Log.txt:
Logfile of random's system information tool 1.05 (written by random/random)
Run by Preffered Customer at 2009-02-18 15:18:06
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 8 GB (23%) free of 34 GB
Total RAM: 2037 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:18:37 PM, on 2/18/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\System32\hkcmd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Raxco\PerfectDisk\PD91AgentS1.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Users\PREFFE~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Preffered Customer\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Preffered Customer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ycomp/ ... ch/ie.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://en.us.acer.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://en.us.acer.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://en.us.acer.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{6CF2FDCE-957A-49B2-B54B-ABC2A14DB2A0}: NameServer = 207.69.188.187 207.69.188.186
O17 - HKLM\System\CS1\Services\Tcpip\..\{6CF2FDCE-957A-49B2-B54B-ABC2A14DB2A0}: NameServer = 207.69.188.187 207.69.188.186
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PD91Engine.exe
O23 - Service: PD91VMDefrag - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PD91VMDefrag.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
--
End of file - 8244 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-27 441408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-01-02 299008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-01-02 151552]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-27 441408]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"Acer Tour"= []
"SetPanel"= []
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2007-01-11 483328]
"Acer Product Registration"=C:\Program Files\Acer Registration\ACE1.exe [2006-12-13 3166208]
"Acer Assist Launcher"=C:\Program Files\Acer Assist\launcher.exe [2006-12-07 1261568]
"eRecoveryService"= []
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-08-24 154136]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2007-12-21 1443072]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-11-13 981904]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-01-29 509784]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-01-02 464168]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"????r"= []
"?????????"=??????????????e []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="eNetHook.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-08-24 204800]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37a0a2b0-e2f0-11db-b276-806e6f6e6963}]
shell\AutoRun\command - E:\Start.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8db30cdf-a1c7-11dd-81ff-001b241580ea}]
shell\AutoRun\command - G:\LaunchU3.exe -a
======List of files/folders created in the last 1 months======
2009-02-18 15:18:06 ----D---- C:\rsit
2009-02-11 08:18:29 ----A---- C:\Windows\system32\mshtml.dll
2009-02-11 08:18:25 ----A---- C:\Windows\system32\ieframe.dll
2009-02-11 08:18:23 ----A---- C:\Windows\system32\urlmon.dll
2009-02-11 08:18:21 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-11 08:18:19 ----A---- C:\Windows\system32\wininet.dll
2009-02-11 08:18:18 ----A---- C:\Windows\system32\mstime.dll
2009-02-11 08:18:16 ----A---- C:\Windows\system32\iertutil.dll
2009-02-11 08:18:15 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-08 14:40:24 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-02-08 14:40:24 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-02-08 14:40:24 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-02-08 14:40:23 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-02-08 14:40:21 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-02-08 14:40:20 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-02-08 14:40:19 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-02-08 14:40:18 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-02-08 14:40:16 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-01-30 15:34:55 ----A---- C:\Windows\system32\infocardapi.dll
2009-01-30 15:34:54 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-01-30 15:34:51 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-01-30 15:34:51 ----A---- C:\Windows\system32\icardres.dll
2009-01-30 15:34:51 ----A---- C:\Windows\system32\icardagt.exe
2009-01-30 15:34:47 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-01-30 15:34:36 ----A---- C:\Windows\system32\PresentationHost.exe
2009-01-30 15:20:11 ----A---- C:\Windows\system32\dfshim.dll
2009-01-30 15:20:04 ----A---- C:\Windows\system32\mscoree.dll
2009-01-30 15:20:03 ----A---- C:\Windows\system32\netfxperf.dll
2009-01-30 15:19:34 ----A---- C:\Windows\system32\mscorier.dll
2009-01-30 15:19:19 ----A---- C:\Windows\system32\mscories.dll
2009-01-29 19:31:10 ----A---- C:\Windows\system32\lsdelete.exe
2009-01-29 17:38:08 ----HDC---- C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-29 17:37:49 ----D---- C:\Program Files\Lavasoft
2009-01-23 19:17:53 ----D---- C:\Users\Preffered Customer\AppData\Roaming\Malwarebytes
2009-01-23 19:17:32 ----D---- C:\ProgramData\Malwarebytes
2009-01-23 19:17:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-23 10:05:59 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-01-23 10:05:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-19 14:43:45 ----D---- C:\Program Files\Wise Disk Cleaner
======List of files/folders modified in the last 1 months======
2009-02-18 15:18:22 ----D---- C:\Windows\Prefetch
2009-02-18 15:18:20 ----D---- C:\Windows\Temp
2009-02-18 15:15:57 ----D---- C:\Windows\Internet Logs
2009-02-18 14:50:30 ----D---- C:\Program Files\Mozilla Firefox
2009-02-17 21:30:22 ----D---- C:\Windows\System32
2009-02-17 21:30:21 ----D---- C:\Windows\inf
2009-02-17 21:30:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-17 21:25:10 ----D---- C:\Windows\system32\drivers
2009-02-17 08:50:57 ----SHD---- C:\System Volume Information
2009-02-11 21:44:09 ----D---- C:\Windows
2009-02-11 08:35:01 ----D---- C:\Windows\winsxs
2009-02-11 08:25:06 ----D---- C:\Windows\system32\catroot2
2009-02-11 08:19:53 ----D---- C:\Windows\system32\catroot
2009-02-11 08:19:33 ----D---- C:\Program Files\Windows Mail
2009-02-08 14:45:19 ----RD---- C:\Program Files
2009-02-08 14:40:32 ----RSD---- C:\Windows\assembly
2009-02-07 21:49:38 ----D---- C:\Windows\system32\Tasks
2009-02-07 21:48:46 ----SHD---- C:\Windows\Installer
2009-02-04 11:52:28 ----D---- C:\Windows\Microsoft.NET
2009-02-03 18:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-02-01 11:37:20 ----D---- C:\Windows\system32\wbem
2009-02-01 11:32:42 ----D---- C:\Windows\system32\config
2009-02-01 11:32:22 ----D---- C:\Windows\Tasks
2009-02-01 11:32:22 ----D---- C:\Windows\system32\spool
2009-02-01 11:32:22 ----D---- C:\Windows\system32\Msdtc
2009-02-01 11:32:07 ----D---- C:\Windows\registration
2009-01-30 16:18:19 ----D---- C:\Windows\rescache
2009-01-30 15:51:27 ----D---- C:\Windows\system32\XPSViewer
2009-01-30 15:51:27 ----D---- C:\Windows\system32\en-US
2009-01-29 18:29:34 ----DC---- C:\Windows\system32\DRVSTORE
2009-01-29 17:38:08 ----HD---- C:\ProgramData
2009-01-29 17:37:49 ----D---- C:\ProgramData\Lavasoft
2009-01-29 17:36:51 ----D---- C:\Program Files\Common Files
2009-01-28 18:53:20 ----D---- C:\Windows\system32\CodeIntegrity
2009-01-27 13:53:12 ----D---- C:\Program Files\Mozilla Thunderbird
2009-01-21 13:55:35 ----D---- C:\Program Files\Java
2009-01-19 14:52:59 ----D---- C:\Program Files\GameBiz2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys [2007-12-21 33800]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-11-13 293776]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2008-08-28 71184]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-19 95744]
R2 tmcomm;tmcomm; \??\C:\Windows\system32\drivers\tmcomm.sys [2007-12-24 138384]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-10-04 1161152]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-03-06 691712]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2007-01-11 21264]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 1899008]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-01-14 6144]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-16 179896]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-08 194560]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 Avc;AVC Device; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 1899008]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2006-11-02 30720]
S3 RTCore32;RTCore32; \??\C:\Program Files\RMClock\RTCore32.sys [2005-05-25 4608]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2007-01-09 254014]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2007-01-09 114748]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2007-01-09 1073152]
R2 Diskeeper;Diskeeper; C:\Program Files\Executive Software\Diskeeper\DkService.exe [2004-01-06 327792]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-01-02 457512]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-28 49152]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-01-02 24576]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-29 950096]
R2 LicCtrlService;LicCtrl Service; C:\Windows\runservice.exe [2008-11-25 2560]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 PD91Agent;PD91Agent; C:\Program Files\Raxco\PerfectDisk\PD91Agent.exe [2008-12-31 693512]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-11-23 143360]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-11-13 2405776]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2007-12-21 19200]
S3 PD91Engine;PD91Engine; C:\Program Files\Raxco\PerfectDisk\PD91Engine.exe [2008-12-31 910600]
S3 PD91VMDefrag;PD91VMDefrag; C:\Program Files\Raxco\PerfectDisk\PD91VMDefrag.exe [2008-02-29 226568]
-----------------EOF-----------------
info.txt:
info.txt logfile of random's system information tool 1.05 2009-02-18 15:18:41
======Uninstall list======
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13E613EF-BB55-11D9-9D77-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
Acer Assist-->C:\Program Files\Acer Assist\uninstall.exe
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x9 -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x9 -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x9 -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x9 -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x9 -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x9 -removeonly
Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x9 -removeonly
Acer Registration-->C:\Program Files\Acer Registration\uninstall.exe
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x9 -removeonly
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Ad-Aware-->"C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Agere Systems HDA Modem-->agrsmdel
Diskeeper Professional Edition-->MsiExec.exe /X{AA67205C-3E80-4062-9198-253A059DEE38}
ESET NOD32 Antivirus-->MsiExec.exe /I{57ECFB4D-FE11-491A-9AA0-0AF7C3ABC51D}
Football Mogul 2007-->MsiExec.exe /I{84ADF5B4-9DE7-4D4B-B66F-1CA01CD68CE7}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HouseCall 6.6-->"C:\Users\Preffered Customer\AppData\Roaming\HouseCall 6.6\uninstaller.exe"
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1033 CDM7
OpenOffice.org 3.0-->MsiExec.exe /I{F44DA61E-720D-4E79-871F-F6E628B33242}
PerfectDisk 2008 Professional-->MsiExec.exe /I{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Taipan v1.11-->"C:\Program Files\Taipan\unins000.exe"
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{0409969E-BEFB-44D3-90B9-63BE50FBAE5E}\setup.exe -runfromtemp -l0x0409
The Sims Complete Collection-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}\Setup.exe" -l0x9 -l0009
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Via Galactica-->C:\Program Files\Orange Tree Software\Via Galactica\uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\common\unyt.exe
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
=====HijackThis Backups=====
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O13 - Gopher Prefix:
O1 - Hosts: ::1 localhost
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://en.us.acer.yahoo.comO2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ycomp/ ... ch/ie.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://en.us.acer.yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://en.us.acer.yahoo.comR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - (no file)
O4 - HKCU\..\Run: [?????????] ??????????????e
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
======Hosts File======
127.0.0.1
www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com127.0.0.1 008k.com
127.0.0.1
www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com127.0.0.1 032439.com
======Security center information======
AV: ESET NOD32 Antivirus 3.0
AV: AVG 7.5.516
FW: ZoneAlarm Firewall
AS: ZoneAlarm Anti-Spyware (outdated)
AS: ESET NOD32 Antivirus 3.0
AS: Spybot - Search and Destroy
AS: AVG Anti-Spyware (disabled) (outdated)
AS: Lavasoft Ad-Watch Live!
AS: Windows Defender
System event log
Computer Name: JohnDantzler-PC
Event Code: 1103
Message: Your computer was successfully assigned an address from the network, and it can now connect to other computers.
Record Number: 123794
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090218194925.000000-000
Event Type: Information
User:
Computer Name: JohnDantzler-PC
Event Code: 4201
Message: The system detected that network adapter Wireless Network Connection was connected to the network, and has initiated normal operation.
Record Number: 123795
Source Name: Tcpip
Time Written: 20090218194925.643200-000
Event Type: Information
User:
Computer Name: JohnDantzler-PC
Event Code: 8033
Message: The browser has forced an election on network \Device\NetBT_Tcpip_{75C3D993-CBDC-4047-AC25-A9B5D0FFF8F4} because a master browser was stopped.
Record Number: 123796
Source Name: BROWSER
Time Written: 20090218201355.000000-000
Event Type: Information
User:
Computer Name: JohnDantzler-PC
Event Code: 4201
Message: The system detected that network adapter Dial-up Connection was connected to the network, and has initiated normal operation.
Record Number: 123797
Source Name: Tcpip
Time Written: 20090218201428.482200-000
Event Type: Information
User:
Computer Name: JohnDantzler-PC
Event Code: 20267
Message: CoID={75FEBE50-57F4-4806-81EF-C2CA557AFD0F}: The user ELN/pudntane successfully established a connection to Dial-up Connection using the device COM3.
Record Number: 123798
Source Name: RemoteAccess
Time Written: 20090218201429.000000-000
Event Type: Information
User:
Application event log
Computer Name: JohnDantzler-PC
Event Code: 20222
Message: CoId={75FEBE50-57F4-4806-81EF-C2CA557AFD0F}: The user JOHNDANTZLER-PC\Preffered Customer is trying to establish a link to the Remote Access Server for the connection named Dial-up Connection using the following device:
Server address/Phone Number = 217-6776
Device = Agere Systems HDA Modem
Port = COM3
MediaType = MODEM.
Record Number: 26340
Source Name: RasClient
Time Written: 20090218201404.000000-000
Event Type: Information
User:
Computer Name: JohnDantzler-PC
Event Code: 20223
Message: CoId={75FEBE50-57F4-4806-81EF-C2CA557AFD0F}: The user JOHNDANTZLER-PC\Preffered Customer has successfully established a link to the Remote Access Server using the following device:
Server address/Phone Number = 217-6776
Device = Agere Systems HDA Modem
Port = COM3
MediaType = MODEM.
Record Number: 26341
Source Name: RasClient
Time Written: 20090218201427.000000-000
Event Type: Information
User:
Computer Name: JohnDantzler-PC
Event Code: 20224
Message: CoId={75FEBE50-57F4-4806-81EF-C2CA557AFD0F}: The link to the Remote Access Server has been established by user JOHNDANTZLER-PC\Preffered Customer.
Record Number: 26342
Source Name: RasClient
Time Written: 20090218201427.000000-000
Event Type: Information
User:
Computer Name: JohnDantzler-PC
Event Code: 20225
Message: CoId={75FEBE50-57F4-4806-81EF-C2CA557AFD0F}: The user JOHNDANTZLER-PC\Preffered Customer has dialed a connection named Dial-up Connection to the Remote Access Server which has successfully connected. The connection parameters are:
TunnelIpAddress = 4.88.30.28
TunnelIpv6Address = None
Dial-in User = ELN/pudntane.
Record Number: 26343
Source Name: RasClient
Time Written: 20090218201429.000000-000
Event Type: Information
User:
Computer Name: JohnDantzler-PC
Event Code: 5
Message: Unsupported service control request (see data below)
Record Number: 26344
Source Name: LightScribeService
Time Written: 20090218201840.000000-000
Event Type: Information
User:
Security event log
Computer Name: JohnDantzler-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.
File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 27491
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090218201836.812000-000
Event Type: Audit Failure
User:
Computer Name: JohnDantzler-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.
File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 27492
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090218201836.858800-000
Event Type: Audit Failure
User:
Computer Name: JohnDantzler-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.
File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 27493
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090218201836.905600-000
Event Type: Audit Failure
User:
Computer Name: JohnDantzler-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.
File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 27494
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090218201836.952400-000
Event Type: Audit Failure
User:
Computer Name: JohnDantzler-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.
File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 27495
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090218201836.999200-000
Event Type: Audit Failure
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Executive Software\Diskeeper\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=1
"tvdumpflags"=8
-----------------EOF-----------------
As mentioned in the original subject line, I'm not having any problems in particular (that I know of). Added memory took care of the slowdowns I was experiencing; now I just want to make sure that none of the odd HijackThis results are bad problems.