Computer Hope
Software => Computer viruses and spyware => Topic started by: jessfields on September 04, 2011, 12:18:39 PM
-
Found a few troublesome looking CLSID files in Regedit and fell down the rabbit hole... Could you give me an assesment from all of this?
Windows Diagnostic Performance Scan @ 09/03/11 04:56A - Log Attached
ComboFix Scan @ 09/03/11 0909P - Log Attached
JavaRa/Uniblue Scan @ 09/03/11 1049P - Log attached
Super Anti Virus Scan @ 09/04/2011 at 0033 AM - Log Attached
To be Continued..
[regaining space - attachment deleted by admin]
-
Here's the Rest...
AVG - no threats detected @ 9/4/11 0232A - Log Attached
MBAM Scan 09/04/11 0401A - Log attached
CCCleaner @ 09/04/11 1225P - Log attached
Hijack This Scan @ 09/04/11
Any guidance would be greatly appreciated!
Thanks much
Jess
[regaining space - attachment deleted by admin]
-
Would you copy and paste the logs here for an expert to read, it saves him opening all the logs, saving him time.
-
Here they are, Harry. Thanks again
ComboFix Scan @ 09/03/11 0909P - Log Attached
ComboFix 11-09-03.01 - jess 09/03/2011 21:09:07.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.2046.1372 [GMT -10:00]
Running from: c:\users\jess\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\BrowserCtl
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\ShoppingReport
c:\programdata\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\programdata\ZangoSA
c:\programdata\ZangoSA\ZangoSA.dat
c:\programdata\ZangoSA\ZangoSA_kyf.dat
c:\programdata\ZangoSA\ZangoSAAbout.mht
c:\programdata\ZangoSA\ZangoSAau.dat
c:\programdata\ZangoSA\ZangoSAEULA.mht
c:\users\jess\AppData\Local\ApplicationHistory
c:\users\jess\AppData\Local\ApplicationHistory\EULALauncher.exe.3f62b452.ini
c:\users\jess\AppData\Roaming\3M
c:\users\jess\AppData\Roaming\3M\PDNotes\PDNDB
c:\users\jess\AppData\Roaming\Microsoft\Windows\Recent\Address Book.url
c:\users\jess\AppData\Roaming\WeatherDPA
c:\users\jess\AppData\Roaming\WeatherDPA\Weather\WeatherStartup.xml
c:\users\jess\AppData\Roaming\Zango
c:\windows\010112010146120114.xe
c:\windows\0101120101464950.xe
c:\windows\0101120101465653.xe
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.0.inf
c:\windows\ex23567.dat
c:\windows\fdgg34353edfgdfdf
c:\windows\mmsmark2.dat
c:\windows\prxid93ps.dat
c:\windows\system32\comct332.ocx
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BROWSERCTLDRV
-------\Service_SfX
.
.
((((((((((((((((((((((((( Files Created from 2011-08-04 to 2011-09-04 )))))))))))))))))))))))))))))))
.
.
2011-09-04 07:15 . 2011-09-04 07:20 -------- d-----w- c:\users\jess\AppData\Local\temp
2011-09-04 07:15 . 2011-09-04 07:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-04 00:56 . 2011-09-04 00:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-03 10:42 . 2010-04-28 17:44 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-09-03 10:42 . 2011-09-03 10:42 -------- d-----w- c:\program files\Microsoft Sync Framework
2011-09-03 10:41 . 2006-11-29 23:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-09-03 10:41 . 2011-09-03 10:41 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-09-03 10:39 . 2011-09-03 10:42 -------- d-----w- c:\program files\Microsoft
2011-09-03 10:39 . 2011-09-03 10:39 -------- d-----w- c:\program files\Windows Live SkyDrive
2011-09-03 10:39 . 2011-09-03 10:42 -------- d-----w- c:\program files\Windows Live
2011-09-03 09:59 . 2010-11-30 21:43 439632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-09-03 09:59 . 2010-11-30 21:43 439632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{646191DB-7241-4BB1-B634-4F88065D1DF1}\gapaengine.dll
2011-09-03 09:58 . 2011-08-16 18:48 7152464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8CDEBC49-13B6-4A94-B4B5-3E99231CFE54}\mpengine.dll
2011-09-03 09:54 . 2011-09-03 09:54 -------- d-----w- c:\program files\Microsoft Silverlight
2011-09-03 09:53 . 2011-09-03 09:54 -------- d-----w- c:\program files\Microsoft Security Client
2011-09-03 09:50 . 2006-12-20 06:03 229888 ----a-w- c:\windows\system32\msshsq.dll
2011-09-03 09:37 . 2011-09-03 09:37 -------- d-----w- c:\program files\Common Files\Windows Live
2011-09-03 09:28 . 2007-02-10 01:34 51768 ----a-w- c:\windows\system32\drivers\drvnddm.sys
2011-09-03 09:28 . 2007-02-09 09:05 12856 ----a-w- c:\windows\system32\drivers\DLACDBHM.SYS
2011-09-03 07:36 . 2011-09-03 07:36 -------- d-----w- C:\perflogs
2011-09-03 05:08 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DC36A3C5-CF69-4C76-B4BA-D559940C4AB6}\mpengine.dll
2011-08-30 06:50 . 2011-09-03 06:48 -------- d-----w- c:\users\jess\AppData\Roaming\Skype
2011-08-24 08:15 . 2011-08-24 08:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-09 12:53 . 2009-05-18 23:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-08-09 12:53 . 2008-04-17 22:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-08-09 12:52 . 2011-08-09 12:52 -------- d-----w- c:\program files\iPod
2011-08-09 12:52 . 2011-08-09 12:53 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-08-09 12:50 . 2011-08-09 12:49 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-09 12:50 . 2011-08-09 12:49 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-09 12:49 . 2011-08-09 12:49 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-09 12:49 . 2011-08-09 12:49 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-09 12:49 . 2011-08-09 12:49 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-09 12:49 . 2011-08-09 12:49 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-09 12:49 . 2011-08-09 12:49 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-08-09 12:44 . 2011-08-09 12:44 -------- d-----w- c:\program files\Bonjour
2011-08-09 01:26 . 2010-02-20 23:54 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-08-09 01:26 . 2010-02-20 23:51 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-08-09 01:26 . 2010-02-20 21:30 396800 ----a-w- c:\windows\system32\drivers\http.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-12 21:20 . 2011-07-12 21:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 21:20 . 2011-07-12 21:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 21:20 . 2011-07-12 21:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-09 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-03-27 4670968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-17 815104]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-11-27 1540096]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 90112]
"SigmatelSysTrayApp"="sttray.exe" [2006-12-01 303104]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2006-11-17 17920]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2006-10-13 184320]
"iolo Startup"="c:\program files\iolo\Common\Lib\ioloLManager.exe" [2008-03-04 307056]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-20 421736]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-16 997920]
.
c:\users\jess\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-2-15 50688]
QuickSet.lnk - c:\windows\Installer\{53A01CC6-14B0-4512-A2E7-10D39BF83DC4}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-2-15 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKsl7914254e;MpKsl7914254e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8CDEBC49-13B6-4A94-B4B5-3E99231CFE54}\MpKsl7914254e.sys
R1 MpKsl88f5c1b7;MpKsl88f5c1b7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8CDEBC49-13B6-4A94-B4B5-3E99231CFE54}\MpKsl88f5c1b7.sys
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S0 XPacket;iolo Personal Firewall Driver;c:\windows\System32\xpacket.sys [2007-05-18 39424]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2007-09-20 12800]
S2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-02-26 628584]
S2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-02-26 628584]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-04 c:\windows\Tasks\User_Feed_Synchronization-{1CC2E878-296B-41A6-8B04-4219F6313D1C}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070215
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\iavlsp.dll
LSP: c:\program files\iolo\Common\Firewall\iFW_Xfilter.dll
TCP: DhcpNameServer = 68.87.73.246 68.87.71.230
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-03 21:19
Windows 6.0.6000 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1016)
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\windows\system32\CDRTC.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\SigmaTel\C-Major Audio\WDM\STacSV.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\conime.exe
c:\windows\sttray.exe
c:\program files\ATI Technologies\ATI.ACE\CLI.EXE
c:\program files\Dell\QuickSet\quickset.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2011-09-03 21:25:40 - machine was rebooted
ComboFix-quarantined-files.txt 2011-09-04 07:25
.
Pre-Run: 27,490,709,504 bytes free
Post-Run: 27,902,861,312 bytes free
.
- - End Of File - - 8B8D972E721232D2FF960D19043805CF
JavaRa/Uniblue Scan @ 09/03/11 1049P - Log attached
JavaRa/Uniblue Registry Booster Scan Log
Scan Results
Scan date: 2011-09-03 22:49:51.585000
Total problems found: 797
_______________________________________ _
System related errors
Errors affecting all users on this computer.
_______________________________________ _
Scan subsection: Application paths
Entries found: 1
Entries:
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VCU3DcheckApp.exe
Value name:
Value: C:\Program Files\Roxio\VideoCore 9\VCU3DcheckApp.exe
Reason: The default value in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/App Paths/VCU3DcheckApp.exe contains an invalid path C:/Program Files/Roxio/VideoCore 9/VCU3DcheckApp.exe
_______________________________________ _
_______________________________________ _
Scan subsection: System software settings
Entries found: 21
Entries:
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{b05566ac-fe9c-4368-be01-7a4cbb6cba13}
Value name: HelpTopic
Value: C:\Windows\Help\AuthFW.chm
Reason: The value HelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{b05566ac-fe9c-4368-be01-7a4cbb6cba13} contains an invalid path C:/Windows/Help/AuthFW.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{b05566ac-fe9c-4368-be01-7a4cbb6cba13}
Value name: LinkedHelpTopics
Value: C:\Windows\Help\AuthFW.chm
Reason: The value LinkedHelpTopics in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{b05566ac-fe9c-4368-be01-7a4cbb6cba13} contains an invalid path C:/Windows/Help/AuthFW.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{b05566ac-fe9c-4368-be02-7a4cbb7cbe11}
Value name: HelpTopic
Value: C:\Windows\Help\AuthFW.chm
Reason: The value HelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{b05566ac-fe9c-4368-be02-7a4cbb7cbe11} contains an invalid path C:/Windows/Help/AuthFW.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{b05566ac-fe9c-4368-be02-7a4cbb7cbe11}
Value name: LinkedHelpTopics
Value: C:\Windows\Help\AuthFW.chm
Reason: The value LinkedHelpTopics in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{b05566ac-fe9c-4368-be02-7a4cbb7cbe11} contains an invalid path C:/Windows/Help/AuthFW.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{c7b8fb06-bfe1-4c2e-9217-7a69a95bbac4}
Value name: HelpTopic
Value: C:\Windows\Help\taskscheduler.chm
Reason: The value HelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{c7b8fb06-bfe1-4c2e-9217-7a69a95bbac4} contains an invalid path C:/Windows/Help/taskscheduler.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{c7b8fb06-bfe1-4c2e-9217-7a69a95bbac4}
Value name: LinkedHelpTopics
Value: C:\Windows\Help\taskscheduler.chm
Reason: The value LinkedHelpTopics in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{c7b8fb06-bfe1-4c2e-9217-7a69a95bbac4} contains an invalid path C:/Windows/Help/taskscheduler.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{c7b8fb07-bfe1-4c2e-9217-7a69a95bbac4}
Value name: HelpTopic
Value: C:\Windows\Help\taskscheduler.chm
Reason: The value HelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{c7b8fb07-bfe1-4c2e-9217-7a69a95bbac4} contains an invalid path C:/Windows/Help/taskscheduler.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{c7b8fb07-bfe1-4c2e-9217-7a69a95bbac4}
Value name: LinkedHelpTopic
Value: C:\Windows\Help\taskscheduler.chm
Reason: The value LinkedHelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{c7b8fb07-bfe1-4c2e-9217-7a69a95bbac4} contains an invalid path C:/Windows/Help/taskscheduler.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{c7b8fb07-bfe1-4c2e-9217-7a69a95bbac4}
Value name: LinkedHelpTopics
Value: C:\Windows\Help\taskscheduler.chm
Reason: The value LinkedHelpTopics in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{c7b8fb07-bfe1-4c2e-9217-7a69a95bbac4} contains an invalid path C:/Windows/Help/taskscheduler.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{b05566ac-fe9c-4368-be01-7a4cbb6cba12}
Value name: HelpTopic
Value: C:\Windows\Help\AuthFW.chm
Reason: The value HelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{b05566ac-fe9c-4368-be01-7a4cbb6cba12} contains an invalid path C:/Windows/Help/AuthFW.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{b05566ac-fe9c-4368-be01-7a4cbb6cba12}
Value name: LinkedHelpTopics
Value: C:\Windows\Help\AuthFW.chm
Reason: The value LinkedHelpTopics in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{b05566ac-fe9c-4368-be01-7a4cbb6cba12} contains an invalid path C:/Windows/Help/AuthFW.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{a1bc4ecb-66b2-44e8-9915-be02e84438ba}
Value name: HelpTopic
Value: C:\Windows\Help\nap.chm
Reason: The value HelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{a1bc4ecb-66b2-44e8-9915-be02e84438ba} contains an invalid path C:/Windows/Help/nap.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{a1bc4ecb-66b2-44e8-9915-be02e84438ba}
Value name: LinkHelpTopic
Value: C:\Windows\Help\nap.chm
Reason: The value LinkHelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{a1bc4ecb-66b2-44e8-9915-be02e84438ba} contains an invalid path C:/Windows/Help/nap.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{a1bc4eca-66b2-44e8-9915-be02e84438ba}
Value name: HelpTopic
Value: C:\Windows\Help\nap.chm
Reason: The value HelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{a1bc4eca-66b2-44e8-9915-be02e84438ba} contains an invalid path C:/Windows/Help/nap.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{a1bc4eca-66b2-44e8-9915-be02e84438ba}
Value name: LinkHelpTopic
Value: C:\Windows\Help\nap.chm
Reason: The value LinkHelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{a1bc4eca-66b2-44e8-9915-be02e84438ba} contains an invalid path C:/Windows/Help/nap.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{7d3830aa-e69e-4e17-8bd1-1b87b97099da}
Value name: HelpTopic
Value: C:\Windows\Help\tpmadmin.chm
Reason: The value HelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{7d3830aa-e69e-4e17-8bd1-1b87b97099da} contains an invalid path C:/Windows/Help/tpmadmin.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{7d3830aa-e69e-4e17-8bd1-1b87b97099da}
Value name: LinkedHelpTopics
Value: C:\Windows\Help\tpmadmin.chm
Reason: The value LinkedHelpTopics in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{7d3830aa-e69e-4e17-8bd1-1b87b97099da} contains an invalid path C:/Windows/Help/tpmadmin.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{b05566ad-fe9c-4363-be05-7a4cbb7cb510}
Value name: HelpTopic
Value: C:\Windows\Help\eventviewer.chm
Reason: The value HelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{b05566ad-fe9c-4363-be05-7a4cbb7cb510} contains an invalid path C:/Windows/Help/eventviewer.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{b05566ad-fe9c-4363-be05-7a4cbb7cb510}
Value name: LinkedHelpTopics
Value: C:\Windows\Help\eventviewer.chm
Reason: The value LinkedHelpTopics in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{b05566ad-fe9c-4363-be05-7a4cbb7cb510} contains an invalid path C:/Windows/Help/eventviewer.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{b05566ae-fe9c-4363-be05-7a4cbb7cb510}
Value name: HelpTopic
Value: C:\Windows\Help\eventviewer.chm
Reason: The value HelpTopic in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{b05566ae-fe9c-4363-be05-7a4cbb7cb510} contains an invalid path C:/Windows/Help/eventviewer.chm
_______________________________________ _
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MMC\SnapIns\FX:{b05566ae-fe9c-4363-be05-7a4cbb7cb510}
Value name: LinkedHelpTopics
Value: C:\Windows\Help\eventviewer.chm
Reason: The value LinkedHelpTopics in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/MMC/SnapIns/FX:{b05566ae-fe9c-4363-be05-7a4cbb7cb510} contains an invalid path C:/Windows/Help/eventviewer.chm
_______________________________________ _
_______________________________________ _
Scan subsection: ActiveX, OLE, COM sections
Entries found: 134
Entries:
Entry: HKEY_CLASSES_ROOT\Interface\{8C9E9CFF-2B95-4253-ABC6-A89B5529D8F6}\ProxyStubClsid32
Value name:
Value: {4052D303-74C5-49EA-BC6B-66099C8D4007}
Reason: The default value in HKEY_CLASSES_ROOT/Interface/{8C9E9CFF-2B95-4253-ABC6-A89B5529D8F6}/ProxyStubClsid32 points to a missing reference {4052D303-74C5-49EA-BC6B-66099C8D4007}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\Interface\{7C1E0110-99B2-4CFB-99A4-3AC60530B21F}\ProxyStubClsid32
Value name:
Value: {4052D303-74C5-49EA-BC6B-66099C8D4007}
Reason: The default value in HKEY_CLASSES_ROOT/Interface/{7C1E0110-99B2-4CFB-99A4-3AC60530B21F}/ProxyStubClsid32 points to a missing reference {4052D303-74C5-49EA-BC6B-66099C8D4007}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\Interface\{82F89F68-8EB6-4CF5-BDAA-7441FAC37249}\ProxyStubClsid32
Value name:
Value: {4052D303-74C5-49EA-BC6B-66099C8D4007}
Reason: The default value in HKEY_CLASSES_ROOT/Interface/{82F89F68-8EB6-4CF5-BDAA-7441FAC37249}/ProxyStubClsid32 points to a missing reference {4052D303-74C5-49EA-BC6B-66099C8D4007}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\Interface\{777BA811-2498-4875-933A-3067DE883070}\ProxyStubClsid32
Value name:
Value: {777BA81B-2498-4875-933A-3067DE883070}
Reason: The default value in HKEY_CLASSES_ROOT/Interface/{777BA811-2498-4875-933A-3067DE883070}/ProxyStubClsid32 points to a missing reference {777BA81B-2498-4875-933A-3067DE883070}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\Interface\{777BA812-2498-4875-933A-3067DE883070}\ProxyStubClsid32
Value name:
Value: {777BA81B-2498-4875-933A-3067DE883070}
Reason: The default value in HKEY_CLASSES_ROOT/Interface/{777BA812-2498-4875-933A-3067DE883070}/ProxyStubClsid32 points to a missing reference {777BA81B-2498-4875-933A-3067DE883070}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{CA920EED-F427-41B8-838F-33FCF47D5306}\InprocServer32
Value name:
Value: C:\Program Files\Orban\AAC-aacPlus Plugin\aacpParser.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{CA920EED-F427-41B8-838F-33FCF47D5306}/InprocServer32 points to the missing file C:/Program Files/Orban/AAC-aacPlus Plugin/aacpParser.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32
Value name:
Value: C:\Windows\system32\comct332.ocx
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{38911D92-E448-11D0-84A3-00DD01104159}/InprocServer32 points to the missing file C:/Windows/system32/comct332.ocx
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32
Value name:
Value: C:\Windows\system32\comct332.ocx
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{38911D8E-E448-11D0-84A3-00DD01104159}/InprocServer32 points to the missing file C:/Windows/system32/comct332.ocx
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{102A897A-FC92-4F8B-A7D5-7DE434FE7D3E}\InprocServer32
Value name:
Value: C:\Program Files\RealArcade\Installer\bin\InstallerDlg.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{102A897A-FC92-4F8B-A7D5-7DE434FE7D3E}/InprocServer32 points to the missing file C:/Program Files/RealArcade/Installer/bin/InstallerDlg.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{158CBF0E-760F-FB31-2C15-2FCCF82E6217}\InprocServer32
Value name:
Value: C:\Program Files\RealArcade\Installer\bin\InstallerDlg.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{158CBF0E-760F-FB31-2C15-2FCCF82E6217}/InprocServer32 points to the missing file C:/Program Files/RealArcade/Installer/bin/InstallerDlg.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{E23FE9C6-778E-49D4-B537-38FCDE4887D8}\InprocServer32
Value name:
Value: C:\Program Files\VideoLAN\VLC\axvlc.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{E23FE9C6-778E-49D4-B537-38FCDE4887D8}/InprocServer32 points to the missing file C:/Program Files/VideoLAN/VLC/axvlc.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{91DA6287-52F0-4CCF-9D67-72842C9BB367}\InprocServer32
Value name:
Value: C:\PROGRA~1\SHOCKW~1.COM\SUPERC~1\ui\SwDRM.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{91DA6287-52F0-4CCF-9D67-72842C9BB367}/InprocServer32 points to the missing file C:/PROGRA~1/SHOCKW~1.COM/SUPERC~1/ui/SwDRM.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{7B5C103F-DAAF-425E-B3A9-DEDE61F3A6F4}\InprocServer32
Value name:
Value: C:\Program Files\RealArcade\Installer\bin\InstallerDlg.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{7B5C103F-DAAF-425E-B3A9-DEDE61F3A6F4}/InprocServer32 points to the missing file C:/Program Files/RealArcade/Installer/bin/InstallerDlg.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{6216564D-7FE4-11d3-AD6C-0004ACAE5FDC}\InprocServer32
Value name:
Value: C:\Program Files\3M\PDNotes\PMBSubscriber.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{6216564D-7FE4-11d3-AD6C-0004ACAE5FDC}/InprocServer32 points to the missing file C:/Program Files/3M/PDNotes/PMBSubscriber.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\InprocServer32
Value name:
Value: C:\Program Files\BAE\BAE.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{CA6319C0-31B7-401E-A518-A07C3DB8F777}/InprocServer32 points to the missing file C:/Program Files/BAE/BAE.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{5818813E-D53D-47A5-ABBB-37E2A07056B5}\InprocServer32
Value name:
Value: C:\Program Files\RealArcade\Installer\bin\InstallerDlg.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{5818813E-D53D-47A5-ABBB-37E2A07056B5}/InprocServer32 points to the missing file C:/Program Files/RealArcade/Installer/bin/InstallerDlg.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{80AB3FB6-9660-416C-BE8D-0E2E8AC3138B}\InprocServer32
Value name:
Value: C:\Program Files\RealArcade\Installer\bin\InstallerDlg.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{80AB3FB6-9660-416C-BE8D-0E2E8AC3138B}/InprocServer32 points to the missing file C:/Program Files/RealArcade/Installer/bin/InstallerDlg.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{14AA7A49-4EB1-A2A4-4FAA-7139B17C4084}\InprocServer32
Value name:
Value: C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{14AA7A49-4EB1-A2A4-4FAA-7139B17C4084}/InprocServer32 points to the missing file C:/Program Files/Google/Google Desktop Search/GoogleDesktopAPI2.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{301F7BDA-B1F8-4453-82B2-0B9187DF3F3F}\InprocServer32
Value name:
Value: C:\Program Files\Orban\AAC-aacPlus Plugin\aacpParser.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{301F7BDA-B1F8-4453-82B2-0B9187DF3F3F}/InprocServer32 points to the missing file C:/Program Files/Orban/AAC-aacPlus Plugin/aacpParser.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{D496FA5F-11C0-4EA8-A364-3A6BF8565EE6}\InprocServer32
Value name:
Value: C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{D496FA5F-11C0-4EA8-A364-3A6BF8565EE6}/InprocServer32 points to the missing file C:/Program Files/Google/Google Desktop Search/GoogleDesktopAPI2.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{b2b568c8-3712-4a75-b806-4b3c2fdb06d5}\LocalServer32
Value name:
Value: C:\Users\jess\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.exe
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{b2b568c8-3712-4a75-b806-4b3c2fdb06d5}/LocalServer32 points to the missing file C:/Users/jess/AppData/Local/Temp/{e9513610-f218-4dda-b954-2c7e6ba7cabb}/IDriver.NonElevated.exe
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32
Value name:
Value: C:\Windows\system32\Macromed\Flash\Flash9c.ocx
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{1171A62F-05D2-11D1-83FC-00A0C9089C5A}/InprocServer32 points to the missing file C:/Windows/system32/Macromed/Flash/Flash9c.ocx
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{00E1DB59-6EFD-4CE7-8C0A-2DA3BCAAD9C6}\InprocServer32
Value name:
Value: C:\Program Files\Microsoft Works\wkimgsrv.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{00E1DB59-6EFD-4CE7-8C0A-2DA3BCAAD9C6}/InprocServer32 points to the missing file C:/Program Files/Microsoft Works/wkimgsrv.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{B334CA23-40EE-4556-A808-3EAA3E80517E}\InprocServer32
Value name:
Value: C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{B334CA23-40EE-4556-A808-3EAA3E80517E}/InprocServer32 points to the missing file C:/Program Files/Google/Google Desktop Search/GoogleDesktopAPI2.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{BBA8035D-D64B-4739-21B0-297867DC742F}\InprocServer32
Value name:
Value: C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{BBA8035D-D64B-4739-21B0-297867DC742F}/InprocServer32 points to the missing file C:/Program Files/Google/Google Desktop Search/GoogleDesktopAPI2.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{9BE31822-FDAD-461B-AD51-BE1D1C159921}\InprocServer32
Value name:
Value: C:\Program Files\VideoLAN\VLC\axvlc.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{9BE31822-FDAD-461B-AD51-BE1D1C159921}/InprocServer32 points to the missing file C:/Program Files/VideoLAN/VLC/axvlc.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{B00EBF35-40D2-4101-A6B3-D2B2221095D7}\LocalServer32
Value name:
Value: C:\PROGRA~1\INVEST~1.COM\ABLE2E~1.0\ABLE2E~1.EXE
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{B00EBF35-40D2-4101-A6B3-D2B2221095D7}/LocalServer32 points to the missing file C:/PROGRA~1/INVEST~1.COM/ABLE2E~1.0/ABLE2E~1.EXE
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{AD08370B-4142-47C8-BF4A-704F5723C33F}\InProcServer32
Value name:
Value: C:\Program Files\Google\Google Desktop Search\GoogleDesktopSSD.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{AD08370B-4142-47C8-BF4A-704F5723C33F}/InProcServer32 points to the missing file C:/Program Files/Google/Google Desktop Search/GoogleDesktopSSD.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{4C904448-74A9-11d0-AF6E-00C04FD8DC02}\InprocServer32
Value name:
Value: C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRdIF.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{4C904448-74A9-11d0-AF6E-00C04FD8DC02}/InprocServer32 points to the missing file C:/Program Files/Adobe/Acrobat 7.0/Reader/AcroRdIF.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{6EFB7216-EA9D-4450-95EB-74D864C24C1B}\InProcServer32
Value name:
Value: C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{6EFB7216-EA9D-4450-95EB-74D864C24C1B}/InProcServer32 points to the missing file C:/Program Files/Google/Google Desktop Search/GoogleDesktopAPI2.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{C8F76629-E4F4-4646-AFC0-665082D167B1}\InprocServer32
Value name:
Value: C:\Program Files\RealArcade\Installer\bin\InstallerDlg.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{C8F76629-E4F4-4646-AFC0-665082D167B1}/InprocServer32 points to the missing file C:/Program Files/RealArcade/Installer/bin/InstallerDlg.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32
Value name:
Value: C:\Windows\system32\comct332.ocx
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{38911D90-E448-11D0-84A3-00DD01104159}/InprocServer32 points to the missing file C:/Windows/system32/comct332.ocx
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{748744E8-6812-4F07-9F57-5F40395BDE65}\InprocServer32
Value name:
Value: C:\Program Files\RealArcade\Installer\bin\InstallerDlg.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{748744E8-6812-4F07-9F57-5F40395BDE65}/InprocServer32 points to the missing file C:/Program Files/RealArcade/Installer/bin/InstallerDlg.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{B80C6976-50C0-4110-BC85-44EB975CDCA0}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{B80C6976-50C0-4110-BC85-44EB975CDCA0}/1.0/HELPDIR is empty
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{D6995525-B33A-4980-A106-9DF58570CC66}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{D6995525-B33A-4980-A106-9DF58570CC66}/1.0/HELPDIR is empty
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{44EC0535-400F-11D0-9DCD-00A0C90391D3}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{44EC0535-400F-11D0-9DCD-00A0C90391D3}/1.0/HELPDIR is empty
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{F5078F18-C551-11D3-89B9-0000F81FE221}\4.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{F5078F18-C551-11D3-89B9-0000F81FE221}/4.0/HELPDIR is empty
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{C1D8C091-AC66-4159-B738-E70A12B983A4}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{C1D8C091-AC66-4159-B738-E70A12B983A4}/1.0/HELPDIR is empty
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{2991F100-D9C3-4243-82A2-A718747FC0CF}/1.0/HELPDIR is empty
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{41738EEA-442F-477F-92CF-2889BD6CD7E7}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{41738EEA-442F-477F-92CF-2889BD6CD7E7}/1.0/HELPDIR is empty
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{0D01BBDA-4802-4918-BA75-187531799BC2}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{0D01BBDA-4802-4918-BA75-187531799BC2}/1.0/HELPDIR is empty
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}/1.0/HELPDIR is empty
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{6760A0F9-76CD-41A4-9D14-B561A9F556D9}\2.0\0\win32
Value name:
Value: C:\Users\jess\AppData\Local\Temp\Excel8.0\MSForms.exd
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{6760A0F9-76CD-41A4-9D14-B561A9F556D9}/2.0/0/win32 points to the missing file C:/Users/jess/AppData/Local/Temp/Excel8.0/MSForms.exd
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{34FA6018-AF86-4E70-AA45-659A26B581C8}\2.0\0\win32
Value name:
Value: C:\Users\jess\AppData\Local\Temp\Word8.0\MSForms.exd
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{34FA6018-AF86-4E70-AA45-659A26B581C8}/2.0/0/win32 points to the missing file C:/Users/jess/AppData/Local/Temp/Word8.0/MSForms.exd
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}\1.0\0\win32
Value name:
Value: C:\Program Files\BAE\BAE.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}/1.0/0/win32 points to the missing file C:/Program Files/BAE/BAE.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{C7CB459A-7261-4AE6-A87A-17041EE98A40}\3.0\0\win32
Value name:
Value: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{C7CB459A-7261-4AE6-A87A-17041EE98A40}/3.0/0/win32 points to the missing file C:/Program Files/Google/GoogleToolbarNotifier/1.2.1128.5462/swg.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{46270ABA-D71B-11DA-8750-001185653D78}\1.0\0\win32
Value name:
Value: c:\program files\google\googletoolbar1.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{46270ABA-D71B-11DA-8750-001185653D78}/1.0/0/win32 points to the missing file c:/program files/google/googletoolbar1.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{AAAF0528-2124-4DBD-9C63-C91E8C938A01}\2.0\0\win32
Value name:
Value: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{AAAF0528-2124-4DBD-9C63-C91E8C938A01}/2.0/0/win32 points to the missing file C:/Program Files/Google/GoogleToolbarNotifier/1.2.1128.5462/GoogleToolbarNotifier.exe
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0\win32
Value name:
Value: C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{D518921A-4A03-425E-9873-B9A71756821E}/1.0/0/win32 points to the missing file C:/Program Files/MyWebSearch/bar/1.bin/F3REPROX.DLL
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{462BD1C3-D71B-11DA-8750-001185653D78}\1.0\0\win32
Value name:
Value: c:\program files\google\googletoolbar2.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{462BD1C3-D71B-11DA-8750-001185653D78}/1.0/0/win32 points to the missing file c:/program files/google/googletoolbar2.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{BC8542C4-719E-49D5-90C6-CCB81A8FAC55}\1.0\0\win32
Value name:
Value: C:\Program Files\Shockwave.com\Super Collapse 3\ui\SwDRM.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{BC8542C4-719E-49D5-90C6-CCB81A8FAC55}/1.0/0/win32 points to the missing file C:/Program Files/Shockwave.com/Super Collapse 3/ui/SwDRM.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{38911DA0-E448-11D0-84A3-00DD01104159}\1.1\0\win32
Value name:
Value: C:\Windows\system32\comct332.ocx
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{38911DA0-E448-11D0-84A3-00DD01104159}/1.1/0/win32 points to the missing file C:/Windows/system32/comct332.ocx
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{434D5649-2BE5-4223-B6D8-EFC7B5A1FF79}\1.0\0\win32
Value name:
Value: C:\Program Files\Roxio\VideoUI 8\VUIMakeMovie.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{434D5649-2BE5-4223-B6D8-EFC7B5A1FF79}/1.0/0/win32 points to the missing file C:/Program Files/Roxio/VideoUI 8/VUIMakeMovie.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{EA7E74A3-3A70-43A0-8ED7-D96A09C6394D}\1.0\0\win32
Value name:
Value: C:\Program Files\Microsoft Works\wkimgsrv.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{EA7E74A3-3A70-43A0-8ED7-D96A09C6394D}/1.0/0/win32 points to the missing file C:/Program Files/Microsoft Works/wkimgsrv.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{C30C8335-D01E-456F-90BA-E367B704CD60}\1.0\0\win32
Value name:
Value: C:\Program Files\3M\PDNotes\PMBSubscriber.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{C30C8335-D01E-456F-90BA-E367B704CD60}/1.0/0/win32 points to the missing file C:/Program Files/3M/PDNotes/PMBSubscriber.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{12631F96-F37E-4975-81D5-16E871EE557B}\1.0\0\win32
Value name:
Value: C:\Program Files\RealArcade\Installer\bin\InstallerDlg.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{12631F96-F37E-4975-81D5-16E871EE557B}/1.0/0/win32 points to the missing file C:/Program Files/RealArcade/Installer/bin/InstallerDlg.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{D79B5617-38C6-41A1-BD5A-B5FE188D75AA}\1.0\0\win32
Value name:
Value: C:\Program Files\Trend Micro\Internet Security 14\TMAS_OL\TMAS_OLA.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{D79B5617-38C6-41A1-BD5A-B5FE188D75AA}/1.0/0/win32 points to the missing file C:/Program Files/Trend Micro/Internet Security 14/TMAS_OL/TMAS_OLA.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{F8501506-2B9E-4515-A5E5-09E068C2AADA}\9.0\0\win32
Value name:
Value: D:\Source\emc8\main\core\applications\DiscCopier\bin\release\FileServer9.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{F8501506-2B9E-4515-A5E5-09E068C2AADA}/9.0/0/win32 points to the missing file D:/Source/emc8/main/core/applications/DiscCopier/bin/release/FileServer9.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{DF2BBE39-40A8-433B-A279-073F48DA94B6}\1.0\0\win32
Value name:
Value: C:\Program Files\VideoLAN\VLC\axvlc.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{DF2BBE39-40A8-433B-A279-073F48DA94B6}/1.0/0/win32 points to the missing file C:/Program Files/VideoLAN/VLC/axvlc.dll
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\TypeLib\{A9826B84-9A9D-4101-ADF7-B5BC2F91A114}\1.0\0\win32
Value name:
Value: C:\Windows\Downloaded Program Files\armhelper.ocx
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{A9826B84-9A9D-4101-ADF7-B5BC2F91A114}/1.0/0/win32 points to the missing file C:/Windows/Downloaded Program Files/armhelper.ocx
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{D8F989E6-F339-4745-A952-DA0F1E57E426}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{D8F989E6-F339-4745-A952-DA0F1E57E426}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{5CBAD860-46EE-4193-8FDF-5EF8625E0CA1}\TypeLib
Value name:
Value: {81BCFB9F-5C3B-404D-B5BF-6BA3F5CE35B7}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{5CBAD860-46EE-4193-8FDF-5EF8625E0CA1}/TypeLib points to missing TypeLib {81BCFB9F-5C3B-404D-B5BF-6BA3F5CE35B7}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{F81CD990-910B-4bbf-9CB3-6A77F3D697B3}\TypeLib
Value name:
Value:
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{F81CD990-910B-4bbf-9CB3-6A77F3D697B3}/TypeLib points to missing TypeLib
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{8F085BC0-363D-4219-95BA-DC8A5E06D295}\TypeLib
Value name:
Value: {10531A7D-5C14-441A-AE9A-80F112BCC885}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{8F085BC0-363D-4219-95BA-DC8A5E06D295}/TypeLib points to missing TypeLib {10531A7D-5C14-441A-AE9A-80F112BCC885}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{92177D99-F713-4CA2-B8E5-6537F5FC0571}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{92177D99-F713-4CA2-B8E5-6537F5FC0571}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{3CC385AC-95CC-4A75-BF35-AB36AE645BCF}\TypeLib
Value name:
Value: {D7339B18-0926-46E0-A690-4A538FC1C8F8}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{3CC385AC-95CC-4A75-BF35-AB36AE645BCF}/TypeLib points to missing TypeLib {D7339B18-0926-46E0-A690-4A538FC1C8F8}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{96236A8F-9DBC-11DA-9E3F-0011114AE311}\TypeLib
Value name:
Value: {96236A84-9DBC-11DA-9E3F-0011114AE311}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{96236A8F-9DBC-11DA-9E3F-0011114AE311}/TypeLib points to missing TypeLib {96236A84-9DBC-11DA-9E3F-0011114AE311}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{7423BCD0-1679-4EFC-BB63-A35C37A4F45D}\TypeLib
Value name:
Value: {6E6EBA58-434C-43D7-AB81-4F49FB8F71EA}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{7423BCD0-1679-4EFC-BB63-A35C37A4F45D}/TypeLib points to missing TypeLib {6E6EBA58-434C-43D7-AB81-4F49FB8F71EA}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{9D13E607-106F-4892-8A83-FF9827C0A3D5}\TypeLib
Value name:
Value: {BEB70C92-90A2-4166-A7F5-DD648E36594A}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{9D13E607-106F-4892-8A83-FF9827C0A3D5}/TypeLib points to missing TypeLib {BEB70C92-90A2-4166-A7F5-DD648E36594A}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{75C11604-5C51-48B2-B786-DF5E51D10EC6}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{75C11604-5C51-48B2-B786-DF5E51D10EC6}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{5F7B1267-94A9-47F5-98DB-E99415F33AEC}\TypeLib
Value name:
Value: {04051819-616F-429B-B2B0-C1FA27B0DBBE}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{5F7B1267-94A9-47F5-98DB-E99415F33AEC}/TypeLib points to missing TypeLib {04051819-616F-429B-B2B0-C1FA27B0DBBE}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{6353E0E6-DCD5-4FBB-BF0E-88909D65376C}\TypeLib
Value name:
Value: {1EA15F3D-5825-4267-8353-045D044CAE05}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{6353E0E6-DCD5-4FBB-BF0E-88909D65376C}/TypeLib points to missing TypeLib {1EA15F3D-5825-4267-8353-045D044CAE05}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{5C94D192-CE57-404A-9BBC-C642D9C2A64D}\TypeLib
Value name:
Value: {6E6EBA58-434C-43D7-AB81-4F49FB8F71EA}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{5C94D192-CE57-404A-9BBC-C642D9C2A64D}/TypeLib points to missing TypeLib {6E6EBA58-434C-43D7-AB81-4F49FB8F71EA}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{688B0D3D-AF8F-483C-A712-8F4E9868B8DA}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{688B0D3D-AF8F-483C-A712-8F4E9868B8DA}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{96F8C0C7-F106-437D-90DC-6C92793246C4}\TypeLib
Value name:
Value: {661B6BCF-D5E8-42A6-A84D-0950ED57641D}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{96F8C0C7-F106-437D-90DC-6C92793246C4}/TypeLib points to missing TypeLib {661B6BCF-D5E8-42A6-A84D-0950ED57641D}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{14CCEF96-4580-44C4-A823-E6EFF016273B}\TypeLib
Value name:
Value: {6E6EBA58-434C-43D7-AB81-4F49FB8F71EA}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{14CCEF96-4580-44C4-A823-E6EFF016273B}/TypeLib points to missing TypeLib {6E6EBA58-434C-43D7-AB81-4F49FB8F71EA}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{73DC2813-7B96-4E2E-83EC-BB0B9DECC93A}\TypeLib
Value name:
Value: {8C5C841A-2A7B-4217-8333-0F20C088C0DE}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{73DC2813-7B96-4E2E-83EC-BB0B9DECC93A}/TypeLib points to missing TypeLib {8C5C841A-2A7B-4217-8333-0F20C088C0DE}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{A05168CF-A880-4ED4-A17A-AE0AB04EC3EE}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{A05168CF-A880-4ED4-A17A-AE0AB04EC3EE}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{A6C13C27-BA4F-43CE-B674-D6DA5321DC2A}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{A6C13C27-BA4F-43CE-B674-D6DA5321DC2A}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{07AD8473-5D37-4076-AF40-44FE70B07CD9}\TypeLib
Value name:
Value: {07AD8473-5D37-4076-AF40-44FE70B07CD9}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{07AD8473-5D37-4076-AF40-44FE70B07CD9}/TypeLib points to missing TypeLib {07AD8473-5D37-4076-AF40-44FE70B07CD9}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{80EE9910-D470-4AED-AC5D-987046FDB574}\TypeLib
Value name:
Value: {19D52A9A-379C-4720-BA00-3D396ECD24D7}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{80EE9910-D470-4AED-AC5D-987046FDB574}/TypeLib points to missing TypeLib {19D52A9A-379C-4720-BA00-3D396ECD24D7}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{75C11604-5C51-48B2-B786-DF5E51D10EC9}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{75C11604-5C51-48B2-B786-DF5E51D10EC9}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{14AA7A49-4EB1-A2A4-4FAA-7139B17C4084}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{14AA7A49-4EB1-A2A4-4FAA-7139B17C4084}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{96236A90-9DBC-11DA-9E3F-0011114AE311}\TypeLib
Value name:
Value: {96236A84-9DBC-11DA-9E3F-0011114AE311}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{96236A90-9DBC-11DA-9E3F-0011114AE311}/TypeLib points to missing TypeLib {96236A84-9DBC-11DA-9E3F-0011114AE311}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{08E2DC86-D930-4197-A29F-86176938FC78}\TypeLib
Value name:
Value: {E3D212E0-DE31-4450-AF4D-910760D68B7A}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{08E2DC86-D930-4197-A29F-86176938FC78}/TypeLib points to missing TypeLib {E3D212E0-DE31-4450-AF4D-910760D68B7A}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{91ADC906-6722-4B05-A12B-471ADDCCE132}\TypeLib
Value name:
Value: {CED735EE-2A19-4EB5-AA0C-8BFA8F775144}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{91ADC906-6722-4B05-A12B-471ADDCCE132}/TypeLib points to missing TypeLib {CED735EE-2A19-4EB5-AA0C-8BFA8F775144}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{D496FA5F-11C0-4EA8-A364-3A6BF8565EE6}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{D496FA5F-11C0-4EA8-A364-3A6BF8565EE6}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{FDCBD94E-5BD4-4988-8DFD-AF786FD5B246}\TypeLib
Value name:
Value: {90AF301F-EB7E-4395-A70B-B35D6DD6F421}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{FDCBD94E-5BD4-4988-8DFD-AF786FD5B246}/TypeLib points to missing TypeLib {90AF301F-EB7E-4395-A70B-B35D6DD6F421}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\TypeLib
Value name:
Value: {03FF4A36-9509-4BA1-B6FF-328718F74BA1}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{E50C953D-311A-481B-8F8D-C55E65AF7417}/TypeLib points to missing TypeLib {03FF4A36-9509-4BA1-B6FF-328718F74BA1}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{32D85DA2-070B-49A0-9261-E7854457A6D6}\TypeLib
Value name:
Value: {D7339B18-0926-46E0-A690-4A538FC1C8F8}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{32D85DA2-070B-49A0-9261-E7854457A6D6}/TypeLib points to missing TypeLib {D7339B18-0926-46E0-A690-4A538FC1C8F8}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{F28D5171-0577-11D4-8F60-00C04F9CF4AC}\TypeLib
Value name:
Value: {11A3B755-0562-11D4-8F60-00C04F9CF4AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{F28D5171-0577-11D4-8F60-00C04F9CF4AC}/TypeLib points to missing TypeLib {11A3B755-0562-11D4-8F60-00C04F9CF4AC}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}\TypeLib
Value name:
Value: {47A7A4B0-2723-41BA-865E-EBBB7081A602}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}/TypeLib points to missing TypeLib {47A7A4B0-2723-41BA-865E-EBBB7081A602}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{1C7556A4-0B6C-46E8-846B-30F70177AA47}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{1C7556A4-0B6C-46E8-846B-30F70177AA47}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{EC1831E0-C231-11D3-87A8-009027A35D73}\TypeLib
Value name:
Value: {EC1831D2-C231-11D3-87A8-009027A35D73}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{EC1831E0-C231-11D3-87A8-009027A35D73}/TypeLib points to missing TypeLib {EC1831D2-C231-11D3-87A8-009027A35D73}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{ABF651A1-0F07-48DF-9FF6-8B1B557669CA}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{ABF651A1-0F07-48DF-9FF6-8B1B557669CA}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{96236A85-9DBC-11DA-9E3F-0011114AE311}\TypeLib
Value name:
Value: {96236A84-9DBC-11DA-9E3F-0011114AE311}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{96236A85-9DBC-11DA-9E3F-0011114AE311}/TypeLib points to missing TypeLib {96236A84-9DBC-11DA-9E3F-0011114AE311}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{8EE4C235-F2CE-4C3B-9ADE-DD68718AE32A}\TypeLib
Value name:
Value: {4743C1A4-E33C-4495-B873-67AB9EA4E5F9}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{8EE4C235-F2CE-4C3B-9ADE-DD68718AE32A}/TypeLib points to missing TypeLib {4743C1A4-E33C-4495-B873-67AB9EA4E5F9}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{81C68D76-253A-409F-9DFE-3A815655254D}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{81C68D76-253A-409F-9DFE-3A815655254D}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{B334CA23-40EE-4556-A808-3EAA3E80517E}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{B334CA23-40EE-4556-A808-3EAA3E80517E}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{75C11604-5C51-48B2-B786-DF5E51D10EC7}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{75C11604-5C51-48B2-B786-DF5E51D10EC7}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{96236A91-9DBC-11DA-9E3F-0011114AE311}\TypeLib
Value name:
Value: {96236A84-9DBC-11DA-9E3F-0011114AE311}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{96236A91-9DBC-11DA-9E3F-0011114AE311}/TypeLib points to missing TypeLib {96236A84-9DBC-11DA-9E3F-0011114AE311}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{BBA8035D-D64B-4739-21B0-297867DC742F}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{BBA8035D-D64B-4739-21B0-297867DC742F}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{5591379C-B467-4BCA-B647-A438712504B0}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{5591379C-B467-4BCA-B647-A438712504B0}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{A3EE871D-A37E-402C-8FD2-E4E6E65A5D05}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{A3EE871D-A37E-402C-8FD2-E4E6E65A5D05}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{17E78EB8-FC82-4CB3-B82B-C8DF4A72DABF}\TypeLib
Value name:
Value: {6E6EBA58-434C-43D7-AB81-4F49FB8F71EA}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{17E78EB8-FC82-4CB3-B82B-C8DF4A72DABF}/TypeLib points to missing TypeLib {6E6EBA58-434C-43D7-AB81-4F49FB8F71EA}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{EB54205E-BF1F-11D3-87A8-009027A35D73}\TypeLib
Value name:
Value: {EB542051-BF1F-11D3-87A8-009027A35D73}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{EB54205E-BF1F-11D3-87A8-009027A35D73}/TypeLib points to missing TypeLib {EB542051-BF1F-11D3-87A8-009027A35D73}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{3AAC9C14-84F8-4879-855C-34AA3B52952E}\TypeLib
Value name:
Value: {26866851-46D4-4B25-ABFC-14FF93FB7C13}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{3AAC9C14-84F8-4879-855C-34AA3B52952E}/TypeLib points to missing TypeLib {26866851-46D4-4B25-ABFC-14FF93FB7C13}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{72B082C6-97D5-11D3-8BEC-00C04F68DDC2}\TypeLib
Value name:
Value: {72B082B9-97D5-11D3-8BEC-00C04F68DDC2}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{72B082C6-97D5-11D3-8BEC-00C04F68DDC2}/TypeLib points to missing TypeLib {72B082B9-97D5-11D3-8BEC-00C04F68DDC2}
_______________________________________ _
Entry: HKEY_CLASSES_ROOT\CLSID\{A961CCF1-646F-4B14
-
Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
ComboFix is a very powerful tool and should not be used unless instructed to do so by an expert.
Please do not attach your logs unless absolutely necessary. Copy and paste them in your reply(ies)
(http://i424.photobucket.com/albums/pp322/digistar/mbamicontw5.gif) Please download Malwarebytes Anti-Malware from here. (http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe)
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Full Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
- Please save the log to a location you will remember.
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
***************************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.
Link 1 (http://screen317.spywareinfoforum.org/SecurityCheck.exe)
Link 2 (http://screen317.changelog.fr/SecurityCheck.exe)
* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Open the Security Check folder and double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
*********************************************************
Download DDS from HERE (http://download.bleepingcomputer.com/sUBs/dds.scr) or HERE (http://www.forospyware.com/sUBs/dds) and save it to your desktop.
Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)
* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.
(http://i424.photobucket.com/albums/pp322/digistar/DDS.jpg)
1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread
Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.
•Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE (http://www.bleepingcomputer.com/forums/topic114351.html).Then post your DDS logs. (DDS.txt and Attach.txt )
-
Thanks for responding, Super Dave.
I guess my last point didn't transfer all the logs that I had pasted but after ComboFix & JavaRa,
I ran a check on:
Super Anti Spyware,
AVG,
Malwarebytes (MBAM),
CCCleaner,
and Hijackthis.
I wanted to let you know in case the programs you mentioned might conflict with these. Below I have pasted by Super Anti Spyware, MBAM and Hijackthis logs.
SUPER ANTISPYWARE
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 09/04/2011 at 00:33 AM
Application Version : 5.0.1118
Core Rules Database Version : 7644
Trace Rules Database Version: 5456
Scan type : Quick Scan
Total Scan Time : 00:27:47
Operating System Information
Windows Vista Home Premium 32-bit (Build 6.00.6000)
UAC On - Limited User (Administrator User)
Memory items scanned : 699
Memory threats detected : 0
Registry items scanned : 30223
Registry threats detected : 43
File items scanned : 8408
File threats detected : 25
Adware.MyWebSearch/FunWebProducts
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0\win32
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\FLAGS
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\HELPDIR
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version
Adware.Zango/ShoppingReport
HKCR\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}
HKCR\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}\1.0
HKCR\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}\1.0\0
HKCR\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}\1.0\0\win32
HKCR\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}\1.0\FLAGS
HKCR\TypeLib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2}\1.0\HELPDIR
HKCR\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}
HKCR\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}\1.0
HKCR\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}\1.0\0
HKCR\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}\1.0\0\win32
HKCR\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}\1.0\FLAGS
HKCR\TypeLib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF}\1.0\HELPDIR
HKCR\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}
HKCR\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}\ProxyStubClsid
HKCR\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}\ProxyStubClsid32
HKCR\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}\TypeLib
HKCR\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}\TypeLib#Version
HKCR\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
HKCR\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}\ProxyStubClsid
HKCR\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}\ProxyStubClsid32
HKCR\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}\TypeLib
HKCR\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}\TypeLib#Version
Adware.Tracking Cookie
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@2o7[2].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@apmebf[1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@atdmt[2].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@clickbank[2].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@dmtracker[1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@imrworldwide[2].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@invitemedia[1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@kontera[1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@media6degrees[1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@mediaplex[2].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@revsci[2].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@serving-sys[1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@steelhousemedia[2].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\jess@trafficmp[1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Users\jess\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
MALWAREBYTES (MBAM) SCAN
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7647
Windows 6.0.6000
Internet Explorer 7.0.6000.16982
9/4/2011 4:01:40 AM
mbam-log-2011-09-04 (04-00-42).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 280693
Time elapsed: 3 hour(s), 19 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim (Adware.Hotbar) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\[email protected] (Adware.Zango) -> Value: [email protected] -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\jess\AppData\Local\virtualstore\Windows\System32\d4fderx3_2124 (Worm.Koobface) -> No action taken.
c:\Users\jess\AppData\Local\virtualstore\Windows\System32\d4fderx3_2260 (Worm.Koobface) -> No action taken.
c:\Users\jess\AppData\Local\virtualstore\Windows\System32\d4fderx3_2368 (Worm.Koobface) -> No action taken.
c:\Users\jess\AppData\Local\virtualstore\Windows\System32\d4fderx3_2500 (Worm.Koobface) -> No action taken.
c:\Users\jess\AppData\Local\virtualstore\Windows\System32\d4fderx3_2560 (Worm.Koobface) -> No action taken.
c:\Users\jess\AppData\Local\virtualstore\Windows\System32\d4fderx3_2576 (Worm.Koobface) -> No action taken.
c:\Windows\ectbbyn.dat (KoobFace.Trace) -> No action taken.
HIJACKTHIS SCAN
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:01 AM, on 9/4/2011
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\jess\Desktop\Super Anti Virus\SUPERAntiSpyware.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe
C:\Windows\regedit.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Users\jess\Desktop\Super Anti Virus\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\program files\iolo\common\firewall\ifw_xfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Users\jess\Desktop\Super Anti Virus\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Users\jess\Desktop\Super Anti Virus\SASCORE.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9852 bytes
SHOULD I STILL PROCEED WITH THE DIRECTIONS YOU POSTED? I'VE ALREADY INSTALLED MBAM, BUT I COULD RUN ANOTHER SCAN.
Thanks for your help, Super Dave
Jess
-
Please run MBAM again and, this time, •Make sure that everything is checked, and click Remove Selected.
Now, I need to see the DDS logs. There will be two of them.