Alright, different PC now.

amberhasCTDs · 07-07-2008, 01:57 AM

Hi yall, I was ere recently trying to work on my desktop- but I think the video card has gone to crap so now I am using a horribly old laptop (windows 2000) but I have to have something to get online with for now and this is it. I have deleted everything I know for sure is bad but my knowledge of this stuff is still growing. If you would take a look at my combofix and HJT log I would appreciate it. Just incase I missed something (and I probably did). Due to my knowledge of PCs and also my knowledge of windows 2000. Thanks a ton.
amber

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:34:43 PM, on 7/6/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINNT\system32\ltmsg.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dial
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SBC Yahoo! Connection Manager] "C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O24 - Desktop Component 0: (no name) - http://pictures.sprintpcs.com/mmps/0...ut=255,255,255

--
End of file - 5734 bytes

ComboFix 08-07-05.1 - ComEvo 07/06/2008 17:25:58.1 - NTFSx86
Running from: C:\Documents and Settings\ComEvo\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\ComEvo\Start Menu\Programs\Outerinfo
C:\Documents and Settings\ComEvo\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\ComEvo\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Program Files\outerinfo
C:\Program Files\outerinfo\OinUninstall.exe
C:\Program Files\outerinfo\OiUninstaller.exe
C:\Program Files\outerinfo\Outerinfo.dll
C:\Program Files\outerinfo\Outerinfo.exe
C:\Program Files\outerinfo\outerinfo.ico
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\winpop
C:\temp\iee
C:\WINNT\Fonts\acrsec.fon
C:\WINNT\Fonts\acrsecB.fon
C:\WINNT\Fonts\acrsecI.fon
C:\WINNT\smdat32m.sys
C:\WINNT\system32\MSINET.oca
C:\WINNT\system32\o02PrEz
C:\WINNT\Web\default.htt
C:\WINNT\wr.txt

.
((((((((((((((((((((((((( Files Created from 2008-06-06 to 2008-07-06 )))))))))))))))))))))))))))))))
.

2008-07-06 17:26 . 07/06/08 05:26p 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_258.dat
2008-07-06 17:09 . 07/06/08 05:12p <DIR> d-------- C:\WINNT\system32\drivers\Avg
2008-07-06 17:09 . 07/06/08 05:09p <DIR> d-------- C:\Program Files\AVG
2008-07-06 17:09 . 07/06/08 05:09p <DIR> d-------- C:\Documents and Settings\ComEvo\Application Data\AVGTOOLBAR
2008-07-06 17:09 . 07/06/08 05:09p <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\avg8
2008-07-06 17:09 . 07/06/08 05:09p 96,520 --a------ C:\WINNT\system32\drivers\avgldx86.sys
2008-07-06 17:09 . 07/06/08 05:09p 75,272 --a------ C:\WINNT\system32\drivers\avgtdix.sys
2008-07-06 17:09 . 07/06/08 05:09p 10,520 --a------ C:\WINNT\system32\avgrsstx.dll
2008-07-05 01:33 . 07/05/08 01:33a 54,156 --ah----- C:\WINNT\QTFont.qfn
2008-07-05 01:33 . 07/05/08 01:33a 1,409 --a------ C:\WINNT\QTFont.for
2008-07-03 23:53 . 07/03/08 11:53p <DIR> d-------- C:\Program Files\Adaptec
2008-07-03 23:08 . 07/03/08 11:08p <DIR> d--h-c--- C:\WINNT\$SQLUninstallMDAC25SP3-KB927779-x86-ENU$
2008-07-03 21:49 . 07/03/08 09:49p <DIR> d-------- C:\Program Files\Ventrilo
2008-07-03 21:49 . 07/03/08 09:50p <DIR> d-------- C:\Documents and Settings\ComEvo\Application Data\Ventrilo
2008-07-03 21:48 . 07/03/08 09:48p <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-03 21:47 . 03/26/06 04:23p 19,728 --a------ C:\WINNT\system32\hidserv.exe
2008-07-03 21:47 . 03/26/06 04:23p 19,728 --a--c--- C:\WINNT\system32\dllcache\hidserv.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-07-06 21:49 --------- d-----w C:\Program Files\Symantec
2008-07-06 09:44 --------- d-----w C:\Program Files\StarWarsGalaxies
2008-07-05 06:35 --------- d---a-w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-05 06:35 --------- d-----w C:\Program Files\QuickTime
2008-07-04 05:05 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-04 04:53 --------- d-----w C:\Program Files\Ares
2008-07-04 04:20 --------- d-----w C:\Program Files\Hitman Pro
2008-07-04 04:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-04 04:12 --------- d-----w C:\Documents and Settings\ComEvo\Application Data\Lavasoft
2006-09-15 19:42 271 ---h--w C:\Program Files\desktop.ini
2006-09-15 19:42 21,952 ---h--w C:\Program Files\folder.htt
2006-03-26 22:27 32,528 ----a-w C:\WINNT\inf\wbfirdma.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [11/10/05 01:03p 36975]
"HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" [09/15/03 09:00p 270336]
"YBrowser"="C:\Program Files\Yahoo!\browser\ybrwicon.exe" [07/11/03 03:51p 57344]
"SBC Yahoo! Connection Manager"="C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe" [07/14/03 02:55p 1028096]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [07/06/08 05:09p 1177368]
"Synchronization Manager"="mobsync.exe" [06/19/03 12:05p 111376 C:\WINNT\system32\mobsync.exe]
"LTWinModem1"="ltmsg.exe" [10/28/03 01:00a 40960 C:\WINNT\system32\ltmsg.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"^SetupICWDesktop"="C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe" [06/19/03 12:05p 186640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= mmdrv.dll

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINNT\system32\Drivers\avgldx86.sys [07/06/08 05:09p]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [07/06/08 05:09p]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [07/06/08 05:09p]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINNT\system32\Drivers\avgtdix.sys [07/06/08 05:09p]
S3 el575nd5;FE575C-3Com 10/100 LAN CardBus PC Card Driver;C:\WINNT\system32\DRIVERS\el575nd5.sys [08/06/02 06:02p]
S3 hitmanpro2;Hitman Pro 2 Driver;C:\Program Files\Hitman Pro\hitmanpro2.sys []

*Newly Created Service* - CATCHME
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-PRISMSVR.EXE - C:\WINNT\system32\PRISMSVR.EXE

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-06 17:27:52
Windows 5.0.2195 Service Pack 4 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 07/06/2008 17:28:48
ComboFix-quarantined-files.txt 2008-07-06 22:28:42

Pre-Run: 15,535,013,888 bytes free
Post-Run: 15,626,514,432 bytes free

106 --- E O F --- 2008-07-04 04:13:27

cohen · 07-07-2008, 02:13 AM

was the Hijackthis log before or after the combo fix log?

amberhasCTDs · 07-07-2008, 02:18 AM

The HJT Log was after the combofix it just got posted first because I had it up at the time since I'd just ran it. Sorry about the confusion.

cohen · 07-07-2008, 02:26 AM

: Download and Run DSS :

Download Deckard's System Scanner (DSS) to your Desktop. You must be logged onto an account with administrator privileges.

Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<- this one will be minimized.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt in your reply.

amberhasCTDs · 07-07-2008, 02:36 AM

Here is the DSS Log you requested.
Main one first.

Deckard's System Scanner v20071014.68
Run by ComEvo on 2008-07-06 20:12:58
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as ComEvo.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:13:31 PM, on 7/6/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINNT\system32\ltmsg.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINNT\system32\wuauclt.exe
C:\Documents and Settings\ComEvo\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\ComEvo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dial
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [SBC Yahoo! Connection Manager] "C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O24 - Desktop Component 0: (no name) - http://pictures.sprintpcs.com/mmps/0...ut=255,255,255

--
End of file - 5770 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\winnt\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>

S3 catchme - c:\combofix\catchme.sys (file missing)
S3 hitmanpro2 (Hitman Pro 2 Driver) - c:\program files\hitman pro\hitmanpro2.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Files created between 2008-06-06 and 2008-07-06 -----------------------------

2008-07-06 19:52:17 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_258.dat
2008-07-06 19:32:57 0 d-------- C:\Program Files\Trend Micro
2008-07-06 17:27:44 53248 --a------ C:\WINNT\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
2008-07-06 17:25:18 68096 --a------ C:\WINNT\zip.exe
2008-07-06 17:25:18 49152 --a------ C:\WINNT\VFind.exe
2008-07-06 17:25:18 212480 --a------ C:\WINNT\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-07-06 17:25:18 136704 --a------ C:\WINNT\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-07-06 17:25:18 161792 --a------ C:\WINNT\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-07-06 17:25:18 98816 --a------ C:\WINNT\sed.exe
2008-07-06 17:25:18 80412 --a------ C:\WINNT\grep.exe
2008-07-06 17:25:18 89504 --a------ C:\WINNT\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-07-06 17:09:33 0 d-------- C:\WINNT\system32\drivers\Avg
2008-07-06 17:09:32 0 d-------- C:\Documents and Settings\ComEvo\Application Data\AVGTOOLBAR
2008-07-06 17:09:17 0 d-------- C:\Program Files\AVG
2008-07-06 17:09:17 0 d-a------ C:\Documents and Settings\All Users\Application Data\avg8
2008-07-05 01:35:40 0 d-a------ C:\WINNT\system32\appmgmt
2008-07-03 23:53:51 0 d-------- C:\Program Files\Adaptec
2008-07-03 23:08:38 0 d--h---c- C:\WINNT\$SQLUninstallMDAC25SP3-KB927779-x86-ENU$
2008-07-03 21:49:49 0 d-------- C:\Documents and Settings\ComEvo\Application Data\Ventrilo
2008-07-03 21:49:09 0 d-------- C:\Program Files\Ventrilo
2008-07-03 21:48:39 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

-- Find3M Report ---------------------------------------------------------------

2008-07-06 16:49:59 0 d-------- C:\Program Files\Symantec
2008-07-06 16:49:59 0 d-a------ C:\Program Files\Common Files
2008-07-06 04:44:05 0 d-------- C:\Program Files\StarWarsGalaxies
2008-07-05 01:35:37 0 d-------- C:\Program Files\QuickTime
2008-07-03 23:53:40 0 d-------- C:\Program Files\Ares
2008-07-03 23:20:55 0 d-------- C:\Program Files\Hitman Pro
2008-07-03 23:12:41 0 d-------- C:\Documents and Settings\ComEvo\Application Data\Lavasoft

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
07/06/08 05:09p 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [07/06/08 05:09p 2050816]

[-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [11/10/05 01:03p]
"Synchronization Manager"="mobsync.exe" [06/19/03 12:05p C:\WINNT\system32\mobsync.exe]
"LTWinModem1"="ltmsg.exe" [10/28/03 01:00a C:\WINNT\system32\ltmsg.exe]
"HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" [09/15/03 09:00p]
"YBrowser"="C:\Program Files\Yahoo!\browser\ybrwicon.exe" [07/11/03 03:51p]
"SBC Yahoo! Connection Manager"="C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe" [07/14/03 02:55p]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [07/06/08 05:09p]

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\tga.sys]
@="Driver"

*Newly Created Service* - SHAREDACCESS

-- End of Deckard's System Scanner: finished at 2008-07-06 20:14:02 ------------

And the extra.txt.

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows 2000 Professional (build 2195) SP 4.0
Architecture: X86; Language: English

CPU 0: Mobile Intel(R) Pentium(R) III CPU - M 1200MHz
Percentage of Memory in Use: 60%
Physical Memory (total/avail): 255.36 MiB / 101.71 MiB
Pagefile Memory (total/avail): 1001.33 MiB / 801.24 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1957.64 MiB

C: is Fixed (NTFS) - 33.81 GiB total, 14.54 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - FUJITSU MHV2040AH - 37.26 GiB - 1 partition
\PARTITION1 (bootable) - Installable File System - 33.81 GiB - C:

-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\ComEvo\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=COMEVO-7F6E3C46
ComSpec=C:\WINNT\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\ComEvo
LOGONSERVER=\\COMEVO-7F6E3C46
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Os2LibPath=C:\WINNT\system32\os2\dll;
Path=C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\ Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 11 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0b04
ProgramFiles=C:\Program Files
PROMPT=$P$G
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\DOCUME~1\ComEvo\LOCALS~1\Temp
TMP=C:\DOCUME~1\ComEvo\LOCALS~1\Temp
USERDOMAIN=COMEVO-7F6E3C46
USERNAME=ComEvo
USERPROFILE=C:\Documents and Settings\ComEvo
windir=C:\WINNT

-- User Profiles ---------------------------------------------------------------

ComEvo (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> "%49701%\setup50.exe" /APP:OE /UNINSTALL /PROMPT
--> "%49701%\setup50.exe" /APP:WAB /CALLER:IE50 /UNINSTALL /PROMPT
--> "C:\Program Files\SBC Yahoo!\Connection Manager\uninst.exe"
--> "C:\Program Files\SBC Yahoo!\umuninst.exe" /S
--> C:\PROGRA~1\Yahoo!\browser\unyb.exe
--> C:\PROGRA~1\Yahoo!\Common\unwise.exe /S C:\PROGRA~1\Yahoo!\Common\Extras.log
--> C:\PROGRA~1\Yahoo!\Common\unybase.exe
--> C:\PROGRA~1\Yahoo!\Common\unyt.exe
--> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
--> C:\PROGRA~1\Yahoo!\PARENT~1\unypc.exe /S
--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\WINNT\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\yaddbook.dll
--> C:\WINNT\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
--> C:\WINNT\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\MESSEN~1\yhexbmes.dll
2Wire Wireless Client --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}\Setup.exe" -l0x9 -L0x9
Adobe Flash Player 9 ActiveX --> C:\WINNT\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe Shockwave Player --> C:\WINNT\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~1\Install.log
AT&T Yahoo! High Speed Internet Home Networking Installer --> C:\Program Files\2Wire\Uninstaller.exe
ATI Display Driver --> rundll32 C:\WINNT\system32\atiiiexx.dll,_InfEngUnInstallINF File_RunDLL@16 -force_restart -flags:0x2010001 -inf_class

ISPLAY -clean
ATI HYDRAVISION --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe"
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
CAM UnZip 4.4 --> "C:\Program Files\CAM Development\CAM UnZip\Uninstall\unins000.exe"
Canon Camera Support Core Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1033
Canon Camera TWAIN Driver 6.6 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E4E929CE-EF1D-407C-A14B-E1DDEDA8FA0E} /l1033
Canon Camera Window DC_DV 5 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}
Canon Camera Window DC_DV 6 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}
Canon Camera Window DSLR 5 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0A146245-DB79-4197-BF5D-FE1A699A2CC7}
Canon Camera Window MC 6 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}
Canon MovieEdit Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B147DC1B-49B3-4368-8A01-5AD9992CD58D}
Canon PhotoRecord --> MsiExec.exe /X{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}
Canon RAW Image Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}
Canon Utilities PhotoStitch 3.1 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}
Canon ZoomBrowser EX (E) --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
Compact Wireless-G USB Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F855C3AE-992D-4B84-A09D-07103CDCDAC2}\setup.exe" -l0x9
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
HFSLIP Total Slipstream -->
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel(R) PRO Ethernet Adapter and Software --> Prounstl.exe
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
LiveUpdate 1.80 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Lucent Win Modem --> C:\WINNT\system32\ltremove.exe
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB886903) --> "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Update s\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Update s\M886903\M886903Uninstall.msp"
Microsoft .NET Framework 2.0 --> C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Micros oft .NET Framework 2.0\install.exe
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.15) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Messenger 7.0 --> MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}
SBC Yahoo! Applications --> C:\Program Files\SBC Yahoo!\UninstallManager.exe
Security Update for Microsoft .NET Framework 2.0 (KB917283) --> C:\WINNT\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Star Wars Galaxies --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88038160-9BCB-47BE-A5C3-5CE2DC115509}\setup.exe" -l0x9
VB Runtime --> C:\WINNT\system32\UNINSTAL.EXE /A /R C:\WINNT\system32\VBRunTme.LOG
Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\unyext.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type1462 / Error
Event Submitted/Written: 07/06/2008 06:00:14 PM
Event ID/Source: 2001 / rasctrs
Event Description:

Event Record #/Type1461 / Error
Event Submitted/Written: 07/06/2008 06:00:13 PM
Event ID/Source: 2004 / PerfNet
Event Description:
Unable to open the Server service. Server performance data
will not be returned. Error code returned is in data DWORD 0.

Event Record #/Type1460 / Warning
Event Submitted/Written: 07/06/2008 05:59:32 PM
Event ID/Source: 4097 / EventSystem
Event Description:
The COM+ Event System attempted to fire the EventObjectChange::ChangedSubscription event but received a bad return code. HRESULT was 80040201.

Event Record #/Type1459 / Warning
Event Submitted/Written: 07/06/2008 05:59:32 PM
Event ID/Source: 4100 / EventSystem
Event Description:
The COM+ Event System failed to create an instance of the subscriber {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoCreateInstanceEx returned HRESULT 80070422.

Event Record #/Type1457 / Warning
Event Submitted/Written: 07/06/2008 05:58:55 PM
Event ID/Source: 4097 / EventSystem
Event Description:
The COM+ Event System attempted to fire the EventObjectChange::ChangedSubscription event but received a bad return code. HRESULT was 80040201.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type3356 / Error
Event Submitted/Written: 07/06/2008 07:49:51 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1068" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Event Record #/Type3355 / Error
Event Submitted/Written: 07/06/2008 07:49:51 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The Background Intelligent Transfer Service service depends on the System Event Notification service which failed to start because of the following error:
%%1058

Event Record #/Type3354 / Error
Event Submitted/Written: 07/06/2008 07:49:25 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1068" attempting to start the service BITS with arguments ""
in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Event Record #/Type3353 / Error
Event Submitted/Written: 07/06/2008 07:49:25 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The Background Intelligent Transfer Service service depends on the System Event Notification service which failed to start because of the following error:
%%1058

Event Record #/Type3352 / Error
Event Submitted/Written: 07/06/2008 05:59:32 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service SENS with arguments ""
in order to run the server:
{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

-- End of Deckard's System Scanner: finished at 2008-07-06 20:14:02 ------------

amberhasCTDs · 07-07-2008, 02:40 AM

BTW, I have disabled a bit and I m trying to clean this up as much as possible. I play Online games cause I'm a nerd and this isn't too bad for the laptop but I'm trying to make it as good as I can. So, I have abit disabled and have recently deleted a lot of junk I wont be using.

cohen · 07-07-2008, 02:42 AM

Are you still having problems????

amberhasCTDs · 07-07-2008, 02:46 AM

This has been slow since I got, it was used and the RAM is obviously not much. I got AVG today and I just want to make sure it's clean. Right now, it seems ok? For as old as it is. But I'm not sure hwo it is supposed to run...that's why I was asking someone to clarify that is infact ok and I don't have any viruses that I need to get rid of. I haven't used this for well over a year. I'd like to clean it all up now if there is anything rather than wait and add more to it.

cohen · 07-07-2008, 02:51 AM

Well i don't see anything wrong, it an old computer, not used a lot, it will be slow compared to what you have used before.

amberhasCTDs · 07-07-2008, 02:53 AM

Alright, thank you! I appreciate yer time and I'll e enjoying my clean old computer lol!

07-07-2008, 01:57 AM	#1 (permalink)
amberhasCTDs Bronze Member Join Date: Jun 2008 Posts: 27	Alright, different PC now. Hi yall, I was ere recently trying to work on my desktop- but I think the video card has gone to crap so now I am using a horribly old laptop (windows 2000) but I have to have something to get online with for now and this is it. I have deleted everything I know for sure is bad but my knowledge of this stuff is still growing. If you would take a look at my combofix and HJT log I would appreciate it. Just incase I missed something (and I probably did). Due to my knowledge of PCs and also my knowledge of windows 2000. Thanks a ton. amber Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:34:43 PM, on 7/6/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINNT\system32\hidserv.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINNT\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINNT\system32\ltmsg.exe C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe C:\Program Files\Yahoo!\browser\ybrwicon.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\WINNT\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dial R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9 O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe O4 - HKLM\..\Run: [SBC Yahoo! Connection Manager] "C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O24 - Desktop Component 0: (no name) - http://pictures.sprintpcs.com/mmps/0...ut=255,255,255 -- End of file - 5734 bytes ComboFix 08-07-05.1 - ComEvo 07/06/2008 17:25:58.1 - NTFSx86 Running from: C:\Documents and Settings\ComEvo\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\ComEvo\Start Menu\Programs\Outerinfo C:\Documents and Settings\ComEvo\Start Menu\Programs\Outerinfo\Terms.lnk C:\Documents and Settings\ComEvo\Start Menu\Programs\Outerinfo\Uninstall.lnk C:\Program Files\outerinfo C:\Program Files\outerinfo\OinUninstall.exe C:\Program Files\outerinfo\OiUninstaller.exe C:\Program Files\outerinfo\Outerinfo.dll C:\Program Files\outerinfo\Outerinfo.exe C:\Program Files\outerinfo\outerinfo.ico C:\Program Files\outerinfo\Terms.rtf C:\Program Files\winpop C:\temp\iee C:\WINNT\Fonts\acrsec.fon C:\WINNT\Fonts\acrsecB.fon C:\WINNT\Fonts\acrsecI.fon C:\WINNT\smdat32m.sys C:\WINNT\system32\MSINET.oca C:\WINNT\system32\o02PrEz C:\WINNT\Web\default.htt C:\WINNT\wr.txt . ((((((((((((((((((((((((( Files Created from 2008-06-06 to 2008-07-06 ))))))))))))))))))))))))))))))) . 2008-07-06 17:26 . 07/06/08 05:26p 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_258.dat 2008-07-06 17:09 . 07/06/08 05:12p <DIR> d-------- C:\WINNT\system32\drivers\Avg 2008-07-06 17:09 . 07/06/08 05:09p <DIR> d-------- C:\Program Files\AVG 2008-07-06 17:09 . 07/06/08 05:09p <DIR> d-------- C:\Documents and Settings\ComEvo\Application Data\AVGTOOLBAR 2008-07-06 17:09 . 07/06/08 05:09p <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\avg8 2008-07-06 17:09 . 07/06/08 05:09p 96,520 --a------ C:\WINNT\system32\drivers\avgldx86.sys 2008-07-06 17:09 . 07/06/08 05:09p 75,272 --a------ C:\WINNT\system32\drivers\avgtdix.sys 2008-07-06 17:09 . 07/06/08 05:09p 10,520 --a------ C:\WINNT\system32\avgrsstx.dll 2008-07-05 01:33 . 07/05/08 01:33a 54,156 --ah----- C:\WINNT\QTFont.qfn 2008-07-05 01:33 . 07/05/08 01:33a 1,409 --a------ C:\WINNT\QTFont.for 2008-07-03 23:53 . 07/03/08 11:53p <DIR> d-------- C:\Program Files\Adaptec 2008-07-03 23:08 . 07/03/08 11:08p <DIR> d--h-c--- C:\WINNT\$SQLUninstallMDAC25SP3-KB927779-x86-ENU$ 2008-07-03 21:49 . 07/03/08 09:49p <DIR> d-------- C:\Program Files\Ventrilo 2008-07-03 21:49 . 07/03/08 09:50p <DIR> d-------- C:\Documents and Settings\ComEvo\Application Data\Ventrilo 2008-07-03 21:48 . 07/03/08 09:48p <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-07-03 21:47 . 03/26/06 04:23p 19,728 --a------ C:\WINNT\system32\hidserv.exe 2008-07-03 21:47 . 03/26/06 04:23p 19,728 --a--c--- C:\WINNT\system32\dllcache\hidserv.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )) . 2008-07-06 21:49 --------- d-----w C:\Program Files\Symantec 2008-07-06 09:44 --------- d-----w C:\Program Files\StarWarsGalaxies 2008-07-05 06:35 --------- d---a-w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-07-05 06:35 --------- d-----w C:\Program Files\QuickTime 2008-07-04 05:05 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-07-04 04:53 --------- d-----w C:\Program Files\Ares 2008-07-04 04:20 --------- d-----w C:\Program Files\Hitman Pro 2008-07-04 04:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-04 04:12 --------- d-----w C:\Documents and Settings\ComEvo\Application Data\Lavasoft 2006-09-15 19:42 271 ---h--w C:\Program Files\desktop.ini 2006-09-15 19:42 21,952 ---h--w C:\Program Files\folder.htt 2006-03-26 22:27 32,528 ----a-w C:\WINNT\inf\wbfirdma.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [11/10/05 01:03p 36975] "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" [09/15/03 09:00p 270336] "YBrowser"="C:\Program Files\Yahoo!\browser\ybrwicon.exe" [07/11/03 03:51p 57344] "SBC Yahoo! Connection Manager"="C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe" [07/14/03 02:55p 1028096] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [07/06/08 05:09p 1177368] "Synchronization Manager"="mobsync.exe" [06/19/03 12:05p 111376 C:\WINNT\system32\mobsync.exe] "LTWinModem1"="ltmsg.exe" [10/28/03 01:00a 40960 C:\WINNT\system32\ltmsg.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce] "^SetupICWDesktop"="C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe" [06/19/03 12:05p 186640] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"= mmdrv.dll R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINNT\system32\Drivers\avgldx86.sys [07/06/08 05:09p] R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [07/06/08 05:09p] R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [07/06/08 05:09p] R2 AvgTdiX;AVG8 Network Redirector;C:\WINNT\system32\Drivers\avgtdix.sys [07/06/08 05:09p] S3 el575nd5;FE575C-3Com 10/100 LAN CardBus PC Card Driver;C:\WINNT\system32\DRIVERS\el575nd5.sys [08/06/02 06:02p] S3 hitmanpro2;Hitman Pro 2 Driver;C:\Program Files\Hitman Pro\hitmanpro2.sys [] Newly Created Service - CATCHME . - - - - ORPHANS REMOVED - - - - HKLM-Run-PRISMSVR.EXE - C:\WINNT\system32\PRISMSVR.EXE ************************************************ ******************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-06 17:27:52 Windows 5.0.2195 Service Pack 4 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************** ********************** . Completion time: 07/06/2008 17:28:48 ComboFix-quarantined-files.txt 2008-07-06 22:28:42 Pre-Run: 15,535,013,888 bytes free Post-Run: 15,626,514,432 bytes free 106 --- E O F --- 2008-07-04 04:13:27

07-07-2008, 02:13 AM	#2 (permalink)
cohen Diamond Member Join Date: Jan 2008 Location: Melbourne, Australia Age: 14 Posts: 7,011	was the Hijackthis log before or after the combo fix log? __________________ Cohen Now has Windows Vista Home Premium Service Pack ! View My website My Computer Specs My Computer Pics E-mail + MSN Mac vs PC (Has swearing) How design a free website Where are you in the World??? Computer Forum Poll

07-07-2008, 02:26 AM	#4 (permalink)
cohen Diamond Member Join Date: Jan 2008 Location: Melbourne, Australia Age: 14 Posts: 7,011	: Download and Run DSS : Download Deckard's System Scanner (DSS) to your Desktop. You must be logged onto an account with administrator privileges. Close all applications and windows. Double-click on dss.exe to run it, and follow the prompts. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<- this one will be minimized. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt in your reply. __________________ Cohen Now has Windows Vista Home Premium Service Pack ! View My website My Computer Specs My Computer Pics E-mail + MSN Mac vs PC (Has swearing) How design a free website Where are you in the World??? Computer Forum Poll

07-07-2008, 02:36 AM	#5 (permalink)
amberhasCTDs Bronze Member Join Date: Jun 2008 Posts: 27	Here is the DSS Log you requested. Main one first. Deckard's System Scanner v20071014.68 Run by ComEvo on 2008-07-06 20:12:58 Computer is in Normal Mode. -------------------------------------------------------------------------------- Backed up registry hives. Performed disk cleanup. -- HijackThis (run as ComEvo.exe) ---------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:13:31 PM, on 7/6/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINNT\system32\hidserv.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINNT\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINNT\system32\ltmsg.exe C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe C:\Program Files\Yahoo!\browser\ybrwicon.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\WINNT\system32\wuauclt.exe C:\Documents and Settings\ComEvo\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\ComEvo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dial R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9 O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe O4 - HKLM\..\Run: [SBC Yahoo! Connection Manager] "C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O24 - Desktop Component 0: (no name) - http://pictures.sprintpcs.com/mmps/0...ut=255,255,255 -- End of file - 5770 bytes -- File Associations ----------------------------------------------------------- .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\winnt\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9> S3 catchme - c:\combofix\catchme.sys (file missing) S3 hitmanpro2 (Hitman Pro 2 Driver) - c:\program files\hitman pro\hitmanpro2.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- All services whitelisted. -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2008-06-06 and 2008-07-06 ----------------------------- 2008-07-06 19:52:17 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_258.dat 2008-07-06 19:32:57 0 d-------- C:\Program Files\Trend Micro 2008-07-06 17:27:44 53248 --a------ C:\WINNT\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec> 2008-07-06 17:25:18 68096 --a------ C:\WINNT\zip.exe 2008-07-06 17:25:18 49152 --a------ C:\WINNT\VFind.exe 2008-07-06 17:25:18 212480 --a------ C:\WINNT\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists> 2008-07-06 17:25:18 136704 --a------ C:\WINNT\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller> 2008-07-06 17:25:18 161792 --a------ C:\WINNT\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor> 2008-07-06 17:25:18 98816 --a------ C:\WINNT\sed.exe 2008-07-06 17:25:18 80412 --a------ C:\WINNT\grep.exe 2008-07-06 17:25:18 89504 --a------ C:\WINNT\fdsv.exe <Not Verified; Smallfrogs Studio; > 2008-07-06 17:09:33 0 d-------- C:\WINNT\system32\drivers\Avg 2008-07-06 17:09:32 0 d-------- C:\Documents and Settings\ComEvo\Application Data\AVGTOOLBAR 2008-07-06 17:09:17 0 d-------- C:\Program Files\AVG 2008-07-06 17:09:17 0 d-a------ C:\Documents and Settings\All Users\Application Data\avg8 2008-07-05 01:35:40 0 d-a------ C:\WINNT\system32\appmgmt 2008-07-03 23:53:51 0 d-------- C:\Program Files\Adaptec 2008-07-03 23:08:38 0 d--h---c- C:\WINNT\$SQLUninstallMDAC25SP3-KB927779-x86-ENU$ 2008-07-03 21:49:49 0 d-------- C:\Documents and Settings\ComEvo\Application Data\Ventrilo 2008-07-03 21:49:09 0 d-------- C:\Program Files\Ventrilo 2008-07-03 21:48:39 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard -- Find3M Report --------------------------------------------------------------- 2008-07-06 16:49:59 0 d-------- C:\Program Files\Symantec 2008-07-06 16:49:59 0 d-a------ C:\Program Files\Common Files 2008-07-06 04:44:05 0 d-------- C:\Program Files\StarWarsGalaxies 2008-07-05 01:35:37 0 d-------- C:\Program Files\QuickTime 2008-07-03 23:53:40 0 d-------- C:\Program Files\Ares 2008-07-03 23:20:55 0 d-------- C:\Program Files\Hitman Pro 2008-07-03 23:12:41 0 d-------- C:\Documents and Settings\ComEvo\Application Data\Lavasoft -- Registry Dump --------------------------------------------------------------- Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] 07/06/08 05:09p 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [07/06/08 05:09p 2050816] [-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}] [HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [11/10/05 01:03p] "Synchronization Manager"="mobsync.exe" [06/19/03 12:05p C:\WINNT\system32\mobsync.exe] "LTWinModem1"="ltmsg.exe" [10/28/03 01:00a C:\WINNT\system32\ltmsg.exe] "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" [09/15/03 09:00p] "YBrowser"="C:\Program Files\Yahoo!\browser\ybrwicon.exe" [07/11/03 03:51p] "SBC Yahoo! Connection Manager"="C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe" [07/14/03 02:55p] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [07/06/08 05:09p] [HKEY_USERS\.default\software\microsoft\windows\cur rentversion\runonce] "^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system] "DisableRegistryTools"=0 (0x0) "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sglfb.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\tga.sys] @="Driver" Newly Created Service - SHAREDACCESS -- End of Deckard's System Scanner: finished at 2008-07-06 20:14:02 ------------ And the extra.txt. Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows 2000 Professional (build 2195) SP 4.0 Architecture: X86; Language: English CPU 0: Mobile Intel(R) Pentium(R) III CPU - M 1200MHz Percentage of Memory in Use: 60% Physical Memory (total/avail): 255.36 MiB / 101.71 MiB Pagefile Memory (total/avail): 1001.33 MiB / 801.24 MiB Virtual Memory (total/avail): 2047.88 MiB / 1957.64 MiB C: is Fixed (NTFS) - 33.81 GiB total, 14.54 GiB free. D: is CDROM (No Media) \\.\PHYSICALDRIVE0 - FUJITSU MHV2040AH - 37.26 GiB - 1 partition \PARTITION1 (bootable) - Installable File System - 33.81 GiB - C: -- Security Center ------------------------------------------------------------- AUOptions is set to notify before download. -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\ComEvo\Application Data CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=COMEVO-7F6E3C46 ComSpec=C:\WINNT\system32\cmd.exe HOMEDRIVE=C: HOMEPATH=\Documents and Settings\ComEvo LOGONSERVER=\\COMEVO-7F6E3C46 NUMBER_OF_PROCESSORS=1 OS=Windows_NT Os2LibPath=C:\WINNT\system32\os2\dll; Path=C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\ Wbem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 11 Stepping 4, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0b04 ProgramFiles=C:\Program Files PROMPT=$P$G SystemDrive=C: SystemRoot=C:\WINNT TEMP=C:\DOCUME~1\ComEvo\LOCALS~1\Temp TMP=C:\DOCUME~1\ComEvo\LOCALS~1\Temp USERDOMAIN=COMEVO-7F6E3C46 USERNAME=ComEvo USERPROFILE=C:\Documents and Settings\ComEvo windir=C:\WINNT -- User Profiles --------------------------------------------------------------- ComEvo (admin) -- Add/Remove Programs --------------------------------------------------------- --> "%49701%\setup50.exe" /APP:OE /UNINSTALL /PROMPT --> "%49701%\setup50.exe" /APP:WAB /CALLER:IE50 /UNINSTALL /PROMPT --> "C:\Program Files\SBC Yahoo!\Connection Manager\uninst.exe" --> "C:\Program Files\SBC Yahoo!\umuninst.exe" /S --> C:\PROGRA~1\Yahoo!\browser\unyb.exe --> C:\PROGRA~1\Yahoo!\Common\unwise.exe /S C:\PROGRA~1\Yahoo!\Common\Extras.log --> C:\PROGRA~1\Yahoo!\Common\unybase.exe --> C:\PROGRA~1\Yahoo!\Common\unyt.exe --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG --> C:\PROGRA~1\Yahoo!\PARENT~1\unypc.exe /S --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER --> C:\WINNT\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\yaddbook.dll --> C:\WINNT\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll --> C:\WINNT\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\MESSEN~1\yhexbmes.dll 2Wire Wireless Client --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}\Setup.exe" -l0x9 -L0x9 Adobe Flash Player 9 ActiveX --> C:\WINNT\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001} Adobe Shockwave Player --> C:\WINNT\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~1\Install.log AT&T Yahoo! High Speed Internet Home Networking Installer --> C:\Program Files\2Wire\Uninstaller.exe ATI Display Driver --> rundll32 C:\WINNT\system32\atiiiexx.dll,_InfEngUnInstallINF File_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean ATI HYDRAVISION --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe" AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL CAM UnZip 4.4 --> "C:\Program Files\CAM Development\CAM UnZip\Uninstall\unins000.exe" Canon Camera Support Core Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1033 Canon Camera TWAIN Driver 6.6 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E4E929CE-EF1D-407C-A14B-E1DDEDA8FA0E} /l1033 Canon Camera Window DC_DV 5 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F} Canon Camera Window DC_DV 6 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D} Canon Camera Window DSLR 5 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0A146245-DB79-4197-BF5D-FE1A699A2CC7} Canon Camera Window MC 6 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D} Canon MovieEdit Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B147DC1B-49B3-4368-8A01-5AD9992CD58D} Canon PhotoRecord --> MsiExec.exe /X{BBBC2B89-E193-4348-A83C-C8DD8210A4AC} Canon RAW Image Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4} Canon Utilities PhotoStitch 3.1 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6} Canon ZoomBrowser EX (E) --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2} Compact Wireless-G USB Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F855C3AE-992D-4B84-A09D-07103CDCDAC2}\setup.exe" -l0x9 DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN HFSLIP Total Slipstream --> HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Intel(R) PRO Ethernet Adapter and Software --> Prounstl.exe J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} LiveUpdate 1.80 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U Lucent Win Modem --> C:\WINNT\system32\ltremove.exe Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1 Hotfix (KB886903) --> "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Update s\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Update s\M886903\M886903Uninstall.msp" Microsoft .NET Framework 2.0 --> C:\WINNT\Microsoft.NET\Framework\v2.0.50727\Micros oft .NET Framework 2.0\install.exe Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (2.0.0.15) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN Messenger 7.0 --> MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600820} SBC Yahoo! Applications --> C:\Program Files\SBC Yahoo!\UninstallManager.exe Security Update for Microsoft .NET Framework 2.0 (KB917283) --> C:\WINNT\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Star Wars Galaxies --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88038160-9BCB-47BE-A5C3-5CE2DC115509}\setup.exe" -l0x9 VB Runtime --> C:\WINNT\system32\UNINSTAL.EXE /A /R C:\WINNT\system32\VBRunTme.LOG Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F} Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\unyext.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type1462 / Error Event Submitted/Written: 07/06/2008 06:00:14 PM Event ID/Source: 2001 / rasctrs Event Description: Event Record #/Type1461 / Error Event Submitted/Written: 07/06/2008 06:00:13 PM Event ID/Source: 2004 / PerfNet Event Description: Unable to open the Server service. Server performance data will not be returned. Error code returned is in data DWORD 0. Event Record #/Type1460 / Warning Event Submitted/Written: 07/06/2008 05:59:32 PM Event ID/Source: 4097 / EventSystem Event Description: The COM+ Event System attempted to fire the EventObjectChange::ChangedSubscription event but received a bad return code. HRESULT was 80040201. Event Record #/Type1459 / Warning Event Submitted/Written: 07/06/2008 05:59:32 PM Event ID/Source: 4100 / EventSystem Event Description: The COM+ Event System failed to create an instance of the subscriber {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoCreateInstanceEx returned HRESULT 80070422. Event Record #/Type1457 / Warning Event Submitted/Written: 07/06/2008 05:58:55 PM Event ID/Source: 4097 / EventSystem Event Description: The COM+ Event System attempted to fire the EventObjectChange::ChangedSubscription event but received a bad return code. HRESULT was 80040201. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type3356 / Error Event Submitted/Written: 07/06/2008 07:49:51 PM Event ID/Source: 10005 / DCOM Event Description: DCOM got error "%%1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} Event Record #/Type3355 / Error Event Submitted/Written: 07/06/2008 07:49:51 PM Event ID/Source: 7001 / Service Control Manager Event Description: The Background Intelligent Transfer Service service depends on the System Event Notification service which failed to start because of the following error: %%1058 Event Record #/Type3354 / Error Event Submitted/Written: 07/06/2008 07:49:25 PM Event ID/Source: 10005 / DCOM Event Description: DCOM got error "%%1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} Event Record #/Type3353 / Error Event Submitted/Written: 07/06/2008 07:49:25 PM Event ID/Source: 7001 / Service Control Manager Event Description: The Background Intelligent Transfer Service service depends on the System Event Notification service which failed to start because of the following error: %%1058 Event Record #/Type3352 / Error Event Submitted/Written: 07/06/2008 05:59:32 PM Event ID/Source: 10005 / DCOM Event Description: DCOM got error "%%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} -- End of Deckard's System Scanner: finished at 2008-07-06 20:14:02 ------------

07-07-2008, 02:42 AM	#7 (permalink)
cohen Diamond Member Join Date: Jan 2008 Location: Melbourne, Australia Age: 14 Posts: 7,011	Are you still having problems???? __________________ Cohen Now has Windows Vista Home Premium Service Pack ! View My website My Computer Specs My Computer Pics E-mail + MSN Mac vs PC (Has swearing) How design a free website Where are you in the World??? Computer Forum Poll

07-07-2008, 02:18 AM	#3 (permalink)
amberhasCTDs Bronze Member Join Date: Jun 2008 Posts: 27	The HJT Log was after the combofix it just got posted first because I had it up at the time since I'd just ran it. Sorry about the confusion.

07-07-2008, 02:40 AM	#6 (permalink)
amberhasCTDs Bronze Member Join Date: Jun 2008 Posts: 27	BTW, I have disabled a bit and I m trying to clean this up as much as possible. I play Online games cause I'm a nerd and this isn't too bad for the laptop but I'm trying to make it as good as I can. So, I have abit disabled and have recently deleted a lot of junk I wont be using.

07-07-2008, 02:46 AM	#8 (permalink)
amberhasCTDs Bronze Member Join Date: Jun 2008 Posts: 27	This has been slow since I got, it was used and the RAM is obviously not much. I got AVG today and I just want to make sure it's clean. Right now, it seems ok? For as old as it is. But I'm not sure hwo it is supposed to run...that's why I was asking someone to clarify that is infact ok and I don't have any viruses that I need to get rid of. I haven't used this for well over a year. I'd like to clean it all up now if there is anything rather than wait and add more to it.

07-07-2008, 02:51 AM	#9 (permalink)
cohen Diamond Member Join Date: Jan 2008 Location: Melbourne, Australia Age: 14 Posts: 7,011	Well i don't see anything wrong, it an old computer, not used a lot, it will be slow compared to what you have used before. __________________ Cohen Now has Windows Vista Home Premium Service Pack ! View My website My Computer Specs My Computer Pics E-mail + MSN Mac vs PC (Has swearing) How design a free website Where are you in the World??? Computer Forum Poll

07-07-2008, 02:53 AM	#10 (permalink)
amberhasCTDs Bronze Member Join Date: Jun 2008 Posts: 27	Alright, thank you! I appreciate yer time and I'll e enjoying my clean old computer lol!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
is this computer alright? I need a PSU (power supply unit)	jasonxman	Desktop Computers	2	02-26-2007 01:54 AM
Alright, final draft..	Luchman	Desktop Computers	5	11-23-2006 04:06 AM
Alright Good Gaming Computer???	z_x71	Desktop Computers	11	01-30-2006 09:46 PM
Alright, I AM FED UP WITH THIS!	Darkomen	Desktop Computers	45	10-18-2005 09:20 AM
Alright.. found the card(s) i'm getting..	XGamer360	Video Cards and Monitors	16	08-13-2005 02:20 AM