Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problems getting online - Logs and info

Started by marksm , Oct 23 2007 10:51 AM

  • Please log in to reply

#1
marksm
Posted 23 October 2007 - 10:51 AM

marksm

    New Member

  • Member
  • Pip
  • 3 posts
Hello fellow geeks...I bow to your greatness.

I have an XP Home machine - SP1 .... I will explain what I have done thus far.

The machine will not connect online to web pages.

I have, however, been able to download software updates to Super Anti Spyware and AVG using their interface but it was really slow and sporadic.


So here is what I did. Please realize that I am putting on my flame resistant suit because, after reading your pages, I realize I made some mistakes. :-(

1. I dowloaded from an another machine and installed and ran AVG from Safe and normal mode - a few minor things removed. No HIGH threats - No good

2. I tried reinstalling XPhome using the repair installation where all user stuff remains intact. - no good

3. Turned off system restore and ran AVG again - No good

4. I download the NIC utility and ran test on NIC - All passed.

5. Downloaded and ran Super Anti Spyware - nothing - Still no connect. However, as I said before - the software could update itself although sporadic behavior

5. Cannot connect to Windows Update but I had a complete SP2 download from long ago and ran it. Computer now shows SP2 but many "newer" features not present - Internet still not working

6. Ran SDFIX - Found one trojan and removed it (sorry, no name) I know I know :-/

7. Vundofix found nothing

8. Ran Combo Fix, dropped the text back on it. I dont think anything was there but I'm no expert so I have attache log. Still no internet.

9. Tried turning off processes with MSConfig and rerunning scanners - nothing

10. Unistalled several programs including BitLord, Utorrent, Limewire (not my machine btw and I have already slapped the guy twice)

11. Somewhere early on I ran ATF cleaner as well and have done so several times since then


So here is the ComboFIX Script follwed by the DSS log. Thank you.


COMBOFIX TXT..

ComboFix 07-10-23.2 - Barb 2007-10-23 13:00:43.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.619 [GMT -4:00]
Running from: C:\Documents and Settings\Barb\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Barb\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-09-23 to 2007-10-23 )))))))))))))))))))))))))))))))
.

2007-10-23 12:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-23 12:48 <DIR> d-------- C:\VundoFix Backups
2007-10-23 12:41 <DIR> d-------- C:\WINDOWS\ERUNT
2007-10-23 12:04 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2007-10-23 01:45 <DIR> d-------- C:\WINDOWS\pss
2007-10-22 22:10 <DIR> d-------- C:\Program Files\3Com
2007-10-22 22:09 <DIR> d-------- C:\dell
2007-10-22 22:09 73,824 --a------ C:\WINDOWS\system32\drivers\el90Xbc5.SYS
2007-10-22 22:09 73,824 --a--c--- C:\WINDOWS\system32\dllcache\el90xbc5.sys
2007-10-22 19:10 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-10-22 19:10 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-22 19:10 <DIR> d-------- C:\Documents and Settings\Barb\Application Data\SUPERAntiSpyware.com
2007-10-22 16:46 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-10-22 16:46 73,728 --a--c--- C:\WINDOWS\system32\dllcache\icwtutor.exe
2007-10-22 16:46 61,440 --a--c--- C:\WINDOWS\system32\dllcache\icwres.dll
2007-10-22 16:46 40,960 --a--c--- C:\WINDOWS\system32\dllcache\trialoc.dll
2007-10-22 16:46 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-10-22 16:45 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-10-22 16:45 111,104 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-10-22 16:41 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-10-22 16:41 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll
2007-10-22 16:41 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-10-22 16:41 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll
2007-10-22 15:15 <DIR> d-------- C:\Documents and Settings\Barb\Application Data\DassaultSystemes
2007-10-22 12:45 <DIR> d-------- C:\Documents and Settings\Barb\Application Data\Grisoft
2007-10-22 12:45 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-10-22 12:32 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-10-21 21:58 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-10-21 21:49 1,057,760 --a------ C:\WINDOWS\system32\ati3d2ag.dll
2007-10-21 21:49 870,784 --a------ C:\WINDOWS\system32\ati3d1ag.dll
2007-10-21 21:49 701,440 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-10-21 21:49 201,728 --a------ C:\WINDOWS\system32\ati2dvag.dll
2007-10-09 15:27 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2007-10-09 15:27 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-10-09 15:26 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-10-09 15:25 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-10-09 15:25 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-10-09 15:23 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-10-09 15:23 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-10-07 14:53 96,128 --a------ C:\WINDOWS\system32\ati.dll
2007-10-07 14:53 77,568 --a------ C:\WINDOWS\system32\drivers\ati.sys
2007-10-07 14:53 38,400 --a------ C:\WINDOWS\system32\8514a.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-23 15:39 --------- d-----w C:\Program Files\Logitech
2007-10-23 06:01 --------- d-----w C:\Program Files\iTunes
2007-10-23 06:01 --------- d-----w C:\Program Files\Apple Software Update
2007-10-23 05:20 --------- d-----w C:\Program Files\Common Files\Real
2007-10-23 02:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-22 19:14 --------- d-----w C:\Program Files\BitLord
2007-10-03 16:24 --------- d-----w C:\Documents and Settings\Joe\Application Data\Apple Computer
2007-10-03 16:09 --------- d-----w C:\Documents and Settings\Joe\Application Data\LimeWire
2007-09-28 06:29 --------- d-----w C:\Documents and Settings\Joe\Application Data\AdobeUM
2007-09-28 06:19 --------- d-----w C:\Documents and Settings\Joe\Application Data\Skype
2007-09-20 19:42 --------- d-----w C:\Documents and Settings\Barb\Application Data\Ahead
2007-09-07 01:11 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2007-07-31 00:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-31 00:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-31 00:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-31 00:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-31 00:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-30 23:18 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-05-17 11:53]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-17 11:52]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 03:41]
"TCASUTIEXE"="TCAUDIAG -off" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" []
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 16:57]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 16:44 C:\WINDOWS\KHALMNPR.Exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 16:44 C:\WINDOWS\KHALMNPR.Exe]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-10-23 11:57]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-10-13 12:24]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 20:03]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 2007-10-23 11:57 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup"

R1 LUMDriver;LUMDriver;\??\C:\WINDOWS\system32\drivers\LUMDriver.sys
R2 tcaicchg;tcaicchg;\??\C:\WINDOWS\System32\tcaicchg.sys
R2 TCAITDI;TCAITDI Protocol;C:\WINDOWS\system32\DRIVERS\TCAITDI.sys

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-23 13:02:25
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-23 13:03:31
C:\ComboFix2.txt ... 2007-10-23 12:58
.
--- E O F ---


2nd COMBOFIX FILE

ComboFix 07-10-23.2 - Barb 2007-10-23 12:55:22.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.625 [GMT -4:00]
Running from: C:\Documents and Settings\Barb\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-09-23 to 2007-10-23 )))))))))))))))))))))))))))))))
.

2007-10-23 12:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-23 12:48 <DIR> d-------- C:\VundoFix Backups
2007-10-23 12:41 <DIR> d-------- C:\WINDOWS\ERUNT
2007-10-23 12:04 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2007-10-23 01:45 <DIR> d-------- C:\WINDOWS\pss
2007-10-22 22:10 <DIR> d-------- C:\Program Files\3Com
2007-10-22 22:09 <DIR> d-------- C:\dell
2007-10-22 22:09 73,824 --a------ C:\WINDOWS\system32\drivers\el90Xbc5.SYS
2007-10-22 22:09 73,824 --a--c--- C:\WINDOWS\system32\dllcache\el90xbc5.sys
2007-10-22 19:10 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-10-22 19:10 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-22 19:10 <DIR> d-------- C:\Documents and Settings\Barb\Application Data\SUPERAntiSpyware.com
2007-10-22 16:46 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-10-22 16:46 73,728 --a--c--- C:\WINDOWS\system32\dllcache\icwtutor.exe
2007-10-22 16:46 61,440 --a--c--- C:\WINDOWS\system32\dllcache\icwres.dll
2007-10-22 16:46 40,960 --a--c--- C:\WINDOWS\system32\dllcache\trialoc.dll
2007-10-22 16:46 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-10-22 16:45 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-10-22 16:45 111,104 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-10-22 16:41 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-10-22 16:41 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll
2007-10-22 16:41 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-10-22 16:41 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll
2007-10-22 15:15 <DIR> d-------- C:\Documents and Settings\Barb\Application Data\DassaultSystemes
2007-10-22 12:45 <DIR> d-------- C:\Documents and Settings\Barb\Application Data\Grisoft
2007-10-22 12:45 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-10-22 12:32 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-10-21 21:58 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-10-21 21:49 1,057,760 --a------ C:\WINDOWS\system32\ati3d2ag.dll
2007-10-21 21:49 870,784 --a------ C:\WINDOWS\system32\ati3d1ag.dll
2007-10-21 21:49 701,440 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-10-21 21:49 201,728 --a------ C:\WINDOWS\system32\ati2dvag.dll
2007-10-09 15:27 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2007-10-09 15:27 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-10-09 15:26 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-10-09 15:25 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-10-09 15:25 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-10-09 15:23 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-10-09 15:23 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-10-07 14:53 96,128 --a------ C:\WINDOWS\system32\ati.dll
2007-10-07 14:53 77,568 --a------ C:\WINDOWS\system32\drivers\ati.sys
2007-10-07 14:53 38,400 --a------ C:\WINDOWS\system32\8514a.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-23 15:39 --------- d-----w C:\Program Files\Logitech
2007-10-23 06:01 --------- d-----w C:\Program Files\iTunes
2007-10-23 06:01 --------- d-----w C:\Program Files\Apple Software Update
2007-10-23 05:20 --------- d-----w C:\Program Files\Common Files\Real
2007-10-23 02:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-22 19:14 --------- d-----w C:\Program Files\BitLord
2007-10-03 16:24 --------- d-----w C:\Documents and Settings\Joe\Application Data\Apple Computer
2007-10-03 16:09 --------- d-----w C:\Documents and Settings\Joe\Application Data\LimeWire
2007-09-28 06:29 --------- d-----w C:\Documents and Settings\Joe\Application Data\AdobeUM
2007-09-28 06:19 --------- d-----w C:\Documents and Settings\Joe\Application Data\Skype
2007-09-20 19:42 --------- d-----w C:\Documents and Settings\Barb\Application Data\Ahead
2007-09-07 01:11 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2007-07-31 00:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-31 00:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-31 00:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-31 00:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-31 00:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-30 23:18 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-05-17 11:53]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-17 11:52]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 03:41]
"TCASUTIEXE"="TCAUDIAG -off" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" []
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 16:57]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 16:44 C:\WINDOWS\KHALMNPR.Exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 16:44 C:\WINDOWS\KHALMNPR.Exe]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-10-23 11:57]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-10-13 12:24]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 20:03]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 2007-10-23 11:57 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup"

R1 LUMDriver;LUMDriver;\??\C:\WINDOWS\system32\drivers\LUMDriver.sys
R2 tcaicchg;tcaicchg;\??\C:\WINDOWS\System32\tcaicchg.sys
R2 TCAITDI;TCAITDI Protocol;C:\WINDOWS\system32\DRIVERS\TCAITDI.sys

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-23 12:57:20
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-23 12:58:27
.
--- E O F ---

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX


DSS FILE

Deckard's System Scanner v20071014.68
Run by Barb on 2007-10-23 13:34:23
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
10: 2007-10-23 17:34:31 UTC - RP10 - Deckard's System Scanner Restore Point
9: 2007-10-23 17:00:16 UTC - RP9 - ComboFix created restore point
8: 2007-10-23 16:54:53 UTC - RP8 - ComboFix created restore point
7: 2007-10-23 15:44:12 UTC - RP7 - Removed WinZip 11.1
6: 2007-10-23 15:40:18 UTC - RP6 - Removed MSXML 4.0 SP2 (KB936181)


-- First Restore Point --
1: 2007-10-23 06:50:54 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-10-23 13:36:39
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Barb\Desktop\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cnn.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG -off
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} () - http://download.micr...D0C/wmv9dmo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1181509382640
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1193070637609
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATM Service (ATMsrvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\ATMsrvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe


--
End of file - 6552 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 LUMDriver - c:\windows\system32\drivers\lumdriver.sys <Not Verified; IBM; LUM application>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R2 tcaicchg - c:\windows\system32\tcaicchg.sys <Not Verified; 3Com Corporation; 3Com Windows NT NIC Diagnostic/Configuration>
R2 TCAITDI (TCAITDI Protocol) - c:\windows\system32\drivers\tcaitdi.sys <Not Verified; 3Com Corporation; 3Com Windows NT NIC Diagnostic TDI Driver>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>

S3 WpdUsb - c:\windows\system32\drivers\wpdusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>

S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S4 ATMsrvc (ATM Service) - c:\windows\system32\atmsrvc.exe <Not Verified; Adobe Systems Incorporated; Adobe Type Manager>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2007-09-23 and 2007-10-23 -----------------------------

2007-10-23 12:48:49 0 d-------- C:\VundoFix Backups
2007-10-23 12:41:57 0 d-------- C:\WINDOWS\ERUNT
2007-10-23 12:04:13 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2007-10-23 02:57:08 0 d-------- C:\WINDOWS\Prefetch
2007-10-23 01:45:44 0 d-------- C:\WINDOWS\pss
2007-10-23 01:20:34 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2007-10-22 22:10:15 0 d-------- C:\WINDOWS\OPTIONS
2007-10-22 22:10:12 41852 --a------ C:\WINDOWS\system32\UpdDrv2K.exe <Not Verified; 3Com Corporation; UpdDrv2k.exe>
2007-10-22 22:10:12 569344 --a------ C:\WINDOWS\system32\UN3CDiag.exe <Not Verified; 3Com Corporation; NIC Driver Update Program>
2007-10-22 22:10:07 65173 --a------ C:\WINDOWS\system32\TDInst2K.exe <Not Verified; 3Com; TDINST2K>
2007-10-22 22:10:07 125952 --a------ C:\WINDOWS\system32\TCAUPROT.DLL <Not Verified; 3Com Corp.; 3Com Corp. tcauprot>
2007-10-22 22:10:07 266240 --a------ C:\WINDOWS\system32\TCAUM90X.DLL <Not Verified; 3Com Corporation; 3Com NIC Diagnostic/Configuration Utility>
2007-10-22 22:10:07 1333760 --a------ C:\WINDOWS\system32\TCAUDIAG.EXE <Not Verified; ; TouchDown Application>
2007-10-22 22:10:07 200751 --a------ C:\WINDOWS\system32\TCAMHWAC.DLL <Not Verified; 3Com Corporation; 3Com NIC Diagnostic/Configuration>
2007-10-22 22:10:07 19534 --a------ C:\WINDOWS\system32\TCAITDI.SYS <Not Verified; 3Com Corporation; 3Com Windows NT NIC Diagnostic TDI Driver>
2007-10-22 22:10:07 21233 --a------ C:\WINDOWS\system32\TCAICCHG.SYS <Not Verified; 3Com Corporation; 3Com Windows NT NIC Diagnostic/Configuration>
2007-10-22 22:10:07 19534 --a------ C:\WINDOWS\system32\drivers\TCAITDI.SYS <Not Verified; 3Com Corporation; 3Com Windows NT NIC Diagnostic TDI Driver>
2007-10-22 22:10:07 98304 --a------ C:\WINDOWS\system32\Deinit.exe <Not Verified; ; Deinit Application>
2007-10-22 22:10:07 0 d-------- C:\Program Files\3Com
2007-10-22 22:09:40 0 d-------- C:\dell
2007-10-22 19:10:39 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-10-22 19:10:32 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-10-22 19:10:32 0 d-------- C:\Documents and Settings\Barb\Application Data\SUPERAntiSpyware.com
2007-10-22 19:10:14 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-22 16:28:36 0 d-------- C:\WINDOWS\setup.pss
2007-10-22 16:03:07 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-10-22 16:03:07 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2007-10-22 16:03:07 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-10-22 16:03:07 0 d--h----- C:\Documents and Settings\Administrator\Recent
2007-10-22 16:03:07 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-10-22 16:03:07 1572864 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-10-22 16:03:07 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-10-22 16:03:07 0 d-------- C:\Documents and Settings\Administrator\My Documents
2007-10-22 16:03:07 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-10-22 16:03:07 0 d-------- C:\Documents and Settings\Administrator\Favorites
2007-10-22 16:03:07 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-10-22 16:03:07 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2007-10-22 16:03:07 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-10-22 16:03:07 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-10-22 15:15:10 0 d-------- C:\Documents and Settings\Barb\Application Data\DassaultSystemes
2007-10-22 12:45:22 0 d-------- C:\Documents and Settings\Barb\Application Data\Grisoft
2007-10-22 12:45:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-10-02 21:23:48 1523712 --a------ C:\Documents and Settings\Mark\ntuser.dat
2007-10-02 21:23:47 3579904 --a------ C:\Documents and Settings\Barb\ntuser.dat


-- Find3M Report ---------------------------------------------------------------

2007-10-23 11:39:18 0 d-------- C:\Program Files\Logitech
2007-10-23 02:30:51 0 d-------- C:\Program Files\Movie Maker
2007-10-23 02:30:42 0 d-------- C:\Program Files\Windows NT
2007-10-23 02:06:13 0 d-------- C:\Program Files\Common Files
2007-10-23 02:01:40 0 d-------- C:\Program Files\iTunes
2007-10-23 02:01:06 0 d-------- C:\Program Files\Apple Software Update
2007-10-23 01:20:37 0 d-------- C:\Program Files\Common Files\Real
2007-10-22 22:10:07 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-10-22 18:50:24 0 d--h----- C:\Program Files\WindowsUpdate
2007-10-22 16:45:59 22744 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-10-22 15:14:45 0 d-------- C:\Program Files\BitLord
2007-09-30 19:28:24 0 d-------- C:\Documents and Settings\Barb\Application Data\Real
2007-09-20 15:42:32 0 d-------- C:\Documents and Settings\Barb\Application Data\Ahead


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [05/17/2007 11:53 AM]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [05/17/2007 11:52 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/19/2006 03:41 AM]
"TCASUTIEXE"="TCAUDIAG -off" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" []
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [03/01/2007 04:57 PM]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [01/23/2007 04:44 PM C:\WINDOWS\KHALMNPR.Exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [01/23/2007 04:44 PM C:\WINDOWS\KHALMNPR.Exe]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [10/23/2007 11:57 AM]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [10/13/2004 12:24 PM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [06/27/2007 08:03 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [2/3/2007 6:54:14 PM]
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2/5/2007 10:25:53 AM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2/19/2006 5:21:22 AM]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [6/26/2007 8:32:33 PM]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 10/23/2007 11:57 AM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

*Newly Created Service* - CATCHME



-- End of Deckard's System Scanner: finished at 2007-10-23 13:41:49 ------------


DSS EXTRA

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 2.40GHz
Percentage of Memory in Use: 48%
Physical Memory (total/avail): 1023.01 MiB / 524.16 MiB
Pagefile Memory (total/avail): 2464.02 MiB / 2138.86 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1921.45 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 33.88 GiB total, 19.02 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - FUJITSU MAN3367MP SCSI Disk Device - 33.91 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 33.88 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is disabled.
AUState says computer has updates disabled.
Windows Internal Firewall is enabled.


[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Barb\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=B-2HJLREQOLZIWP
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Barb
LOGONSERVER=\\B-2HJLREQOLZIWP
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0204
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Barb\LOCALS~1\Temp
TMP=C:\DOCUME~1\Barb\LOCALS~1\Temp
USERDOMAIN=B-2HJLREQOLZIWP
USERNAME=Barb
USERPROFILE=C:\Documents and Settings\Barb
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Barb (admin)
Joe (admin)
Kerri (admin)
Mark (admin)
other (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNINST.EXE -f"C:\Program Files\Adobe\Illustrator 8.0\DeIsL1.isu" -c"C:\Program Files\Adobe\Illustrator 8.0\Uninst.dll"
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3Com NIC Diagnostics --> un3cdiag.exe /remove
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe PageMaker 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\PageMaker 7.0\Uninst.isu" -c"C:\Program Files\Adobe\PageMaker 7.0\Uninst.dll"
Adobe Photoshop 6.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe Type Manager 4.1 --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Adobe Type Manager\DeIsL1.isu" -c"C:\Program Files\Adobe Type Manager\UNINST.DLL"
Apple Mobile Device Support --> MsiExec.exe /I{8FC46258-0843-4D79-B7F0-F2B82FE6173B}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Corel Graphics Suite 11 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{07A540AB-D785-11D5-8E89-0090275862A0}
Gravis Xperience 4.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13599F5D-20A2-449A-BA81-A7D8B98A8DF1}\Setup.exe" -u
Hallmark Smilebox --> "C:\Documents and Settings\Barb\Application Data\Smilebox\uninstall.exe"
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0.A --> C:\Program Files\HP\Digital Imaging\{A9F5421F-DA70-4C77-BB97-8D77EC33ED5E}\setup\hpzscr01.exe -datfile hposcr09.dat
HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
KhalSetup --> MsiExec.exe /I{C89C8D86-4423-4A58-AA40-DD259ACE07C1}
Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech QuickCam --> MsiExec.exe /X{EFA2BBEB-CF93-493B-904B-1B970B8DFAB6}
Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
Logitech® Camera Driver --> "C:\Program Files\Common Files\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{20110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
MVision --> MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Nero 7 Ultra Edition --> MsiExec.exe /X{26D3E377-1DCA-4043-9410-B4A9BACF1033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OCR Software by I.R.I.S 7.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type440 / Error
Event Submitted/Written: 10/23/2007 01:40:03 PM
Event ID/Source: 3 / crypt32
Event Description:
Failed auto update retrieval of third-party root list cab from: <http://www.download....uthrootstl.cab> with error: This operation returned because the timeout period expired.

Event Record #/Type438 / Error
Event Submitted/Written: 10/23/2007 01:38:45 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The specified server cannot perform the requested operation.

Event Record #/Type437 / Error
Event Submitted/Written: 10/23/2007 01:38:45 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This operation returned because the timeout period expired.

Event Record #/Type436 / Error
Event Submitted/Written: 10/23/2007 01:38:00 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This operation returned because the timeout period expired.

Event Record #/Type432 / Warning
Event Submitted/Written: 10/23/2007 00:48:09 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{EFA2BBEB-CF93-493B-904B-1B970B8DFAB6}', feature 'QuickCam' failed during request for component '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type45054 / Warning
Event Submitted/Written: 10/23/2007 00:51:40 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00065BDD6BAE. The following
error occurred:
%%121.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Event Record #/Type44926 / Error
Event Submitted/Written: 10/23/2007 00:46:32 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Parallel port driver service failed to start due to the following error:
%%1058

Event Record #/Type44923 / Error
Event Submitted/Written: 10/23/2007 00:41:51 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AFD
AVG Anti-Spyware Driver
Fips
IPSec
LUMDriver
MRxSmb
NetBIOS
NetBT
Processor
RasAcd
Rdbss
SASDIFSV
SASKUTIL
Tcpip

Event Record #/Type44922 / Error
Event Submitted/Written: 10/23/2007 00:41:51 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31

Event Record #/Type44921 / Error
Event Submitted/Written: 10/23/2007 00:41:51 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%31



-- End of Deckard's System Scanner: finished at 2007-10-23 13:41:49 ------------



DSS MOVED

Directories/Files moved to C:\Deckard\System Scanner\backup


-*- End of Logfile -*-
  • 0

Advertisements

#2
marksm
Posted 23 October 2007 - 04:17 PM

marksm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
UPDATE:

OK, so in an act of defiance and desparation, I disabled the onboard NIC and installed another. Voila! I'm now online again. Ok so I'm installing windows updates at a furious pace and it occurred to me to wait to see if you guys find anything in the logs before I keep installing. Thank you for your time. I will await your response before we close the thread if need be.

Mark
  • 0

#3
marksm
Posted 29 October 2007 - 12:41 PM

marksm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
I looked for a way to close this post and could not find one. Would an admin please post it closed and resolved. Thank you
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP