-------------------------------------
VundoFix V7.0.3
Scan started at 6:15:31 PM 4/25/2008
Listing files found while scanning....
C:\Program Files\PowerISO\PWRISOSH.DLL
C:\Windows\System32\ioxpowam.dll
Beginning removal...
Attempting to delete C:\Program Files\PowerISO\PWRISOSH.DLL
C:\Program Files\PowerISO\PWRISOSH.DLL Has been deleted!
Attempting to delete C:\Windows\System32\ioxpowam.dll
C:\Windows\System32\ioxpowam.dll Has been deleted!
Performing Repairs to the registry.
Done!
---------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:40:19 PM, on 4/25/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Turtle Beach\AudioAdvantageSRM\TBAA.exe
C:\Windows\sttray.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Razer\Diamondback\razerhid.exe
C:\Windows\System32\CTXFIHLP.EXE
C:\Windows\System32\CTHELPER.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\CTXFISPI.EXE
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\ProgramData\Autobahn\mlb-nexdef-autobahn.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Razer\Diamondback\razerofa.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {ACCB187C-8C8C-4990-98A6-E283160CE517} - C:\Windows\system32\jKATNhiJ.dll
O2 - BHO: {fc025c01-c77f-671b-0924-7770ac22609f} - {f90622ca-0777-4290-b176-f77c10c520cf} - C:\Windows\system32\ioxpowam.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Turtle Beach Audio Advantage SRM] "C:\Program Files\Turtle Beach\AudioAdvantageSRM\TBAA.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [BM93ca57a4] Rundll32.exe "C:\Windows\system32\kuklscnm.dll",s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: MLB.TV NexDef Plug-in.lnk = C:\ProgramData\Autobahn\mlb-nexdef-autobahn.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O8 - Extra context menu item: Append to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cabO16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
http://www.eset.eu/buxus/docs/OnlineScanner.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 9268 bytes
--------------------------------------
DSS Main
Deckard's System Scanner v20071014.68
Run by Philip Wang on 2008-04-25 18:44:06
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 5 Restore Point(s) --
9: 2008-04-25 19:44:01 UTC - RP409 - Scheduled Checkpoint
8: 2008-04-24 09:15:23 UTC - RP408 - Device Driver Package Install: Cypress Universal Serial Bus controllers
7: 2008-04-24 09:05:52 UTC - RP407 - Device Driver Package Install: Razer Human Interface Devices
6: 2008-04-24 09:05:17 UTC - RP406 - Installed Razer DeathAdder(TM) Mouse
5: 2008-04-24 08:40:39 UTC - RP405 - Removed Razer DeathAdder(TM) Mouse
-- First Restore Point --
1: 2008-04-24 02:34:09 UTC - RP401 - Removed Ad-Aware 2007
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 29.35 GiB (less than 15%) free.-- HijackThis (run as Philip Wang.exe) -----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:48:10 PM, on 4/25/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Turtle Beach\AudioAdvantageSRM\TBAA.exe
C:\Windows\sttray.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Razer\Diamondback\razerhid.exe
C:\Windows\System32\CTXFIHLP.EXE
C:\Windows\System32\CTHELPER.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\CTXFISPI.EXE
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\ProgramData\Autobahn\mlb-nexdef-autobahn.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Razer\Diamondback\razerofa.exe
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Philip Wang\Desktop\dss.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Philip Wang.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {ACCB187C-8C8C-4990-98A6-E283160CE517} - C:\Windows\system32\jKATNhiJ.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Turtle Beach Audio Advantage SRM] "C:\Program Files\Turtle Beach\AudioAdvantageSRM\TBAA.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: MLB.TV NexDef Plug-in.lnk = C:\ProgramData\Autobahn\mlb-nexdef-autobahn.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless Configuration Utility HW.14.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O8 - Extra context menu item: Append to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cabO16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
http://www.eset.eu/buxus/docs/OnlineScanner.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 9017 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080424-024331-551 O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb124\Dealio.dll (file missing)
backup-20080424-203236-271 O2 - BHO: (no name) - {4020100D-29D7-4392-AFD5-5AD713FF4B88} - C:\Windows\system32\vTlmjhEV.dll (file missing)
backup-20080424-203236-316 O2 - BHO: {668162b4-fccc-80db-7da4-8fd31bc65f3c} - {c3f56cb1-3df8-4ad7-bd08-cccf4b261866} - C:\Windows\system32\tphcibij.dll (file missing)
backup-20080424-203236-354 O1 - Hosts: ::1 localhost
backup-20080424-203236-711 O2 - BHO: (no name) - {F99F0A94-5A89-4D16-AEA1-E046B6D6EF56} - C:\Windows\system32\jKATNhiJ.dll
backup-20080424-204415-930 O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
backup-20080424-204526-205 O2 - BHO: (no name) - {B622CD89-EA94-42F8-A55A-2CA2BC73AA47} - C:\Windows\system32\jKATNhiJ.dll
backup-20080424-210937-958 O2 - BHO: (no name) - {BAB0A2BD-4213-4E1E-A5AF-9B1281DBFCC3} - C:\Windows\system32\jKATNhiJ.dll
backup-20080425-031217-640 O2 - BHO: (no name) - {61BDE356-BD5B-4558-84F7-857509CA5D92} - C:\Windows\system32\jKATNhiJ.dll
backup-20080425-031450-707 O2 - BHO: (no name) - {61BDE356-BD5B-4558-84F7-857509CA5D92} - C:\Windows\system32\jKATNhiJ.dll
backup-20080425-033110-184 O4 - HKLM\..\Run: [BM93ca57a4] Rundll32.exe "C:\Windows\system32\kuklscnm.dll",s
backup-20080425-033110-218 O2 - BHO: (no name) - {61BDE356-BD5B-4558-84F7-857509CA5D92} - C:\Windows\system32\jKATNhiJ.dll
backup-20080425-033110-252 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
backup-20080425-033225-746 O2 - BHO: (no name) - {61BDE356-BD5B-4558-84F7-857509CA5D92} - C:\Windows\system32\jKATNhiJ.dll
backup-20080425-033225-772 O4 - HKLM\..\Run: [BM93ca57a4] Rundll32.exe "C:\Windows\system32\kuklscnm.dll",s
backup-20080425-034122-669 O4 - HKLM\..\Run: [BM93ca57a4] Rundll32.exe "C:\Windows\system32\kuklscnm.dll",s
backup-20080425-034122-814 O2 - BHO: (no name) - {61BDE356-BD5B-4558-84F7-857509CA5D92} - C:\Windows\system32\jKATNhiJ.dll
backup-20080425-035119-154 O2 - BHO: (no name) - {61BDE356-BD5B-4558-84F7-857509CA5D92} - C:\Windows\system32\jKATNhiJ.dll
backup-20080425-035119-619 O4 - HKLM\..\Run: [BM93ca57a4] Rundll32.exe "C:\Windows\system32\kuklscnm.dll",s
backup-20080425-041628-338 O4 - HKLM\..\Run: [BM93ca57a4] Rundll32.exe "C:\Windows\system32\kuklscnm.dll",s
backup-20080425-041628-624 O2 - BHO: (no name) - {61BDE356-BD5B-4558-84F7-857509CA5D92} - C:\Windows\system32\jKATNhiJ.dll
backup-20080425-184213-369 O4 - HKLM\..\Run: [BM93ca57a4] Rundll32.exe "C:\Windows\system32\kuklscnm.dll",s
backup-20080425-184213-589 O2 - BHO: {fc025c01-c77f-671b-0924-7770ac22609f} - {f90622ca-0777-4290-b176-f77c10c520cf} - C:\Windows\system32\ioxpowam.dll (file missing)
backup-20080425-184213-672 O2 - BHO: (no name) - {ACCB187C-8C8C-4990-98A6-E283160CE517} - C:\Windows\system32\jKATNhiJ.dll
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - \??\c:\windows\system32\drivers\nsdriver.sys
S3 Ad-Watch Real-Time Scanner (AW Real-Time Scanner) - \??\c:\windows\system32\drivers\awrtpd.sys
S3 Ad-Watch Registry Filter (Ad-Watch Registry Kernel Filter) - \??\c:\windows\system32\drivers\awrtrd.sys
S3 CM1063264TB (C-Media CM106 Like Sound UDAX Interface) - c:\windows\system32\drivers\cm106.sys <Not Verified; C-Media Inc; C-Media USB Audio Driver (WDM)>
S3 CyUsb (Cypress Generic USB Driver) - c:\windows\system32\drivers\cyusb.sys <Not Verified; Cypress Semiconductor; Cypress Generic USB Device Driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 STacSV (SigmaTel Audio Service) - c:\program files\sigmatel\c-major audio\wdm\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S4 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Description: Logitech GamePanel SideShow Device
Device ID: ROOT\SIDESHOW\0000
Manufacturer: Logitech Inc.
Name: Logitech GamePanel SideShow Device
PNP Device ID: ROOT\SIDESHOW\0000
Service: WUDFRd
-- Scheduled Tasks -------------------------------------------------------------
2008-04-25 04:17:00 392 --a------ C:\Windows\Tasks\At3.job
2008-04-25 04:10:00 392 --a------ C:\Windows\Tasks\At2.job
2008-04-25 04:09:00 392 --a------ C:\Windows\Tasks\At1.job
2008-04-25 01:14:02 430 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{EE85E271-E73B-4516-A5AD-3BA9DB2C1B6A}.job
2008-04-24 04:33:26 392 --a------ C:\Windows\Tasks\At5.job
2008-04-24 04:33:26 392 --a------ C:\Windows\Tasks\At4.job
-- Files created between 2008-03-25 and 2008-04-25 -----------------------------
2008-04-25 18:15:31 0 d-------- C:\VundoFix Backups
2008-04-25 09:58:21 0 d-------- C:\Program Files\EsetOnlineScanner
2008-04-25 09:56:15 0 d-------- C:\Users\All Users\Malwarebytes
2008-04-25 09:56:15 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-25 03:02:01 88640 --a------ C:\Windows\system32\xtkwktxq.dll
2008-04-24 21:12:05 0 d-------- C:\Program Files\FileASSASSIN
2008-04-24 07:49:17 0 d-------- C:\Users\All Users\Kaspersky Lab
2008-04-24 07:49:15 0 d-------- C:\Windows\system32\Kaspersky Lab
2008-04-24 04:39:45 0 d-------- C:\Program Files\Spyware Doctor
2008-04-24 04:23:50 31104 --a------ C:\Windows\system32\drivers\CYUSB.sys <Not Verified; Cypress Semiconductor; Cypress Generic USB Device Driver>
2008-04-24 03:20:15 0 d-a------ C:\Users\All Users\TEMP
2008-04-24 03:20:12 0 d-------- C:\Program Files\CleanMyPC
2008-04-24 00:11:09 0 d-------- C:\Program Files\Trend Micro
2008-04-23 22:36:36 0 d-------- C:\Program Files\Lavasoft
2008-04-21 02:56:04 0 d-------- C:\Users\All Users\Lavasoft
2008-04-21 02:17:56 417191 --ahs---- C:\Windows\system32\JihNTAKj.ini2
2008-04-21 02:17:52 274432 -----n--- C:\Windows\system32\jKATNhiJ.dll
2008-04-15 22:04:39 0 d-------- C:\Program Files\mIRC
2008-04-15 20:20:51 0 d-------- C:\Program Files\Ventrilo
2008-04-15 04:42:47 0 d-------- C:\Program Files\Common Files\Steam
2008-04-15 04:42:44 0 d-------- C:\Program Files\Steam
2008-03-31 17:46:55 0 d-------- C:\Users\All Users\Autobahn
-- Find3M Report ---------------------------------------------------------------
2008-04-25 18:25:54 1640 --a------ C:\Users\Philip Wang\AppData\Roaming\autobahn.log
2008-04-25 18:24:17 0 d-------- C:\Program Files\PowerISO
2008-04-25 09:56:25 0 d-------- C:\Users\Philip Wang\AppData\Roaming\Malwarebytes
2008-04-25 03:53:19 0 d-------- C:\Users\Philip Wang\AppData\Roaming\mIRC
2008-04-24 08:25:36 0 d-------- C:\Users\Philip Wang\AppData\Roaming\AVG7
2008-04-24 05:05:33 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-24 04:39:45 0 d-------- C:\Users\Philip Wang\AppData\Roaming\PC Tools
2008-04-24 04:23:39 0 d-------- C:\Program Files\Razer
2008-04-24 03:46:38 0 d-------- C:\Users\Philip Wang\AppData\Roaming\uTorrent
2008-04-24 03:20:16 0 d-------- C:\Users\Philip Wang\AppData\Roaming\CleanMyPC Software
2008-04-24 00:21:18 0 d-------- C:\Users\Philip Wang\AppData\Roaming\VMware
2008-04-23 22:35:42 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-22 03:08:24 0 d-------- C:\Program Files\AdVantage
2008-04-15 04:42:47 0 d-------- C:\Program Files\Common Files
2008-04-08 00:27:41 0 d-------- C:\Users\Philip Wang\AppData\Roaming\LimeWire
2008-04-07 04:21:03 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-05 01:16:48 0 d-------- C:\Users\Philip Wang\AppData\Roaming\dvdcss
2008-03-21 22:39:38 0 d-------- C:\Users\Philip Wang\AppData\Roaming\Real
2008-03-21 08:09:59 684 --a------ C:\Windows\mozver.dat
2008-03-21 08:09:57 0 d-------- C:\Program Files\DivX
2008-03-15 23:20:17 0 d-------- C:\Users\Philip Wang\AppData\Roaming\BSplayer
2008-03-15 23:19:20 0 d-------- C:\Users\Philip Wang\AppData\Roaming\BSplayer Pro
2008-03-15 23:19:20 0 d-------- C:\Program Files\Webteh
2008-03-02 22:29:48 0 d-------- C:\Program Files\Common Files\Nero
2008-02-29 15:39:29 0 d-------- C:\Program Files\BestGameEver
2008-02-27 21:10:19 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-02-13 21:26:49 98304 --a------ C:\Windows\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2008-02-11 09:39:26 253952 --a------ C:\Windows\system32\OnlineScannerDLLA.dll <Not Verified; ; OnlineScanner Dynamic Link Library>
2008-02-11 09:39:18 237568 --a------ C:\Windows\system32\OnlineScannerDLLW.dll <Not Verified; ; OnlineScanner Dynamic Link Library>
2008-02-08 13:53:46 110592 --a------ C:\Windows\system32\OnlineScannerLang.dll <Not Verified; ; OnlineScanner Language Library>
2008-02-05 08:48:04 77824 --a------ C:\Windows\system32\OnlineScannerUninstaller.exe <Not Verified; ; OnlineScannerUninstaller>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ACCB187C-8C8C-4990-98A6-E283160CE517}]
04/21/2008 02:17 AM 274432 --------- C:\Windows\system32\jKATNhiJ.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Turtle Beach Audio Advantage SRM"="C:\Program Files\Turtle Beach\AudioAdvantageSRM\TBAA.exe" [05/08/2007 06:51 PM]
"SigmatelSysTrayApp"="sttray.exe" [01/12/2007 01:51 PM C:\Windows\sttray.exe]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [01/20/2008 03:05 AM]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [11/12/2007 07:51 AM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [11/12/2007 07:51 AM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [11/12/2007 07:51 AM]
"Launch LGDCore"="C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [07/17/2007 08:08 PM]
"Launch LCDMon"="C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [07/17/2007 07:30 PM]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 01:47 AM]
"Diamondback"="C:\Program Files\Razer\Diamondback\razerhid.exe" [02/14/2007 11:15 AM]
"CTxfiHlp"="CTXFIHLP.EXE" [05/10/2007 07:52 PM C:\Windows\System32\CTXFIHLP.EXE]
"CTHelper"="CTHELPER.EXE" [05/10/2007 07:51 PM C:\Windows\System32\CTHELPER.EXE]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [05/10/2007 11:46 PM]
"MSConfig"="C:\Windows\System32\msconfig.exe" [11/02/2006 05:45 AM]
"RegistryMechanic"="" []
"DeathAdder"="C:\Program Files\Razer\DeathAdder\razerhid.exe" [09/07/2007 03:54 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 08:36 AM]
"Steam"="C:\Program Files\Steam\Steam.exe" [04/15/2008 04:44 AM]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [11/02/2006 08:35 AM]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [11/02/2006 08:35 AM]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [09/18/2007 10:16 AM]
"Registry Cleaner Scheduler"="C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe" [03/02/2008 10:18 PM]
C:\Users\Philip Wang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MLB.TV NexDef Plug-in.lnk - C:\ProgramData\Autobahn\mlb-nexdef-autobahn.exe [3/30/2008 7:52:34 PM]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 4:01:04 AM]
Wireless Configuration Utility HW.14.lnk - C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe [7/26/2007 12:32:08 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\Windows\system32\jKATNhiJ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Philip Wang^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\90f96438]
rundll32.exe "C:\Windows\system32\xtkwktxq.dll",b
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\au]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM93ca57a4]
Rundll32.exe "C:\Windows\system32\kuklscnm.dll",s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iRiver Updater]
\Updater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer]
rundll32.exe C:\Windows\system32\vTlmjhEV.dll,#1
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
"C:\Program Files\VMware\VMware Workstation\hqtray.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{efcd4d6f-5a56-11dc-b1b1-806e6f6e6963}]
AutoRun\command- D:\setup.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-04-25 18:50:55 ------------
-------------------------------------
DSS EXTRA
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) D CPU 3.20GHz
Percentage of Memory in Use: 32%
Physical Memory (total/avail): 3069.55 MiB / 2069.74 MiB
Pagefile Memory (total/avail): 6323.82 MiB / 5437.61 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1915.08 MiB
C: is Fixed (NTFS) - 293.39 GiB total, 29.34 GiB free.
D: is CDROM (CDFS)
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST3320633AS ATA Device - 298.09 GiB - 3 partitions
\PARTITION0 - Unknown - 54.88 MiB
\PARTITION1 (bootable) - Installable File System - 293.39 GiB - C:
\PARTITION2 - Unknown - 4.64 GiB
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
Windows Internal Firewall is disabled.
AV: AVG 7.5.524 v7.5.524 (Grisoft)
Disabled OutdatedAS: Spyware Doctor v5.5.0.178 (PC Tools)
DisabledAS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
Outdated[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Philip Wang\AppData\Roaming
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DELL-XPS
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Philip Wang
LOCALAPPDATA=C:\Users\Philip Wang\AppData\Local
LOGONSERVER=\\DELL-XPS
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 6 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0604
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\PHILIP~1\AppData\Local\Temp
TMP=C:\Users\PHILIP~1\AppData\Local\Temp
USERDOMAIN=Dell-XPS
USERNAME=Philip Wang
USERPROFILE=C:\Users\Philip Wang
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
Philip Wang
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Windows\IsUninst.exe -f\"C:\Program Files\Final Fantasy VII\Uninst.isu"
--> MsiExec /X{85EBB283-65AF-4C53-9EBE-7C0A232762F7}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x9 /remove
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
7-Zip 4.57 --> "C:\Program Files\7-Zip\Uninstall.exe"
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 8.1.0 Professional --> msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\UninstFl.exe -q
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
AGEIA PhysX v7.03.21 --> MsiExec.exe /X{85EBB283-65AF-4C53-9EBE-7C0A232762F7}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Audio Advantage SRM Driver --> C:\Windows\system32\Cmeau106.exe /rm /pusb106
AudioAdvantageSRM --> C:\Windows\Cmi106Uninstall.exe C:\PROGRA~1\TURTLE~1\AUDIOA~1#Turtle Beach\AudioAdvantageSRM
Audiosurf --> MsiExec.exe /I{6D316D67-DA52-4659-9C98-F479963534D6}
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
BioShock --> C:\Program Files\InstallShield Installation Information\{E280923D-C5D9-4728-8C79-AC9A0DC75875}\setup.exe -runfromtemp -l0x0009 -removeonly
BS.Player FREE powered by AdVantage --> "C:\Program Files\Webteh\BSplayer\uninstall.exe"
Call of Duty(R) 4 - Modern Warfare(TM) --> C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Chessmaster Grandmaster Edition --> C:\Program Files\InstallShield Installation Information\{27614800-84A9-484E-9CCB-43ED2F1205F5}\setup.exe -runfromtemp -l0x0409
CleanMyPC - Registry Cleaner --> "C:\Program Files\CleanMyPC\Registry Cleaner\unins000.exe"
Command & Conquer 3 --> MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}
Creative Audio Console --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
Creative Sound Blaster Properties --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x9 /remove
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
ESET Online Scanner --> C:\Windows\system32\OnlineScannerUninstaller.exe
FileASSASSIN --> C:\Program Files\FileASSASSIN\uninst.exe
Final Fantasy VII - Ultima Edition --> "C:\Program Files\Final Fantasy VII\unins000.exe"
Galactic Civilizations II - Gold Edition --> C:\PROGRA~1\Stardock\TOTALG~1\GalCiv2\UNWISE.EXE C:\PROGRA~1\Stardock\TOTALG~1\GalCiv2\INSTALL.LOG
Gears of War --> C:\Program Files\InstallShield Installation Information\{1170D24F-42B7-40CF-AA1B-6395CE562354}\setup.exe -runfromtemp -l0x0409
GoldWave v5.05 --> "C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.05" "C:\Program Files\GoldWave\unstall.log"
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Haali Media Splitter --> "C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iriver Music Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{072D2077-9E22-4F7F-B817-A92CA6CCC843}\Setup.exe" -l0x9 anything
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kaspersky Online Scanner --> C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
LEGO Star Wars II --> C:\Program Files\InstallShield Installation Information\{4E074808-1B86-4230-A9EB-0904942EC4AE}\setup.exe -runfromtemp -l0x0409
LimeWire PRO 4.14.10 --> "C:\Program Files\LimeWire\uninstall.exe"
Logitech GamePanel Software 2.00 --> MsiExec.exe /X{948BE614-F37B-4A73-AD43-0245F23C110D}
Magic ISO Maker v5.4 (build 0248) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Games for Windows - LIVE Redistributable --> MsiExec.exe /X{20DEB77C-21D6-4D22-BB47-233E47613D57}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
mIRC --> C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
MLB.TV NexDef Plug-in --> C:\ProgramData\Autobahn\Uninstall.exe
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.12) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenAL --> "C:\Program Files\OpenAL\OALInst.exe" /U
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
PunkBuster Services --> C:\Windows\system32\pbsvc.exe -u
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Razer DeathAdder(TM) Mouse --> C:\Program Files\InstallShield Installation Information\{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}\Setup.exe -runfromtemp -l0x0009 -removeonly
Razer Diamondback --> C:\Program Files\InstallShield Installation Information\{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}\setup.exe -runfromtemp -l0x0009 -removeonly
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Registry Mechanic 7.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Sins of a Solar Empire --> "C:\ProgramData\{0E8E33D8-193A-414A-A909-0F101A142D26}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Sins of a Solar Empire --> C:\ProgramData\{0E8E33D8-193A-414A-A909-0F101A142D26}\setup.exe
Skype™ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SopCast 1.1.2 --> C:\Program Files\SopCast\uninst.exe
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
Star Wars®: Knights of the Old Republic (TM) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}\setup.exe" -l0x9
Stardock Central --> C:\PROGRA~1\Stardock\SDCENT~1\UNWISE.EXE C:\PROGRA~1\Stardock\SDCENT~1\INSTALL.LOG
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TBS WMP Plug-in --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{4CE88F4D-B74E-4F92-9DA4-ECEB60ED362A}
The Core Media Player 4.0 --> "C:\Program Files\CoreCodec\The Core Media Player\uninstall-tcmp4.exe"
The Witcher --> "C:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x0009 -removeonly
TRENDnet TEW-424UB Wireless USB 2.0 Adapter Vista Driver and Utility --> C:\Program Files\InstallShield Installation Information\{B1BDEA80-95CE-4DFB-B9D3-DC800E7F87B4}\setup.exe -runfromtemp -l0x0409
TVAnts 1.0 --> C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
VMware Workstation --> MsiExec.exe /I{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}
WD Diagnostics --> MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type10005 / Error
Event Submitted/Written: 04/25/2008 06:28:09 PM
Event ID/Source: 3 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
Event Record #/Type10002 / Success
Event Submitted/Written: 04/25/2008 06:26:07 PM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type10001 / Success
Event Submitted/Written: 04/25/2008 06:26:05 PM
Event ID/Source: 5615 / WinMgmt
Event Description:
Event Record #/Type10000 / Success
Event Submitted/Written: 04/25/2008 06:25:58 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.
Event Record #/Type9989 / Error
Event Submitted/Written: 04/25/2008 06:24:07 PM
Event ID/Source: 1015 / Wininit
Event Description:
A critical system process, C:\Windows\system32\lsass.exe, failed with status code 00000000. The machine must now be restarted.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type32786 / Error
Event Submitted/Written: 04/25/2008 06:28:08 PM
Event ID/Source: 14333 / WMPNetworkSvc
Event Description:
Service 'WMPNetworkSvc' did not start correctly due to error '0x80080005'. Restart your computer, and then try to restart the service.
Event Record #/Type32785 / Error
Event Submitted/Written: 04/25/2008 06:28:08 PM
Event ID/Source: 10010 / DCOM
Event Description:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Event Record #/Type32782 / Error
Event Submitted/Written: 04/25/2008 06:27:07 PM
Event ID/Source: 10010 / DCOM
Event Description:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Event Record #/Type32781 / Error
Event Submitted/Written: 04/25/2008 06:26:41 PM
Event ID/Source: 10010 / DCOM
Event Description:
{145B4335-FE2A-4927-A040-7C35AD3180EF}
Event Record #/Type32779 / Error
Event Submitted/Written: 04/25/2008 06:26:38 PM
Event ID/Source: 10010 / DCOM
Event Description:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
-- End of Deckard's System Scanner: finished at 2008-04-25 18:50:55 ------------