Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

userinit.exe. application error


  • This topic is locked This topic is locked

#1
McTavish

McTavish

    New Member

  • Member
  • Pip
  • 4 posts
Hope someone can help please.

When I try to log on it comes up

userinit.exe - application failed to iniitalize properly Oxc0000005 (click okay to terminate the application.

I was able to put in safe mode and used task manager to end task then new task -desktop. It is stil unable to open applications error still comes up.
The os is windows xp service pack2 and is preloaded and I do not have a disc.
I was able to download hijackthis from my other laptop and saved it with my pen drive onto my computer.
I have also ran regcure and stil no joy.

I have attatched my log


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:46:24, on 14/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\explorer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
F:\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.paretolog...3...id=84&uid=0
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Slide - {F25D0054-4CA2-49D5-A8B0-D79B7829D14E} - C:\Program Files\Slide\SlideBar.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [BootWarn] C:\Program Files\Norton Internet Security\Norton AntiVirus\BootWarn.exe /a
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1197991853\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [HP Component Manager] C:\Program Files\Common Files\AOL\1197991853\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.345.0\OEAddOn.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.345.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\apps\skype\phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/...oader.5.1.4.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoe...ggPublisher.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: mjeuuqdg.dll hakblqwg.dll fydfeg.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 9133 bytes




Thanks

Edited by McTavish, 14 August 2008 - 07:58 AM.

  • 0

Advertisements


#2
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello McTavish

Welcome to G2Go. :)
=====================
See if you are able to get this to run.
You will have to keep hitting ok at the errors when they appear. ex.> userinit.exe

Please download Deckard's System Scanner (DSS) and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

  • 0

#3
McTavish

McTavish

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Here is a copy of my log




Deckard's System Scanner v20071014.68
Run by Administrator on 2008-08-14 19:03:54
Computer is in Safe Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; computer is in safe mode.


-- Last 1 Restore Point(s) --
1: 2008-08-11 18:38:41 UTC - RP382 - Restore Operation


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-08-14 19:11:11
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
F:\dss.exe
C:\Program Files\McAfee\MSC\mcuimgr.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.paretolog...3...id=84&uid=0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: {2989abb2-ac82-6ca8-0a04-fdc622eadcc5} - {5ccdae22-6cdf-40a0-8ac6-28ca2bba9892} - C:\WINDOWS\system32\fydfeg.dll
O2 - BHO: (no name) - {6AF6A22B-479A-442D-82C4-7F5CEE46B595} - C:\WINDOWS\system32\yayaaWmL.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Slide - {F25D0054-4CA2-49D5-A8B0-D79B7829D14E} - C:\Program Files\Slide\SlideBar.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [BootWarn] C:\Program Files\Norton Internet Security\Norton AntiVirus\BootWarn.exe /a
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1197991853\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [HP Component Manager] C:\Program Files\Common Files\AOL\1197991853\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.345.0\OEAddOn.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.345.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (file missing)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\APPS\skype\phone\IEPlugin\SkypeIEPlugin.dll
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\winrnr.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\rsvpsp.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\rsvpsp.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\mswsock.dll
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/...oader.5.1.4.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_03) - http://java.sun.com/...ows-i586-jc.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoe...ggPublisher.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O20 - AppInit_DLLs: mjeuuqdg.dll hakblqwg.dll fydfeg.dll
O20 - Winlogon Notify: khfFWmKC - C:\WINDOWS\system32\khfFWmKC.dll (file missing)
O20 - Winlogon Notify: __c0018C6F - C:\WINDOWS\system32\
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MpfSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\msksrver.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\system32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe


--
End of file - 12333 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 cdrbsvsd - c:\windows\system32\drivers\cdrbsvsd.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7>

S3 CamAv (SAMSUNG Video Capture) - c:\windows\system32\drivers\camav.sys <Not Verified; Samsung electronics, Inc; Samsung electronics, Inc>
S3 PPPoEWin (PPPoEWin Miniport) - c:\windows\system32\drivers\pppoewin.sys (file missing)
S3 ss_bus (Samsung Mobile USB Device 1.0 driver (WDM)) - c:\windows\system32\drivers\ss_bus.sys <Not Verified; MCCI; Samsung Mobile USB Device 1.0>
S3 ss_mdfl (SAMSUNG Mobile USB Modem 1.0 Filter) - c:\windows\system32\drivers\ss_mdfl.sys <Not Verified; MCCI; SAMSUNG Mobile USB Modem 1.0 Filter>
S3 ss_mdm (SAMSUNG Mobile USB Modem 1.0 Drivers) - c:\windows\system32\drivers\ss_mdm.sys <Not Verified; MCCI; SAMSUNG Mobile USB Modem 1.0>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
S2 CyberLink Media Library Service - "c:\program files\cyberlink\shared files\clml_ntservice\clmlserver.exe" <Not Verified; Cyberlink; Cyberlink Media Library Server>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-08-14 18:59:35 454 --a------ C:\WINDOWS\Tasks\RegCure Program Check.job
2008-08-12 02:26:12 388 --a------ C:\WINDOWS\Tasks\RegCure.job
2008-08-11 19:43:30 366 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2008-07-01 22:07:58 342 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2008-07-01 22:07:57 334 --a------ C:\WINDOWS\Tasks\McQcTask.job
2008-06-13 11:10:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-07-14 and 2008-08-14 -----------------------------

2008-08-14 18:56:58 0 d-------- D:\Deckard
2008-08-12 02:47:13 0 d-------- D:\Documents and Settings\NetworkService.NT AUTHORITY.002\Start Menu
2008-08-12 02:02:51 0 d-------- C:\Program Files\RegCure
2008-08-12 00:20:10 0 d-------- C:\Program Files\analyse.exe
2008-08-11 19:39:11 0 d-------- C:\Program Files\Norton Internet Security
2008-08-11 19:33:36 0 d-------- D:\Documents and Settings\Callum\Application Data\McAfee
2008-08-11 16:37:05 0 d-------- D:\AOL 9.0f <AOL9~1.0F>
2008-08-11 16:33:34 0 d-------- C:\Program Files\AOL 9.0e
2008-08-07 18:23:52 0 d-------- C:\Program Files\Registry Easy
2008-08-07 17:49:10 0 d-------- D:\Documents and Settings\Kevin Emslie.048853320083\Application Data\McAfee
2008-08-04 22:33:37 0 d-------- D:\Documents and Settings\LocalService.NT AUTHORITY.002\Application Data\McAfee
2008-08-04 17:13:29 0 d-------- D:\Documents and Settings\Sarah Pirie\Application Data\McAfee
2008-08-04 16:33:30 0 d-------- D:\Documents and Settings\Sarah Pirie\Application Data\SiteAdvisor
2008-08-03 21:37:04 0 d--h----- D:\Documents and Settings\Administrator\Templates
2008-08-03 21:37:04 0 dr------- D:\Documents and Settings\Administrator\Start Menu
2008-08-03 21:37:04 0 dr-h----- D:\Documents and Settings\Administrator\SendTo
2008-08-03 21:37:04 0 dr-h----- D:\Documents and Settings\Administrator\Recent
2008-08-03 21:37:04 0 d--h----- D:\Documents and Settings\Administrator\PrintHood
2008-08-03 21:37:04 0 d--h----- D:\Documents and Settings\Administrator\NetHood
2008-08-03 21:37:04 0 dr------- D:\Documents and Settings\Administrator\My Documents
2008-08-03 21:37:04 0 d--h----- D:\Documents and Settings\Administrator\Local Settings
2008-08-03 21:37:04 0 dr------- D:\Documents and Settings\Administrator\Favorites
2008-08-03 21:37:04 0 dr------- D:\Documents and Settings\Administrator\Desktop
2008-08-03 21:37:04 0 d---s---- D:\Documents and Settings\Administrator\Cookies
2008-08-03 21:37:04 0 dr-h----- D:\Documents and Settings\Administrator\Application Data <APPLIC~1>
2008-08-03 21:37:04 0 d-------- D:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
2008-08-03 21:37:04 0 d-------- D:\Documents and Settings\Administrator\Application Data\Symantec
2008-08-03 21:37:04 0 d-------- D:\Documents and Settings\Administrator\Application Data\Real
2008-08-03 21:37:04 0 d-------- D:\Documents and Settings\Administrator\Application Data\Macromedia
2008-08-03 21:37:04 0 d-------- D:\Documents and Settings\Administrator\Application Data\Identities
2008-08-03 21:37:03 1048576 --ah----- D:\Documents and Settings\Administrator\NTUSER.DAT
2008-08-02 16:02:08 80896 --a------ C:\WINDOWS\system32\malkxhbm.dll
2008-08-02 15:59:08 100864 --a------ C:\WINDOWS\system32\rqhnuhvu.dll
2008-08-02 15:59:08 100864 --a------ C:\WINDOWS\system32\fupank.dll
2008-08-02 15:56:08 100864 --a------ C:\WINDOWS\system32\hoabshby.dll
2008-08-02 15:56:08 100864 --a------ C:\WINDOWS\system32\fydfeg.dll
2008-07-31 19:12:41 95232 --a------ C:\WINDOWS\system32\zbpinr.dll
2008-07-31 19:12:41 95232 --a------ C:\WINDOWS\system32\ltjfkxpu.dll
2008-07-31 18:12:42 95232 --a------ C:\WINDOWS\system32\txtrmuoi.dll
2008-07-31 18:12:42 95232 --a------ C:\WINDOWS\system32\ficzwv.dll
2008-07-30 08:48:08 95744 --a------ C:\WINDOWS\system32\vjnxkrby.dll
2008-07-30 08:48:08 95744 --a------ C:\WINDOWS\system32\lywwrd.dll
2008-07-28 22:38:42 73728 --a------ C:\WINDOWS\ALCFDRTM.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek ALCFDRTM>
2008-07-28 22:01:16 80896 --a------ C:\WINDOWS\system32\gdjvcfmg.dll
2008-07-28 21:00:55 95744 --a------ C:\WINDOWS\system32\syrdvr.dll
2008-07-28 21:00:55 95744 --a------ C:\WINDOWS\system32\amkpkidq.dll
2008-07-26 08:50:32 95744 --a------ C:\WINDOWS\system32\idrbqv.dll
2008-07-26 08:50:31 95744 --a------ C:\WINDOWS\system32\jghbmnrp.dll
2008-07-20 09:45:06 0 d-------- D:\Documents and Settings\Kevin Emslie.048853320083\Application Data\SiteAdvisor
2008-07-15 20:18:46 0 d-------- D:\Documents and Settings\All Users\Application Data\BVRP Software
2008-07-15 20:18:46 0 d-------- C:\Program Files\Avanquest update
2008-07-15 20:14:21 0 d-------- D:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-07-15 20:14:04 0 d-------- D:\Documents and Settings\Callum\Application Data\InstallShield


-- Find3M Report ---------------------------------------------------------------

2008-08-14 19:08:50 3139 --ahs---- C:\WINDOWS\system32\LmWaayay.ini2
2008-08-11 19:43:38 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-08-11 19:42:15 0 d-------- C:\Program Files\Symantec
2008-08-11 19:38:36 0 d-------- C:\Program Files\Common Files
2008-08-11 19:25:55 0 d-------- C:\Program Files\Common Files\aolshare
2008-08-11 16:37:27 0 d-------- C:\Program Files\Common Files\AOL
2008-08-04 14:59:02 0 d-------- C:\Program Files\DriveCleaner Free
2008-08-02 16:12:55 0 d-------- C:\Program Files\McAfee
2008-07-15 20:18:46 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-15 20:14:22 0 d-------- C:\Program Files\Sony Ericsson
2008-07-13 21:05:18 0 d-------- C:\Program Files\VAV
2008-07-10 21:30:39 0 d-------- C:\Program Files\Sony
2008-07-03 17:12:43 0 d-------- C:\Program Files\SiteAdvisor
2008-07-02 19:19:38 0 d-------- C:\Program Files\Common Files\DriveCleaner Free
2008-07-01 22:08:28 0 d-------- C:\Program Files\Common Files\McAfee
2008-07-01 22:07:49 0 d-------- C:\Program Files\McAfee.com
2008-06-24 22:27:16 0 d-------- C:\Program Files\AOL 9.0c
2008-06-23 21:52:50 0 d-------- C:\Program Files\Kontiki
2008-06-23 21:52:47 0 d-------- C:\Program Files\SpyShredder
2008-06-23 21:52:47 0 d-------- C:\Program Files\ShoppingReport
2008-06-23 21:52:44 0 d-------- C:\Program Files\Seekmo
2008-06-19 19:57:32 1525 --ahs---- C:\WINDOWS\system32\Llmnnnpo.ini2
2008-06-08 00:06:16 347136 --a------ C:\WINDODeckard's System Scanner v20071014.68



Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 3.06GHz
Percentage of Memory in Use: 21%
Physical Memory (total/avail): 1023.48 MiB / 808.47 MiB
Pagefile Memory (total/avail): 2460.89 MiB / 2362.81 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1931.05 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 29.99 GiB total, 20.45 GiB free.
D: is Fixed (NTFS) - 111.24 GiB total, 99.37 GiB free.
E: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - ST3160023AS - 149.05 GiB - 3 partitions
\PARTITION0 - Unknown - 7.81 GiB
\PARTITION1 (bootable) - Installable File System - 29.99 GiB - C:
\PARTITION2 - Installable File System - 111.24 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

FW: McAfee Personal Firewall v (McAfee)
FW: Norton Internet Security v2005 (Symantec Corporation)
AV: Norton Internet Security v2005 (Symantec Corporation)
AV: McAfee VirusScan v (McAfee) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AOL 9.0a\\waol.exe"="C:\\Program Files\\AOL 9.0a\\waol.exe:*:Enabled:AOL 9.0a"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0b\\waol.exe"="C:\\Program Files\\AOL 9.0b\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0c\\waol.exe"="C:\\Program Files\\AOL 9.0c\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0d\\waol.exe"="C:\\Program Files\\AOL 9.0d\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\AOL 9.0e\\waol.exe"="C:\\Program Files\\AOL 9.0e\\waol.exe:*:Enabled:AOL"
"D:\\AOL 9.0f\\waol.exe"="D:\\AOL 9.0f\\waol.exe:*:Enabled:AOL"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"="%ProgramFiles%\\AOL 9.0\\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe:*:Enabled:PANDORA"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AOL 9.0a\\waol.exe"="C:\\Program Files\\AOL 9.0a\\waol.exe:*:Enabled:AOL 9.0a"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"D:\\Documents and Settings\\Sarah Pirie\\My Documents\\iTunes.exe"="D:\\Documents and Settings\\Sarah Pirie\\My Documents\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0b\\waol.exe"="C:\\Program Files\\AOL 9.0b\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0c\\waol.exe"="C:\\Program Files\\AOL 9.0c\\waol.exe:*:Enabled:AOL"
"C:\\apps\\skype\\phone\\Skype.exe"="C:\\apps\\skype\\phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\AOL 9.0d\\waol.exe"="C:\\Program Files\\AOL 9.0d\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Common Files\\AOL\\1197991853\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1197991853\\ee\\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"="C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1"
"C:\\Program Files\\AOL 9.0e\\waol.exe"="C:\\Program Files\\AOL 9.0e\\waol.exe:*:Enabled:AOL"
"D:\\AOL 9.0f\\waol.exe"="D:\\AOL 9.0f\\waol.exe:*:Enabled:AOL"


-- Environment Variables -------------------------------------------------------



-- User Profiles ---------------------------------------------------------------

Sarah Pirie (admin)
Kevin Emslie.048853320083 (admin)
Callum (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------



-- Application Event Log -------------------------------------------------------

Event Record #/Type16440 / Warning
Event Submitted/Written: 08/14/2008 07:06:12 PM
Event ID/Source: 6 / crypt32
Event Description:
Reached crypt32 threshold of 50 events and will suspend logging for 60 minutes

Event Record #/Type16439 / Error
Event Submitted/Written: 08/14/2008 07:06:12 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Event Record #/Type16438 / Error
Event Submitted/Written: 08/14/2008 07:06:12 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Event Record #/Type16437 / Error
Event Submitted/Written: 08/14/2008 07:06:12 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.

Event Record #/Type16436 / Error
Event Submitted/Written: 08/14/2008 07:06:12 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download....uthrootseq.txt> with error: This network connection does not exist.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type19035 / Error
Event Submitted/Written: 08/14/2008 07:09:38 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Event Record #/Type19034 / Error
Event Submitted/Written: 08/14/2008 07:08:47 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Event Record #/Type19033 / Error
Event Submitted/Written: 08/14/2008 07:08:33 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Event Record #/Type19032 / Error
Event Submitted/Written: 08/14/2008 07:05:50 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service McNASvc with arguments ""
in order to run the server:
{24F616A1-B755-4053-8018-C3425DC8B68A}

Event Record #/Type19031 / Error
Event Submitted/Written: 08/14/2008 07:05:43 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service McNASvc with arguments ""
in order to run the server:
{24F616A1-B755-4053-8018-C3425DC8B68A}



-- End of Deckard's System Scanner: finished at 2008-08-14 19:12:06 ------------

WS\system32\yayaaWmL.dll


-- Registry Dump ---------------------------------------------------------------



-- End of Deckard's System Scanner: finished at 2008-08-14 19:12:06 ------------





Thanks

Edited by McTavish, 14 August 2008 - 12:34 PM.

  • 0

#4
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hi I didn't get a reply .

Please visit this web page for instructions for downloading and running Combofix >ComboFix Instructions
We now suggest that you install the Windows Recovery Console.
The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware.

Post the log from ComboFix when you've accomplished all of that, along with a new HijackThis log.

(Note:If the Recovery Console fails to install then do not proceed rather alert me and post back here we will continue)
  • 0

#5
McTavish

McTavish

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Hi Kahdah

Thanks for your help. I finally managed to run recovery console and have saved files and restored computer to its original status.

Thanks again
Mctavish
  • 0

#6
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok sorry I didn't know you had replied.

You are welcome :)


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If your the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP