Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer is really bad, cant do anything, popups, no internet. [RESOLV


  • This topic is locked This topic is locked

#1
mewsick75

mewsick75

    Member

  • Member
  • PipPipPip
  • 258 posts
Hello,
My computer is in really bad shape. I ran Super antispyware but it wouldn't let me open the log when it was done so I cant post it here. I cant connect to the internet because it just takes over every browser page I open. The machine runs slow and there are pop-ups everywhere. I was able to get the HijackThis log off the machine and brought it to my other computer. So here is the log. Any help withthis problem would be awesome. I will wait for your reply.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:42:43 PM, on 6/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ScsiAccess.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
C:\WINDOWS\system32\1028u.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Documents and Settings\alan\Application Data\Microsoft\dtsc\7716.exe
C:\WINDOWS\system32\DOBE~1\dvdplay.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\svchost.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\alan\Desktop\Norwich\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\spywarewarning.mht
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {C3F50901-871A-4650-85D8-9D53E2534A3B} - C:\Program Files\Pink Ribbon Toolbar\Helper.dll
R3 - URLSearchHook: (no name) - - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Pink Ribbon Toolbar - {68C70CAA-478A-4E77-ADF7-A4566A68B4AE} - C:\Program Files\Pink Ribbon Toolbar\Toolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,[email protected]
O4 - HKLM\..\Run: [IEUpdate] C:\WINDOWS\system32\1028u.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [54b55bfe] rundll32.exe "C:\WINDOWS\system32\bxixoiex.dll",b
O4 - HKLM\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1028u.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\WinUpdater\update.exe" /background
O4 - HKCU\..\Run: [Microsoft Windows Installer] C:\Documents and Settings\alan\Application Data\Microsoft\dtsc\7716.exe
O4 - HKCU\..\Run: [Uaol] "C:\WINDOWS\system32\DOBE~1\dvdplay.exe" -vt yazb
O4 - HKCU\..\Run: [Xrxncau] "C:\Program Files\?dobe\?hkntfs.exe"
O4 - HKCU\..\Run: [A00F99AEC.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F99AEC.exe
O4 - HKCU\..\Run: [IEUpdate] C:\WINDOWS\system32\1028u.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [A00F89478.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F89478.exe
O4 - HKCU\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1028u.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\rwwnw64d.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alan\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alan\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab55579.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/...dy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/...xy.cab55579.cab
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (MSN Games – Backgammon) - http://zone.msn.com/...on.cab64162.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 10656 bytes
  • 0

Advertisements


#2
Chopin

Chopin

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,639 posts
Look at the next post :)

Edited by Fredil, 21 June 2008 - 02:53 PM.

  • 0

#3
Chopin

Chopin

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,639 posts
Hello mewsick75, if you still need help, please perform the following step :)

1. Run ComboFix
------------------------------------------------

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Please, never rename Combofix unless instructed.
  • Close any open internet browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**
  • 0

#4
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts
Unfortunately that didnt work. It wouldn't run at all!! The screen keeps flashing and reseting in Windows with a program that wont let anything run. I even tried Safe mode and that just comes up Black and never loads the actual desktop. Any other ideas???
  • 0

#5
Chopin

Chopin

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,639 posts
Hello mewsick75, that is quite odd. However, we are by no means out of options :)

1. Clean Temporary Files
------------------------------------------------

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

2. Scan with Kaspersky WebScanner
------------------------------------------------

Please do an online scan with Kaspersky WebScanner

Click on Accept

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

  • 0

#6
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts
I could do ATF but I could not get to the website, it just wouldnt let me get there. Whats next???
  • 0

#7
Chopin

Chopin

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,639 posts
Hello mewsick75, I feel stupid today :) Please perform this, it should work properly.

1. Update Java
------------------------------------------------

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 5 and save it to your desktop.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 5...allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Read the License Agreement and then check the box that says: "Accept License Agreement". The page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u5-windows-i586-p.exe to install the newest version.
2. Scan with Kaspersky WebScanner
------------------------------------------------

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure the following is checked.
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.

  • 0

#8
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts
I got java on there but still can not get to Kaspersky. What next???
  • 0

#9
Chopin

Chopin

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,639 posts
What happens when you try to get to Kaspersky?
  • 0

#10
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts
The browser always redirects to either google or some adult dating site or some weird google site. And when I do a google search, It brings back the result but when you click on the link it redirects it or an empty browser window appears. Eventually everything freezes up.
  • 0

Advertisements


#11
Chopin

Chopin

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,639 posts
Sounds like browser hijacking. Let's try this, then, since probably none of the online scans will work.

1. Re-scan with DSS
------------------------------------------------

Please go to Start > Run. In the box that appears, carefully copy and paste the following:

"%userprofile%\Desktop\dss.exe" /config

In addition to the default checked items, check "Hosts file" and click "Scan!" DSS will produce main.txt only, please post it back :)

2. Scan with AVG Anti-Spyware
------------------------------------------------

You may want to save this page as an HTML file or copy the contents of this page to a Notepad or Word document as this part of our fix requires you to boot into Safe Mode, and you will not have Internet access.

First download AVG Anti-Spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select ""Do no automatically generate report""
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
    IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.

Edited by Fredil, 26 June 2008 - 05:17 PM.
typo

  • 0

#12
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts
When I typed:
"%userprofile%\Desktop\dss.exe" /config
I got the message: Windows can not find "%userprofile%\Desktop\dss.exe" /config

I ran AVG but I could not run the update because it failed.
Here is the log:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:23:48 AM 6/27/2008

+ Scan result:



HKLM\SOFTWARE\Classes\WR -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo -> Adware.Generic : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP542\A0043690.exe -> Downloader.VB.aya : Cleaned with backup (quarantined).
C:\Program Files\DIGStream\digstream.exe -> Not-A-Virus.Downloader.Win32.DigStream : Cleaned with backup (quarantined).


::Report end


What next??? Are we making any progress????
  • 0

#13
Chopin

Chopin

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,639 posts
Hello mewsick75, we are making some progress but not as much as I would have liked to see. Let's get another scan that hopefully will give us more information about what's going on here.

1. Deckard's System Scanner
------------------------------------------------

Please download Deckard's System Scanner (DSS) and save it to your Desktop. Close ALL open windows before running the scan.

Note: This program will clear your temporary files.

  • On the first run, Deckard's System Scanner will provide you with two warnings. Press "OK" and allow DSS to scan.
  • The entire scanning process will take about five minutes, often less.
  • During the scan you may get warnings about sigcheck.exe trying to access the Internet; please make sure you allow it to do so.
  • Your antivirus may also warn you about nircmd.exe; please make sure you do not delete nircmd.exe as it will cause DSS to malfunction.
  • Once the scan is complete, you will get two logfiles - a main.txt (which you see) and an extra.txt (which is minimized). Copy the contents of both into a reply.
On subsequent runs, DSS will only provide a significantly shortened main.txt and not an extra.txt.
  • 0

#14
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts
Here are both logs:

Deckard's System Scanner v20071014.68
Run by alan on 2008-06-27 18:45:10
Computer is in Safe Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; computer is in safe mode.


-- Last 5 Restore Point(s) --
69: 2008-06-27 04:58:29 UTC - RP550 - System Checkpoint
68: 2008-06-26 03:29:51 UTC - RP549 - System Checkpoint
67: 2008-06-25 02:43:45 UTC - RP548 - Installed Java™ 6 Update 6
66: 2008-06-25 02:15:04 UTC - RP547 - Removed Java 2 Runtime Environment, SE v1.4.2_03
65: 2008-06-25 00:39:29 UTC - RP546 - Removed EarthLink setup files


-- First Restore Point --
1: 2008-05-24 18:49:37 UTC - RP482 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as alan.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:47:27 PM, on 6/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\alan\Desktop\dss.exe
C:\DOCUME~1\alan\Desktop\Norwich\alan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\spywarewarning.mht
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {23433E63-E648-4383-A09B-D4527E8E6D55} - C:\WINDOWS\system32\vtUlLBsq.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: (no name) - {521BEBD7-2DF8-449B-BAE9-1EF6D05F4AF6} - C:\WINDOWS\system32\efcYOfGy.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: {3deee18c-4914-82ca-c7b4-e3715504c0f5} - {5f0c4055-173e-4b7c-ac28-4194c81eeed3} - C:\WINDOWS\system32\xgnxydsw.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {995CB5A5-6176-4AE5-A3A7-4FA8DA83E123} - C:\WINDOWS\system32\ddcbCVNd.dll (file missing)
O2 - BHO: (no name) - {B1A64443-6FCA-41CE-8D51-5F8991257555} - C:\WINDOWS\system32\wvUlmlMg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {FE49E039-06DA-2902-FF49-7BA2979E4CB5} - C:\WINDOWS\system32\uzleuyhj.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,[email protected]
O4 - HKLM\..\Run: [IEUpdate] C:\WINDOWS\system32\1028u.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1028u.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\WinUpdater\update.exe" /background
O4 - HKCU\..\Run: [Microsoft Windows Installer] C:\Documents and Settings\alan\Application Data\Microsoft\dtsc\7716.exe
O4 - HKCU\..\Run: [Uaol] "C:\WINDOWS\system32\DOBE~1\dvdplay.exe" -vt yazb
O4 - HKCU\..\Run: [Xrxncau] "C:\Program Files\?dobe\?hkntfs.exe"
O4 - HKCU\..\Run: [A00F99AEC.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F99AEC.exe
O4 - HKCU\..\Run: [IEUpdate] C:\WINDOWS\system32\1028u.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [A00F89478.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F89478.exe
O4 - HKCU\..\Run: [A00FBD50D.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00FBD50D.exe
O4 - HKCU\..\Run: [A00F79519.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F79519.exe
O4 - HKCU\..\Run: [A00F2755D3.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F2755D3.exe
O4 - HKCU\..\Run: [A00FAF972.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00FAF972.exe
O4 - HKCU\..\Run: [A00F536D1BE.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F536D1BE.exe
O4 - HKCU\..\Run: [Gilwqib] C:\WINDOWS\?ymantec\?explore.exe
O4 - HKCU\..\Run: [A00F194F7.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F194F7.exe
O4 - HKCU\..\Run: [A00FE609A.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00FE609A.exe
O4 - HKCU\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1028u.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\rwwnw64d.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alan\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alan\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab55579.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/...dy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/...xy.cab55579.cab
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (MSN Games – Backgammon) - http://zone.msn.com/...on.cab64162.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL iuoilcsp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: wvUlmlMg - C:\WINDOWS\SYSTEM32\wvUlmlMg.dll
O20 - Winlogon Notify: __c00D446 - C:\WINDOWS\system32\__c00D446.dat
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 10649 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

S1 drmkk - c:\windows\system32\drivers\drmkk.sys
S1 MPFIREWL - c:\windows\system32\drivers\mpfirewall.sys <Not Verified; McAfee; McAfee Personal Firewall>
S1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
S1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
S2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 MskService (McAfee SpamKiller Server) - c:\progra~1\mcafee\spamki~1\msksrvr.exe <Not Verified; McAfee Inc.; McAfee SpamKiller>
S2 ScsiAccess - c:\windows\system32\scsiaccess.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-27 18:38:04 348 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (ALSPC64-alan).job


-- Files created between 2008-05-27 and 2008-06-27 -----------------------------

2008-06-27 00:41:15 24576 --a------ C:\WINDOWS\system32\__c0095E44.dat
2008-06-27 00:41:13 37888 --a------ C:\WINDOWS\system32\ttnbilri.exe
2008-06-27 00:38:25 84944 --a------ C:\WINDOWS\system32\wsaptsnf.dll
2008-06-27 00:37:59 107968 --a------ C:\WINDOWS\system32\xgnxydsw.dll
2008-06-27 00:34:59 91568 --a------ C:\WINDOWS\system32\uidhleib.dll
2008-06-27 00:32:41 91568 --a------ C:\WINDOWS\system32\lpgwhlmq.dll
2008-06-27 00:31:46 629993 --ahs---- C:\WINDOWS\system32\yGfOYcfe.ini2
2008-06-27 00:31:43 314832 --a------ C:\WINDOWS\system32\efcYOfGy.dll
2008-06-26 23:20:17 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-26 23:00:56 0 d-------- C:\Documents and Settings\alan\Application Data\Grisoft
2008-06-26 23:00:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-06-26 22:57:08 107968 --a------ C:\WINDOWS\system32\euhbrxfk.dll
2008-06-26 22:57:06 84944 --a------ C:\WINDOWS\system32\blldixpv.dll
2008-06-26 22:56:06 24576 --a------ C:\WINDOWS\system32\__c00724A6.dat
2008-06-26 22:56:00 37888 --a------ C:\WINDOWS\system32\ptwfdsdk.exe
2008-06-26 22:55:49 91568 --a------ C:\WINDOWS\system32\libwvhih.dll
2008-06-26 22:50:35 91568 --a------ C:\WINDOWS\system32\yaotnydd.dll
2008-06-26 00:10:47 0 d-------- C:\WINDOWS\?ymantec
2008-06-26 00:10:41 60928 --a------ C:\WINDOWS\system32\uzleuyhj.dll
2008-06-25 23:43:26 24576 --a------ C:\WINDOWS\system32\__c002CAFA.dat
2008-06-25 23:43:25 37888 --a------ C:\WINDOWS\system32\idmdknsn.exe
2008-06-25 23:40:25 107936 --a------ C:\WINDOWS\system32\ybftqrxi.dll
2008-06-25 23:37:25 84880 --a------ C:\WINDOWS\system32\xamdeqpq.dll
2008-06-25 23:34:24 91472 --a------ C:\WINDOWS\system32\qehqoqsd.dll
2008-06-25 00:05:58 0 d-------- C:\Program Files\Common Files\W?nSxS
2008-06-24 23:40:24 101728 --a------ C:\WINDOWS\system32\nhjqbkxv.dll
2008-06-24 23:37:26 24576 --a------ C:\WINDOWS\system32\__c007D68E.dat
2008-06-24 23:37:24 37888 --a------ C:\WINDOWS\system32\aypjnjlg.exe
2008-06-24 23:32:05 91488 --a------ C:\WINDOWS\system32\ksacrldu.dll
2008-06-24 23:15:36 24576 --a------ C:\WINDOWS\system32\__c0046310.dat
2008-06-24 23:15:34 37888 --a------ C:\WINDOWS\system32\nkslxptb.exe
2008-06-24 23:13:45 84864 --a------ C:\WINDOWS\system32\ltwdsxfq.dll
2008-06-24 23:13:02 101728 --a------ C:\WINDOWS\system32\mdkwgyjy.dll
2008-06-24 23:12:55 91488 --a------ C:\WINDOWS\system32\alhcdxli.dll
2008-06-24 22:43:49 0 d-------- C:\Program Files\Common Files\Java
2008-06-24 20:43:17 0 d-------- C:\Documents and Settings\alan\Application Data\uTorrent
2008-06-23 23:17:11 591 --a------ C:\xcrashdump.dat
2008-06-23 23:17:11 107872 --a------ C:\WINDOWS\system32\iuoilcsp.dll
2008-06-23 23:14:40 24576 --a------ C:\WINDOWS\system32\__c0068D44.dat
2008-06-23 23:14:38 37888 --a------ C:\WINDOWS\system32\hnqqnggo.exe
2008-06-23 23:12:26 84848 --a------ C:\WINDOWS\system32\vicnrljv.dll
2008-06-23 23:12:19 91488 --a------ C:\WINDOWS\system32\kvuwonbl.dll
2008-06-23 23:10:46 0 d-------- C:\WINDOWS\system32\?ecurity
2008-06-23 23:10:46 0 d-------- C:\Program Files\Outerinfo
2008-06-18 21:45:30 101712 --a------ C:\WINDOWS\system32\kquwpaal.dll
2008-06-18 21:45:29 84848 --a------ C:\WINDOWS\system32\xxcxaxiu.dll
2008-06-18 21:43:12 24576 --a------ C:\WINDOWS\system32\__c005F675.dat
2008-06-18 21:43:11 90368 --a------ C:\WINDOWS\system32\wbwkhrqq.dll
2008-06-18 21:43:11 37888 --a------ C:\WINDOWS\system32\lshdhtdk.exe
2008-06-18 21:39:39 24576 --a------ C:\WINDOWS\system32\__c00A7C46.dat
2008-06-18 21:39:38 37888 --a------ C:\WINDOWS\system32\naplmvrx.exe
2008-06-18 21:39:33 101712 --a------ C:\WINDOWS\system32\mmtjrhpl.dll
2008-06-18 21:37:50 90368 --a------ C:\WINDOWS\system32\npvrfgjf.dll
2008-06-18 20:15:15 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-18 20:14:59 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-18 20:14:57 0 d-------- C:\Documents and Settings\alan\Application Data\SUPERAntiSpyware.com
2008-06-18 20:14:36 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-18 19:35:12 0 d-------- C:\WINDOWS\pss
2008-06-18 19:27:24 84848 --a------ C:\WINDOWS\system32\xsbskvwg.dll
2008-06-18 19:27:24 24576 --a------ C:\WINDOWS\system32\__c00D446.dat
2008-06-18 19:27:23 37888 --a------ C:\WINDOWS\system32\kmwcybdw.exe
2008-06-18 19:25:02 101712 --a------ C:\WINDOWS\system32\yvmfxsnm.dll
2008-06-18 19:25:02 90368 --a------ C:\WINDOWS\system32\vbcofhjh.dll
2008-06-18 19:22:44 90368 --a------ C:\WINDOWS\system32\cqhrlxxk.dll
2008-06-18 19:21:58 0 d-------- C:\WINDOWS\system32\LogFiles


-- Find3M Report ---------------------------------------------------------------

2008-06-26 23:03:26 641168 --ahs---- C:\WINDOWS\system32\qsBLlUtv.ini2
2008-06-26 22:54:34 0 d-------- C:\Program Files\?dobe
2008-06-25 00:05:58 0 d-------- C:\Program Files\Common Files
2008-06-25 00:05:58 0 d-------- C:\Program Files\Common Files\W?nSxS
2008-06-24 22:44:35 0 d-------- C:\Program Files\Java
2008-06-24 20:38:02 0 d-------- C:\Program Files\Common Files\AOL
2008-06-24 20:36:00 0 d-------- C:\Program Files\PopCap Games
2008-06-23 23:11:34 659773 --ahs---- C:\WINDOWS\system32\FiRqqXyb.ini2
2008-06-18 21:48:03 0 d-------- C:\Program Files\Spyware Doctor
2008-06-18 20:11:16 903976 --ahs---- C:\WINDOWS\system32\FhQpWvut.ini2
2008-06-18 19:25:35 0 d-------- C:\Program Files\Google
2008-06-18 19:21:55 0 d-------- C:\Program Files\Dl_cats
2008-05-26 12:37:28 200704 --a------ C:\WINDOWS\system32\vuowsbwn.dll
2008-05-26 12:34:54 83216 --a------ C:\WINDOWS\system32\ndmofcru.dll
2008-05-26 12:34:27 2560 --a------ C:\WINDOWS\system32\dpykvvru.exe
2008-05-26 12:32:31 100672 --a------ C:\WINDOWS\system32\lxwyublv.dll
2008-05-26 12:32:19 90896 --a------ C:\WINDOWS\system32\vgrghgnj.dll
2008-05-26 09:50:27 166 ---h----- C:\WINDOWS\popcreg.dat
2008-05-26 09:50:27 34 --a------ C:\WINDOWS\popcinfot.dat
2008-05-26 08:14:12 83216 --a------ C:\WINDOWS\system32\faeaftyl.dll
2008-05-26 08:14:11 2560 --a------ C:\WINDOWS\system32\kapqfujx.exe
2008-05-26 08:11:12 100672 --a------ C:\WINDOWS\system32\ucaorern.dll
2008-05-26 08:08:52 90896 --a------ C:\WINDOWS\system32\ctnjgfyj.dll
2008-05-26 08:08:09 315168 --a------ C:\WINDOWS\system32\byXqqRiF.dll
2008-05-25 18:43:09 0 d-------- C:\Documents and Settings\alan\Application Data\Help
2008-05-25 18:05:27 100608 --a------ C:\WINDOWS\system32\mluevktp.dll
2008-05-25 18:02:26 2560 --a------ C:\WINDOWS\system32\hqbflmfq.exe
2008-05-25 17:57:07 90896 --a------ C:\WINDOWS\system32\dklaistf.dll
2008-05-25 17:56:25 315136 --a------ C:\WINDOWS\system32\vtUlLBsq.dll
2008-05-25 15:04:02 0 d-------- C:\Program Files\QdrModule
2008-05-25 15:00:52 0 d-------- C:\Documents and Settings\alan\Application Data\PC Tools
2008-05-25 14:50:00 0 d-------- C:\Program Files\SpywareIsolator
2008-05-25 14:48:54 100608 --a------ C:\WINDOWS\system32\fqqdohnq.dll
2008-05-25 14:46:41 2560 --a------ C:\WINDOWS\system32\kyfqjckn.exe
2008-05-25 14:46:34 90896 --a------ C:\WINDOWS\system32\uhuckchs.dll
2008-05-25 14:45:49 315136 --a------ C:\WINDOWS\system32\tuvWpQhF.dll
2008-05-25 14:18:31 909074 --ahs---- C:\WINDOWS\system32\dNVCbcdd.ini2
2008-05-25 13:57:31 2560 --a------ C:\WINDOWS\system32\dchqqigf.exe
2008-05-25 13:51:31 100608 --a------ C:\WINDOWS\system32\myjymavu.dll
2008-05-25 13:49:11 90896 --a------ C:\WINDOWS\system32\yhnragoq.dll
2008-05-25 13:49:06 0 d-------- C:\Program Files\Activision Value
2008-05-25 13:46:18 90896 --a------ C:\WINDOWS\system32\bpvkeimc.dll
2008-05-25 13:45:35 315136 -----n--- C:\WINDOWS\system32\vtUomMEU.dll
2008-05-25 07:56:43 83280 --a------ C:\WINDOWS\system32\qtavgini.dll
2008-05-25 07:54:34 100624 --a------ C:\WINDOWS\system32\gnerhaio.dll
2008-05-25 07:54:33 2560 --a------ C:\WINDOWS\system32\ndxtgcys.exe
2008-05-25 07:54:27 90960 --a------ C:\WINDOWS\system32\xwfotivf.dll
2008-05-25 00:20:25 2560 --a------ C:\WINDOWS\system32\aiubhfon.exe
2008-05-25 00:18:13 100624 --a------ C:\WINDOWS\system32\htpkntau.dll
2008-05-25 00:18:05 90960 --a------ C:\WINDOWS\system32\pabjnrfq.dll
2008-05-25 00:17:21 315120 -----n--- C:\WINDOWS\system32\pmnoOIby.dll
2008-05-24 17:46:52 2516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-05-24 17:46:52 56 -r-hs---- C:\WINDOWS\system32\EF22042C3C.sys
2008-05-24 16:28:32 2560 --a------ C:\WINDOWS\system32\dvmurdgl.exe
2008-05-24 16:28:31 100624 --a------ C:\WINDOWS\system32\eckeieqr.dll
2008-05-24 16:28:30 83280 -----n--- C:\WINDOWS\system32\kthywbre.dll
2008-05-24 16:26:11 90960 --a------ C:\WINDOWS\system32\wbvagtdl.dll
2008-05-24 16:24:52 83280 --a------ C:\WINDOWS\system32\tojtsnch.dll
2008-05-24 16:21:52 100624 --a------ C:\WINDOWS\system32\kxmuaisk.dll
2008-05-24 16:19:33 90960 --a------ C:\WINDOWS\system32\sdmekwyd.dll
2008-05-24 14:52:33 83280 --a------ C:\WINDOWS\system32\qtslvqtp.dll
2008-05-24 14:52:29 100624 --a------ C:\WINDOWS\system32\fbyewvck.dll
2008-05-24 14:50:24 2560 --a------ C:\WINDOWS\system32\ubgmpnfg.exe
2008-05-24 14:50:17 90960 --a------ C:\WINDOWS\system32\dtydfwem.dll
2008-05-24 14:41:36 0 d-------- C:\Program Files\Microsoft Games
2008-05-24 14:04:43 901418 --ahs---- C:\WINDOWS\system32\VCfLkUvw.ini2
2008-05-24 12:19:05 668 --ahs---- C:\WINDOWS\system32\ffPWDfii.ini2
2008-05-24 11:26:26 0 d-------- C:\Documents and Settings\alan\Application Data\Microsoft Games
2008-05-24 11:25:44 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-24 11:10:57 347 --ahs---- C:\WINDOWS\system32\mlmpqBeg.ini2
2008-05-24 11:10:56 315120 --a------ C:\WINDOWS\system32\geBqpmlm.dll
2008-05-24 11:07:43 130048 -rahs---- C:\WINDOWS\system32\1028u.exe
2008-05-24 11:05:55 0 d-------- C:\Program Files\uTorrent
2008-05-24 11:05:48 26384 --a------ C:\WINDOWS\system32\wvUlmlMg.dll
2008-05-24 11:05:46 0 d-------- C:\Program Files\ISM
2008-05-24 00:20:40 8780 --a------ C:\WINDOWS\system32\000080.exe
2008-05-22 15:23:40 229516 --a------ C:\WINDOWS\system32\000090.exe
2008-05-17 01:29:20 226698 --a------ C:\WINDOWS\system32\000060.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{23433E63-E648-4383-A09B-D4527E8E6D55}]
05/25/2008 05:56 PM 315136 --a------ C:\WINDOWS\system32\vtUlLBsq.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{521BEBD7-2DF8-449B-BAE9-1EF6D05F4AF6}]
06/27/2008 12:31 AM 314832 --a------ C:\WINDOWS\system32\efcYOfGy.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5f0c4055-173e-4b7c-ac28-4194c81eeed3}]
06/27/2008 12:38 AM 107968 --a------ C:\WINDOWS\system32\xgnxydsw.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{995CB5A5-6176-4AE5-A3A7-4FA8DA83E123}]
C:\WINDOWS\system32\ddcbCVNd.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B1A64443-6FCA-41CE-8D51-5F8991257555}]
05/24/2008 11:05 AM 26384 --a------ C:\WINDOWS\system32\wvUlmlMg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FE49E039-06DA-2902-FF49-7BA2979E4CB5}]
05/29/2008 02:34 PM 60928 --a------ C:\WINDOWS\system32\uzleuyhj.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [09/29/2005 02:01 PM]
"SigmatelSysTrayApp"="stsystra.exe" [03/22/2005 11:20 PM C:\WINDOWS\stsystra.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [08/05/2005 09:05 PM]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [06/10/2005 10:44 AM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [06/10/2005 10:44 AM]
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [07/08/2005 06:18 PM]
"OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [08/11/2005 10:02 PM]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [09/22/2005 06:29 PM]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [01/11/2006 12:05 PM]
"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [08/12/2005 04:16 PM]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [09/08/2005 05:20 AM]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [09/26/2005 10:26 AM]
"VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [08/10/2005 12:49 PM]
"MPFExe"="C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" [11/11/2005 05:00 PM]
"DLCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [09/14/2005 12:50 AM]
"IEUpdate"="C:\WINDOWS\system32\1028u.exe" [05/24/2008 11:07 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [03/15/2007 11:09 AM]
"WinUpdater"="C:\Program Files\WinUpdater\update.exe" [07/29/2007 02:11 PM]
"Microsoft Windows Installer"="C:\Documents and Settings\alan\Application Data\Microsoft\dtsc\7716.exe" [05/24/2008 11:05 AM]
"Uaol"="C:\WINDOWS\system32\DOBE~1\dvdplay.exe" [05/24/2008 11:06 AM]
"Xrxncau"="C:\Program Files\?dobe\?hkntfs.exe" []
"A00F99AEC.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F99AEC.exe" []
"IEUpdate"="C:\WINDOWS\system32\1028u.exe" [05/24/2008 11:07 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02/27/2007 11:39 AM]
"A00F89478.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F89478.exe" []
"A00FBD50D.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00FBD50D.exe" []
"A00F79519.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F79519.exe" []
"A00F2755D3.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F2755D3.exe" []
"A00FAF972.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00FAF972.exe" []
"A00F536D1BE.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F536D1BE.exe" []
"Gilwqib"="C:\WINDOWS\?ymantec\?explore.exe" [05/29/2008 02:35 PM]
"A00F194F7.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F194F7.exe" []
"A00FE609A.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00FE609A.exe" []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices]
"IEUpdate"=C:\WINDOWS\system32\1028u.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"IEUpdate"=C:\WINDOWS\system32\1028u.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B1A64443-6FCA-41CE-8D51-5F8991257555}"= C:\WINDOWS\system32\wvUlmlMg.dll [05/24/2008 11:05 AM 26384]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 02/27/2007 11:39 AM 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvUlmlMg]
wvUlmlMg.dll 05/24/2008 11:05 AM 26384 C:\WINDOWS\system32\wvUlmlMg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__c00D446]
C:\WINDOWS\system32\__c00D446.dat 06/27/2008 12:26 AM 24576 C:\WINDOWS\system32\__c00D446.dat

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL iuoilcsp.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\efcYOfGy
"IEUpdate"= C:\WINDOWS\system32\1028u.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk
backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlccmon.exe]
"C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
C:\Program Files\Dell\Media Experience\DMXLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
"C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IEUpdate]
C:\WINDOWS\system32\1028u.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\spywareisolator]
C:\Program Files\SpywareIsolator\spywareisolator.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe

*Newly Created Service* - DCFS2K



-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8520 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-06-27 18:48:43 ------------




Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® D CPU 2.66GHz
CPU 1: Intel® Pentium® D CPU 2.66GHz
Percentage of Memory in Use: 20%
Physical Memory (total/avail): 1022.07 MiB / 807.53 MiB
Pagefile Memory (total/avail): 2461.47 MiB / 2346.98 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1942.21 MiB

C: is Fixed (NTFS) - 69.79 GiB total, 57.68 GiB free.
D: is CDROM (CDFS)
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)

\\.\PHYSICALDRIVE0 - ST3808110AS - 74.5 GiB - 3 partitions
\PARTITION0 - Unknown - 54.88 MiB
\PARTITION1 (bootable) - Installable File System - 69.79 GiB - C:
\PARTITION2 - Unknown - 4.64 GiB

\\.\PHYSICALDRIVE1 - TEAC USB HS-CF Card USB Device

\\.\PHYSICALDRIVE3 - TEAC USB HS-MS Card USB Device

\\.\PHYSICALDRIVE4 - TEAC USB HS-SD Card USB Device

\\.\PHYSICALDRIVE2 - TEAC USB HS-xD/SM USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

FW: McAfee Personal Firewall Plus v (McAfee)
AV: McAfee VirusScan v (McAfee)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"="C:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\alan\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ALSPC64
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\alan
LOGONSERVER=\\ALSPC64
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Roxio Shared\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0407
ProgramFiles=C:\Program Files
PROMPT=$P$G
SAFEBOOT_OPTION=MINIMAL
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\alan\LOCALS~1\Temp
TMP=C:\DOCUME~1\alan\LOCALS~1\Temp
USERDOMAIN=ALSPC64
USERNAME=alan
USERPROFILE=C:\Documents and Settings\alan
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

alan (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /appid=MSK /uninstall=1 /interact=1 /script_proactive=0 /start="c:\PROGRA~1\mcafee.com\agent\uninst\mskremui.dll::uninstall.htm"
--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=mpf /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\mpfrem.ui::uninstall.htm
--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=msc /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui::uninstall.htm
--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=vso /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\vsoremui.dll::uninstall.htm
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
924PLC32 --> MsiExec.exe /I{94721EA3-7EA6-43EA-B99C-A5D0E3C66240}
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Absolute Poker --> C:\Program Files\_uninstallation_info\Absolute Poker\CasinoUninstall.exe
Adobe Acrobat - Reader 6.0.2 Update --> MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
AOLIcon --> MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
aspi --> MsiExec.exe /I{015E4B8A-29B5-4AE3-BD08-38220FADFF4C}
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,[email protected] -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Bookworm Adventures --> "C:\Program Files\Dell Games\Bookworm Adventures\Uninstall.exe"
Bookworm Adventures Deluxe 1.0 --> C:\Program Files\PopCap Games\Bookworm Adventures Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Bookworm Adventures Deluxe\Install.log"
Bookworm Deluxe 1.13 --> C:\Program Files\PopCap Games\Bookworm Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Bookworm Deluxe\Install.log"
CCHelp --> MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Conexant D850 56K V.9x DFVc Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
Corel Photo Album 6 --> MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}
Dell CinePlayer --> MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Game Console --> "C:\Program Files\WildTangent\Apps\Dell Game Console\Uninstall.exe"
Dell Photo AIO Printer 924 --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\dlccUNST.EXE -NOLICENSE
Dell Support Center --> MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Content Portal --> MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Documentation & Support Launcher --> MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}
EducateU --> MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
ELIcon --> MsiExec.exe /I{4667B940-BB01-428B-986E-A0CC46497BF7}
ESPNMotion --> C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
ESSAdpt --> MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}
ESSANUP --> MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9}
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCAM --> MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSCT --> MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSTUTOR --> MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567}
ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
Games, Music, & Photos Launcher --> MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}
GemMaster Mystic --> "C:\Program Files\GemMaster\uninstallgemmaster.exe"
Get High Speed Internet! --> MsiExec.exe /I{7A3F0566-5E05-4919-9C98-456F6B5CF831}
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2 --> "C:\Documents and Settings\alan\Desktop\Norwich\HijackThis.exe" /uninstall
HLPCCTR --> MsiExec.exe /I{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}
HLPIndex --> MsiExec.exe /I{78F79C84-BFD5-4D79-A07D-F39A3CF428DC}
HLPPDOCK --> MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
Hoyle Casino 4 --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\CASINO4\Uninst.isu
Intel® PRO Network Connections Drivers --> Prounstl.exe
Intel® PROSet for Wired Connections --> MsiExec.exe /I{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}
Internet Service Offers Launcher --> MsiExec.exe /X{E42BD75A-FC23-4E3F-9F91-2658334C644F}
Internet Speed Monitor --> C:\Program Files\ISM\Uninstall.exe
Jasc Paint Shop Pro Studio, Dell Editon --> MsiExec.exe /I{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}
Java™ 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_0_280d3903\Setup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
McAfee Uninstaller --> C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\comrem.dll::uninstall.htm
MCU --> MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Musicmatch® Jukebox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
PCDLNCH --> MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D}
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Roxio DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio MyDVD LE --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Roxio RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Search Assist --> MsiExec.exe /X{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}
SFR --> MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}
SFR2 --> MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}
Sonic Activation Module --> MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spin Palace Casino --> C:\MicroGaming\Casino\SpinPalace\install.exe -uninstall
Spin Palace Casino --> C:\PROGRA~1\SPINPA~1\UNWISE.EXE C:\PROGRA~1\SPINPA~1\INSTALL.LOG
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
VCAMCEN --> MsiExec.exe /I{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}
Venture Africa (remove only) --> "C:\Program Files\MumboJumbo\VentureAfrica\Uninstall.exe"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
WebCyberCoach 3.2 Dell --> "C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows XP Media Center Edition 2005 KB908246 --> "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067 -->
WordPerfect Office 12 --> MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
Zoo Tycoon 2 - Dino Danger Pack --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F568B133-170C-4818-B06A-712C6D91B9F7}
Zoo Tycoon2 - Marine Mania Demo --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{FDBE4583-26AB-4DBE-8263-07836871002D}


-- Application Event Log -------------------------------------------------------

Event Record #/Type1206 / Error
Event Submitted/Written: 06/27/2008 06:47:42 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Event Record #/Type1201 / E
  • 0

#15
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts
-- Application Event Log -------------------------------------------------------

Event Record #/Type1206 / Error
Event Submitted/Written: 06/27/2008 06:47:42 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: The server name or address could not be resolved

Event Record #/Type1201 / Error
Event Submitted/Written: 06/27/2008 06:21:37 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x1000b1db.
Processing media-specific event for [!ws!]

Event Record #/Type1199 / Error
Event Submitted/Written: 06/27/2008 06:18:44 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.3156, faulting module unknown, version 0.0.0.0, fault address 0x1000b1db.
Processing media-specific event for [explorer.exe!ws!]

Event Record #/Type1197 / Error
Event Submitted/Written: 06/27/2008 00:38:13 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.3156, faulting module unknown, version 0.0.0.0, fault address 0x1000b1db.
Processing media-specific event for [explorer.exe!ws!]

Event Record #/Type1195 / Error
Event Submitted/Written: 06/27/2008 00:31:59 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x1000b1db.
Processing media-specific event for [!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type8506 / Error
Event Submitted/Written: 06/27/2008 06:44:38 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AFD
AVG Anti-Spyware Driver
Fips
intelppm
IPSec
MPFIREWL
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
SASDIFSV
SASKUTIL
Tcpip

Event Record #/Type8505 / Error
Event Submitted/Written: 06/27/2008 06:44:38 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31

Event Record #/Type8504 / Error
Event Submitted/Written: 06/27/2008 06:44:38 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
%%31

Event Record #/Type8503 / Error
Event Submitted/Written: 06/27/2008 06:44:38 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%31

Event Record #/Type8502 / Error
Event Submitted/Written: 06/27/2008 06:44:38 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:
%%31



-- End of Deckard's System Scanner: finished at 2008-06-27 18:48:43 ------------
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP