04-01 22:54:18 0 d-----w- c:\docume~1\maxwell\applic~1\SodaBush
2010-03-20 02:20:35 0 d-----w- c:\program files\common files\Akamai

==================== Find3M ====================

2010-04-02 18:31:30 1984 ----a-w- c:\windows\system32\d3d9caps.dat
2010-03-28 00:24:51 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-02-10 20:32:37 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-02-10 20:32:37 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-01-17 02:56:01 42496 ----a-w- c:\windows\odfl0377.exe
1998-12-09 02:53:54 99840 ----a-w- c:\program files\common files\IRAABOUT.DLL
1998-12-09 02:53:54 70144 ----a-w- c:\program files\common files\IRAMDMTR.DLL
1998-12-09 02:53:54 48640 ----a-w- c:\program files\common files\IRALPTTR.DLL
1998-12-09 02:53:54 31744 ----a-w- c:\program files\common files\IRAWEBTR.DLL
1998-12-09 02:53:54 186368 ----a-w- c:\program files\common files\IRAREG.DLL
1998-12-09 02:53:54 17920 ----a-w- c:\program files\common files\IRASRIAL.DLL

============= FINISH: 14:46:23.82 ===============

Oh yeh, i cant run gmer because it freezes, makes my cpu run slow, wont close, wont let my task manager open, then my favorite part, the BSOD that tells me about my "fatal error"

Attached Files


Edited by idontknowwhattosay, 02 April 2010 - 02:21 PM.

Take it from me...
Lighting your pants on fire is fun and all...
But DO NOT wear them when it happens...
Or you might be in a bit of pain
-true experience-

BC AdBot (Login to Remove)

 


#2 idontknowwhattosay

idontknowwhattosay
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:09:42 PM

Posted 04 April 2010 - 10:06 PM

I would like this topic to be closed because i will not need any help with this issue anymore, i have recived a new-er computer
Take it from me...
Lighting your pants on fire is fun and all...
But DO NOT wear them when it happens...
Or you might be in a bit of pain
-true experience-

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,820 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:42 AM

Posted 05 April 2010 - 03:33 PM

Topic closed as requested.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users