Here is the log files and I still have popup.
Deckard's System Scanner v20071014.68
Run by Lupe Diaz on 2008-05-28 11:37:06
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 3 Restore Point(s) --
3: 2008-05-28 18:37:11 UTC - RP9 - Deckard's System Scanner Restore Point
2: 2008-05-28 15:34:49 UTC - RP8 - Last good restore point
1: 2008-05-28 15:34:39 UTC - RP7 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 76% (more than 75%).Total Physical Memory: 254 MiB (512 MiB recommended).-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-28 11:38:17
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\services.exe
C:\WINDOWS\SYSTEM32\lsass.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SYSTEM32\lexbces.exE
C:\WINDOWS\SYSTEM32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\SYSTEM32\ctfmon.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\LogMeIn\x86\ramaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Lupe Diaz\Desktop\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL =
http://www.microsoft...amp;ar=iesearchR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://msn.comR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVShExt.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\GetFlash.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\GetFlash.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
https://eagent.farmersinsurance.com (HKCU)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX) -
https://eagent.farme...ctiveX/smsx.cabO16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoft...s/as2stubie.cabO16 - DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} (ActiveReports Viewer2) -
http://ml.sitexdata....ult/arview2.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macr...ash/swflash.cabO18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\SYSTEM32\lexbces.exE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\ramaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\SYSTEM32\NMSSvc.Exe
O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe
--
End of file - 5613 bytes
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 ASCC - c:\windows\system32\drivers\ascc.sys
R2 NetAlrt - c:\windows\system32\drivers\netalrt.sys <Not Verified; Intel Corporation; Intel Alert on LAN® 2>
R2 PlatAlrt - c:\windows\system32\drivers\platalrt.sys <Not Verified; Intel Corporation; Intel Alert on LAN® 2>
S1 SAVRT - c:\program files\norton antivirus\savrt.sys (file missing)
S1 SAVRTPEL - c:\program files\norton antivirus\savrtpel.sys (file missing)
S3 EntDrv51 - c:\windows\system32\drivers\entdrv51.sys (file missing)
S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)
S3 NMSCFG (NIC Management Service Configuration Driver) - c:\windows\system32\drivers\nmscfg.sys <Not Verified; Intel Corporation; Intel® NMSCFG Driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 ASFAgent (ASF Agent) - c:\program files\intel\asf agent\asfagent.exe <Not Verified; Intel Corporation; Intel® PRO Alerting Suite ASF 1.0 Compatible>
S3 NMSSvc (Intel® NMS) - c:\windows\system32\nmssvc.exe <Not Verified; Intel Corporation; NMS>
S4 SAVScan - "c:\program files\norton antivirus\savscan.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-05-23 20:00:02 538 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Lupe Diaz.job
-- Files created between 2008-04-28 and 2008-05-28 -----------------------------
2008-05-27 14:24:42 48 --a------ C:\WINDOWS\CwbRmDir.bat
2008-05-24 10:26:11 0 d-------- C:\WINDOWS\system32\scripting
2008-05-24 10:26:10 0 d-------- C:\WINDOWS\l2schemas
2008-05-24 10:26:09 0 d-------- C:\WINDOWS\system32\en
2008-05-24 10:21:51 0 d-------- C:\WINDOWS\network diagnostic
2008-05-24 09:21:06 0 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-05-23 21:48:43 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Templates
2008-05-23 21:48:43 0 dr------- C:\Documents and Settings\LogMeInRemoteUser\Start Menu
2008-05-23 21:48:43 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser\SendTo
2008-05-23 21:48:43 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser\Recent
2008-05-23 21:48:43 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\PrintHood
2008-05-23 21:48:43 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\NetHood
2008-05-23 21:48:43 0 dr------- C:\Documents and Settings\LogMeInRemoteUser\My Documents
2008-05-23 21:48:43 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Local Settings
2008-05-23 21:48:43 0 dr------- C:\Documents and Settings\LogMeInRemoteUser\Favorites
2008-05-23 21:48:43 0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Desktop
2008-05-23 21:48:43 0 d---s---- C:\Documents and Settings\LogMeInRemoteUser\Cookies
2008-05-23 21:48:43 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser\Application Data
2008-05-23 21:48:43 0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Application Data\Sun
2008-05-23 21:48:43 0 d---s---- C:\Documents and Settings\LogMeInRemoteUser\Application Data\Microsoft
2008-05-23 21:48:43 0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Application Data\Identities
2008-05-23 21:48:42 786432 --ah----- C:\Documents and Settings\LogMeInRemoteUser\NTUSER.DAT
2008-05-23 16:23:21 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-05-23 15:13:31 0 d-------- C:\WINDOWS\peernet
2008-05-23 15:13:30 0 d-------- C:\WINDOWS\provisioning
2008-05-23 15:11:42 0 d-------- C:\WINDOWS\ServicePackFiles
2008-05-23 15:05:38 0 d-------- C:\WINDOWS\EHome
2008-05-23 15:02:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-05-23 14:54:21 0 d-------- C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-05-23 14:53:48 0 d-------- C:\Program Files\LogMeIn
2008-05-23 14:00:54 0 d-------- C:\Documents and Settings\Lupe Diaz\Application Data\Adobe
2008-05-23 13:38:01 0 d-------- C:\Documents and Settings\Lupe Diaz\.SunDownloadManager
2008-05-23 11:35:26 0 d-------- C:\Program Files\Panda Security
2008-05-23 10:27:28 0 d--hs---- C:\FOUND.002
2008-05-23 09:20:31 0 d-------- C:\Documents and Settings\Lupe Diaz\Application Data\Malwarebytes
2008-05-23 09:20:07 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-23 09:20:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-23 09:19:52 0 d-------- C:\Program Files\Common Files\Download Manager
2008-05-23 08:40:12 0 d-------- C:\Download
2008-05-23 08:30:08 0 d--hs---- C:\FOUND.001
2008-05-23 08:23:44 0 d--hs---- C:\FOUND.000
-- Find3M Report ---------------------------------------------------------------
2008-04-13 17:12:36 7680 --a------ C:\WINDOWS\system32\spdwnwxp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-05 14:24:44 0 --a------ C:\WINDOWS\ORUN32.EXE
2008-03-05 14:24:42 0 --a------ C:\WINDOWS\LRUN32.EXE
2008-03-05 14:24:40 0 --a------ C:\WINDOWS\system32\CWBVIEWR.EXE
2008-03-05 14:24:38 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [02/28/2008 03:31 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 11:56 PM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"FlashPlayerUpdate"=C:\WINDOWS\System32\Macromed\Flash\GetFlash.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 05/19/2008 03:23 PM 87352 C:\WINDOWS\SYSTEM32\LMIinit.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lupe Diaz^Start Menu^Programs^Startup^Deewoo.lnk]
path=C:\Documents and Settings\Lupe Diaz\Start Menu\Programs\Startup\Deewoo.lnk
backup=C:\WINDOWS\pss\Deewoo.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lupe Diaz^Start Menu^Programs^Startup^DW_Start.lnk]
path=C:\Documents and Settings\Lupe Diaz\Start Menu\Programs\Startup\DW_Start.lnk
backup=C:\WINDOWS\pss\DW_Start.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lupe Diaz^Start Menu^Programs^Startup^Zeno.lnk]
path=C:\Documents and Settings\Lupe Diaz\Start Menu\Programs\Startup\Zeno.lnk
backup=C:\WINDOWS\pss\Zeno.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lupe Diaz^Start Menu^Programs^Startup^Z_Start.lnk]
path=C:\Documents and Settings\Lupe Diaz\Start Menu\Programs\Startup\Z_Start.lnk
backup=C:\WINDOWS\pss\Z_Start.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aida]
"C:\DOCUME~1\LUPEDI~1\APPLIC~1\SSTEM~1\notepad.exe" -vt ndrv
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access API Daemon]
"C:\Program Files\IBM\Client Access\cwbappcd.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Check Version]
"C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Service]
"C:\Program Files\IBM\Client Access\CwbSvStr.Exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Taskbar]
"C:\Program Files\IBM\Client Access\cwbuitsk.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Welcome Wizard]
C:\Program Files\IBM\Client Access\cwbwiz.exe /I
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\System32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Cleaner]
"C:\Program Files\Registry Cleaner Trial\RegClean.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SOProc_SoRefRegSoAlertWxLiteNnAj]
rundll32 shell32.dll,ShellExec_RunDLL C:\PROGRA~1\SOFTWA~1\soproc.exe -pack SoRefRegSoAlertWxLiteNnAj
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{40-05-50-0D-ZN}]
C:\windows\system32\rodsrego.exe CORN001
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bd355782-e709-11dc-9616-000d568ee327}]
AutoRun\command- E:\LaunchU3.exe
-- End of Deckard's System Scanner: finished at 2008-05-28 11:40:24 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Celeron® CPU 2.40GHz
Percentage of Memory in Use: 68%
Physical Memory (total/avail): 253.99 MiB / 78.8 MiB
Pagefile Memory (total/avail): 625.51 MiB / 421.28 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1918.46 MiB
A: is Removable (No Media)
C: is Fixed (FAT32) - 37.21 GiB total, 28.6 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST340014A - 37.25 GiB - 2 partitions
\PARTITION0 - Unknown - 31.35 MiB
\PARTITION1 (bootable) - Unknown - 37.21 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before install.
Windows Internal Firewall is enabled.
AntivirusOverride is set.
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Lupe Diaz\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=D9M4QW41
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Lupe Diaz
LOGONSERVER=\\D9M4QW41
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\LUPEDI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\LUPEDI~1\LOCALS~1\Temp
USERDOMAIN=D9M4QW41
USERNAME=Lupe Diaz
USERPROFILE=C:\Documents and Settings\Lupe Diaz
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Lupe Diaz
(admin)LogMeInRemoteUser
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Atmosphere Player for Acrobat and Adobe Reader --> C:\WINDOWS\atmoUn.exe
Adobe Flash Player ActiveX --> C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
ccCommon --> MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
Conexant HSF V.9x 56K Data Fax PCI Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2013&SUBSYS_021213E0\HXFSETUP.EXE -U -IVEN_14F1&DEV_2013&SUBSYS_021213E0
Contextual Tool --> C:\WINDOWS\z00098.exe /uninstall
Dell Printer Software Uninstall --> C:\Program Files\Dell\Install\Uninstall.exe
HijackThis 2.0.2 --> "F:\Spyware Removal Tools\HijackThis.exe" /uninstall
Intel® Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
Intel® PRO Ethernet Adapter and Software --> Prounstl.exe
Intel® PROSet II --> MsiExec.exe /I{01A4AEDE-F219-49A2-B855-16A016EAF9A4}
Intel® Pro Alerting Agent, Version 3.2.0 --> MsiExec.exe /I{66B4F24C-BE5D-423A-B56B-4013481F6801}
Intel® PRO Network Adapters WMI Provider (2.0) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C701994-43D2-4B7B-A548-C6E6C224D9A9}\setup.exe"
Java 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
LogMeIn --> MsiExec.exe /I{3E77CC74-82B8-4A2A-9A6C-5E45370E57C4}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Interactive Training --> C:\Program Files\MSPress\Training\lunins32_s.exe
Microsoft Office XP Media Content --> MsiExec.exe /I{90300409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Small Business --> MsiExec.exe /I{91130409-6000-11D3-8CFE-0050048383C9}
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
MSRedist --> MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Norton AntiVirus 2004 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton AntiVirus Parent MSI --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton AntiVirus SYMLT MSI --> MsiExec.exe /I{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Symantec Script Blocking Installer --> MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138}
SymNet --> MsiExec.exe /I{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}
Trafficsector Browser Optimizer --> C:\WINDOWS\System32\newtrafficsector-remove.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type1182 / Error
Event Submitted/Written: 05/27/2008 02:33:29 PM
Event ID/Source: 13 / ccEvtMgr
Event Description:
ccEvtMgr: Failed to create the Trust Module.
Event Record #/Type1181 / Warning
Event Submitted/Written: 05/27/2008 02:33:29 PM
Event ID/Source: 13 / ccEvtMgr
Event Description:
ccEvtMgr: Loaded the default configuration settings.
Event Record #/Type1180 / Error
Event Submitted/Written: 05/27/2008 02:33:29 PM
Event ID/Source: 13 / ccEvtMgr
Event Description:
ccEvtMgr: Failed to load the configuration settings.
Event Record #/Type1179 / Error
Event Submitted/Written: 05/27/2008 02:33:29 PM
Event ID/Source: 13 / ccEvtMgr
Event Description:
ccEvtMgr: Settings server is not installed.
Event Record #/Type1138 / Error
Event Submitted/Written: 05/25/2008 07:14:27 PM
Event ID/Source: 1024 / MsiInstaller
Event Description:
Product: Microsoft Office XP Small Business - Update '{DA256408-A2E7-41A5-8AD6-62ACB86A0FD7}' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support:
http://go.microsoft....k/?LinkId=23127-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type4282 / Error
Event Submitted/Written: 05/28/2008 11:28:01 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
SAVRT
SAVRTPEL
Event Record #/Type4281 / Error
Event Submitted/Written: 05/28/2008 11:27:57 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Upload Manager service failed to start due to the following error:
%%1079
Event Record #/Type4280 / Error
Event Submitted/Written: 05/28/2008 11:27:57 AM
Event ID/Source: 7024 / Service Control Manager
Event Description:
The Symantec Settings Manager service terminated with service-specific error 4294967295 (0xFFFFFFFF).
Event Record #/Type4271 / Warning
Event Submitted/Written: 05/28/2008 11:02:53 AM
Event ID/Source: 4 / E100B
Event Description:
Adapter Intel® PRO/100 M Network Connection: Adapter Link Down
Event Record #/Type4267 / Warning
Event Submitted/Written: 05/28/2008 11:01:38 AM
Event ID/Source: 4 / E100B
Event Description:
Adapter Intel® PRO/100 M Network Connection: Adapter Link Down
-- End of Deckard's System Scanner: finished at 2008-05-28 11:40:24 ------------
Thank You..............