Page 1 of 2 12 LastLast
Results 1 to 10 of 17
  1. #1
    Member
    Join Date
    Dec 2008
    Posts
    95
    Points
    1

    Default My kids computer has a bug

    Hi my kids downloaded a virus that I am having problems getting rid of. I am currently running virus scan, malwarebytes and Super Anti Spy as soon as that is done (its slow) I will try to connect to the internet. I will run HiJackthis too. Here is the LSP files :

    LSP fix files.jpg

  2. #2
    Member MrDarn's Avatar
    Join Date
    Jul 2007
    Location
    South East Northumberland
    Posts
    2,949
    Points
    557

    Default

    Is this the same computer you had the previous problem with?

    what made you run LSP fix?

    What virus do you think it was?

    Awaiting your logs

  3. #3
    Member
    Join Date
    Dec 2008
    Posts
    95
    Points
    1

    Default

    At first I couldn't connect to the internet but now I can. I could not run the online scanner on the panda site either it the system crashed at 29% Here is my new hijackthis log:Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:16:11 PM, on 3/28/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\pctspk.exe
    C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
    C:\WINDOWS\system32\svchost.exe
    c:\WINDOWS\system32\ZuneBusEnum.exe
    C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
    C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Pure Networks\Network Magic\nmapp.exe
    C:\Program Files\Zune\ZuneLauncher.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\TRENDnet\TRENDnet TEW-421PC_TEW-423PI\WlanCU.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
    O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O4 - Global Startup: Wireless Configuration Utility HW.15.lnk = C:\Program Files\TRENDnet\TRENDnet TEW-421PC_TEW-423PI\WlanCU.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?6f4e8282db0d437ea1a70fcc57126334
    O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?6f4e8282db0d437ea1a70fcc57126334
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1177709840424
    O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
    O20 - AppInit_DLLs: ttlozt.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
    O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: Check Point SecuRemote Service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
    O23 - Service: Check Point SecuRemote WatchDog (SR_WatchDog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe

    --
    End of file - 7330 bytes

  4. #4
    Member MrDarn's Avatar
    Join Date
    Jul 2007
    Location
    South East Northumberland
    Posts
    2,949
    Points
    557

    Default

    Quote Originally Posted by MrDarn View Post
    Is this the same computer you had the previous problem with?

    what made you run LSP fix?

    What virus do you think it was?
    Please also answer the above whilst we await advice from the spyware guys.

    It would help to post any of the other logs too, ie malwarebytes.

  5. #5
    Member
    Join Date
    Dec 2008
    Posts
    95
    Points
    1

    Default Kid's computer

    At first I couldn't connect to the internet (that's why I ran LSP fix) but now I can.No this is not the same computer I had previous problems with. I do not recall the name of the virus. I can't get to the malwarebytes logs because house call is running (very slow too showing 5 hours to complete). I only have 256mb of Ram on that machine and can't really afford an upgrade right now. As soon as i can get malwarebytes to run I will send you the logs.

  6. #6
    Member
    Join Date
    Dec 2008
    Posts
    95
    Points
    1

    Default

    Here is the malwarebytes log

    Malwarebytes' Anti-Malware 1.34
    Database version: 1749
    Windows 5.1.2600 Service Pack 3

    3/28/2008 1:45:06 PM
    mbam-log-2008-03-28 (13-45-06).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 100568
    Time elapsed: 1 hour(s), 29 minute(s), 34 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 1
    Registry Values Infected: 0
    Registry Data Items Infected: 1
    Folders Infected: 0
    Files Infected: 24

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\WINDOWS\system32\ccahofgx.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\xgfohacc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Kay Lund\Local Settings\Temporary Internet Files\Content.IE5\OKY6OWIS\upd105320[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Kay Lund\Local Settings\Temporary Internet Files\Content.IE5\OKY6OWIS\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP405\A0157891.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP405\A0157897.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP405\A0157898.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP405\A0157899.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP405\A0157900.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP405\A0157901.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP405\A0157902.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP405\A0157903.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP405\A0157904.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP405\A0157905.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{B5625463-2B77-4B68-B29D-E21A791A5FCC}\RP407\A0162930.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\fcvklk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\gnwemjqb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qdhiyjkr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\rmjlwxnr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\rusomiyf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hqqxyz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lypvdgid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ibqtqa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\xeoxnf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

  7. #7
    Moderator Forum Moderator arraknid's Avatar
    Join Date
    Dec 2006
    Location
    France
    Posts
    6,151
    Points
    1293
    Blog Entries
    4

    Default

    One of the Spyware guys will comment on the log, but you can see that it cleared out a lot! How is the machine running now?

    You really need to upgrade that memory. 256mb is way too low for XP - especially with so many background processes running (designated 04 in your HJT log). In fact, it's a wonder it's running at all!

    You should consider trimming them down. The more you have, the longer the machine takes to complete its startup and you are also using RAM unnecessarily.

    First, download StartupLite by MalwareBytes to your Desktop.
    • Doubleclick StartupLite.exe to launch the program.
    • Ensure the Disable box is checked.
    • Click Continue.
    • A pop up message will tell you the unecessary startup items in your list have been disabled and ask you to restart your computer.
    • Re-start your computer.


    Now run HiJackThis again and see how many 04 entries are left.

    Next, go here SystemLookup - Startup List >, highlight the .exe file on each 04 entry and Copy (one by one) & Paste into the white box and click the search button (magnifying glass). The next window will tell you what the .exe does. If there is a Y, leave the entry, if U you must decide if you need that utility at your finger tips 'right now' or instead, check the box off and shut the .exe down .. this does not delete the program, instead, all you have to do if you want to access it is either go to Start > All Programs or click on a shortcut on your desktop (not in the tray at the bottom right next to the time) Entries for Printers, Graphic/photo programs and programs like MS Office do not need to be running. There is also an N for not needed, check the box on these. If noted as an X or ? leave alone and an expert will tell you how to handle them. In HJT, after you've checked the box next to the ones you want stopped, click the Fix Checked button and reboot the machine.

    Download CCleaner and run it with its default settings (do not use the included Registry Cleaner as most reg cleaners cause more problems than they fix).

    Note: When looking up these entries, you may encounter multiple definitions. Look at the beginning of the 04 line and you'll note the name, usually in brackets [ ], you need to match this up with the definition under the Name column.

    NOTE: Do not delete antivirus or firewall programs (you should only have one antivirus program running). Leave mouse pad entries if using a laptop.

  8. #8
    Moderator Forum Moderator evilfantasy's Avatar
    Join Date
    Jan 2008
    Location
    Tulsa, OK
    Posts
    4,670
    Points
    673

    Default

    Download from DDS by sUBs and save it to your Desktop. Alternate DDS download link

    Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

    * XP users Double click on dds to run it.
    * If your antivirus or forewall try to block DDS then please allow it to run.
    * When finished DDS will open two (2) logs:

    1) DDS.txt
    2) Attach.txt

    * Save both logs to your desktop.
    * Please include the entire contents of both logs in your next reply.

    Note: DDS will instruct you to post the Attach.txt log as an attachment.
    Please just post it as you would any other log by copy and pasting it into the reply.
    .


    Our help here is always free but it does cost money to keep the site running. If you feel we've helped you, Please Donate to the Forum

  9. #9
    Member
    Join Date
    Dec 2008
    Posts
    95
    Points
    1

    Default Pesky virus

    This is the pesky virus I have ever seen. It is still present I can't even use the online scanners on panda or house call because they just freeze. I looked for the ram today but I have to order from online old pc 100 dimm. Anyways guys thanks for your help. Here is the first log from DDS by sUBs:


    DDS (Ver_09-03-16.01) - NTFSx86
    Run by Kay Lund at 6:59:42.38 on Sat 03/29/2008
    Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_01
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.248.36 [GMT -7:00]

    AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\pctspk.exe
    C:\Program Files\CheckPoint\SecuRemote\bin\SR_WatchDog.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    c:\WINDOWS\system32\ZuneBusEnum.exe
    C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\TRENDnet\TRENDnet TEW-421PC_TEW-423PI\WlanCU.exe
    C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\Kay Lund\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    mDefault_Search_URL = hxxp://www.google.com/ie
    uInternet Connection Wizard,ShellNext = iexplore
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    BHO: 1 (0x1) - No File
    TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\trendnet\trendnet tew-421pc_tew-423pi\WlanCU.exe
    IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
    IE: Add to Windows &Live Favorites - Add to Windows Live Favorites
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Open in new background tab - c:\program files\windows live toolbar\components\en-us\msntabres.dll.mui/229?6f4e8282db0d437ea1a70fcc57126334
    IE: Open in new foreground tab - c:\program files\windows live toolbar\components\en-us\msntabres.dll.mui/230?6f4e8282db0d437ea1a70fcc57126334
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177709840424
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\puresp3.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
    Notify: ckpNotify - ckpNotify.dll
    AppInit_DLLs: ttlozt.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    LSA: Authentication Packages = msv1_0 c:\windows\system32\opnlKEtq

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\kaylun~1\applic~1\mozilla\firefox\profiles\anyusebw.default\
    FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll

    ---- FIREFOX POLICIES ----

    pref(dom.disable_open_during_load, true);
    ============= SERVICES / DRIVERS ===============

    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-3-28 28544]
    R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2000-1-30 11840]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-12-4 8944]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-4 55024]
    R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2000-1-30 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2000-1-30 151297]
    R2 Scap;SecureClient Application Policy Module;c:\windows\system32\drivers\scap.sys [2007-4-27 17456]
    R2 VPN-1;VPN-1 Module;c:\windows\system32\drivers\vpn.sys [2007-4-27 670128]
    R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
    R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2000-1-30 52032]
    R3 FW1;SecuRemote Miniport;c:\windows\system32\drivers\fw.sys [2007-4-27 2041904]
    R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-12-4 7408]
    R3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [2002-10-2 13532]
    S3 OMVA;VPN-1 SecureClient Adapter;c:\windows\system32\drivers\OMVA.sys [2007-4-27 14924]

    =============== Created Last 30 ================

    2008-03-29 06:47 <DIR> --d-h--- c:\windows\PIF
    2008-03-28 23:23 138,384 a------- c:\windows\system32\drivers\tmcomm.sys
    2008-03-28 23:22 <DIR> --d----- c:\docume~1\kaylun~1\applic~1\HouseCall 6.6
    2008-03-28 15:10 28,544 a------- c:\windows\system32\drivers\pavboot.sys
    2008-03-28 14:17 <DIR> --d----- c:\program files\Trend Micro
    2008-03-28 11:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
    2008-03-28 11:16 <DIR> --d----- c:\program files\SUPERAntiSpyware
    2008-03-28 11:16 <DIR> --d----- c:\docume~1\kaylun~1\applic~1\SUPERAntiSpyware.com
    2008-03-28 11:12 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
    2008-03-28 11:11 <DIR> --d----- c:\docume~1\kaylun~1\applic~1\Malwarebytes
    2008-03-28 11:11 15,504 a------- c:\windows\system32\drivers\mbam.sys
    2008-03-28 11:11 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
    2008-03-28 11:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2008-03-28 11:11 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
    2008-03-28 11:06 <DIR> --d----- c:\program files\SpywareBlaster
    2008-03-28 11:05 <DIR> --d----- c:\program files\CCleaner
    2008-03-28 11:04 <DIR> --d----- c:\program files\Panda Security
    2008-03-28 09:38 552 a------- c:\windows\system32\d3d8caps.dat
    2008-03-27 16:27 35,040 a------- c:\windows\system32\drivers\wdfldr.sys
    2008-03-27 16:27 503,008 a------- c:\windows\system32\drivers\wdf01000.sys

    ==================== Find3M ====================

    2008-03-21 13:57 14,640 a------- c:\windows\system32\spmsgXP_2k3.dll
    2008-01-25 07:39 406,317 a--sh--- c:\windows\system32\qtEKlnpo.ini2
    2008-01-24 06:16 123,904 a------- c:\windows\system32\kustnw.dll
    2008-01-24 06:16 123,904 a------- c:\windows\system32\cefhxlaa.dll
    2008-01-22 06:09 123,904 a------- c:\windows\system32\qityer.dll
    2008-01-22 06:09 123,904 a------- c:\windows\system32\pvggaimq.dll

    ============= FINISH: 7:00:20.91 ===============

  10. #10
    Member
    Join Date
    Dec 2008
    Posts
    95
    Points
    1

    Default

    And her is the second log:


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-03-16.01)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 4/27/2007 10:24:49 AM
    System Uptime: 3/29/2008 6:28:02 AM (1 hours ago)

    Motherboard: Compaq | | 0708h
    Processor: AMD Athlon(tm) Processor | U12A | 1001/100mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 37 GiB total, 28.829 GiB free.
    D: is CDROM ()
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
    Description: PS/2 Compatible Mouse
    Device ID: ACPI\PNP0F13\4&2EEFE43E&0
    Manufacturer: Microsoft
    Name: PS/2 Compatible Mouse
    PNP Device ID: ACPI\PNP0F13\4&2EEFE43E&0
    Service: i8042prt

    Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
    Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
    Device ID: ACPI\PNP0303\4&2EEFE43E&0
    Manufacturer: (Standard keyboards)
    Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
    PNP Device ID: ACPI\PNP0303\4&2EEFE43E&0
    Service: i8042prt

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: VPN-1 SecureClient Adapter
    Device ID: ROOT\NET\0000
    Manufacturer: Check Point
    Name: VPN-1 SecureClient Adapter
    PNP Device ID: ROOT\NET\0000
    Service: OMVA

    ==== System Restore Points ===================

    RP318: 1/7/2008 9:26:12 AM - Software Distribution Service 3.0
    RP319: 1/7/2008 9:26:13 AM - System Checkpoint
    RP320: 1/7/2008 9:26:16 AM - System Checkpoint
    RP321: 1/7/2008 9:26:17 AM - System Checkpoint
    RP322: 1/7/2008 9:26:19 AM - System Checkpoint
    RP323: 1/7/2008 9:26:21 AM - System Checkpoint
    RP324: 1/7/2008 9:26:22 AM - System Checkpoint
    RP325: 1/7/2008 9:26:22 AM - System Checkpoint
    RP326: 1/7/2008 9:26:24 AM - Software Distribution Service 3.0
    RP327: 1/7/2008 9:26:29 AM - Software Distribution Service 3.0
    RP328: 1/7/2008 9:26:30 AM - System Checkpoint
    RP329: 1/7/2008 9:26:31 AM - System Checkpoint
    RP330: 1/7/2008 9:26:33 AM - System Checkpoint
    RP331: 1/7/2008 9:26:33 AM - Software Distribution Service 3.0
    RP332: 1/7/2008 9:26:34 AM - System Checkpoint
    RP333: 1/7/2008 9:26:35 AM - System Checkpoint
    RP334: 1/7/2008 9:26:35 AM - System Checkpoint
    RP335: 1/7/2008 9:26:36 AM - System Checkpoint
    RP336: 1/7/2008 9:26:38 AM - System Checkpoint
    RP337: 1/7/2008 9:26:39 AM - System Checkpoint
    RP338: 1/7/2008 9:26:40 AM - System Checkpoint
    RP339: 1/7/2008 9:26:41 AM - System Checkpoint
    RP340: 1/7/2008 9:26:42 AM - Software Distribution Service 3.0
    RP341: 1/7/2008 9:26:43 AM - System Checkpoint
    RP342: 1/7/2008 9:26:44 AM - Software Distribution Service 3.0
    RP343: 1/7/2008 9:26:45 AM - Software Distribution Service 3.0
    RP344: 1/7/2008 9:26:45 AM - Software Distribution Service 3.0
    RP345: 1/7/2008 9:26:46 AM - System Checkpoint
    RP346: 1/7/2008 9:26:47 AM - System Checkpoint
    RP347: 1/7/2008 9:26:48 AM - Software Distribution Service 3.0
    RP348: 1/7/2008 9:26:48 AM - System Checkpoint
    RP349: 1/7/2008 9:26:49 AM - Software Distribution Service 3.0
    RP350: 1/7/2008 9:26:49 AM - System Checkpoint
    RP351: 1/7/2008 9:26:50 AM - System Checkpoint
    RP352: 1/7/2008 9:26:50 AM - System Checkpoint
    RP353: 1/7/2008 9:26:51 AM - System Checkpoint
    RP354: 1/7/2008 9:26:52 AM - Software Distribution Service 3.0
    RP355: 1/7/2008 9:26:53 AM - System Checkpoint
    RP356: 1/7/2008 9:26:53 AM - Software Distribution Service 3.0
    RP357: 1/7/2008 9:26:55 AM - System Checkpoint
    RP358: 1/7/2008 9:26:57 AM - System Checkpoint
    RP359: 1/7/2008 9:26:59 AM - Software Distribution Service 3.0
    RP360: 1/7/2008 9:27:00 AM - System Checkpoint
    RP361: 1/7/2008 9:27:01 AM - System Checkpoint
    RP362: 1/7/2008 9:27:02 AM - Software Distribution Service 3.0
    RP363: 1/7/2008 9:27:02 AM - System Checkpoint
    RP364: 1/7/2008 9:27:03 AM - System Checkpoint
    RP365: 1/7/2008 9:27:06 AM - System Checkpoint
    RP366: 1/7/2008 9:27:06 AM - System Checkpoint
    RP367: 1/7/2008 9:27:07 AM - System Checkpoint
    RP368: 1/7/2008 9:27:08 AM - System Checkpoint
    RP369: 1/7/2008 9:27:08 AM - Software Distribution Service 3.0
    RP370: 1/7/2008 9:27:08 AM - System Checkpoint
    RP371: 1/7/2008 9:27:09 AM - System Checkpoint
    RP372: 1/7/2008 9:27:09 AM - Software Distribution Service 3.0
    RP373: 1/7/2008 9:27:10 AM - Software Distribution Service 3.0
    RP374: 1/7/2008 9:27:10 AM - Software Distribution Service 3.0
    RP375: 1/7/2008 9:27:11 AM - Software Distribution Service 3.0
    RP376: 1/7/2008 9:27:12 AM - Software Distribution Service 3.0
    RP377: 1/7/2008 9:27:12 AM - Software Distribution Service 3.0
    RP378: 1/7/2008 9:27:13 AM - Software Distribution Service 3.0
    RP379: 1/7/2008 9:27:14 AM - Software Distribution Service 3.0
    RP380: 1/7/2008 9:27:15 AM - System Checkpoint
    RP381: 1/7/2008 9:27:15 AM - System Checkpoint
    RP382: 1/7/2008 9:27:16 AM - System Checkpoint
    RP383: 1/7/2008 9:27:16 AM - System Checkpoint
    RP384: 1/7/2008 9:27:16 AM - System Checkpoint
    RP385: 1/7/2008 9:27:17 AM - Avira AntiVir Personal - 1/30/2000 8:08
    RP386: 1/7/2008 9:27:17 AM - Removed McAfee VirusScan Enterprise
    RP387: 1/7/2008 9:27:18 AM - Software Distribution Service 3.0
    RP388: 1/7/2008 9:27:19 AM - Software Distribution Service 3.0
    RP389: 1/7/2008 9:27:20 AM - System Checkpoint
    RP390: 1/7/2008 9:27:21 AM - Configured TRENDnet TEW-421PC or TEW-423PI
    RP391: 1/7/2008 9:27:21 AM - Restore Operation
    RP392: 1/7/2008 9:27:22 AM - Removed SSH Secure Shell
    RP393: 1/7/2008 9:28:14 AM - Last known good configuration
    RP394: 1/8/2008 10:11:22 AM - System Checkpoint
    RP395: 1/9/2008 10:15:30 AM - System Checkpoint
    RP396: 1/10/2008 10:22:07 AM - System Checkpoint
    RP397: 1/11/2008 11:01:32 AM - System Checkpoint
    RP398: 1/12/2008 12:01:32 PM - System Checkpoint
    RP399: 1/13/2008 1:01:37 PM - System Checkpoint
    RP400: 1/14/2008 4:44:47 PM - System Checkpoint
    RP401: 1/15/2008 5:01:44 PM - System Checkpoint
    RP402: 1/17/2008 7:33:59 AM - System Checkpoint
    RP403: 1/18/2008 9:09:02 AM - System Checkpoint
    RP404: 1/19/2008 11:10:32 AM - System Checkpoint
    RP405: 1/23/2008 6:50:20 PM - System Checkpoint
    RP406: 2/27/2008 8:49:56 AM - System Checkpoint
    RP407: 3/27/2008 7:23:14 PM - System Checkpoint
    RP408: 3/28/2008 11:15:56 AM - Installed SUPERAntiSpyware Free Edition

    ==== Installed Programs ======================

    Actiontec Gateway
    Adobe Reader 8.1.2
    Adobe Shockwave Player
    Apple Software Update
    AutoUpdate
    Avira AntiVir Personal - Free Antivirus
    BitTorrent
    CCleaner (remove only)
    DIGOpt
    DivX
    DNA
    Form Fill (Windows Live Toolbar)
    Google Toolbar for Internet Explorer
    HijackThis 2.0.2
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows XP (KB952287)
    HouseCall 6.6
    iTunes
    J2SE Runtime Environment 5.0 Update 6
    Java(TM) SE Runtime Environment 6 Update 1
    Macromedia Flash Player 8
    Macromedia Flash Player 8 Plugin
    Malwarebytes' Anti-Malware
    Map Button (Windows Live Toolbar)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft .NET Framework 2.0 Service Pack 1
    Microsoft Application Error Reporting
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft Office Outlook Connector
    Microsoft Office Professional Edition 2003
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Mozilla Firefox (3.0.5)
    MSN
    Network Magic
    OneCare Advisor (Windows Live Toolbar)
    Panda ActiveScan 2.0
    Popup Blocker (Windows Live Toolbar)
    QuickConnect
    QuickTime
    Qwest eChat Support Tools
    Rhapsody Player Engine
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB917734)
    Security Update for Windows Media Player 9 (KB936782)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953838)
    Security Update for Windows XP (KB953839)
    SpywareBlaster 4.1
    SUPERAntiSpyware Free Edition
    Tabbed Browsing (Windows Live Toolbar)
    TRENDnet TEW-421PC or TEW-423PI
    Tweak UI
    Update for Windows XP (KB951072-v2)
    WebFldrs XP
    Windows Defender
    Windows Driver Package - Pure Networks Address Resolution Protocol (ARP) Driver (11/09/2006 4.0.6313.0)
    Windows Driver Package - Pure Networks NDIS Relay Protocol Driver (11/09/2006 4.0.6313.0)
    Windows Genuine Advantage Notifications (KB905474)
    Windows Live Favorites for Windows Live Toolbar
    Windows Live installer
    Windows Live Messenger
    Windows Live Outlook Toolbar (Windows Live Toolbar)
    Windows Live Sign-in Assistant
    Windows Live Toolbar
    Windows Live Toolbar Extension (Windows Live Toolbar)
    Windows Live Toolbar Feed Detector (Windows Live Toolbar)
    Windows Media Format 11 runtime
    Windows XP Service Pack 3
    WinRAR archiver
    WinZip
    Zune
    Zune Language Pack (ES)
    Zune Language Pack (FR)

    ==== Event Viewer Messages From Past Week ========

    9/7/2008 12:57:23 PM, error: System Error [1003] - Error code 00000077, parameter1 c000000e, parameter2 c000000e, parameter3 00000000, parameter4 05f6e000.
    9/7/2008 12:50:36 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Check Point SecuRemote Service service to connect.
    9/7/2008 8:48:32 AM, error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s).
    9/7/2008 8:22:43 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
    9/7/2008 8:22:37 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    9/7/2008 8:22:36 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
    9/7/2008 8:19:11 AM, error: Service Control Manager [7000] - The Pure Networks Network Magic Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    9/7/2008 8:19:10 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Pure Networks Network Magic Service service to connect.
    9/3/2008 2:16:33 PM, error: FW1 [1] - FW1: -->secon
    9/3/2008 2:16:33 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 32 -->
    9/3/2008 2:16:33 PM, error: FW1 [1] - FW1: ndis_allocate_packet: Cannot allocate new packets
    9/3/2008 2:16:19 PM, error: FW1 [1] - FW1: FW-1: lost 294 debug messages
    9/3/2008 2:15:09 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 52 -->
    9/3/2008 2:15:08 PM, error: FW1 [1] - FW1: FW-1: lost 52 debug messages
    9/3/2008 1:24:50 PM, error: Service Control Manager [7000] - The McAfee McShield service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    9/3/2008 1:24:44 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee McShield service to connect.
    9/3/2008 1:24:21 PM, error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 4 time(s).
    9/3/2008 12:57:19 PM, error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 3 time(s).
    9/3/2008 12:51:16 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 46 -->
    9/3/2008 12:51:14 PM, error: FW1 [1] - FW1: FW-1: lost 154 debug messages
    9/3/2008 12:46:56 PM, error: FW1 [1] - FW1: -->econ
    9/3/2008 12:46:56 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 6 s-->
    9/3/2008 12:28:20 PM, error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s).
    9/1/2008 2:53:06 PM, error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 10 time(s).
    9/1/2008 12:22:00 PM, error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 9 time(s).
    9/1/2008 10:27:39 AM, error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 8 time(s).
    9/1/2008 8:58:45 AM, error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 7 time(s).
    8/31/2008 10:32:56 PM, error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 6 time(s).
    8/31/2008 8:06:11 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 51 -->
    8/31/2008 7:28:00 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 3 s-->
    8/31/2008 7:27:46 PM, error: FW1 [1] - FW1: FW-1: lost 96 debug messages
    8/31/2008 7:26:33 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 30 -->
    8/31/2008 7:26:27 PM, error: FW1 [1] - FW1: FW-1: lost 187 debug messages
    8/31/2008 7:26:00 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 2 s-->
    8/31/2008 7:25:58 PM, error: FW1 [1] - FW1: FW-1: lost 443 debug messages
    8/31/2008 6:51:45 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 33 -->
    8/31/2008 6:51:30 PM, error: FW1 [1] - FW1: FW-1: lost 348 debug messages
    8/31/2008 6:47:27 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 43 -->
    8/31/2008 6:47:17 PM, error: FW1 [1] - FW1: FW-1: lost 360 debug messages
    8/31/2008 6:46:39 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 22 -->
    8/31/2008 6:46:38 PM, error: FW1 [1] - FW1: FW-1: lost 295 debug messages
    8/31/2008 4:42:01 PM, error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 5 time(s).
    8/31/2008 2:40:41 PM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 21 -->
    8/30/2008 10:38:41 PM, error: Service Control Manager [7022] - The McAfee McShield service hung on starting.
    8/30/2008 8:33:21 PM, error: Service Control Manager [7000] - The Zune Bus Enumerator service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/30/2008 8:33:20 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Zune Bus Enumerator service to connect.
    8/30/2008 2:32:39 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .
    8/30/2008 2:32:39 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2.
    8/30/2008 2:32:39 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.
    8/30/2008 2:32:38 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .
    8/30/2008 2:32:37 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2.
    8/30/2008 2:32:36 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.
    8/30/2008 12:06:37 PM, error: FW1 [1] - FW1: -->clock change.
    8/30/2008 12:06:37 PM, error: FW1 [1] - FW1: FW-1: last packet seen -3 seconds ago, assuming -->
    8/30/2008 12:05:57 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
    8/30/2008 12:05:56 PM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/30/2008 12:05:56 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
    8/24/2008 9:54:40 PM, error: FW1 [1] - FW1: FW-1: lost 168 debug messages
    8/24/2008 9:52:48 PM, error: FW1 [1] - FW1: FW-1: lost 176 debug messages
    8/24/2008 8:21:01 PM, error: FW1 [1] - FW1: FW-1: lost 281 debug messages
    8/24/2008 1:54:12 AM, error: FW1 [1] - FW1: FW-1: lost 40 debug messages
    8/24/2008 1:51:51 AM, error: FW1 [1] - FW1: FW-1: lost 221 debug messages
    8/23/2008 8:53:05 AM, error: FW1 [1] - FW1: FW-1: lost 185 debug messages
    8/23/2008 8:52:09 AM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 58 -->
    8/23/2008 8:52:00 AM, error: FW1 [1] - FW1: FW-1: lost 78 debug messages
    8/23/2008 8:51:23 AM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 39 -->
    8/23/2008 8:51:07 AM, error: FW1 [1] - FW1: FW-1: lost 229 debug messages
    8/23/2008 8:49:07 AM, error: FW1 [1] - FW1: FW-1: lost 237 debug messages
    8/23/2008 8:47:07 AM, error: FW1 [1] - FW1: FW-1: lost 254 debug messages
    8/23/2008 8:44:47 AM, error: FW1 [1] - FW1: FW-1: lost 194 debug messages
    8/23/2008 8:43:31 AM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 37 -->
    9/11/2008 11:25:02 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
    9/11/2008 11:25:02 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    9/12/2008 8:27:14 PM, error: Service Control Manager [7022] - The Pure Networks Network Magic Service service hung on starting.
    9/13/2008 2:14:42 AM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 19 -->
    9/13/2008 2:15:00 AM, error: FW1 [1] - FW1: FW-1: lost 258 debug messages
    9/13/2008 2:15:02 AM, error: FW1 [1] - FW1: n FW-1: stopping debug messages for the next 60 -->
    9/13/2008 2:56:58 AM, error: FW1 [1] - FW1: FW-1: lost 378 debug messages
    9/13/2008 2:57:00 AM, error: FW1 [1] - FW1: FW-1: lost 46 debug messages
    9/22/2008 6:27:30 PM, error: System Error [1003] - Error code 00000077, parameter1 c000000e, parameter2 c000000e, parameter3 00000000, parameter4 006c0000.
    9/27/2008 11:04:59 AM, error: System Error [1003] - Error code 00000077, parameter1 c000000e, parameter2 c000000e, parameter3 00000000, parameter4 0272a000.
    10/1/2008 9:18:10 AM, error: Dhcp [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 0014D13BE50D has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
    10/1/2008 9:33:22 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Installer service to connect.
    10/1/2008 9:33:23 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    10/1/2008 9:33:24 AM, error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/1/2008 9:35:22 AM, error: System Error [1003] - Error code 00000077, parameter1 c000000e, parameter2 c000000e, parameter3 00000000, parameter4 0d49c000.
    10/5/2008 12:21:36 PM, error: System Error [1003] - Error code 0000007a, parameter1 c03853bc, parameter2 c000000e, parameter3 e14ef6d8, parameter4 04e49880.
    10/5/2008 12:22:13 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Image Acquisition (WIA) service to connect.
    10/5/2008 12:22:13 PM, error: Service Control Manager [7000] - The Windows Image Acquisition (WIA) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/9/2008 12:19:59 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
    10/9/2008 12:23:12 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the ImapiService service.
    10/31/2008 10:48:21 AM, error: FW1 [1] - FW1: FW-1: last packet seen -13 seconds ago, assuming-->
    10/31/2008 10:48:21 AM, error: FW1 [1] - FW1: --> clock change.
    10/31/2008 10:53:45 AM, error: Service Control Manager [7023] - The Security Center service terminated with the following error: %%16389
    11/2/2008 10:15:22 PM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
    11/2/2008 10:35:54 PM, error: SideBySide [59] - Generate Activation Context failed for C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL. Reference error message: Error Message is unavailable .
    11/2/2008 10:35:55 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Windows Live Toolbar\CB.dll. Reference error message: Error Message is unavailable .
    11/2/2008 10:39:19 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Windows Live Toolbar\mtbres.dll. Reference error message: The operation completed successfully. .
    11/2/2008 10:40:17 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\WindowsShell.Manifest. Reference error message: Error Message is unavailable .
    11/2/2008 10:46:21 PM, error: Service Control Manager [7034] - The McAfee Framework Service service terminated unexpectedly. It has done this 1 time(s).
    11/2/2008 10:46:57 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Windows Live Toolbar\mtbres.dll. Reference error message: Error Message is unavailable .
    11/2/2008 10:53:56 PM, error: DCOM [10000] - Unable to start a DCOM Server: {F81CD990-910B-4BBF-9CB3-6A77F3D697B3}. The error: "%1455" Happened while starting this command: C:\Program Files\Windows Live\Messenger\msnmsgr.exe -Embedding
    11/3/2008 2:43:27 AM, error: WinDefend [2001] - Windows Defender has encountered an error trying to update signatures. New Signature Version: 1.45.1246.0 Previous Signature Version: 1.45.124.0 Update Source: User Signature Type: AntiSpyware Update Type: Delta User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.4005.0 Previous Engine Version: 1.1.4005.0 Error code: 0x80508007 Error description: Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
    11/3/2008 2:45:51 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.45.1246.0).
    11/3/2008 10:58:20 PM, error: WinDefend [2003] - Windows Defender has encountered an error trying to update the engine. New Engine Version: 1.1.4005.0 Previous Engine Version: 1.1.4005.0 Update Source: User User: NT AUTHORITY\SYSTEM Error Code: 0x80508007 Error description: Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
    11/3/2008 10:58:21 PM, error: WinDefend [2001] - Windows Defender has encountered an error trying to update signatures. New Signature Version: 1.45.1246.0 Previous Signature Version: 1.45.124.0 Update Source: User Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.4005.0 Previous Engine Version: 1.1.4005.0 Error code: 0x80508007 Error description: Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
    11/4/2008 2:54:03 AM, error: WinDefend [2003] - Windows Defender has encountered an error trying to update the engine. New Engine Version: 1.1.4005.0 Previous Engine Version: 1.1.4005.0 Update Source: User User: NT AUTHORITY\SYSTEM Error Code: 0x80508007 Error description: Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
    11/4/2008 2:54:03 AM, error: WinDefend [2001] - Windows Defender has encountered an error trying to update signatures. New Signature Version: 1.45.1246.0 Previous Signature Version: 1.45.124.0 Update Source: User Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.4005.0 Previous Engine Version: 1.1.4005.0 Error code: 0x80508007 Error description: Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
    11/4/2008 11:08:45 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.45.1403.0).
    11/5/2008 11:07:15 PM, error: WinDefend [2003] - Windows Defender has encountered an error trying to update the engine. New Engine Version: 1.1.4005.0 Previous Engine Version: 1.1.4005.0 Update Source: User User: NT AUTHORITY\SYSTEM Error Code: 0x80508007 Error description: Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
    11/5/2008 11:07:17 PM, error: WinDefend [2001] - Windows Defender has encountered an error trying to update signatures. New Signature Version: 1.45.1403.0 Previous Signature Version: 1.45.124.0 Update Source: User Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.4005.0 Previous Engine Version: 1.1.4005.0 Error code: 0x80508007 Error description: Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
    11/6/2008 3:04:29 AM, error: WinDefend [2003] - Windows Defender has encountered an error trying to update the engine. New Engine Version: 1.1.4005.0 Previous Engine Version: 1.1.4005.0 Update Source: User User: NT AUTHORITY\SYSTEM Error Code: 0x8050800c Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
    11/6/2008 3:04:30 AM, error: WinDefend [2001] - Windows Defender has encountered an error trying to update signatures. New Signature Version: 1.45.1403.0 Previous Signature Version: 1.45.124.0 Update Source: User Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.4005.0 Previous Engine Version: 1.1.4005.0 Error code: 0x8050800c Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
    11/7/2008 3:27:25 AM, error: WinDefend [2003] - Windows Defender has encountered an error trying to update the engine. New Engine Version: 1.1.4104.0 Previous Engine Version: 1.1.4005.0 Update Source: User User: NT AUTHORITY\SYSTEM Error Code: 0x80508007 Error description: Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
    11/7/2008 3:27:27 AM, error: WinDefend [2001] - Windows Defender has encountered an error trying to update signatures. New Signature Version: 1.47.15.0 Previous Signature Version: 1.45.124.0 Update Source: User Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.4104.0 Previous Engine Version: 1.1.4005.0 Error code: 0x80508007 Error description: Your computer is low on memory. Close some programs and try again, or search Help and Support for information about preventing low memory problems.
    11/7/2008 3:33:07 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.47.15.0).
    11/8/2008 3:40:59 AM, error: WinDefend [2003] - Windows Defender has encountered an error trying to update the engine. New Engine Version: 1.1.4104.0 Previous Engine Version: 1.1.4005.0 Update Source: User User: NT AUTHORITY\SYSTEM Error Code: 0x8050800c Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
    11/8/2008 3:41:04 AM, error: WinDefend [2001] - Windows Defender has encountered an error trying to update signatures. New Signature Version: 1.47.15.0 Previous Signature Version: 1.45.124.0 Update Source: User Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.4104.0 Previous Engine Version: 1.1.4005.0 Error code: 0x8050800c Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

    ==== End Of File ===========================

Page 1 of 2 12 LastLast