Thank you for the help.
When I did the steps, I checked the "04 - HKLM\etc., and there was an error message about the module wasn't found; I continued with the rest of the steps. Somehow I ended up with 3 reports from DSS.
Here are the logs.
Username "Pfiztner" - 04/11/2008 17:39:33 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdkmj.exe"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.115.28 85.255.112.196" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{2747D41E-0F4E-4DBA-B010-57F6A5C13779}
"nameserver"="85.255.115.28,85.255.112.196" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{DDECBACB-98E0-46FF-9CDD-3A33D96C4A46}
"nameserver"="85.255.115.28,85.255.112.196" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{2747D41E-0F4E-4DBA-B010-57F6A5C13779}
"DhcpNameServer"="85.255.115.28,85.255.112.196" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{CEB484E8-6F6F-4B73-9D9E-76E9C0328324}
"DhcpNameServer"="85.255.115.28,85.255.112.196" <Value cleared.
Could not flush the DNS Resolver Cache: Function failed during execution.
System was rebooted successfully.
~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PRISMSVR.EXE"="\"C:\\WINDOWS\\system32\\PRISMSVR.EXE\" /APPLY"
"YBrowser"="C:\\PROGRA~1\\Yahoo!\\browser\\ybrwicon.exe"
"ymetray"="\"C:\\Program Files\\Yahoo!\\Yahoo! Music Engine\\YahooMusicEngine.exe\" -preload"
"YOP"="C:\\PROGRA~1\\Yahoo!\\YOP\\yop.exe /autostart"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"LogitechCommunicationsManager"="\"C:\\Program Files\\Common Files\\Logitech\\LComMgr\\Communications_Helper.exe\""
"LogitechQuickCamRibbon"="\"C:\\Program Files\\Logitech\\QuickCam10\\QuickCam10.exe\" /hide"
"LVCOMSX"="\"C:\\Program Files\\Common Files\\Logitech\\LComMgr\\LVComSX.exe\""
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"osCheck"="\"C:\\Program Files\\Norton Internet Security\\osCheck.exe\""
"My Web Search Bar"="rundll32 C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\MWSBAR.DLL,S"
"HP Software Update"="\"C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\""
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""
"Symantec PIF AlertEng"="\"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PIFSvc.exe\" /a /m \"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\AlertEng.dll\""
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet"
"msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"MySpaceIM"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Duron processor
Percentage of Memory in Use: 59%
Physical Memory (total/avail): 375.48 MiB / 150.28 MiB
Pagefile Memory (total/avail): 906.14 MiB / 353.46 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1929.37 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 37.27 GiB total, 23.81 GiB free.
D: is CDROM (No Media)
E: is Removable (No Media)
\\.\PHYSICALDRIVE0 - WDC WD400BB-00DEA0 - 37.27 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.27 GiB - C:
\\.\PHYSICALDRIVE1 - HP Photosmart 2610 USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: Norton Internet Security v2007 (Symantec Corporation)
AV: Norton Internet Security v2007 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE:*:Enabled:Yahoo! Messenger"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Pfiztner\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PENNI-9BA35ECCA
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Pfiztner
LOGONSERVER=\\PENNI-9BA35ECCA
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 3 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0301
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Pfiztner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Pfiztner\LOCALS~1\Temp
USERDOMAIN=PENNI-9BA35ECCA
USERNAME=Pfiztner
USERPROFILE=C:\Documents and Settings\Pfiztner
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Pfiztner
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35B8CC58-F128-4169-82EB-0E6CB0C3AFE6}\setup.exe" -l0x9 -uninst
ArcSoft VideoImpression 1.6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEF2E5A3-0317-4822-B930-8B721EB483E4}\setup.exe" -l0x9 -uninst
AT&T Yahoo! Applications --> C:\PROGRA~1\Yahoo!\Common\uninstall.exe
AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Bar888 --> C:\Program Files\Common Files\{34778973-0352-1033-1118-020330200001}\UnInstall.exe
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Canon Camera Support Core Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{26BDE7D8-93F0-4A07-AD47-1707DB417941} /l1033
Canon Camera Window for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}
Canon MovieEdit Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DE286975-ACF1-45B8-9EF7-34E162B2C817}
Canon PhotoRecord --> MsiExec.exe /X{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}
Canon RAW Image Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}
Canon RemoteCapture Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}
Canon Utilities PhotoStitch 3.1 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}
Canon Utilities ZoomBrowser EX --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
CouponBar --> regsvr32 /u /s "C:\WINDOWS\CouponBarIE.dll"
Digital Camera --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1205500-2179-11D7-B0B9-0000E24D4B29}\setup.exe"
Dinosaur Adventure 3-D --> C:\WINDOWS\IsUninst.exe -fC:\KA\DINO3D4\DeIsL1.isu
Form Fill (Windows Live Toolbar) --> MsiExec.exe /X{548B3DC6-2300-47E1-BA7B-74AD25F8DEBF}
getPlus®_ocx --> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall
Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Pack Screensaver --> C:\WINDOWS\Google Pack Screensaver Uninstaller.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB910998) --> "C:\WINDOWS\$NtUninstallKB910998$\spuninst\spuninst.exe"
HP Image Zone 4.2 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2 --> "C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update --> MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech QuickCam --> MsiExec.exe /X{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC}
Logitech Video Enumerator --> MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Logitech® Camera Driver --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Macromedia Flash Player 8 --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
Map Button (Windows Live Toolbar) --> MsiExec.exe /X{7745B7A9-F323-4BB9-9811-01BF57A028DA}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
My Web Search (Zwinky) --> rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsbar.dll,O
MySpaceIM --> C:\Program Files\MySpace\IM\Uninstall.exe
Norton AntiVirus --> MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
Norton Internet Security --> MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B}
Norton Internet Security --> MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_3_0_12\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
Norton Protection Center --> MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
OneCare Advisor (Windows Live Toolbar) --> MsiExec.exe /X{53B2CFE9-A508-4457-B2CA-5D253536BFB7}
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Pdf995 --> C:\Program Files\pdf995\setup.exe uninstall
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
Popup Blocker (Windows Live Toolbar) --> MsiExec.exe /X{66A7A386-6F35-41A7-A731-101F0C0153C8}
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Rhapsody Player Engine --> MsiExec.exe /I{30C2FCD0-FF7B-4FFA-8DDE-43A22E01A1E7}
Safari --> MsiExec.exe /I{F0E8F94D-6E68-4B35-92DF-3AA6DC6A6768}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Smart Menus (Windows Live Toolbar) --> MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Tabbed Browsing (Windows Live Toolbar) --> MsiExec.exe /X{47FBF7F9-FBD3-43EF-823B-7684D56C1962}
TrueMobile 1300 USB 2.0 WLAN --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}\setup.exe" -l0x9 -L0x9
UMVPLStandalone --> MsiExec.exe /X{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}
Windows Live Favorites for Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Outlook Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{35E1A8C8-6646-4101-B0AA-42D1EB2AB3AE}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar --> MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar Extension (Windows Live Toolbar) --> MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}
Windows Live Toolbar Feed Detector (Windows Live Toolbar) --> MsiExec.exe /X{68108E66-D13A-4EE8-A6F4-40E4B90C2A26}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type48082 / Error
Event Submitted/Written: 04/11/2008 06:54:15 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error
Initialization of the COM subsystem failed. Error code: 0x8007041D
Event Record #/Type48065 / Warning
Event Submitted/Written: 04/11/2008 06:37:31 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x8007043C
Event Record #/Type48062 / Error
Event Submitted/Written: 04/11/2008 06:26:12 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application MySpaceIM.exe, version 1.0.754.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type48061 / Error
Event Submitted/Written: 04/11/2008 06:24:39 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application YahooMessenger.exe, version 8.1.0.200, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type48032 / Error
Event Submitted/Written: 04/11/2008 05:18:53 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error
Initialization of the COM subsystem failed. Error code: 0x8007041D
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type48835 / Error
Event Submitted/Written: 04/11/2008 06:54:22 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The LiveUpdate service failed to start due to the following error:
%%1053
Event Record #/Type48834 / Error
Event Submitted/Written: 04/11/2008 06:54:22 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
Event Record #/Type48833 / Error
Event Submitted/Written: 04/11/2008 06:54:12 PM / 04/11/2008 06:54:14 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1053" attempting to start the service LiveUpdate with arguments ""
in order to run the server:
{03E0E6C2-363B-11D3-B536-00902771A435}
Event Record #/Type48831 / Error
Event Submitted/Written: 04/11/2008 06:53:45 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The Computer Browser service terminated with the following error:
%%1460
Event Record #/Type48825 / Error
Event Submitted/Written: 04/11/2008 06:51:36 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {063D34A4-BF84-4B8D-B699-E8CA06504DDE} did not register with DCOM within the required timeout.
-- End of Deckard's System Scanner: finished at 2008-04-11 19:13:08 ------------
Deckard's System Scanner v20071014.68
Run by Pfiztner on 2008-04-11 19:00:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
13: 2008-04-12 00:01:14 UTC - RP354 - Deckard's System Scanner Restore Point
12: 2008-04-11 08:28:49 UTC - RP353 - System Checkpoint
11: 2008-04-10 08:26:36 UTC - RP352 - System Checkpoint
10: 2008-04-09 08:06:56 UTC - RP351 - Software Distribution Service 3.0
9: 2008-04-08 22:20:44 UTC - RP350 - Installed SUPERAntiSpyware Free Edition
-- First Restore Point --
1: 2008-04-03 12:43:24 UTC - RP342 - infected 2nd
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 80% (more than 75%).Total Physical Memory: 376 MiB (512 MiB recommended).-- HijackThis (run as Pfiztner.exe) --------------------------------------------
logfile has no content; running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-11 19:07:15
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\PRISMSVR.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Yahoo!\YOP\yop.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Yahoo!\browser\ycommon.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Documents and Settings\Pfiztner\Desktop\dss.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.microsoft...amp;ar=iesearchR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://att.my.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://home.microsof...search.asp?p=%sR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://yahoo.sbc.com/dslR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.sbc.com/dslR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [ymetray] "C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" -preload
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: ymetray.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.liv...m/quickadd.aspxO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?f20c254212384f4d82fd062d36704e96
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?f20c254212384f4d82fd062d36704e96
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Pfiztner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoft...s/as2stubie.cabO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace....ploader1005.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1149978645955O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) -
https://webdl.symant...ex/symdlmgr.cabO16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) -
http://download.yaho...mail/ymmapi.dllO16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) -
http://www.superadbl...ivex/sabspx.cabO16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) -
http://download.yaho...alls/yab_af.cabO16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) -
http://ak.imgag.com/...tall/AxCtp2.cabO16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
http://www.adobe.com...obat/nos/gp.cabO16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) -
http://photos.yahoo....plorer1_9us.cabO16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.h.../qdiagh.cab?326O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{7035F5E9-4DE1-4545-819F-060D675EBD86}: NameServer = 68.94.156.1 68.94.157.1
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPcservice.exe
--
End of file - 14649 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080411-182907-938 O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
backup-20080411-182908-320 O8 - Extra context menu item: &Search -
http://edits.mywebse...arch.jhtml?p=ZJ-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.6) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S1 SABKUTIL - c:\program files\superadblocker.com\super ad blocker\sabkutil.sys (file missing)
S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing)
S3 SABProcEnum - c:\progra~1\yahoo!\browser\sabprocenum.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
S3 YPCService - c:\windows\system32\ypcser~1.exe <Not Verified; Yahoo! Inc.; YPCService Module>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-04-11 17:32:50 256 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-04-10 12:39:12 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-04-07 20:03:11 628 --a------ C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Pfiztner.job
-- Files created between 2008-03-11 and 2008-04-11 -----------------------------
2008-04-10 13:14:38 0 d-------- C:\Program Files\Safari
2008-04-10 13:05:55 0 d-------- C:\Program Files\iPod
2008-04-10 13:05:25 0 d-------- C:\Program Files\iTunes
2008-04-10 12:58:36 0 d-------- C:\Program Files\QuickTime
2008-04-09 16:33:50 0 d-------- C:\Program Files\Trend Micro
2008-04-08 19:15:36 0 d-------- C:\Program Files\Panda Security
2008-04-08 17:20:49 0 d-------- C:\Documents and Settings\Pfiztner\Application Data\SUPERAntiSpyware.com
2008-04-08 17:19:49 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-01 12:23:19 0 d-------- C:\Documents and Settings\Pfiztner\Application Data\Grisoft
2008-04-01 12:22:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-31 08:52:01 0 d-------- C:\Documents and Settings\Pfiztner\Application Data\SuperAdBlocker.com
2008-03-31 08:47:26 0 d-------- C:\Program Files\SuperAdBlocker.com
2008-03-30 15:37:54 0 d--hs---- C:\WINDOWS\ftpcache
-- Find3M Report ---------------------------------------------------------------
2008-04-11 19:09:16 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-11 12:40:45 1744 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-04-08 17:20:58 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-04-08 17:19:49 0 d-------- C:\Program Files\Common Files
2008-03-31 14:26:13 0 d-------- C:\Program Files\Coupons
2008-03-11 15:16:21 1632 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-02-27 09:40:40 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-13 16:43:31 0 d-------- C:\Program Files\Bonjour
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PRISMSVR.EXE"="C:\WINDOWS\system32\PRISMSVR.exe" [11/20/2003 02:12 PM]
"YBrowser"="C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe" [07/21/2006 05:19 PM]
"ymetray"="C:\Program Files\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe" [10/03/2006 01:04 PM]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [07/21/2006 11:43 AM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/06/2005 11:46 PM]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [06/26/2006 09:46 AM]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [06/26/2006 10:34 AM]
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [06/26/2006 10:33 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/09/2007 11:59 PM]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [02/07/2007 05:39 PM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/12/2004 01:38 PM]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [05/12/2004 03:18 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 02:11 AM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [11/28/2007 08:51 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 04:25 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [10/26/2006 10:21 PM]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 12:34 PM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [02/01/2008 03:32 PM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02/29/2008 04:03 PM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoAdminPage"=1
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 12:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
*Newly Created Service* - COMHOST
-- End of Deckard's System Scanner: finished at 2008-04-11 19:13:08 ------------
Directories/Files moved to C:\Deckard\System Scanner\backup
2008-04-10 09:09:25 0 d-------- C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\Adobe_Downloads
2008-04-11 18:23:58 47122 --a-----t C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\DIO2.tmp
2008-04-10 09:43:30 47122 --a-----t C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\DIO25.tmp
2008-04-08 17:00:41 47122 --a-----t C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\DIO4.tmp
2008-04-09 03:29:28 47122 --a-----t C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\DIO5.tmp
2008-04-10 09:02:24 47122 --a-----t C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\DIO6.tmp
2008-04-11 17:15:49 47122 --a-----t C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\DIO7.tmp
2008-04-11 18:51:04 47122 --a-----t C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\DIO8.tmp
2008-04-10 13:07:10 305 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\GEARInstall.log
2008-04-11 17:34:46 0 d-------- C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\hsperfdata_Pfiztner
2008-04-11 17:34:43 3695 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\java_install_reg.log
2008-04-11 18:54:08 4028 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\jusched.log
2008-04-11 18:54:40 3918 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\LVCOMSX.LOG
2003-11-06 21:04:58 5922304 -ra------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\netfx.msi
2003-11-06 21:05:02 14638644 -ra------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\netfx1.cab
2008-04-10 09:06:34 437 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\nosget_start_manager.html
2008-04-08 16:53:46 194 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\osCheck Vista Migration 2008-04-08 16h53m37s.log
2008-04-09 03:25:25 194 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\osCheck Vista Migration 2008-04-09 03h25m23s.log
2008-04-09 16:21:56 194 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\osCheck Vista Migration 2008-04-09 16h21m55s.log
2008-04-11 17:11:49 194 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\osCheck Vista Migration 2008-04-11 17h11m48s.log
2008-04-11 18:17:32 194 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\osCheck Vista Migration 2008-04-11 18h17m32s.log
2008-04-11 18:47:23 194 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\osCheck Vista Migration 2008-04-11 18h47m21s.log
2008-04-09 07:50:53 27937 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\PSSysChk.log
2008-04-10 13:03:28 2463 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\QTInstallCode.log
2008-04-10 13:00:28 3437 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\qtplugin.log
2008-02-29 16:03:44 146672 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\SSUPDATE.EXE <Verified; SUPERAntiSpyware.com; SUPERAntiSpyware Update Application>
2008-04-11 18:54:29 1045 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\TWAIN.LOG
2008-04-11 18:54:28 4 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\Twain001.Mtx
2008-04-11 18:54:25 156 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\Twunk001.MTX
2008-04-08 17:01:18 0 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\Twunk002.MTX
2008-04-10 09:20:19 0 d-------- C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\WLTB Custom Button Feeds
2008-04-09 19:13:57 1404 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\wmplog00.sqm
2008-04-09 19:15:07 1404 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\wmplog01.sqm
2008-04-09 19:19:11 1404 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\wmplog02.sqm
2008-04-09 19:19:51 1404 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\wmplog03.sqm
2008-04-09 19:20:39 1668 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\wmplog04.sqm
2008-04-11 12:32:33 1404 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\wmplog05.sqm
2008-04-11 18:47:14 0 d-------- C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\WPDNSE
2008-04-09 07:50:25 0 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\_PR7.tmp
2008-04-09 07:50:41 110780 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\_PR8.tmp
2008-04-11 17:13:27 16384 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\~DF150A.tmp
2008-04-08 17:00:30 16384 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\~DF21A9.tmp
2008-04-09 16:23:41 16384 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\~DF32C2.tmp
2008-04-08 17:05:55 16384 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\~DF5AEB.tmp
2008-04-11 18:25:05 16384 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\~DF5EE6.tmp
2008-04-11 18:47:29 16384 --a------ C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\~DFEB60.tmp
2008-04-11 18:47:29 512 --a-----t C:\DOCUME~1\Pfiztner\LOCALS~1\Temp\~DFF08A.tmp
2008-04-09 02:20:25 0 d-------- C:\WINDOWS\temp\slu20.tmp
2008-04-10 05:49:36 0 d-------- C:\WINDOWS\temp\slu6e5c.tmp
2008-04-10 22:46:44 0 d-------- C:\WINDOWS\temp\slu78d5.tmp
2008-04-11 19:04:39 43 --a------ C:\WINDOWS\temp\WGAErrLog.txt
2008-04-11 17:46:27 373 --a------ C:\WINDOWS\temp\WGANotify.settings
2008-03-25 18:13:04 124208 --a------ C:\WINDOWS\Downloaded Program Files\as2stubie.dll <Verified; Panda Security; Panda ActiveScan 2.0>
2007-07-18 13:49:56 12592 --a------ C:\WINDOWS\Downloaded Program Files\libcomm.dll <Verified; Panda Software International; libcomm Dynamic Link Library>
2007-09-04 15:59:42 380144 --a------ C:\WINDOWS\Downloaded Program Files\sabspx.dll <Verified; SuperAdBlocker.com; Process Scanner>
2006-12-06 09:11:48 224768 --a------ C:\WINDOWS\Downloaded Program Files\symdlmgr.dll <Not Verified; Symantec Corporation; Symantec Shared Components>
2007-05-16 08:22:06 166512 --a------ C:\WINDOWS\Downloaded Program Files\gp.ocx <Verified; NOS Microsystems Ltd.; getPlus®>
2007-10-31 14:03:14 2629248 --a------ C:\WINDOWS\Downloaded Program Files\MySpaceUploader.ocx <Verified; MySpace, Inc.; MySpace Image Uploader>
-*- End of Logfile -*-