Thread: Blue Screen of Death!
View Single Post
Old 08-03-2008, 04:16 PM   #1 (permalink)
krosia
Registered User
 
Join Date: Apr 2008
Posts: 18
OS: Windows XP


Blue Screen of Death!
Somewhat =).

I had made a post on this site about 4 months ago regarding how my computer was compromised and I recieved help from "ahjin" - unfortunately I was unable to completely finish this due to the fact that I was in a horrible car crash and have been recovering since. Since then my sibling(s) have been using my computer and have managed to get several viruses on here, I hope someone can be of assistance =). I ran a DSS log as well as using a program called "ATF Cleaner.exe" as I had been recommended by some friends, however afterwards I decided they probably weren't the best source of information and so I come to this forum seeking help! Here is my DSS log:

Deckard's System Scanner v20071014.68
Run by Owner on 2008-08-03 18:15:49
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:15:52 PM, on 8/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\My Backup -- 07-08-31 1035PM\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner.Glenn\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\AIM6\oThEr\ZuneLauncher.exe"
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 3472 bytes

-- Files created between 2008-07-03 and 2008-08-03 -----------------------------

2008-08-03 17:40:25 0 d-------- C:\Program Files\Trend Micro
2008-08-03 17:32:14 0 d-------- C:\WINDOWS\system32\appmgmt
2008-08-03 14:44:53 94208 --a------ C:\WINDOWS\system32\pphc17mj0e33r.exe
2008-08-03 14:44:52 0 d-------- C:\Documents and Settings\Owner.Glenn\Application Data\rhc57mj0e33r
2008-08-03 14:44:28 60928 --a------ C:\WINDOWS\system32\blphc17mj0e33r.scr <Not Verified; Sysinternals; Sysinternals Blue Screen>
2008-08-03 14:44:25 110080 --a------ C:\WINDOWS\system32\lphc17mj0e33r.exe
2008-07-21 16:05:38 0 d-------- C:\WINDOWS\system32\CatRoot_bak


-- Find3M Report ---------------------------------------------------------------

2008-08-03 17:31:53 0 d-------- C:\Program Files\Common Files\AOL
2008-08-03 1511 0 d-------- C:\Program Files\Common Files
2008-07-15 13:24:08 0 d-------- C:\Program Files\World of Warcraft
2008-07-11 02:56:40 0 d-------- C:\Program Files\Google
2008-07-08 12:17:00 0 d-------- C:\Program Files\Common Files\Adobe
2008-07-08 12:16:11 0 d-------- C:\Documents and Settings\Owner.Glenn\Application Data\AdobeUM
2008-07-02 12:52:33 0 d-------- C:\Documents and Settings\Owner.Glenn\Application Data\.ABC
2008-06-26 11:29:00 0 d-------- C:\Program Files\DivX
2008-06-26 11:25:40 0 d-------- C:\Program Files\BearShare
2008-06-22 12:27:15 0 d-------- C:\Program Files\Picasa2
2008-06-10 14:56:55 0 d-------- C:\Program Files\Razer
2008-06-10 14:56:55 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-10 11:17:28 0 d-------- C:\Program Files\ABC
2008-06-08 11:43:44 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-06-02 21:56:00 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-05-30 19:22:48 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-30 19:22:48 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:22:48 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:22:46 815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:22:46 683520 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-25 14:49:38 35344 --a------ C:\WINDOWS\DIIUnin.dat
2008-05-25 14:48:49 21840 --a-----t C:\WINDOWS\system32\SIntfNT.dll
2008-05-25 14:48:49 17212 --a-----t C:\WINDOWS\system32\SIntf32.dll
2008-05-25 14:48:49 12067 --a-----t C:\WINDOWS\system32\SIntf16.dll
2008-05-25 13:48:07 2829 --a------ C:\WINDOWS\DIIUnin.pif
2008-05-25 13:48:06 94208 --a------ C:\WINDOWS\DIIUnin.exe <Not Verified; Blizzard Entertainment; Diablo II Uninstaller>
2008-05-22 18:22:18 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-22 18:19:46 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-22 18:19:46 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-22 18:18:54 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservicesonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices
HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce
HKEY_USERS\.default\software\microsoft\windows\currentversion\runservices
HKEY_USERS\.default\software\microsoft\windows\currentversion\run
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 4:05:56 PM]
!d;
"HideStartupScripts"=0 (0x0)
!d;
"NoDispScrSavPage"=1 (0x1)
HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run
HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\run

Written by Bobbi Flekman 2006 (C)
GeneralFlags REG_DWORD 1 (0x1)
RestoredStateInfo REG_BINARY 18000000f2010000230000007c0000007200000001000000

REGEDIT4
"DefaultDomainName"="GLENN"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\GPExtensions]
"NoGPOListChanges"=dword:00000001
2c,41,70,70,6c,69,63,61,74,69,6f,6e,29,00,00
"ProcessGroupPolicy"="ProcessGroupPolicy"
"NoGPOListChanges"=dword:00000001
"NotifyLinkTransition"=dword:00000001
"RequiresSucessfulRegistry"=dword:00000001
"MaxNoGPOListChangesInterval"=dword:00000001
"NoMachinePolicy"=dword:00000001
"RequiresSuccessfulRegistry"=dword:00000001
"RequiresSuccessfulRegistry"=dword:00000001
74,61,6c,6c,65,72,2c,41,70,70,6c,69,63,61,74,69,6f,6e,29,00,00
"NoGPOListChanges"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Notify]
"Logoff"="ChainWlxLogoffEvent"
"Logoff"="CryptnetWlxLogoffEvent"
"Asynchronous"=dword:00000001
"Asynchronous"=dword:00000001
"Logoff"="SchedEventLogOff"
"DllName"=hex(2):73,63,6c,67,6e,74,66,79,2e,64,6c,6c,00
"Asynchronous"=dword:00000001
"Disconnect"="TSEventDisconnect"
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SCLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SpecialAccounts]
"ASPNET"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Credentials]
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ cscdll.dll
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ wlnotify.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
Logoff REG_SZ WLEventLogoff
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ WlNotify.dll
!d;s/.*t//;s/
[hkey.*/n
Asynchronous REG_DWORD 0 (0x0)
!d;s/.*t//;s/
[hkey.*/n
DLLName REG_SZ wlnotify.dll

Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 140200001002000000020000900434000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000007000b000000000007000b0000003f000000020000000400010001000000000000000000000000000000440000000100560061007200460069006c00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f006e00000000000904e404f0030000010053007400720069006e006700460069006c00650049006e0066006f000000cc03000001003000340030003900300034004500340000004a001900010043006f006d006d0065006e007400730000004300720079007300740061006c002000530051004c002000440065007300690067006e0065007200200037002e0030000000000088003400010043006f006d00700061006e0079004e0061006d006500000000005300650061006700610074006500200053006f00660074007700610072006500200049006e0066006f0072006d006100740069006f006e0020004d0061006e006100670065006d0065006e0074002000470072006f00750070002c00200049006e0063002e000000ae00450001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000280063002900200031003900390031002d003100390039001000000000000000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 5409000054020000000200008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe000001000200a8112e0400000200a8112e0400003f000000200000000400000001000000000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500320030002e0032002e0030002e003100300037003000000032000900010049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b00200033000000230054020000000200008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010003009e112604000003009e11260400003f000000200000000400000001000000000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500310030002e0033002e0030002e003100300036003200000032000900010049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b0020003300000023005402000000020000200334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000400f003000000000400f00300003f0000000000000004000100010000000000000000000000000000007e020000010053007400720069006e006700460069006c00650049006e0066006f0000005a02000001003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073000000000036000b000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002e003100300030003800000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390033002d0031003900390037002000530041005000200041004700000000002800000001004c006500670061006c0054007200610064000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b0020003300000023005402000000020000180334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000400dd03000000000400dd0300003f00000000000000040001000100000000000000000000000000000078020000010053007400720069006e006700460069006c00650049006e0066006f0000005402000001003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073000000000034000a000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002e0039003800390000002c000600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390033002d0031003900390037002000530041005000200041004700000000002800000001004c006500670061006c00540072006100640065006d000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b002000330000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 5802000054020000000200006c0734000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000000000000000000000000000cc060000010053007400720069006e006700460069006c00650049006e0066006f00000054030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009c003c0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000300000002000000530065007200760069006300650020005000610063006b002000340000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 580200005402000000020000440234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100010001000c000000010001000c00000000000000000000000400000001000000000000000000000000000000440000000000560061007200460069006c00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f006e00000000000904b004a4010000010053007400720069006e006700460069006c00650049006e0066006f00000080010000010030003400300039003000340042003000000040002000010043006f006d00700061006e0079004e0061006d00650000000000440065004c006f0072006d00650020004d0061007000700069006e0067000000440022000100500072006f0064007500630074004e0061006d006500000000005200650067002000280044004c0069006200620079005c006d0073006600290000000000340014000100460069006c006500560065007200730069006f006e000000000031002e00300031002e0030003000310032000000380014000100500072006f006400750063007400560065007200730069006f006e00000031002e00300031002e003000300031003200000034001200010049006e007400650072006e0061006c004e0061006d00650000004d004e00470052004500470033003200000000000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b002000330000002300
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
GlobalFlag REG_SZ 0x00200000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
GlobalFlag REG_SZ 0x00200000
DisableHeapLookAside REG_SZ 1
DisableHeapLookAside REG_SZ 1
ApplicationGoo REG_BINARY 140200001002000000020000b40234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100350007000000000035000700000000003f00000000000000040000000100000000000000000000000000000012020000010053007400720069006e006700460069006c00650049006e0066006f000000ee010000010030003400300039003000340062003000000042001100010043006f006d00700061006e0079004e0061006d00650000000000500065006f0070006c00650053006f00660074002c00200049006e0063002e0000000000280000000100460069006c0065004400650073006300720069007000740069006f006e00000000002a0005000100460069006c006500560065007200730069006f006e000000000037002e0035003300000000009c003c0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900380038002d0031003900390038002000500065006f0070006c00650053006f00660074002c00200049006e0063002e002000200041006c006c00200052006900670068007400730020005200650073006500720076006500640000003c000a0001004f0072006900670069006e0061006c00460069006c0065006e0061006d00650000007000730064006d0074002e001000000000000000
DisableHeapLookAside REG_SZ 1
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 000700005402000000020000840734000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000000000000000000000000000e4060000010053007400720069006e006700460069006c00650049006e0066006f00000060030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009e003d0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b0020003300000024005402000000020000a40834000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000004080000010053007400720069006e006700460069006c00650049006e0066006f000000f0030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000530065007400750070000000a600410001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b0020003300000024005402000000020000180434000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000078030000010053007400720069006e006700460069006c00650049006e0066006f00000054030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009a003b0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b002000330000002400
ApplicationGoo REG_BINARY 140200001002000000020000040334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe000001001c0008000000000000000800000000003f00000000000000040000000100000000000000000000000000000064020000010053007400720069006e006700460069006c00650049006e0066006f00000040020000010030003400300039003000340062003000000044001200010043006f006d00700061006e0079004e0061006d0065000000000043006f00720065006c00200043006f00720070006f0072006100740069006f006e0000004e0013000100460069006c0065004400650073006300720069007000740069006f006e000000000043006f00720065006c002000530065007400750070002000570069007a00610072006400000000002c0006000100460069006c006500560065007200730069006f006e000000000038002e00300032003800000046001300010049006e007400650072006e0061006c004e0061006d006500000043006f00720065006c002000530065007400750070002000570069007a00610072006400000000006c00240001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390037002c00200043006f00720065006c00200043006f00720070006f0072000800000000000000
ApplicationGoo REG_BINARY 140200001002000000020000380334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010002000a0001000a0002000a0001000a000000000000000000040001000100000000000000000000000000000098020000010053007400720069006e006700460069006c00650049006e0066006f0000007402000001003000340030003900300034004500340000004a001500010043006f006d00700061006e0079004e0061006d00650000000000530079006d0061006e00740065006300200043006f00720070006f0072006100740069006f006e000000000060001c000100460069006c0065004400650073006300720069007000740069006f006e0000000000530079006d0061006e007400650063002000530079006d006500760065006e007400200049006e007300740061006c006c0065007200000034000a000100460069006c006500560065007200730069006f006e0000000000310030002e0032002e00310030002e003100000030000800010049006e007400650072006e0061006c004e0061006d006500000053004500560049004e005300540000007e002d0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020002800430029002000530079006d0061006e00740065006300200043006f0072000100000000000000
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
CheckAppHelp REG_DWORD 1 (0x1)
DisableHeapLookAside REG_SZ 1
CheckAppHelp REG_DWORD 1 (0x1)
ApplicationGoo REG_BINARY 1402000010020000000200007c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000001000900260000000100090026003f000000000000000400000001000000000000000000000000000000dc020000010053007400720069006e006700460069006c00650049006e0066006f000000b8020000010030003400300039003000340062003000000066002700010043006f006d006d0065006e0074007300000042007500730069006e00650073007300200049006e00740065006c006c006900670065006e006300650020006f006e0020004500760065007200790020004400650073006b0074006f0070000000000048001400010043006f006d00700061006e0079004e0061006d0065000000000043006f0067006e006f007300200049006e0063006f00720070006f0072006100740065006400000060001c000100460069006c0065004400650073006300720069007000740069006f006e000000000043006f0067006e006f0073002000470065006e006500720069006300200049006e007300740061006c006c006100740069006f006e00000038000c000100460069006c006500560065007200730069006f006e000000000031002c00200030002c002000330038002c0020003900000030000800010049006e007400650072006e0061006c004e0061006d00650000000100000000000000
GlobalFlag REG_SZ 0x000010F0
ApplicationGoo REG_BINARY 140200001002000000020000a40234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000001000100000000000100010000003f00000000000000010001000100000000000000000000000000000004020000010053007400720069006e006700460069006c00650049006e0066006f000000e0010000010030003400300039003000340045003400000020000000010043006f006d00700061006e0079004e0061006d00650000000000580018000100460069006c0065004400650073006300720069007000740069006f006e000000000049004e005300540041004c004c0020004d004600430020004100700070006c00690063006100740069006f006e000000300008000100460069006c006500560065007200730069006f006e000000000031002e0030002e00300030003100000030000800010049006e007400650072006e0061006c004e0061006d006500000049004e005300540041004c004c0000002400000001004c006500670061006c0043006f00700079007200690067006800740000002800000001004c006500670061006c00540072006100640065006d00610072006b0073000000000040000c0001004f0072006900670069006e0061006c00460069006c0065006e0061006d006500000049004e005300540041004c004c002e004500580045000000300008000800000000000000
"Notification Packages scecli

Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state
NextRefreshReason REG_DWORD 0 (0x0)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Extension-List
LoggingStatus REG_DWORD 0 (0x0)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Extension-List\{c6dc5466-785a-11d2-84d0-00c04fb169f7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\GPLink-List
SOM REG_SZ Local
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\GPO-List
WQL-Id REG_SZ
NextRefreshReason REG_DWORD 0 (0x0)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\Extension-List
LoggingStatus REG_DWORD 0 (0x0)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\Extension-List\{c6dc5466-785a-11d2-84d0-00c04fb169f7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\GPLink-List
SOM REG_SZ Local
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\GPO-List
WQL-Id REG_SZ
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\Loopback-GPLink-List
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\Loopback-GPO-List
NextRefreshReason REG_DWORD 0 (0x0)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-500\Extension-List
LoggingStatus REG_DWORD 0 (0x0)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-500\GPLink-List
SOM REG_SZ Local
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-500\GPO-List
WQL-Id REG_SZ
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-500\Loopback-GPLink-List
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-500\Loopback-GPO-List

Written by Bobbi Flekman 2006 (C)
SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SaslProfiles
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SCHANNEL
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\WDigest

SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\File system]
@="Driver Group"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\RpcSs]
@="Service"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\vgasave.sys]
@="Driver"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder

!d;s/t.*t/=/;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk
!d;s/t.*t/=/;s/hkey.*/[&]/;/]/{x;p;x;}
path REG_SZ C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk
!d;s/t.*t/=/;s/hkey.*/[&]/;/]/{x;p;x;}
backup REG_SZ C:\WINDOWS\pss\BigFix.lnkCommon Startup
location REG_SZ Common Startup
command REG_SZ C:\PROGRA~1\BigFix\bigfix.exe /atstartup
item REG_SZ BigFix

SteelWerX Registry Console Tool 2.0
Written by Bobbi Flekman 2006 (C)

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ aim6
hkey REG_SZ HKCU
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ AOLSP Scheduler
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ Ares
hkey REG_SZ HKCU
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ "C:\Documents and Settings\Owner.Glenn\Desktop\Ares\Ares.exe" -h
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ BearShare
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ "C:\Program Files\BearShare\BearShare.exe" /pause
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ ehtray
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ C:\WINDOWS\ehome\ehtray.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ GoogleDesktop
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ AOLHostManager
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ C:\Program Files\Common Files\AOL\1188627185\EE\AOLHostManager.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ mcagent
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ c:\PROGRA~1\mcafee.com\agent\mcagent.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ McUpdate
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ MpfTray
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKAGENTEXE
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ MskAgent
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ MSKDetct
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ NvCpl
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ NvMcTray
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ nwiz
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ nwiz.exe /install
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OASClnt
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ oasclnt
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ C:\Program Files\McAfee.com\VSO\oasclnt.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\readericon
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ readericon45G
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ C:\Program Files\Digital Media Reader\readericon45G.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ RECGUARD
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ %WINDIR%\SMINST\RECGUARD.EXE
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ Remind_XP
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ %WINDIR%\Creator\Remind_XP.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ SOUNDMAN
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ SOUNDMAN.EXE
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ GoogleToolbarNotifier
hkey REG_SZ HKCU
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ mcvsshld
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
inimapping REG_SZ 0

!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ mcmnhdlr
hkey REG_SZ HKLM
!d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;}
command REG_SZ "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
inimapping REG_SZ 0
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs










































Written by Bobbi Flekman 2006 (C)
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components
*
2,0,0,0
2,0,0,0
1.0.0.0
EN
KB913433
3,2,2,26
11,0,5721,5145
11,0,5721,5145
DirectAnimation
EN
4,7,0,0320
*
1,397,2406,1
1,0,0,0
Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
6,0,2900,2180
1 (0x1)
EN
11,0,5721,5145
4,71,1113,0
6,0,2900,2180
1,0,0,0
6,00,01,0223
5,6,0,8835
1 (0x1)
5,00,2918,1900
EN
5,0,0,1
C:\WINDOWS\system32\msieftp.dll
11,0,5721,5145
4,9,9,2
2,0,50727,0
WAB
en
en

2 (0x2)
1 (0x1)
5,5000,3130,0
6,0,2800,2180
.NET Framework
*
1,00,0000,6
.NET Framework
4,71,1968,1
2,1,4026,0
EN
4,74,9273,0
5,0,00,0




-- End of Deckard's System Scanner: finished at 2008-08-03 18:16:07 ------------

I know its quite long and I hope that whoever reads this knows what they're looking for, because I sure don't =X.

I am now not able to successfully log onto my computer, after logging on I am greeted with the same blue wallpaper as before and am currently unable to access the start menu or any other menu other than the task manager menu, which, after trying to delete different proccesses will lead to a screen that tells me for some reason (I haven't really been able to look over it and give you an exact statement on it) my computer will be restarting within 60 seconds and from there it counts down. I CAN run my cokmputer in safe mode however as you probably know that eliminates any use of the internet on that computer, so unfortunately I will have to use the one I am currently on. Tomorrow I will be buying a flash drive so I can transfer any files that are needed on my computer from the computer I am currently on, any help offered is much appreciated.

BTW: If on normal mode I cannot use the task manager's "run" command to start any new programs as far as I can tell, the only programs I've tried have been "explorer.exe" so I could see if I could access the start menu. Thanks in advance, =).
Last edited by amateur; 08-03-2008 at 10:35 PM. Reason: to retain 0-reply status
krosia is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here