regedit.exe and webcam problems

[bluestar]

I bought a new web camera and went to download the software. I can see myself on the test clip they include on Skype, but it will not let me save settings or let the other person see me. It keeps giving me this message:

"C:\WINDOWS\regedit.exe cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."

For some time now, I have also not been able to access my add/remove programs either. I don't know if that has anything to do with it. How do I get this camera to work? Peace.


Hijack log:
Logfile of HijackThis v1.99.1
Scan saved at 11:54:58 PM, on 6/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0006)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\LimeWire\LimeWire.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp_adb.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=552...cid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)

[guestolo]

How do I get this camera to work

A little more info on Exact make and model of camera would be nice

Do you have Administrative privileges on your account on this computer?
Are you the only user on this computer?

Also, I want to check on something
Download this file - Combofix.exe and save it ONLY to your desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Post the log from Combofix

[bluestar]

My apologies, lol. The camera is a Logitech QuickCam Communicate STX.
Here is the combofix file:


Owner - 07-06-10 18:41:02.57    Service Pack 2
ComboFix 06.09.28 - Running from: "C:\Documents and Settings\Owner\Desktop"

(((((((((((((((((((((((((((((((   Files Created from 2007-05-10 to 2007-06-10  ))))))))))))))))))))))))))))))))))
 

2007-06-09   22:46   85,376   --a------   C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-06-09   22:46   5,504   --a------   C:\WINDOWS\system32\drivers\MSTEE.sys
2007-06-09   22:46   19,328   --a------   C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-06-09   22:46   17,024   --a------   C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-06-09   22:46   15,360   --a------   C:\WINDOWS\system32\drivers\StreamIP.sys
2007-06-09   22:46   11,136   --a------   C:\WINDOWS\system32\drivers\SLIP.sys
2007-06-09   22:46   10,880   --a------   C:\WINDOWS\system32\drivers\NdisIP.sys
2007-06-09   22:45   59,264   --a------   C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-06-09   22:45   53,760   --a------   C:\WINDOWS\system32\vfwwdm32.dll
2007-06-09   22:45   31,616   --a------   C:\WINDOWS\system32\drivers\usbccgp.sys
2007-06-09   22:43   490,272   --a------   C:\WINDOWS\system32\LVUI2.dll
2007-06-09   22:43   465,696   --a------   C:\WINDOWS\system32\LVUI2RC.dll
2007-06-09   22:43   416,544   --a------   C:\WINDOWS\system32\LVCodec2.dll
2007-06-09   22:43   41,888   --a------   C:\WINDOWS\system32\drivers\LVUSBSta.sys
2007-06-09   22:43   195,360   --a------   C:\WINDOWS\system32\lvci1100.dll
2007-06-09   22:43   15,558   --a------   C:\WINDOWS\system32\Repository.reg
2007-06-09   22:43   14,112   --a------   C:\WINDOWS\system32\drivers\lv302af.sys
2007-06-09   22:43   1,276,832   --a------   C:\WINDOWS\system32\drivers\LV302V32.SYS
2007-05-17   10:25   323,624   --a------   C:\WINDOWS\system32\wiaaut.dll
2007-05-11   17:30   25,888   --a------   C:\WINDOWS\system32\drivers\LVPr2Mon.sys
2007-05-11   17:29   2,142,752   --a------   C:\WINDOWS\system32\drivers\LVMVdrv.sys
2007-05-11   17:27   2,107,808   --a------   C:\WINDOWS\system32\drivers\Lvckap.sys
 

((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-06-10 18:21   --------   d--------   C:\Documents and Settings\Owner\Application Data\Skype
2007-06-10 13:22   --------   d--------   C:\Program Files\Mozilla Firefox
2007-06-09 23:54   --------   d--------   C:\Program Files\HijackThis
2007-06-09 22:45   --------   d--------   C:\Program Files\Common Files\LogiShrd
2007-06-09 22:43   --------   d---s----   C:\Documents and Settings\Owner\Application Data\Microsoft
2007-06-09 22:42   --------   d--------   C:\Program Files\Common Files\InstallShield
2007-06-09 22:40   --------   d--------   C:\Program Files\Logitech
2007-06-09 22:40   --------   d--------   C:\Program Files\Common Files
2007-06-03 03:50   --------   d--------   C:\Program Files\Skype
2007-06-03 03:50   --------   d--------   C:\Program Files\Common Files\Skype
2007-04-16 22:47   33624   --a------   C:\WINDOWS\system32\wups.dll
2007-04-16 22:45   92504   --a------   C:\WINDOWS\system32\cdm.dll
2007-04-16 22:45   549720   --a------   C:\WINDOWS\system32\wuapi.dll
2007-04-16 22:45   53080   --a------   C:\WINDOWS\system32\wuauclt.exe
2007-04-16 22:45   43352   --a------   C:\WINDOWS\system32\wups2.dll
2007-04-16 22:45   325976   --a------   C:\WINDOWS\system32\wucltui.dll
2007-04-16 22:45   203096   --a------   C:\WINDOWS\system32\wuweb.dll
2007-04-16 22:45   1710936   --a------   C:\WINDOWS\system32\wuaueng.dll
 

((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
*Note* empty entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe\" -quiet"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\"  -osboot"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"CARPService"="carpserv.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"LogitechQuickCamRibbon"="\"C:\\Program Files\\Logitech\\QuickCam10\\QuickCam10.exe\" /hide"
"LogitechCommunicationsManager"="\"C:\\Program Files\\Common Files\\LogiShrd\\LComMgr\\Communications_Helper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
  00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
  ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,23,00,00,00,7c,00,00,00,72,00,\
  00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ  msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

 
Completion time: Sun 06/10/2007 18:43:08.67
ComboFix.txt
ComboFix2.txt

[guestolo]

Where did you get that version of Combofix?
Can you delete your version and follow my instructions from my previous reply

[bluestar]

[quote name=\'guestolo\' post=\'338888\' date=\'Jun 10 2007, 08:17 PM\']Where did you get that version of Combofix?
Can you delete your version and follow my instructions from my previous reply[/quote]

ComboFix 07-06-11.3
"Owner" - 2007-06-11  2:25:54 - Service Pack 2  NTFS  


(((((((((((((((((((((((((   Files Created from 2007-05-11 to 2007-06-11  )))))))))))))))))))))))))))))))


2007-06-11 02:25   49,152   --a------   C:\WINDOWS\nircmd.exe
2007-06-09 22:46   85,376   --a------   C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-06-09 22:46   5,504   --a------   C:\WINDOWS\system32\drivers\MSTEE.sys
2007-06-09 22:46   19,328   --a------   C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-06-09 22:46   17,024   --a------   C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-06-09 22:46   15,360   --a------   C:\WINDOWS\system32\drivers\StreamIP.sys
2007-06-09 22:46   11,136   --a------   C:\WINDOWS\system32\drivers\SLIP.sys
2007-06-09 22:46   10,880   --a------   C:\WINDOWS\system32\drivers\NdisIP.sys
2007-06-09 22:45   59,264   --a------   C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-06-09 22:45   53,760   --a------   C:\WINDOWS\system32\vfwwdm32.dll
2007-06-09 22:45   31,616   --a------   C:\WINDOWS\system32\drivers\usbccgp.sys
2007-06-09 22:43   490,272   --a------   C:\WINDOWS\system32\LVUI2.dll
2007-06-09 22:43   465,696   --a------   C:\WINDOWS\system32\LVUI2RC.dll
2007-06-09 22:43   416,544   --a------   C:\WINDOWS\system32\LVCodec2.dll
2007-06-09 22:43   41,888   --a------   C:\WINDOWS\system32\drivers\LVUSBSta.sys
2007-06-09 22:43   195,360   --a------   C:\WINDOWS\system32\lvci1100.dll
2007-06-09 22:43   15,558   --a------   C:\WINDOWS\system32\Repository.reg
2007-06-09 22:43   14,112   --a------   C:\WINDOWS\system32\drivers\lv302af.sys
2007-06-09 22:43   1,276,832   --a------   C:\WINDOWS\system32\drivers\LV302V32.SYS
2007-06-09 22:40   <DIR>   d--------   C:\Program Files\Logitech
2007-06-09 22:40   <DIR>   d--------   C:\Program Files\Common Files\LogiShrd
2007-06-09 22:40   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
2007-06-09 22:38   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
2007-06-03 03:51   <DIR>   d--------   C:\DOCUME~1\Owner\APPLIC~1\Skype
2007-06-03 03:50   <DIR>   d--------   C:\Program Files\Skype
2007-06-03 03:50   <DIR>   d--------   C:\Program Files\Common Files\Skype
2007-06-03 03:49   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
2007-05-17 10:25   323,624   --a------   C:\WINDOWS\system32\wiaaut.dll
2007-05-11 17:30   25,888   --a------   C:\WINDOWS\system32\drivers\LVPr2Mon.sys
2007-05-11 17:29   2,142,752   --a------   C:\WINDOWS\system32\drivers\LVMVdrv.sys
2007-05-11 17:27   2,107,808   --a------   C:\WINDOWS\system32\drivers\Lvckap.sys


((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-10 02:42:29   --------   d-----w   C:\Program Files\Common Files\InstallShield
2007-04-17 02:47:36   33,624   ----a-w   C:\WINDOWS\system32\wups.dll
2007-04-17 02:45:54   1,710,936   ----a-w   C:\WINDOWS\system32\wuaueng.dll
2007-04-17 02:45:48   549,720   ----a-w   C:\WINDOWS\system32\wuapi.dll
2007-04-17 02:45:42   325,976   ----a-w   C:\WINDOWS\system32\wucltui.dll
2007-04-17 02:45:36   203,096   ----a-w   C:\WINDOWS\system32\wuweb.dll
2007-04-17 02:45:28   92,504   ----a-w   C:\WINDOWS\system32\cdm.dll
2007-04-17 02:45:20   53,080   ----a-w   C:\WINDOWS\system32\wuauclt.exe
2007-04-17 02:45:20   43,352   ----a-w   C:\WINDOWS\system32\wups2.dll


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
 
 
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 00:12]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}=C:\Program Files\Yahoo!\Common\yiesrvc.dll [2005-05-26 11:38]
{65D886A2-7CA7-479B-BB95-14D1EFB7946A}=C:\Program Files\Yahoo!\Common\YIeTagBm.dll [2005-01-24 09:55]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll [2006-09-07 16:06]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar2.dll [2006-02-14 21:05]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-04-10 01:22]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-05 16:25]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-05 16:24]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 11:54]
"CARPService"="carpserv.exe" [2003-11-08 04:00 C:\WINDOWS\system32\carpserv.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-05-15 22:00]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" [2006-09-07 15:51]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 20:05]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-05-17 10:53]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-17 10:52]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\ypager.exe" [2005-08-19 19:34]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-05-28 14:52]


**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-11 02:31:33
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

  cmd.exe [7508]


scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-11  2:33:03
C:\ComboFix2.txt ... 2007-06-10 18:43
C:\ComboFix3.txt ... 2006-09-30 01:13

   --- E O F ---

[guestolo]

Can I double check I couple things please

Post the following
Download GMER from here:
http://www.majorgeeks.com/GMER_d5198.html

Choose save to disk rather than open at the download prompt

Unzip it to desktop.

Open the program and click on the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, apart from ‘Show All’.
Click on Scan.
When the scan has run click Copy and paste the results (if any) into this thread.

Also
Download and save too your desktop
[color=\"#FF0000\"]fsbl.exe[/color]
(F-Secure Blacklight)

Double click to run fsbl.exe
    * Accept the user agreement.
    * Click Scan.
    * After the scan finishes, click on Next, then Exit.
Do not rename any files if found by blacklight, I need to see the log

BlackLight will create a log on your desktop with the name "fsbl-xxxxxxx.log".
Post this log also

[bluestar]

GMER 1.0.12.12244 - http://www.gmer.net
Rootkit scan 2007-06-12 04:12:50
Windows 5.1.2600 Service Pack 2


---- Kernel code sections - GMER 1.0.12 ----

?  C:\WINDOWS\System32\DRIVERS\update.sys  

---- EOF - GMER 1.0.12 ----




06/12/07 02:02:00 [Info]: BlackLight Engine 1.0.61 initialized
06/12/07 02:02:00 [Info]: OS: 5.1 build 2600 (Service Pack 2)
06/12/07 02:02:00 [Note]: 7019 4
06/12/07 02:02:00 [Note]: 7005 0
06/12/07 02:02:03 [Note]: 7006 0
06/12/07 02:02:03 [Note]: 7011 1700
06/12/07 02:02:04 [Note]: 7026 0
06/12/07 02:02:04 [Note]: 7026 0
06/12/07 02:02:11 [Note]: FSRAW library version 1.7.1021
06/12/07 02:33:02 [Note]: 7007 0

[guestolo]

What problems are you still experiencing
Do you have other users on this computer?

Can you log into another account and see if the same problem occurs
If you have no other users
Try the following
If your running XP Pro
1.   Log on as the Administrator or as a user with administrator credentials.
2.   Click Start, and then click Control Panel.
3.   Click User Accounts.
4.   Click the Advanced tab, and then click Advanced.
5.   In the left pane, click the Users folder.
6.   On the Action menu, click New User.
7.   Enter the appropriate user information, and then click Create.

If your running XP HOME
Create a New User Profile in Windows XP Home Edition
1.   Log on as the Administrator or as a user with administrator credentials.
2.   Click Start, and then click Control Panel.
3.   Click User Accounts.
4.   Under Pick a task, click Create a new account.
5.   Type a name for the user information, and then click Next.
6.   Click an account type, and then click Create Account.

Sign in with that new account
Let me know if you have the same problems with IE please

[bluestar]

I can enter everything else under the Control Panel except that. When I click on the icon, I get the sandtimer like it's opening, but then it never does.

Also, the other thing that does not work under Control Panel is under add/remove programs. It is a blank screen under "Change and Remove Programs". Everything else under the Add/Remove link I can access.


The regedit.exe message seems to have gone away (perhaps the blacklight or gmer...?) And the camera works on Yahoo Messenger as I've had a friend verify. But still, these other problems remain.












[quote name=\'guestolo\' post=\'340007\' date=\'Jun 12 2007, 07:44 PM\']What problems are you still experiencing
Do you have other users on this computer?

Can you log into another account and see if the same problem occurs
If you have no other users
Try the following
If your running XP Pro
1.   Log on as the Administrator or as a user with administrator credentials.
2.   Click Start, and then click Control Panel.
3.   Click User Accounts.
4.   Click the Advanced tab, and then click Advanced.
5.   In the left pane, click the Users folder.
6.   On the Action menu, click New User.
7.   Enter the appropriate user information, and then click Create.

If your running XP HOME
Create a New User Profile in Windows XP Home Edition
1.   Log on as the Administrator or as a user with administrator credentials.
2.   Click Start, and then click Control Panel.
3.   Click User Accounts.
4.   Under Pick a task, click Create a new account.
5.   Type a name for the user information, and then click Next.
6.   Click an account type, and then click Create Account.

Sign in with that new account
Let me know if you have the same problems with IE please[/quote]

[guestolo]

Can you reboot to safe mode and sign in with the Administrator account
Can you then create a new user?