BTW, I ran through the steps listed for malware removal at majorgeeks.com the other day, this seemed to fix a lot of things but I know I am still infected. I followed these steps to the letter but I only posted to this forum.
here is the link to the steps I followed.
http://forums.majorgeeks.com/showthread.php?t=139313Last night my antivirus alerted me to the following...
The Win32/VundoCryptorA!Generic was detected in C:\WINDOWS\SYSTEM32\MQIJPA.DLL.
Machine: DEVELOP5, User: NT AUTHORITY\NETWORK SERVICE.
File Status: Infected
The Win32/VundoCryptorA!Generic was detected in C:\WINDOWS\SYSTEM32\MQIJPA.DLL.
Machine: DEVELOP5, User: NT AUTHORITY\NETWORK SERVICE.
File Status: Infected
Thank you very much for the help, here are the logs you requested.
## MAIN ##
Deckard's System Scanner v20071014.68
Run by adam on 2008-08-08 16:23:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2008-08-08 20:24:17 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as adam.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:26:09 PM, on 8/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\Program Files\hpq\Shared\hpqwmi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\adam\Desktop\Malware Removal\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\adam.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: login2NetDrives.bat
O4 - Startup: Shortcut to TimeSheet.xls.lnk = C:\Documents and Settings\adam\Desktop\Work\Time Sheets\TimeSheet.xls
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) -
http://www.linkedin.com/cab/LinkedInCon ... ontrol.cabO16 - DPF: {CD7B38E2-0F03-4F55-876A-988716849438} (eFiling.ctleFile) -
http://www.brookbridgeinc.com/planet/co ... Filing.CABO16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) -
https://w1.webex.com/client/T26L10NSP49 ... eatgpc.cabO20 - AppInit_DLLs: eiplug.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\hpq\Shared\hpqwmi.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
--
End of file - 7458 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080801-133045-388 O4 - HKLM\..\Run: [BMc70ab94e] Rundll32.exe "C:\WINDOWS\system32\ptelytow.dll",s
backup-20080801-133649-486 O4 - HKCU\..\Run: [BMc70ab94e] Rundll32.exe "C:\WINDOWS\system32\ptelytow.dll",s
backup-20080801-141403-718 O4 - HKLM\..\Run: [BMc70ab94e] Rundll32.exe "C:\WINDOWS\system32\kdxirkuv.dll",s
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 INO_FLPY - c:\windows\system32\drivers\ino_flpy.sys <Not Verified; Computer Associates; CA eTrust eTrust Antivirus/InoculateIT version 7.X/6.X/4.X>
R2 INO_FLTR - c:\windows\system32\drivers\ino_fltr.sys <Not Verified; Computer Associates; CA eTrust Antivirus/InoculateIT version 7.X/6.X>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 InoRPC (eTrust Antivirus RPC Server) - "c:\program files\ca\etrust antivirus\inorpc.exe" <Not Verified; Computer Associates International, Inc.; eTrust Antivirus>
R2 InoRT (eTrust Antivirus Realtime Server) - "c:\program files\ca\etrust antivirus\inort.exe" <Not Verified; Computer Associates International, Inc.; eTrust Antivirus>
R2 InoTask (eTrust Antivirus Job Server) - "c:\program files\ca\etrust antivirus\inotask.exe" <Not Verified; Computer Associates International, Inc.; eTrust Antivirus>
R3 hpqwmi (HP WMI Interface) - c:\program files\hpq\shared\hpqwmi.exe <Not Verified; Hewlett-Packard Development Company, L.P.; hpqwmi Module>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
-- Files created between 2008-07-08 and 2008-08-08 -----------------------------
2008-08-08 15:24:55 51304 --a------ C:\WINDOWS\system32\drivers\atnt40k.sys
2008-08-08 15:24:29 202823 --a------ C:\WINDOWS\system32\atasnt40.dll <Not Verified; WebEx Communications, Inc; WebEx Application Sharing>
2008-08-01 19:31:51 11254 --a------ C:\WINDOWS\system32\locate.com
2008-08-01 19:31:20 0 d-------- C:\MGtools
2008-08-01 19:28:58 1266317 --a------ C:\MGtools.exe
2008-08-01 19:14:25 0 d-------- C:\cmdcons
2008-08-01 19:13:23 68096 --a------ C:\WINDOWS\zip.exe
2008-08-01 19:13:23 49152 --a------ C:\WINDOWS\VFind.exe
2008-08-01 19:13:23 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-08-01 19:13:23 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-08-01 19:13:23 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-08-01 19:13:23 98816 --a------ C:\WINDOWS\sed.exe
2008-08-01 19:13:23 80412 --a------ C:\WINDOWS\grep.exe
2008-08-01 19:13:23 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-08-01 18:02:12 0 d-------- C:\Documents and Settings\adam\Application Data\Malwarebytes
2008-08-01 18:02:09 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-01 18:02:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-01 16:34:25 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-08-01 16:33:55 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-08-01 16:33:55 0 d-------- C:\Documents and Settings\adam\Application Data\SUPERAntiSpyware.com
2008-08-01 16:07:01 0 d-------- C:\WINDOWS\pss
2008-07-31 22:13:05 0 d-------- C:\Program Files\Trend Micro
2008-07-31 21:31:34 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-31 13:46:46 0 d-------- C:\Program Files\SpywareBlaster
2008-07-30 18:37:49 64864 --a------ C:\WINDOWS\system32\saryvvciimyl.exe
2008-07-30 18:37:08 0 d-------- C:\WINDOWS\system32\kBin19
2008-07-30 18:37:07 0 d-------- C:\Temp
2008-07-29 15:32:46 0 d-------- C:\getservice
-- Find3M Report ---------------------------------------------------------------
2008-08-08 15:25:07 0 d-------- C:\Documents and Settings\adam\Application Data\webex
2008-08-01 19:15:37 0 d-------- C:\Program Files\Common Files
2008-08-01 16:32:56 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-31 12:31:39 0 d-------- C:\Documents and Settings\adam\Application Data\Adobe
2008-07-30 13:00:30 157 --a------ C:\Program Files\INSTALL.LOG
2008-07-07 10:59:13 0 d-------- C:\Program Files\Citrix
2008-06-29 00:03:50 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-29 00:03:48 0 d-------- C:\Documents and Settings\adam\Application Data\Mozilla
2008-06-23 12:56:23 0 d-------- C:\Program Files\Exportizer
2008-06-12 13:05:53 0 d-------- C:\Program Files\MSECache
2008-06-09 16:21:34 0 d-------- C:\Program Files\TechSmith
2008-06-04 11:07:24 45056 --a------ C:\WINDOWS\NCUNINST.EXE <Not Verified; Northern Codeworks; Uninstall>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [11/06/2006 11:58 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [09/15/2007 03:27 AM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [01/13/2007 10:47 AM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [01/13/2007 10:47 AM]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [01/13/2007 10:46 AM]
"Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [04/06/2004 05:14 PM]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [12/08/2004 10:36 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [12/03/2007 04:14 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [11/15/2007 12:43 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [09/15/2007 03:29 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0\bin\jusched.exe" [04/02/2008 11:04 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/28/2006 08:00 AM]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [11/13/2006 01:39 PM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [05/28/2008 10:33 AM]
C:\Documents and Settings\adam\Start Menu\Programs\Startup\
login2NetDrives.bat [3/26/2008 6:47:06 PM]
Shortcut to TimeSheet.xls.lnk - C:\Documents and Settings\adam\Desktop\Work\Time Sheets\TimeSheet.xls [4/26/2008 10:38:13 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [4/22/2008 9:22:42 PM]
Clean Access Agent.lnk - C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe [12/7/2007 6:12:50 PM]
VPN Client.lnk - C:\WINDOWS\Installer\{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}\Icon3E5562ED7.ico [11/30/2007 12:13:07 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/13/2008 10:13 AM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=eiplug.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\LaunchU3.exe -a
-- End of Deckard's System Scanner: finished at 2008-08-08 16:26:32 ------------
## EXTRA ##
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Genuine Intel(R) CPU T2080 @ 1.73GHz
CPU 1: Genuine Intel(R) CPU T2080 @ 1.73GHz
Percentage of Memory in Use: 35%
Physical Memory (total/avail): 1526.04 MiB / 990.33 MiB
Pagefile Memory (total/avail): 2900.58 MiB / 2581.53 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1934.06 MiB
C: is Fixed (NTFS) - 74.52 GiB total, 57.12 GiB free.
D: is CDROM (No Media)
F: is Network (NTFS)
G: is Network (NTFS)
H: is Network (NTFS)
M: is Network (NTFS)
\\.\PHYSICALDRIVE0 - Hitachi HTS541680J9SA00 - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.52 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\CA\\eTrust Antivirus\\InocIT.exe"="C:\\Program Files\\CA\\eTrust Antivirus\\InocIT.exe:*:Enabled:InocIT"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\adam\Application Data
AVENGINE=C:\PROGRA~1\CA\SHARED~1\SCANEN~1
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DEVELOP5
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\adam
include=C:\Program Files\Microsoft Visual Studio\VC98\atl\include;C:\Program Files\Microsoft Visual Studio\VC98\mfc\include;C:\Program Files\Microsoft Visual Studio\VC98\include
INOCULAN=C:\PROGRA~1\CA\ETRUST~1
lib=C:\Program Files\Microsoft Visual Studio\VC98\mfc\lib;C:\Program Files\Microsoft Visual Studio\VC98\lib
LOGONSERVER=\\DEVELOP5
MSDevDir=C:\Program Files\Microsoft Visual Studio\Common\MSDev98
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\PROGRA~1\CA\SHARED~1\SCANEN~1;C:\PROGRA~1\CA\ETRUST~1;C:\Program Files\Microsoft SQL Server\80\Tools\BINN;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Microsoft Visual Studio\Common\Tools\WinNT;C:\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin;C:\Program Files\Microsoft Visual Studio\Common\Tools;C:\Program Files\Microsoft Visual Studio\VC98\bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 12, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e0c
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\adam\LOCALS~1\Temp
TMP=C:\DOCUME~1\adam\LOCALS~1\Temp
USERDOMAIN=DEVELOP5
USERNAME=adam
USERPROFILE=C:\Documents and Settings\adam
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
User
(admin)adam
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Broadcom 802.11 Wireless LAN Adapter --> "C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
CA eTrust Antivirus --> MsiExec.exe /X{99747F0D-D4F8-4877-9CA0-4AE96D963633}
Cisco Clean Access Agent --> MsiExec.exe /X{04010300-6D72-4D54-8686-91D884A27B5C}
Cisco Systems VPN Client 4.0.3 (Rel) --> MsiExec.exe /X{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant HD Audio --> C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -Icpv30A5a.inf
Exportizer 4.21 --> "C:\Program Files\Exportizer\unins000.exe"
FLV Player 2.0, build 24 --> C:\Program Files\FLV Player\uninst.exe
GoToMeeting 4.0.0.320 --> C:\Program Files\Citrix\GoToMeeting\320\G2MUninstall.exe /uninstall
Hamachi 1.0.2.5 --> C:\Program Files\Hamachi\uninstall.exe
HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VENICE_HSF\UIU32m.exe -U -IwqcVen5m.inf
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Quick Launch Buttons 6.10 B9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x9 -removeonly uninst
HP Wireless Assistant --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9
Intel(R) Graphics Media Accelerator Driver --> C:\WINDOWS\system32\igxpun.exe -uninstall
J2SE Runtime Environment 5.0 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
LiveUpdate BVRP Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -l0x9
Macromedia ColdFusion Studio 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A75D08E2-0B75-11D5-A507-000000000000}\Setup.exe"
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft ActiveSync --> MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{90120409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-0054-0409-0000-0000000FF1CE} /uninstall {EA35370F-586C-45E1-AC6C-A4E275C6B762}
Microsoft Office Visio 2007 Service Pack 1 (SP1) --> msiexec /package {91120000-0051-0000-0000-0000000FF1CE} /uninstall {AA4F2610-5FF1-4DCD-A6FB-BCA2D09A6443}
Microsoft Office Visio MUI (English) 2007 --> MsiExec.exe /X{90120000-0054-0409-0000-0000000FF1CE}
Microsoft Office Visio Professional 2007 --> MsiExec.exe /X{91120000-0051-0000-0000-0000000FF1CE}
Microsoft Office Visio Professional 2007 Trial --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPROR /dll OSETUP.DLL
Microsoft Project 2000 --> MsiExec.exe /I{2DFE1608-BDCA-11D1-B7AE-00C04FB92F3D}
Microsoft Project 2000 Compare Project Versions Utility --> MsiExec.exe /X{9E620FFC-F808-4325-B57A-12193BC5F46B}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2000 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Microsoft SQL Server\80\Tools\Uninst.isu" -c"C:\Program Files\Microsoft SQL Server\80\Tools\sqlsun.dll" -msql.mif
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual J# 2.0 Redistributable Package --> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
Microsoft Visual Studio 6.0 Enterprise Edition --> "C:\Program Files\Microsoft Visual Studio\Common\Setup\1033\Setup.exe"
Microsoft Web Publishing Wizard 1.53 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
mobile PhoneTools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}\setup.exe" -l0x9
Motorola Driver Installation 3.4.0 --> MsiExec.exe /I{81B3BEF9-5D97-4096-86E9-5B48A5BC32D0}
Mozilla Firefox (3.0.1) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSDN Library for Visual Studio .NET 2003 --> MsiExec.exe /I{5757AE1A-1DB4-4898-9806-09F77FBD5E57}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Quest Software Toad Data Modeler 3 --> MsiExec.exe /I{D7519A32-4784-41B5-83FA-B6067C24B031}
QuickTime --> MsiExec.exe /I{9763E36A-08E9-4228-BBCE-12989A4EB1A8}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Security Update for Visio 2007 (KB947590) --> msiexec /package {91120000-0051-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
SnagIt 8 --> MsiExec.exe /I{DA0BF7AB-88EB-4675-8FA1-531EAD938821}
Spb Diary --> C:\Program Files\Microsoft ActiveSync\Spb Diary\Uninstall.exe Spb Diary
Spb Pocket Plus --> C:\Program Files\Microsoft ActiveSync\Spb Pocket Plus\Uninstall.exe Spb Pocket Plus
Spb Time --> C:\Program Files\Microsoft ActiveSync\Spb Time\Uninstall.exe Spb Time
Spb Weather --> C:\Program Files\Microsoft ActiveSync\Spb Weather\Uninstall.exe Spb Weather
Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SQL Backup 5 --> MsiExec.exe /I{408F28EE-BE13-46FE-B591-0C1D0C902066}
SQL Compare 6 --> MsiExec.exe /X{32938132-457F-49ED-9A44-DFF8332965E8}
SQL Data Compare 6 --> MsiExec.exe /X{EED33404-5064-4D54-9E76-08C0A1717D34}
SQL Data Generator 1 --> MsiExec.exe /X{F610EF24-85AA-4141-9C9D-C890F5F78F8B}
SQL Dependency Tracker 2 --> MsiExec.exe /I{6AC088A0-3724-4E94-85E3-53DF2C5103CE}
SQL Doc 1 --> MsiExec.exe /X{F7FC00D9-FE26-497A-8BED-6285CB3BDC82}
SQL Log Rescue 1 --> MsiExec.exe /I{F7BD74B9-5F69-4A0B-969A-7B4A2E04C910}
SQL Multi Script 1 --> MsiExec.exe /I{D812E24D-4BD2-4140-93DD-7783B9162A36}
SQL Packager 5 --> MsiExec.exe /I{A0F1E678-7302-48CD-8D6C-C4EC5AFFD0FD}
SQL Prompt 3 --> MsiExec.exe /I{6B351158-1D70-4AB2-9C94-60AF92FFE4C6}
SQL Toolkit 6 --> MsiExec.exe /X{7A766DC9-34CF-4C6E-A957-BBD342605776}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TopStyle Lite (Version 2) --> C:\WINDOWS\unlite2.exe "C:\Program Files\Bradbury\TopStyle2"
Update for Office 2007 (KB946691) --> msiexec /package {91120000-0051-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
WebEx --> C:\WINDOWS\DOWNLO~1\atcliun.exe
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
XML Paper Specification Shared Components Pack 1.0 -->
-- Application Event Log -------------------------------------------------------
Event Record #/Type5065 / Success
Event Submitted/Written: 08/08/2008 00:25:08 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type4739 / Success
Event Submitted/Written: 08/04/2008 10:28:21 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type4737 / Warning
Event Submitted/Written: 08/01/2008 07:41:41 PM
Event ID/Source: 63 / WinMgmt
Event Description:
A provider, OffProv12, has been registered in the WMI namespace, Root\MSAPPS12, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Event Record #/Type4736 / Warning
Event Submitted/Written: 08/01/2008 07:41:41 PM
Event ID/Source: 63 / WinMgmt
Event Description:
A provider, OffProv12, has been registered in the WMI namespace, Root\MSAPPS12, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Event Record #/Type4735 / Warning
Event Submitted/Written: 08/01/2008 07:41:40 PM
Event ID/Source: 63 / WinMgmt
Event Description:
A provider, OffProv11, has been registered in the WMI namespace, Root\MSAPPS11, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type8395 / Error
Event Submitted/Written: 08/08/2008 00:25:08 PM
Event ID/Source: 10001 / DCOM
Event Description:
Unable to start a DCOM Server: {0C0A3666-30C9-11D0-8F20-00805F2CD064} as /.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\mdm.exe -Embedding
Event Record #/Type8394 / Error
Event Submitted/Written: 08/08/2008 00:25:08 PM
Event ID/Source: 10001 / DCOM
Event Description:
Unable to start a DCOM Server: {E367E1A1-E917-11D0-AF5F-00A02448799A} as /.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\mdm.exe -Embedding
Event Record #/Type8391 / Error
Event Submitted/Written: 08/08/2008 10:33:08 AM
Event ID/Source: 10001 / DCOM
Event Description:
Unable to start a DCOM Server: {0C0A3666-30C9-11D0-8F20-00805F2CD064} as /.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\mdm.exe -Embedding
Event Record #/Type8390 / Error
Event Submitted/Written: 08/08/2008 10:33:08 AM
Event ID/Source: 10001 / DCOM
Event Description:
Unable to start a DCOM Server: {E367E1A1-E917-11D0-AF5F-00A02448799A} as /.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\mdm.exe -Embedding
Event Record #/Type8371 / Error
Event Submitted/Written: 08/08/2008 10:16:28 AM
Event ID/Source: 10001 / DCOM
Event Description:
Unable to start a DCOM Server: {0C0A3666-30C9-11D0-8F20-00805F2CD064} as /.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\mdm.exe -Embedding
-- End of Deckard's System Scanner: finished at 2008-08-08 16:26:32 ------------