Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vundo? Maybe - Blue Screen Of Death


  • This topic is locked This topic is locked
2 replies to this topic

#1 pryde97

pryde97

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:11 AM

Posted 09 June 2008 - 12:52 PM

First, you all rock.. so far, been able to get 5 out of 6 pc's back to good health, but this last one which started it all on my network is out of my league, save my friends laptop please...

It started when my buddy was sent to a page that said he had a virus and was suckered into paying for the fake scanner.. he brought his laptop to me and it unleashed it's fury on my network... I'm assuming he has at least Vundo, because that was what I found on the other 5.. possibly more infections though because his seems worse off.. he did a restore himself and brought it back to me again.. this time I used my trusty burner and kept him off my network... I have for you logs from DSS, I also ran the SmitFraudFix in safe mode, removed his toolbars and past installs of java.. but when I tried SuperAntiSpyware which repaired all the other 5 it causes his to crash, no luck with McAfee, AVG, or Microsofts tools, they all cause the blue screen of death with not enough time to read it.. the system continues to reboot repeatedly whether you try to go to safe mode or normal until you shut off the laptop with the power button wait a bit and then turn it back on.. any help is appreciated...

Thank You,
Pryde97

Attachments -----------------------------------------------------------------------------------------------------------


Deckard's System Scanner v20071014.68
Run by Owner on 2008-06-09 05:07:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
18: 2008-06-09 10:07:43 UTC - RP18 - Deckard's System Scanner Restore Point
17: 2008-06-09 09:12:35 UTC - RP17 - Installed SUPERAntiSpyware Free Edition
16: 2008-06-08 08:00:25 UTC - RP16 - Software Distribution Service 3.0
15: 2008-06-07 17:54:47 UTC - RP15 - Installed HPSU306Stub
14: 2008-06-07 14:11:58 UTC - RP14 - Installed McAfee VirusScan Enterprise


-- First Restore Point --
1: 2008-06-07 00:09:55 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:08:58, on 6/9/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Logitech\QuickCam10\COCIManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=1607
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.5\masqform.exe -RunOnce
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 7002 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

All drivers whitelisted.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-06 19:09:45 258 --a------ C:\WINDOWS\Tasks\ISP signup reminder 3.job
2008-06-06 19:09:45 258 --a------ C:\WINDOWS\Tasks\ISP signup reminder 2.job


-- Files created between 2008-05-09 and 2008-06-09 -----------------------------

2008-06-09 04:35:27 3870 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-09 04:12:48 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-09 04:12:37 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-09 04:12:37 0 d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-06-09 04:11:33 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-09 04:11:06 0 d-------- C:\Program Files\HijackThis!
2008-06-09 01:56:33 0 d-------- C:\QUARANTINE
2008-06-07 20:56:04 33664 --a------ C:\WINDOWS\system32\drivers\BCMWLNPF.SYS <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
2008-06-07 20:56:02 86016 --a------ C:\WINDOWS\system32\preflib.dll
2008-06-07 20:56:01 69632 --a------ C:\WINDOWS\system32\bcmwlpkt.dll <Not Verified; CACE Technologies; WinPcap low level packet library>
2008-06-07 20:56:00 20480 --a------ C:\WINDOWS\system32\WLTRYSVC.EXE
2008-06-07 20:56:00 2129920 --a------ C:\WINDOWS\system32\WLBCGCBPRO731.DLL <Not Verified; BCGSoft Ltd; BCGControlBar Professional Dynamic Link Library>
2008-06-07 20:56:00 757760 --a------ C:\WINDOWS\system32\bcm1xsup.dll
2008-06-07 20:55:59 0 d-------- C:\Program Files\Broadcom
2008-06-07 18:17:40 0 d-------- C:\Program Files\Common Files\Logitech
2008-06-07 18:17:25 0 d-------- C:\Program Files\Logitech
2008-06-07 18:17:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-06-07 17:43:47 0 d-------- C:\Documents and Settings\Owner\Shared
2008-06-07 17:43:41 0 d-------- C:\Documents and Settings\Owner\Incomplete
2008-06-07 17:43:33 0 d-------- C:\Documents and Settings\Owner\Application Data\FrostWire
2008-06-07 17:42:44 0 d-------- C:\Program Files\Java
2008-06-07 17:42:42 0 d-------- C:\Program Files\Common Files\Java
2008-06-07 17:42:27 0 d-------- C:\Documents and Settings\Owner\Application Data\Sun
2008-06-07 17:41:36 0 d-------- C:\Program Files\FrostWire
2008-06-07 13:14:59 0 d-------- C:\Documents and Settings\Owner\Application Data\ZoomBrowser EX
2008-06-07 13:01:51 0 d-------- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2008-06-07 13:01:19 0 d-------- C:\Program Files\Canon
2008-06-07 12:59:47 0 d-------- C:\Program Files\Common Files\Canon
2008-06-07 12:57:40 0 d-------- C:\Documents and Settings\Owner\Application Data\HP
2008-06-07 12:57:22 0 d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-06-07 12:55:34 0 d-------- C:\Program Files\Common Files\HP
2008-06-07 12:54:11 0 d-------- C:\Program Files\Hewlett-Packard
2008-06-07 12:51:37 0 d-------- C:\Program Files\HP
2008-06-07 12:50:02 2314 -----n--- C:\WINDOWS\hphmdl10.dat
2008-06-07 12:50:02 116963 --a------ C:\WINDOWS\HPHins10.dat
2008-06-07 09:12:27 1495552 --a------ C:\WINDOWS\system32\epoPGPsdk.dll <Not Verified; PGP Corporation; PGPsdk>
2008-06-07 09:12:27 0 d-------- C:\Program Files\Common Files\Cisco Systems
2008-06-07 09:12:27 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-06-07 09:11:52 0 d-------- C:\Program Files\McAfee
2008-06-07 09:11:52 0 d-------- C:\Program Files\Common Files\McAfee
2008-06-07 08:59:36 0 d-------- C:\Program Files\Zilla Data Nuker
2008-06-07 05:21:18 0 d-------- C:\WINDOWS\tiinst
2008-06-07 04:54:38 0 d-------- C:\WINDOWS\Prefetch
2008-06-07 04:46:47 0 d-------- C:\WINDOWS\system32\scripting
2008-06-07 04:46:47 0 d-------- C:\WINDOWS\system32\en
2008-06-07 04:46:47 0 d-------- C:\WINDOWS\l2schemas
2008-06-07 04:46:46 0 d-------- C:\WINDOWS\system32\bits
2008-06-07 04:44:47 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-07 04:42:47 0 d-------- C:\WINDOWS\network diagnostic
2008-06-07 03:57:14 0 d-------- C:\Documents and Settings\Owner\Application Data\ATI
2008-06-07 03:55:01 0 d---s---- C:\Documents and Settings\Owner\UserData
2008-06-07 03:49:41 0 d-------- C:\Program Files\ATI Technologies
2008-06-07 03:41:05 0 d-------- C:\BCM_REL_4_100_15_5_WHQL
2008-06-06 20:37:31 0 d-------- C:\Documents and Settings\Owner\Application Data\DivX
2008-06-06 20:35:01 0 d-------- C:\Documents and Settings\Owner\Application Data\PureEdge
2008-06-06 20:34:58 0 d-------- C:\Documents and Settings\All Users\Application Data\PureEdge
2008-06-06 20:34:57 172032 --a------ C:\WINDOWS\system32\SSCE5332.dll <Not Verified; Wintertree Software Inc.; Sentry Spelling-Checker Engine Windows SDK>
2008-06-06 20:34:56 0 d-------- C:\Program Files\PureEdge
2008-06-06 20:13:31 0 d-------- C:\Program Files\DivX
2008-06-06 20:13:03 0 d-------- C:\Documents and Settings\Owner\Application Data\vlc
2008-06-06 20:12:00 0 d-------- C:\Program Files\VideoLAN
2008-06-06 20:11:02 0 d-------- C:\Documents and Settings\Owner\Application Data\CyberLink
2008-06-06 20:10:56 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-06-06 20:10:39 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-06-06 19:49:37 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-06-06 19:49:36 0 d-------- C:\Documents and Settings\Owner\Application Data\skypePM
2008-06-06 19:48:50 0 d-------- C:\Documents and Settings\Owner\Application Data\Skype
2008-06-06 19:44:17 0 d-------- C:\Program Files\Skype
2008-06-06 19:44:16 0 d-------- C:\Program Files\Common Files\Skype
2008-06-06 19:44:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-06-06 19:41:35 0 d-------- C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-06-06 19:41:33 0 d-------- C:\Documents and Settings\Owner\Application Data\Google
2008-06-06 19:39:10 0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-06 19:35:45 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-06-06 19:32:32 1069056 --a------ C:\WINDOWS\system32\stlang.dll <Not Verified; SigmaTel, Inc.; C-Major Audio>
2008-06-06 19:32:32 413696 --a------ C:\WINDOWS\stsystra.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>
2008-06-06 19:32:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-06-06 19:32:15 0 d-------- C:\Program Files\SigmaTel
2008-06-06 19:31:42 0 d-------- C:\Program Files\Yahoo!
2008-06-06 19:31:38 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2008-06-06 19:27:41 0 d-------- C:\Program Files\Windows Media Connect 2
2008-06-06 19:26:45 0 d-------- C:\WINDOWS\system32\LogFiles
2008-06-06 19:26:45 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-06 19:26:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-06 19:26:01 0 d-------- C:\cabs
2008-06-06 19:18:53 0 d-------- C:\Program Files\Western Digital Technologies
2008-06-06 19:10:06 0 d-------- C:\Documents and Settings\Owner\Application Data\Identities
2008-06-06 19:10:05 0 d-------- C:\Documents and Settings\Owner\WINDOWS
2008-06-06 19:10:05 0 d--h----- C:\Documents and Settings\Owner\Templates
2008-06-06 19:10:05 0 dr------- C:\Documents and Settings\Owner\Start Menu
2008-06-06 19:10:05 0 dr-h----- C:\Documents and Settings\Owner\SendTo
2008-06-06 19:10:05 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-06-06 19:10:05 0 d--h----- C:\Documents and Settings\Owner\PrintHood
2008-06-06 19:10:05 1572864 --ah----- C:\Documents and Settings\Owner\NTUSER.DAT
2008-06-06 19:10:05 0 d--h----- C:\Documents and Settings\Owner\NetHood
2008-06-06 19:10:05 0 dr------- C:\Documents and Settings\Owner\My Documents
2008-06-06 19:10:05 0 d--h----- C:\Documents and Settings\Owner\Local Settings
2008-06-06 19:10:05 0 dr------- C:\Documents and Settings\Owner\Favorites
2008-06-06 19:10:05 0 d-------- C:\Documents and Settings\Owner\Desktop
2008-06-06 19:10:05 0 d---s---- C:\Documents and Settings\Owner\Cookies
2008-06-06 19:10:05 0 dr-h----- C:\Documents and Settings\Owner\Application Data
2008-06-06 19:07:56 0 d-------- C:\Program Files\Motorola
2008-06-06 19:02:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-06-06 18:47:42 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-06 16:36:36 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-06 16:36:20 0 d-------- C:\WINDOWS\SHELLNEW
2008-06-06 16:36:10 0 d-------- C:\Program Files\Microsoft.NET
2008-06-06 16:35:41 0 dr-h----- C:\MSOCache
2008-06-06 16:34:53 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-06 16:34:53 0 d-------- C:\Program Files\CyberLink
2008-06-06 16:34:50 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-06 16:34:40 2 --a------ C:\AUDIT_INSTALL_IN_PROGRESS
2008-06-06 16:33:34 0 d-------- C:\Documents and Settings\Default User\WINDOWS
2008-06-06 16:33:31 262144 --a------ C:\Documents and Settings\All Users\NTUSER.DAT
2008-06-06 16:33:21 0 d-------- C:\Program Files\Google
2008-06-06 16:29:06 0 d-------- C:\Program Files\DIFX
2008-06-06 16:29:05 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-06-06 16:29:05 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-06 16:29:03 20480 --a------ C:\WINDOWS\system32\Marker32.exe <Not Verified; Gateway; Marker32>
2008-06-06 16:26:58 2 -r-hs---- C:\USER
2008-06-06 16:26:58 2 --a------ C:\REQUEST_OEMRESET_ENDUSER
2008-06-06 16:24:42 0 d--hs---- C:\System Volume Information
2008-06-06 16:23:37 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT
2008-06-06 16:23:32 0 d-------- C:\WINDOWS\creator
2008-06-06 16:22:14 0 d-------- C:\WINDOWS\SMINST
2008-06-06 16:22:11 0 d-------- C:\WINDOWS\I386


-- Find3M Report ---------------------------------------------------------------

2008-06-09 04:11:33 0 d-------- C:\Program Files\Common Files
2008-06-07 04:47:07 0 d-------- C:\Program Files\Messenger
2008-06-07 04:46:46 0 d-------- C:\Program Files\Movie Maker
2008-06-07 04:44:30 0 d-------- C:\Program Files\Windows NT
2008-06-06 16:17:38 0 d-------- C:\Program Files\Windows Plus
2008-06-06 16:17:38 0 d-------- C:\Program Files\Online Services
2008-06-06 16:17:38 0 d-------- C:\Program Files\MSN Gaming Zone
2008-06-06 16:17:38 0 d-------- C:\Program Files\microsoft frontpage
2008-06-06 16:17:37 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-06-06 16:17:37 0 d-------- C:\Program Files\Common Files\ODBC
2008-06-06 16:17:37 0 d-------- C:\Program Files\Common Files\New Boundary
2008-06-06 16:17:37 0 d-------- C:\Program Files\Common Files\MSSoap


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 22:56]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [06/06/2008 16:33]
"SigmatelSysTrayApp"="stsystra.exe" [12/27/2005 10:20 C:\WINDOWS\stsystra.exe]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [09/27/2006 18:26]
"masqform.exe"="C:\Program Files\PureEdge\Viewer 6.5\masqform.exe" [07/04/2005 09:50]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [01/02/2006 17:41]
"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" [02/22/2007 20:50]
"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" [12/19/2006 11:27]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/19/2006 02:41]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [06/26/2006 09:46]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [06/26/2006 10:34]
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [06/26/2006 10:33]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [10/12/2006 16:28]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="NA" []
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [08/30/2007 17:43]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/14/2008 05:42]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [05/28/2008 10:33]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2/19/2006 4:21:22 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 1:01:04 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/13/2008 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5052f553-3425-11dd-a95d-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480




-- End of Deckard's System Scanner: finished at 2008-06-09 05:12:22 ------------



Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 3.0
Architecture: X86; Language: English

CPU 0: AMD Turion™ 64 X2 Mobile Technology TL-50
Percentage of Memory in Use: 28%
Physical Memory (total/avail): 1790.04 MiB / 1284.59 MiB
Pagefile Memory (total/avail): 3682.52 MiB / 3228.58 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1937.5 MiB

C: is Fixed (NTFS) - 104.94 GiB total, 92.61 GiB free.
D: is Fixed (FAT32) - 6.83 GiB total, 3.35 GiB free.
E: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - HTS421212H9AT00 - 111.79 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 104.94 GiB - C:
\PARTITION1 - Unknown - 6.84 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-8D9D687849
ComSpec=C:\WINDOWS\system32\cmd.exe
DEFLOGDIR=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\YOUR-8D9D687849
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4802
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=YOUR-8D9D687849
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
VSEDEFLOGDIR=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Owner (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> MsiExec.exe /I{01C0CB1D-FF49-43F1-ADC5-65F05DB7BDD1}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Broadcom 802.11 Network Adapter --> "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter"
Canon Camera Access Library --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon G.726 WMP-Decoder --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon Utilities CameraWindow --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities CameraWindow DC --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini"
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Utilities EOS Utility --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities MyCamera --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini"
Canon Utilities MyCamera DC --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCameraDC\Uninst.ini"
Canon Utilities PhotoStitch --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities RemoteCapture DC --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureDC\Uninst.ini"
Canon Utilities RemoteCapture Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility --> "C:\Program Files\Common Files\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini"
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Solution --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
FrostWire 4.13.5 --> C:\Program Files\FrostWire\Uninstall.exe
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Program Files\HijackThis!\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software --> C:\Program Files\HP\Digital Imaging\{9D404F8F-05A1-4734-9550-6EC2FEE916B8}\setup\hpzscr01.exe -datfile hphscr10.dat -showdisconnect -forcereboot
HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech QuickCam --> MsiExec.exe /X{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC}
Logitech Video Enumerator --> MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Logitech® Camera Driver --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
McAfee VirusScan Enterprise --> MsiExec.exe /I{35C03C04-3F1F-42C2-A989-A757EE691F65}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Motorola SM56 Data Fax Modem --> rundll32.exe sm56coin.dll,SM56UnInstaller
Power2Go 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PureEdge Viewer 6.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E0000650-0650-0650-0650-000000000650}\Setup.exe" -l0x9 -uninst
Security Update for Step By Step Interactive Training (KB898458) -->
SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\Setup.exe" -l0x9 -remove -removeonly
Skype™ 3.8 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\Program Files\InstallShield Installation Information\{607398CF-354B-4E21-B1BC-549424BFD04C}\setup.exe -runfromtemp -l0x0409
UMVPLStandalone --> MsiExec.exe /X{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}
Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
VideoLAN VLC media player 0.8.6e --> C:\Program Files\VideoLAN\VLC\uninstall.exe
WD Diagnostics --> MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_6FE44FCD212D4A086C7BC0C98B9A619782073FB7\amdk8.inf
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB914548 --> "C:\WINDOWS\$NtUninstallKB914548$\spuninst\spuninst.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Zilla Data Nuker 2.0.0.0 --> "C:\Program Files\Zilla Data Nuker\unins000.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type249 / Warning
Event Submitted/Written: 06/07/2008 00:57:37 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x800401F0

Event Record #/Type247 / Warning
Event Submitted/Written: 06/07/2008 00:57:33 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x800401F0

Event Record #/Type245 / Warning
Event Submitted/Written: 06/07/2008 00:57:24 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x800401F0

Event Record #/Type244 / Warning
Event Submitted/Written: 06/07/2008 00:57:10 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x800401F0

Event Record #/Type243 / Warning
Event Submitted/Written: 06/07/2008 00:57:10 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x800401F0



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type898 / Error
Event Submitted/Written: 06/09/2008 05:05:24 AM
Event ID/Source: 59 / SideBySide
Event Description:
Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\MFC80.DLL.
Reference error message: The operation completed successfully.
.

Event Record #/Type897 / Error
Event Submitted/Written: 06/09/2008 05:05:24 AM
Event ID/Source: 59 / SideBySide
Event Description:
Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.

Event Record #/Type896 / Error
Event Submitted/Written: 06/09/2008 05:05:24 AM
Event ID/Source: 32 / SideBySide
Event Description:
Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

Event Record #/Type895 / Error
Event Submitted/Written: 06/09/2008 05:05:24 AM
Event ID/Source: 59 / SideBySide
Event Description:
Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\MFC80.DLL.
Reference error message: The operation completed successfully.
.

Event Record #/Type894 / Error
Event Submitted/Written: 06/09/2008 05:05:24 AM
Event ID/Source: 59 / SideBySide
Event Description:
Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.



-- End of Deckard's System Scanner: finished at 2008-06-09 05:12:22 ------------

BC AdBot (Login to Remove)

 


m

#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:11 PM

Posted 03 July 2008 - 06:44 PM

Hello pryde97,

Welcome to Bleeping Computer :)

Sorry about the delay.:thumbsup: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:11 PM

Posted 20 July 2008 - 03:07 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users