Starsat SR-2000 HD Extreme Auto roll Biss Key Software 2019 May 24, 2019; Neosat i5000 Extreme Auto roll Biss Key Power Vu Software 2019 May 24, 2019; OpenBox x5 Auto roll Biss Key PowerVu Software 2019 May 24, 2019; Neosat 5050 Auto Roll PowerVu Auto roll Biss Key Software 2019 May 24, 2019; Neosat O2 Auto roll Biss Key Power Vu Software 2018 May 24, 2019.
Hello,
Just the past day or two, I have been getting all these pop ups, and a very slow response from my firefox program. I found this site through a google search, and was wondering if you guys could help me out. Here's some things that may be useful:
RSIT log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by Brian at 2009-06-10 01:06:38
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 532 GB (76%) free of 700 GB
Total RAM: 4094 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:06:50 AM, on 6/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
c:PROGRA~2mcafee.comagentmcagent.exe
C:WindowsvVX3000.exe
C:Program Files (x86)Dell Video ChatDellVideoChat.exe
C:Program Files (x86)Windows LiveMessengermsnmsgr.exe
C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program Files (x86)SteamSteam.exe
C:Program Files (x86)ManyCam 2.4ManyCam.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exe
C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe
C:Program Files (x86)BrotherBrmfcmonBrMfcWnd.exe
C:Program Files (x86)BrotherControlCenter3brccMCtl.exe
C:Program Files (x86)BrotherBrmfcmonBrMfcmon.exe
C:Program Files (x86)iTunesiTunesHelper.exe
c:PROGRA~2mcafeemscmcuimgr.exe
C:Program Files (x86)AscentivePC SpeedScan ProPCSpeedScan.exe
C:Program Files (x86)Zilla Popup KillerZillaPop.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:Program Files (x86)Malwarebytes' Anti-Malwarembam.exe
C:UsersBrianDownloadsRSIT.exe
c:PROGRA~2mcafeempfmcmpfalert.exe
C:Program Files (x86)trend microBrian.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:PROGRA~2mcafeemskmcapbho.dll
O2 - BHO: CookieHlprObj Class - {4DF1DB24-A57C-11d3-A180-00A0C90AE44B} - C:Program Files (x86)Zilla Popup KillerZillaBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program Files (x86)McAfeeVirusScanscriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program Files (x86)GoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:Program Files (x86)AIM Toolbaraimtb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program Files (x86)GoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:Program Files (x86)DellBAEBAE.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:Program Files (x86)Ask.comGenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll
O2 - BHO: HandyInternetAdvice - {DF037828-857E-D996-F703-F81E5C2A464C} - C:Program Files (x86)HandyInternetAdviceHandyInternetAdvice.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:Program Files (x86)AIM Toolbaraimtb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:Program Files (x86)Ask.comGenericAskToolbar.dll
O4 - HKLM..Run: [SunJavaUpdateSched] 'C:Program Files (x86)Javajre6binjusched.exe'
O4 - HKLM..Run: [StartCCC] 'C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe'
O4 - HKLM..Run: [mcagent_exe] C:Program Files (x86)McAfee.comAgentmcagent.exe /runkey
O4 - HKLM..Run: [PDVDDXSrv] 'C:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exe'
O4 - HKLM..Run: [GrooveMonitor] 'C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe'
O4 - HKLM..Run: [Performance Center] 'C:Program Files (x86)AscentivePerformance CenterApcMain.exe' -m
O4 - HKLM..Run: [PC SpeedScan Pro] 'C:Program Files (x86)AscentivePC SpeedScan ProPCSpeedScan.exe' -m
O4 - HKLM..Run: [PC ScanAndSweep] 'C:Program Files (x86)AscentivePC ScanAndSweepPCScanAndSweep.exe' -m
O4 - HKLM..Run: [LifeCam] 'C:Program Files (x86)Microsoft LifeCamLifeExp.exe'
O4 - HKLM..Run: [QuickTime Task] 'C:Program Files (x86)QuickTimeQTTask.exe' -atboottime
O4 - HKLM..Run: [SSBkgdUpdate] 'C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe' -Embedding -boot
O4 - HKLM..Run: [PaperPort PTD] 'C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe'
O4 - HKLM..Run: [IndexSearch] 'C:Program Files (x86)ScanSoftPaperPortIndexSearch.exe'
O4 - HKLM..Run: [PPort11reminder] 'C:Program Files (x86)ScanSoftPaperPortEregEreg.exe' -r 'C:ProgramDataScanSoftPaperPort11ConfigEregEreg.ini'
O4 - HKLM..Run: [BrMfcWnd] 'C:Program Files (x86)BrotherBrmfcmonBrMfcWnd.exe' /AUTORUN
O4 - HKLM..Run: [ControlCenter3] 'C:Program Files (x86)BrotherControlCenter3brctrcen.exe' /autorun
O4 - HKLM..Run: [iTunesHelper] 'C:Program Files (x86)iTunesiTunesHelper.exe'
O4 - HKLM..Run: [Adobe Reader Speed Launcher] 'C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe'
O4 - HKLM..RunOnce: [Malwarebytes' Anti-Malware] 'C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe' /install /silent
O4 - HKCU..Run: [SightSpeed] 'C:Program Files (x86)Dell Video ChatDellVideoChat.exe' -bootmode
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [MsnMsgr] 'C:Program Files (x86)Windows LiveMessengerMsnMsgr.Exe' /background
O4 - HKCU..Run: [igndlm.exe] C:Program Files (x86)Download ManagerDLM.exe /windowsstart /startifwork
O4 - HKCU..Run: [swg] C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [Steam] 'c:program files (x86)steamsteam.exe' -silent
O4 - HKCU..Run: [ManyCam] 'C:Program Files (x86)ManyCam 2.4ManyCam.exe'
O4 - HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe
O4 - HKCU..Run: [Zilla Popup Killer] C:Program Files (x86)Zilla Popup KillerZillaPop.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:Program Files (x86)AIM Toolbaraimtb.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~1Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~1Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~2MICROS~1Office12REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:Program Files (x86)Microsoft OfficeOffice12GrooveSystemServices.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:Program Files (x86)GoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:Program Files (x86)OpinionSquareopai.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Unknown owner - C:Windowssystem32AERTSr64.exe (file missing)
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program Files (x86)Common FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:Windowssystem32Ati2evxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:Program Files (x86)BonjourmDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:Program FilesDellDellDockDockLogin.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:Program Files (x86)WildTangentDell GamesDell Game ConsoleGameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:Program Files (x86)iPodbiniPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:PROGRA~2McAfeeMSCmcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:PROGRA~2COMMON~1mcafeemnamcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:PROGRA~1McAfeeVIRUSS~1mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:PROGRA~2COMMON~1mcafeemcproxymcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:PROGRA~1McAfeeVIRUSS~1mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:PROGRA~2McAfeeVIRUSS~1mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:Program Files (x86)McAfeeMPFMPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:Program Files (x86)McAfeeMSKMskSrver.exe
O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe
O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program Files (x86)Common FilesSureThing Sharedstllssvr.exe
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:Program Files (x86)ViewpointCommonViewpointService.exe
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
--
End of file - 13867 bytes
Scheduled tasks folder
C:WindowstasksMcDefragTask.job
C:WindowstasksMCE Tunes Auto Sync.job
C:WindowstasksMcQcTask.job
C:WindowstasksRtlNICDiagVistaStart.job
C:WindowstasksUser_Feed_Synchronization-{20D786F1-A64A-4D53-9976-8AB1B9698033}.job
Registry dump
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:PROGRA~2mcafeemskmcapbho.dll [2007-11-26 324936]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{4DF1DB24-A57C-11d3-A180-00A0C90AE44B}]
CookieHlprObj Class - C:Program Files (x86)Zilla Popup KillerZillaBHO.dll [2000-04-27 69632]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:Program Files (x86)McAfeeVirusScanscriptsn.dll [2007-11-09 58688]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar.dll [2009-04-29 259696]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:Program Files (x86)GoogleGoogleToolbarNotifier5.1.1309.3572swg.dll [2009-04-15 668656]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{b0cda128-b425-4eef-a174-61a11ac5dbf8}]
AIM Toolbar Loader - C:Program Files (x86)AIM Toolbaraimtb.dll [2008-10-07 1275176]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:Program Files (x86)GoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll [2009-04-29 470512]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:Program Files (x86)DellBAEBAE.dll [2006-11-09 98304]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask.com Toolbar - C:Program Files (x86)Ask.comGenericAskToolbar.dll [2009-02-26 809864]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:Program Files (x86)Javajre6binjp2ssv.dll [2009-05-04 35840]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DF037828-857E-D996-F703-F81E5C2A464C}]
HandyInternetAdvice - C:Program Files (x86)HandyInternetAdviceHandyInternetAdvice.dll [2009-06-03 154112]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{61539ecd-cc67-4437-a03c-9aaccbd14326} - AIM Toolbar - C:Program Files (x86)AIM Toolbaraimtb.dll [2008-10-07 1275176]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar.dll [2009-04-29 259696]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask.com Toolbar - C:Program Files (x86)Ask.comGenericAskToolbar.dll [2009-02-26 809864]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
'SunJavaUpdateSched'=C:Program Files (x86)Javajre6binjusched.exe [2009-05-04 148888]
'StartCCC'=C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-01-21 61440]
'mcagent_exe'=C:Program Files (x86)McAfee.comAgentmcagent.exe [2007-11-01 582992]
'PDVDDXSrv'=C:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exe [2008-05-23 128296]
'GrooveMonitor'=C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
'Performance Center'=C:Program Files (x86)AscentivePerformance CenterApcMain.exe [2008-05-16 3231744]
'PC SpeedScan Pro'=C:Program Files (x86)AscentivePC SpeedScan ProPCSpeedScan.exe [2008-08-21 2093056]
'PC ScanAndSweep'=C:Program Files (x86)AscentivePC ScanAndSweepPCScanAndSweep.exe [2008-10-06 2519040]
'LifeCam'=C:Program Files (x86)Microsoft LifeCamLifeExp.exe [2007-05-17 279912]
'QuickTime Task'=C:Program Files (x86)QuickTimeQTTask.exe [2009-01-05 413696]
'SSBkgdUpdate'=C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe [2006-10-25 210472]
'PaperPort PTD'=C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe [2007-10-11 29984]
'IndexSearch'=C:Program Files (x86)ScanSoftPaperPortIndexSearch.exe [2007-10-11 46368]
'PPort11reminder'=C:Program Files (x86)ScanSoftPaperPortEregEreg.exe [2007-08-31 328992]
'BrMfcWnd'=C:Program Files (x86)BrotherBrmfcmonBrMfcWnd.exe [2008-04-11 1085440]
'ControlCenter3'=C:Program Files (x86)BrotherControlCenter3brctrcen.exe [2007-12-21 86016]
'iTunesHelper'=C:Program Files (x86)iTunesiTunesHelper.exe [2009-04-02 342312]
'Adobe Reader Speed Launcher'=C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce]
'Malwarebytes' Anti-Malware'=C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe [2009-05-26 414480]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
'SightSpeed'=C:Program Files (x86)Dell Video ChatDellVideoChat.exe [2008-08-15 4812664]
'ehTray.exe'=C:WindowsehomeehTray.exe [2008-01-20 138240]
'Aim6'= []
'MsnMsgr'=C:Program Files (x86)Windows LiveMessengerMsnMsgr.Exe [2007-10-18 5724184]
'igndlm.exe'=C:Program Files (x86)Download ManagerDLM.exe [2008-08-01 1103216]
'swg'=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-11-04 68856]
'Steam'=c:program files (x86)steamsteam.exe [2009-06-01 1217784]
'ManyCam'=C:Program Files (x86)ManyCam 2.4ManyCam.exe [2009-04-17 1824040]
'WMPNSCFG'=C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe []
'Zilla Popup Killer'=C:Program Files (x86)Zilla Popup KillerZillaPop.exe [2006-05-03 524288]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
'AppInit_DLLS'='C:Program Files (x86)OpinionSquareopai.dll'
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
'{B5A7F190-DDA6-4420-B3BA-52453494E6CD}'=C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalmcmscsvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMCODS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmcmscsvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMCODS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMpfService]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
'LogonHoursAction'=2
'DontDisplayLogonHoursWarnings'=1
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
'dontdisplaylastusername'=0
'legalnoticecaption'=
'legalnoticetext'=
'shutdownwithoutlogon'=1
'undockwithoutlogon'=1
'EnableUIADesktopToggle'=0
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
'NoDriveTypeAutoRun'=145
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
'NoActiveDesktop'=
'NoActiveDesktopChanges'=
'ForceActiveDesktopOn'=
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{639c8e46-3e4d-11de-8c9b-002170453a65}]
shellAutoRuncommand - K:LaunchU3.exe -a
List of files/folders created in the last 1 months
2009-06-10 01:06:38 ----D---- C:rsit
2009-06-10 01:06:38 ----D---- C:Program Files (x86)trend micro
2009-06-10 00:59:59 ----D---- C:UsersBrianAppDataRoamingMalwarebytes
2009-06-10 00:59:55 ----D---- C:ProgramDataMalwarebytes
2009-06-10 00:59:54 ----D---- C:Program Files (x86)Malwarebytes' Anti-Malware
2009-06-10 00:58:00 ----SHD---- C:Config.Msi
2009-06-09 15:17:44 ----A---- C:Windowshdd.ini
2009-06-09 15:17:43 ----D---- C:UsersBrianAppDataRoamingR-Wipe&Clean
2009-06-09 15:17:43 ----D---- C:Program Files (x86)R-Wipe&Clean
2009-06-09 15:15:39 ----D---- C:Program Files (x86)Zilla Popup Killer
2009-06-07 20:34:05 ----D---- C:UsersBrianAppDataRoamingU3
2009-06-04 13:37:02 ----HD---- C:WindowsPIF
2009-06-04 13:37:02 ----D---- C:Program Files (x86)PlayMP3z
2009-06-04 13:37:02 ----D---- C:Program Files (x86)HandyInternetAdvice
2009-06-01 04:29:25 ----D---- C:Program Files (x86)Common FilesAdobe AIR
2009-05-31 18:30:17 ----D---- C:ProgramDataNOS
2009-05-31 18:30:15 ----D---- C:Program Files (x86)NOS
2009-05-23 23:31:37 ----D---- C:UsersBrianAppDataRoamingLimeWire
List of files/folders modified in the last 1 months
2009-06-10 01:06:50 ----D---- C:WindowsPrefetch
2009-06-10 01:06:49 ----D---- C:WindowsTemp
2009-06-10 01:06:38 ----RD---- C:Program Files (x86)
2009-06-10 00:59:56 ----D---- C:Windowssystem32drivers
2009-06-10 00:59:55 ----D---- C:ProgramData
2009-06-10 00:58:15 ----SHD---- C:WindowsInstaller
2009-06-10 00:58:14 ----D---- C:Program Files (x86)Nokia
2009-06-10 00:58:14 ----D---- C:Program Files (x86)Common Files
2009-06-10 00:58:02 ----D---- C:Windowsinf
2009-06-10 00:05:28 ----SHD---- C:System Volume Information
2009-06-09 15:17:44 ----D---- C:WindowsSysWOW64
2009-06-09 15:17:44 ----D---- C:Windows
2009-06-09 15:04:30 ----D---- C:WindowsSystem32
2009-06-09 14:13:27 ----D---- C:UsersBrianAppDataRoamingMozilla
2009-06-09 14:13:24 ----D---- C:Program Files (x86)Mozilla Firefox
2009-06-09 01:45:51 ----D---- C:WindowsMinidump
2009-06-09 01:44:31 ----D---- C:Program Files (x86)EA GAMES
2009-06-09 01:42:55 ----D---- C:WindowsTasks
2009-06-09 01:42:29 ----D---- C:Program Files (x86)Steam
2009-06-09 00:36:12 ----D---- C:UsersBrianAppDataRoamingFMZilla
2009-06-08 19:26:06 ----A---- C:Windowsntbtlog.txt
2009-06-04 13:37:23 ----D---- C:Program Files (x86)Windows Media Player
2009-06-03 03:00:22 ----D---- C:Windowswinsxs
2009-06-02 07:58:38 ----HD---- C:Program Files (x86)InstallShield Installation Information
2009-06-01 11:51:08 ----D---- C:Program Files (x86)Common FilesSteam
2009-06-01 04:29:36 ----SD---- C:WindowsDownloaded Program Files
2009-06-01 04:29:33 ----D---- C:Program Files (x86)Adobe
2009-06-01 04:29:26 ----D---- C:ProgramDataAdobe
2009-06-01 04:23:52 ----SHD---- C:$Recycle.Bin
2009-06-01 04:23:02 ----RD---- C:Users
2009-05-31 18:33:48 ----D---- C:Program Files (x86)Common FilesAdobe
2009-05-23 23:24:37 ----D---- C:downloads
2009-05-14 03:01:05 ----D---- C:Program Files (x86)Windows Mail
2009-05-14 03:00:54 ----D---- C:ProgramDataMicrosoft Help
2009-05-14 03:00:51 ----RSD---- C:Windowsassembly
2009-05-11 13:53:10 ----D---- C:UsersBrianAppDataRoamingMove Networks
List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)
R1 mfehidk;McAfee Inc. mfehidk; C:Windowssystem32driversmfehidk.sys []
R1 MPFP;MPFP; C:WindowsSystem32DriversMpfp.sys []
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:Windowssystem32DRIVERSRtNdPt60.sys []
R3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:Windowssystem32DRIVERSGEARAspiWDM.sys []
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversHdAudio.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:Windowssystem32driversksthunk.sys []
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:Windowssystem32DRIVERSManyCam_x64.sys []
R3 mfeavfk;McAfee Inc. mfeavfk; C:Windowssystem32driversmfeavfk.sys []
R3 mfesmfk;McAfee Inc. mfesmfk; C:Windowssystem32driversmfesmfk.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh64.sys []
R3 USBAAPL64;Apple Mobile USB Driver; C:WindowsSystem32Driversusbaapl64.sys []
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys []
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:Windowssystem32DRIVERSBrSerIf.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys []
S3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:Windowssystem32DRIVERSe1e6032e.sys []
S3 mferkdk;McAfee Inc. mferkdk; C:Windowssystem32driversmferkdk.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:Windowssystem32DRIVERSpccsmcfdx64.sys []
S3 R300;R300; C:Windowssystem32DRIVERSatikmdag.sys []
S3 UMPass;Microsoft UMPass Driver; C:Windowssystem32DRIVERSumpass.sys []
S3 usbaudio;USB Audio Driver (WDM); C:Windowssystem32driversusbaudio.sys []
S3 usbscan;USB Scanner Driver; C:Windowssystem32DRIVERSusbscan.sys []
S3 VX3000;VX-3000; C:Windowssystem32DRIVERSVX3000.sys []
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:Windowssystem32DRIVERSxusb21.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys []
S4 iaStor;Intel AHCI Controller; C:Windowssystem32driversiastor.sys []
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys []
List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)
R2 AERTFilters;Andrea RT Filters Service; C:Windowssystem32AERTSr64.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:Program Files (x86)Common FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-03-06 132424]
R2 Ati External Event Utility;Ati External Event Utility; C:Windowssystem32Ati2evxx.exe []
R2 Bonjour Service;Bonjour Service; C:Program Files (x86)BonjourmDNSResponder.exe [2008-12-12 238888]
R2 DockLoginService;Dock Login Service; C:Program FilesDellDellDockDockLogin.exe [2008-08-22 214016]
R2 mcmscsvc;McAfee Services; C:PROGRA~2McAfeeMSCmcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:PROGRA~2COMMON~1mcafeemnamcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:PROGRA~2COMMON~1mcafeemcproxymcproxy.exe [2007-12-11 358224]
R2 McShield;McAfee Real-time Scanner; C:PROGRA~1McAfeeVIRUSS~1mcshield.exe [2007-07-24 153408]
R2 MpfService;McAfee Personal Firewall Service; C:Program Files (x86)McAfeeMPFMPFSrv.exe [2007-07-18 856864]
R2 MSCamSvc;MSCamSvc; C:Program Files (x86)Microsoft LifeCamMSCamS64.exe [2007-05-17 443752]
R2 MSK80Service;McAfee Anti-Spam Service; C:Program Files (x86)McAfeeMSKMskSrver.exe [2007-11-26 23880]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WindowsSystem32svchost.exe [2008-01-20 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WindowsSystem32svchost.exe [2008-01-20 21504]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:Program Files (x86)ViewpointCommonViewpointService.exe [2007-01-04 24652]
R3 iPod Service;iPod Service; C:Program Files (x86)iPodbiniPodService.exe [2009-04-02 656168]
R3 McSysmon;McAfee SystemGuards; C:PROGRA~2McAfeeVIRUSS~1mcsysmon.exe [2007-12-05 695624]
R3 Steam Client Service;Steam Client Service; C:Program Files (x86)Common FilesSteamSteamService.exe [2009-06-01 322032]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2008-01-20 93696]
S3 GameConsoleService;GameConsoleService; C:Program Files (x86)WildTangentDell GamesDell Game ConsoleGameConsoleService.exe [2008-07-04 164600]
S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe [2004-10-22 73728]
S3 McODS;McAfee Scanner; C:PROGRA~1McAfeeVIRUSS~1mcods.exe [2007-11-07 702792]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program Files (x86)Microsoft OfficeOffice12GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:Program Files (x86)Common FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%sysWow64perfhost.exe,-2; C:WindowsSysWow64perfhost.exe [2008-01-20 19968]
S3 ServiceLayer;ServiceLayer; C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe [2009-03-04 621056]
S3 stllssvr;stllssvr; C:Program Files (x86)Common FilesSureThing Sharedstllssvr.exe [2008-03-24 74384]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:Program Files (x86)Windows LiveMessengerusnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:Program Files (x86)Windows LiveinstallerWLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
and RSIT info.txt
info.txt logfile of random's system information tool 1.06 2009-06-10 01:06:52
Uninstall list
-->'C:Program Files (x86)WildTangentDell GamesBejeweled 2 DeluxeUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesBlasterball 2 RevolutionUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesBuild-a-lot 2Uninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesChuzzle DeluxeUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesDell Game ConsoleUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesDream ChroniclesUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesFATEUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesPolar BowlerUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesPolar GolferUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesPolar PoolUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesVirtual Villagers - The Secret CityUninstall.exe'
-->C:Program Files (x86)DivXDivXConverterUninstall.exe /CONVERTER
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {00C5525B-3CB3-467D-8100-2E6FB306CD86}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->c:Program Files (x86)Common FilesAdobe AIRVersions1.0ResourcesAdobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 Plugin-->C:WindowsSysWOW64MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX-->C:WindowsSysWOW64MacromedFlashuninstall_activeX.exe
Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
AIM 6-->C:Program Files (x86)AIM6uninst.exe
AIM Toolbar-->'C:Program Files (x86)AIM Toolbaruninstall.exe'
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
ATI Catalyst Control Center-->RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime0901Intel32Ctor.dll,LaunchSetup 'C:Program Files (x86)InstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe' -l0x9
Brother MFL-Pro Suite MFC-490CW-->'C:Program Files (x86)InstallShield Installation Information{D9461574-5FC0-4641-BBDC-D1038B196F55}Setup.exe' -runfromtemp -l0x0009 UNINSTALL Reg=BH9_C2 -removeonly
Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Browser Address Error Redirector-->regsvr32 /u /s 'C:Program Files (x86)DellBAEBAE.dll'
Dell Best of Web-->MsiExec.exe /I{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}
Dell Getting Started Guide-->MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
Dell Video Chat (remove only)-->C:Program Files (x86)Dell Video Chatuninst.exe
DELL0604-->MsiExec.exe /I{3D8F9830-D6A3-413A-9A54-993827A73E47}
Dell-eBay-->MsiExec.exe /I{B935C985-A17F-484B-8470-09E4FC27DC26}
DivX Codec-->C:Program Files (x86)DivXDivXCodecUninstall.exe /CODEC
DivX Converter-->C:Program Files (x86)DivXDivXConverterUninstall.exe /CONVERTER
DivX Player-->C:Program Files (x86)DivXDivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:Program Files (x86)DivXDivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:Program Files (x86)DivXDivXWebPlayerUninstall.exe /PLUGIN
Download Manager 2.3.7-->C:Program Files (x86)Download Manageruninst.exe
Download Updater (AOL LLC)-->C:Program Files (x86)Common FilesSoftware Update Utilityuninstall.exe
Dream Render 2.20-->'C:Program FilesDreamRenderunins000.exe'
EDocs-->RunDll32 C:PROGRA~2COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup 'C:Program Files (x86)InstallShield Installation Information{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}setup.exe'
FFHandyInternetAdvice-->C:Program Files (x86)Mozilla FirefoxextensionsHandyInternetAdvice@HandyInternetAdviceuninstall.exe uninstall=handyinternetadviceff
Google Toolbar for Internet Explorer-->'C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarManager_BDA1448D3D255554.exe' /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->'C:Program Files (x86)trend microHijackThis.exe' /uninstall
Java™ 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Malwarebytes' Anti-Malware-->'C:Program Files (x86)Malwarebytes' Anti-Malwareunins000.exe'
ManyCam 2.4 (remove only)-->'C:Program Files (x86)ManyCam 2.4uninstall.exe'
McAfee SecurityCenter-->C:Program Files (x86)McAfeeMSCmcuninst.exe
Medieval II Total War-->'C:Program Files (x86)InstallShield Installation Information{A9D0745C-BABD-472B-8AF0-FAF888D31046}setup.exe' -runfromtemp -l0x0009 -removeonly
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft LifeCam-->MsiExec.exe /X{63AFACBC-4795-4A1B-8037-5085DC03FC54}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->'C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe' /uninstall ENTERPRISER /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.10)-->C:Program Files (x86)Mozilla Firefoxuninstallhelper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{82427977-8776-4087-90CA-9F65174D3C4D}
PC Connectivity Solution-->MsiExec.exe /I{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}
PC ScanAndSweep-->C:Program Files (x86)InstallShield Installation Information{323C7763-A048-4E06-A339-729632A3F95E}setup.exe -runfromtemp -l0x0009 -removeonly
PC SpeedScan Pro-->C:Program Files (x86)InstallShield Installation Information{80F24F31-F641-4349-83F3-59E335976D16}setup.exe -runfromtemp -l0x0009 -removeonly
Performance Center-->C:Program Files (x86)InstallShield Installation Information{BB05BD70-4605-4829-93FC-AD80D8CC5B66}setup.exe -runfromtemp -l0x0009 -removeonly
Picasa 3-->'C:Program Files (x86)GooglePicasa3Uninstall.exe'
PlayMP3z-->C:Program Files (x86)PlayMP3zuninstall.exe uninstall=playmp3z
PowerDVD-->RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1100Intel32Ctor.dll,LaunchSetup 'C:Program Files (x86)InstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}setup.exe' -l0x9 -cluninstall
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek Ethernet Network Card Diagnostic tool for Windows Vista-->C:Program Files (x86)InstallShield Installation Information{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd64.exe -r -m -nrg2709
Roxio Creator Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Creator Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Creator Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Creator DE-->C:ProgramDataUninstall{09760D42-E223-42AD-8C3E-55B47D0DDAC3}setup.exe /x {09760D42-E223-42AD-8C3E-55B47D0DDAC3}
Roxio Creator DE-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Creator Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
R-Wipe&Clean 8.6-->'C:Program Files (x86)R-Wipe&Cleanunins000.exe'
ScanSoft PaperPort 11-->MsiExec.exe /I{7A8FF745-BBC5-482B-88E4-18D3178249A9}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Spyware Striker-->C:Program Files (x86)InstallShield Installation Information{E8B0BD86-073B-4D7E-B0F1-CC37E70014D4}setup.exe -runfromtemp -l0x0009 -removeonly
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TBS WMP Plug-in-->C:PROGRA~2COMMON~1INSTAL~1Driver1050INTEL3~1IDriver.exe /M{13515135-48BB-4184-8C1F-2FAE0138E200}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
Viewpoint Media Player-->C:Program Files (x86)ViewpointViewpoint Media PlayermtsAxInstaller.exe /u
Warhammer 40,000: Dawn of War II-->'C:Program Files (x86)Steamsteam.exe' steam://uninstall/15620
WildTangent Games-->'C:Program Files (x86)WildTangentDell GamesUninstall.exe'
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Zilla Popup Killer 5.0.0.0-->'C:Program Files (x86)Zilla Popup Killerunins000.exe'
Hosts File
127.0.0.1 ZillaPopupKiller
127.0.0.1 123banners.com
127.0.0.1 control.123banners.com
127.0.0.1 ftp.123banners.com
127.0.0.1 ftp.control.123banners.com
127.0.0.1 www.123banners.com
127.0.0.1 247media.com
127.0.0.1 agami.247media.com
127.0.0.1 ap.www.sabela.com
127.0.0.1 au.www.sabela.com
Security center information
AS: Windows Defender
System event log
Computer Name: Brian-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 34344
Source Name: Tcpip
Time Written: 20090609194429.757356-000
Event Type: Warning
User:
Computer Name: Brian-PC
Event Code: 36
Message: The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization.
Record Number: 34352
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090609232801.000000-000
Event Type: Warning
User:
Computer Name: Brian-PC
Event Code: 10000
Message: Unable to start a DCOM Server: {2692A9D5-61DF-46D5-A5A1-A6CCA921D578}. The error:
'786'
Happened while starting this command:
'C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe' -Embedding
Record Number: 34364
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090610040004.000000-000
Event Type: Error
User:
Computer Name: Brian-PC
Event Code: 3004
Message: Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow.
For more information please see the following:
Not Applicable
Scan ID: {8AAE7DE7-2169-4498-A239-1F17F56DCE2F}
User: Brian-PCBrian
Name: Unknown
ID:
Severity ID:
Category ID:
Path Found: file:C:Windowssystem32driversetchosts
Alert Type: Unclassified software
Detection Type:
Record Number: 34371
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090610043206.000000-000
Event Type: Warning
User:
Computer Name: Brian-PC
Event Code: 3004
Message: Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow.
For more information please see the following:
Not Applicable
Scan ID: {F1DF8B1E-EC30-4AB7-A160-A68BAF6B9280}
User: Brian-PCBrian
Name: Unknown
ID:
Severity ID:
Category ID:
Path Found: regkey:HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionRunOnceMalwarebytes' Anti-Malware;runonce:HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionRunOnceMalwarebytes' Anti-Malware;file:C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe
Alert Type: Unclassified software
Detection Type:
Record Number: 34378
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090610050000.000000-000
Event Type: Warning
User:
Application event log
Computer Name: Brian-PC
Event Code: 4621
Message: The COM+ Event System could not remove the EventSystem.EventSubscription object {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The HRESULT was 80070005.
Record Number: 5186
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090609044026.000000-000
Event Type: Error
User:
Computer Name: Brian-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
20 user registry handles leaked from RegistryUserS-1-5-21-895920143-1221994733-1013656619-1002:
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002
Process 800 (DeviceHarddiskVolume3WindowsSystem32winlogon.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002Software
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002Software
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatestrust
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatesCA
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePoliciesMicrosoftSystemCertificates
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePoliciesMicrosoftSystemCertificates
Process 800 (DeviceHarddiskVolume3WindowsSystem32winlogon.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePoliciesMicrosoftWindowsSaferCodeIdentifiers
Process 824 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePoliciesMicrosoftWindowsSaferCodeIdentifiers
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatesSmartCardRoot
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePolicies
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePolicies
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftWindows NTCurrentVersionNetworkLocation Awareness
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatesMy
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatesMy
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftWindowsCurrentVersionInternet SettingsZoneMap
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftWindowsCurrentVersionInternet SettingsZoneMap
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatesRoot
Record Number: 5188
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090609044028.000000-000
Event Type: Warning
User: NT AUTHORITYSYSTEM
Computer Name: Brian-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from RegistryUserS-1-5-21-895920143-1221994733-1013656619-1002_Classes:
Process 1488 (DeviceHarddiskVolume3WindowsSystem32spoolsv.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002_CLASSESLocal SettingsSoftwareMicrosoftWindowsShellMuiCache
Record Number: 5190
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090609044028.000000-000
Event Type: Warning
User: NT AUTHORITYSYSTEM
Computer Name: Brian-PC
Event Code: 10010
Message: Application 'C:Program Files (x86)ProxureMCE Tunes ProMCETunesExtenderSupport.exe' (pid 4772) cannot be restarted - Application SID does not match Conductor SID..
Record Number: 5193
Source Name: Microsoft-Windows-RestartManager
Time Written: 20090609054335.617356-000
Event Type: Warning
User: Brian-PCBrian
Computer Name: Brian-PC
Event Code: 1002
Message: The program firefox.exe version 1.9.0.3399 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: cb4 Start Time: 01c9e93b98ce37ac Termination Time: 7
Record Number: 5210
Source Name: Application Hang
Time Written: 20090609195945.000000-000
Event Type: Error
User:
Security event log
Computer Name: Brian-PC
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: BRIAN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x268
Process Name: C:WindowsSystem32services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 13162
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090610041357.236000-000
Event Type: Audit Success
User:
Computer Name: Brian-PC
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 13163
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090610041357.236000-000
Event Type: Audit Success
User:
Computer Name: Brian-PC
Event Code: 4648
Message: A logon was attempted using explicit credentials.
Subject:
Security ID: S-1-5-18
Account Name: BRIAN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}
Target Server:
Target Server Name: localhost
Additional Information: localhost
Process Information:
Process ID: 0x268
Process Name: C:WindowsSystem32services.exe
Network Information:
Network Address: -
Port: -
This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 13164
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090610045731.276000-000
Event Type: Audit Success
User:
Computer Name: Brian-PC
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: BRIAN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x268
Process Name: C:WindowsSystem32services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 13165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090610045731.276000-000
Event Type: Audit Success
User:
Computer Name: Brian-PC
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 13166
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090610045731.276000-000
Event Type: Audit Success
User:
Environment variables
'ComSpec'=%SystemRoot%system32cmd.exe
'FP_NO_HOST_CHECK'=NO
'OS'=Windows_NT
'Path'=C:Program Files (x86)PC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program Files (x86)ATI TechnologiesATI.ACECore-Static;C:Program Files (x86)Common FilesRoxio SharedDLLShared;C:Program Files (x86)Common FilesRoxio Shared10.0DLLShared;C:Program Files (x86)QuickTimeQTSystem
'PATHEXT'=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
'PROCESSOR_ARCHITECTURE'=AMD64
'TEMP'=%SystemRoot%TEMP
'TMP'=%SystemRoot%TEMP
'USERNAME'=SYSTEM
'windir'=%SystemRoot%
'PROCESSOR_LEVEL'=6
'PROCESSOR_IDENTIFIER'=Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
'PROCESSOR_REVISION'=0f0b
'NUMBER_OF_PROCESSORS'=4
'TRACE_FORMAT_SEARCH_PATH'=NTREL202.ntdev.corp.microsoft.com34FB5F65-FFEB-4B61-BF0E-A6A76C450FAATraceFormat
'DFSTRACINGON'=FALSE
'RoxioCentral'=C:Program Files (x86)Common FilesRoxio Shared10.0Roxio Central36
'CLASSPATH'=.;C:Program Files (x86)Javajre1.6.0_07libextQTJava.zip
'QTJAVA'=C:Program Files (x86)Javajre1.6.0_07libextQTJava.zip
-----------------EOF-----------------
Just the past day or two, I have been getting all these pop ups, and a very slow response from my firefox program. I found this site through a google search, and was wondering if you guys could help me out. Here's some things that may be useful:
RSIT log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by Brian at 2009-06-10 01:06:38
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 532 GB (76%) free of 700 GB
Total RAM: 4094 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:06:50 AM, on 6/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
c:PROGRA~2mcafee.comagentmcagent.exe
C:WindowsvVX3000.exe
C:Program Files (x86)Dell Video ChatDellVideoChat.exe
C:Program Files (x86)Windows LiveMessengermsnmsgr.exe
C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program Files (x86)SteamSteam.exe
C:Program Files (x86)ManyCam 2.4ManyCam.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exe
C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe
C:Program Files (x86)BrotherBrmfcmonBrMfcWnd.exe
C:Program Files (x86)BrotherControlCenter3brccMCtl.exe
C:Program Files (x86)BrotherBrmfcmonBrMfcmon.exe
C:Program Files (x86)iTunesiTunesHelper.exe
c:PROGRA~2mcafeemscmcuimgr.exe
C:Program Files (x86)AscentivePC SpeedScan ProPCSpeedScan.exe
C:Program Files (x86)Zilla Popup KillerZillaPop.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:Program Files (x86)Malwarebytes' Anti-Malwarembam.exe
C:UsersBrianDownloadsRSIT.exe
c:PROGRA~2mcafeempfmcmpfalert.exe
C:Program Files (x86)trend microBrian.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:PROGRA~2mcafeemskmcapbho.dll
O2 - BHO: CookieHlprObj Class - {4DF1DB24-A57C-11d3-A180-00A0C90AE44B} - C:Program Files (x86)Zilla Popup KillerZillaBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program Files (x86)McAfeeVirusScanscriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program Files (x86)GoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:Program Files (x86)AIM Toolbaraimtb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program Files (x86)GoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:Program Files (x86)DellBAEBAE.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:Program Files (x86)Ask.comGenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll
O2 - BHO: HandyInternetAdvice - {DF037828-857E-D996-F703-F81E5C2A464C} - C:Program Files (x86)HandyInternetAdviceHandyInternetAdvice.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:Program Files (x86)AIM Toolbaraimtb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:Program Files (x86)Ask.comGenericAskToolbar.dll
O4 - HKLM..Run: [SunJavaUpdateSched] 'C:Program Files (x86)Javajre6binjusched.exe'
O4 - HKLM..Run: [StartCCC] 'C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe'
O4 - HKLM..Run: [mcagent_exe] C:Program Files (x86)McAfee.comAgentmcagent.exe /runkey
O4 - HKLM..Run: [PDVDDXSrv] 'C:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exe'
O4 - HKLM..Run: [GrooveMonitor] 'C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe'
O4 - HKLM..Run: [Performance Center] 'C:Program Files (x86)AscentivePerformance CenterApcMain.exe' -m
O4 - HKLM..Run: [PC SpeedScan Pro] 'C:Program Files (x86)AscentivePC SpeedScan ProPCSpeedScan.exe' -m
O4 - HKLM..Run: [PC ScanAndSweep] 'C:Program Files (x86)AscentivePC ScanAndSweepPCScanAndSweep.exe' -m
O4 - HKLM..Run: [LifeCam] 'C:Program Files (x86)Microsoft LifeCamLifeExp.exe'
O4 - HKLM..Run: [QuickTime Task] 'C:Program Files (x86)QuickTimeQTTask.exe' -atboottime
O4 - HKLM..Run: [SSBkgdUpdate] 'C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe' -Embedding -boot
O4 - HKLM..Run: [PaperPort PTD] 'C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe'
O4 - HKLM..Run: [IndexSearch] 'C:Program Files (x86)ScanSoftPaperPortIndexSearch.exe'
O4 - HKLM..Run: [PPort11reminder] 'C:Program Files (x86)ScanSoftPaperPortEregEreg.exe' -r 'C:ProgramDataScanSoftPaperPort11ConfigEregEreg.ini'
O4 - HKLM..Run: [BrMfcWnd] 'C:Program Files (x86)BrotherBrmfcmonBrMfcWnd.exe' /AUTORUN
O4 - HKLM..Run: [ControlCenter3] 'C:Program Files (x86)BrotherControlCenter3brctrcen.exe' /autorun
O4 - HKLM..Run: [iTunesHelper] 'C:Program Files (x86)iTunesiTunesHelper.exe'
O4 - HKLM..Run: [Adobe Reader Speed Launcher] 'C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe'
O4 - HKLM..RunOnce: [Malwarebytes' Anti-Malware] 'C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe' /install /silent
O4 - HKCU..Run: [SightSpeed] 'C:Program Files (x86)Dell Video ChatDellVideoChat.exe' -bootmode
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [MsnMsgr] 'C:Program Files (x86)Windows LiveMessengerMsnMsgr.Exe' /background
O4 - HKCU..Run: [igndlm.exe] C:Program Files (x86)Download ManagerDLM.exe /windowsstart /startifwork
O4 - HKCU..Run: [swg] C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [Steam] 'c:program files (x86)steamsteam.exe' -silent
O4 - HKCU..Run: [ManyCam] 'C:Program Files (x86)ManyCam 2.4ManyCam.exe'
O4 - HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe
O4 - HKCU..Run: [Zilla Popup Killer] C:Program Files (x86)Zilla Popup KillerZillaPop.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:Program Files (x86)AIM Toolbaraimtb.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~1Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~2MICROS~1Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~2MICROS~1Office12REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32wpclsp.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:Program Files (x86)Microsoft OfficeOffice12GrooveSystemServices.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:Program Files (x86)GoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:Program Files (x86)OpinionSquareopai.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Unknown owner - C:Windowssystem32AERTSr64.exe (file missing)
![Neosat Neosat](/uploads/1/2/4/7/124734853/659975946.png)
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program Files (x86)Common FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:Windowssystem32Ati2evxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:Program Files (x86)BonjourmDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:Program FilesDellDellDockDockLogin.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:Program Files (x86)WildTangentDell GamesDell Game ConsoleGameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:Program Files (x86)iPodbiniPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:PROGRA~2McAfeeMSCmcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:PROGRA~2COMMON~1mcafeemnamcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:PROGRA~1McAfeeVIRUSS~1mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:PROGRA~2COMMON~1mcafeemcproxymcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:PROGRA~1McAfeeVIRUSS~1mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:PROGRA~2McAfeeVIRUSS~1mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:Program Files (x86)McAfeeMPFMPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:Program Files (x86)McAfeeMSKMskSrver.exe
O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe
O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program Files (x86)Common FilesSureThing Sharedstllssvr.exe
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:Program Files (x86)ViewpointCommonViewpointService.exe
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
--
End of file - 13867 bytes
Scheduled tasks folder
C:WindowstasksMcDefragTask.job
C:WindowstasksMCE Tunes Auto Sync.job
C:WindowstasksMcQcTask.job
C:WindowstasksRtlNICDiagVistaStart.job
C:WindowstasksUser_Feed_Synchronization-{20D786F1-A64A-4D53-9976-8AB1B9698033}.job
Registry dump
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:PROGRA~2mcafeemskmcapbho.dll [2007-11-26 324936]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{4DF1DB24-A57C-11d3-A180-00A0C90AE44B}]
CookieHlprObj Class - C:Program Files (x86)Zilla Popup KillerZillaBHO.dll [2000-04-27 69632]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:Program Files (x86)McAfeeVirusScanscriptsn.dll [2007-11-09 58688]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar.dll [2009-04-29 259696]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:Program Files (x86)GoogleGoogleToolbarNotifier5.1.1309.3572swg.dll [2009-04-15 668656]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{b0cda128-b425-4eef-a174-61a11ac5dbf8}]
AIM Toolbar Loader - C:Program Files (x86)AIM Toolbaraimtb.dll [2008-10-07 1275176]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:Program Files (x86)GoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll [2009-04-29 470512]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:Program Files (x86)DellBAEBAE.dll [2006-11-09 98304]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask.com Toolbar - C:Program Files (x86)Ask.comGenericAskToolbar.dll [2009-02-26 809864]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:Program Files (x86)Javajre6binjp2ssv.dll [2009-05-04 35840]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DF037828-857E-D996-F703-F81E5C2A464C}]
HandyInternetAdvice - C:Program Files (x86)HandyInternetAdviceHandyInternetAdvice.dll [2009-06-03 154112]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{61539ecd-cc67-4437-a03c-9aaccbd14326} - AIM Toolbar - C:Program Files (x86)AIM Toolbaraimtb.dll [2008-10-07 1275176]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar.dll [2009-04-29 259696]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask.com Toolbar - C:Program Files (x86)Ask.comGenericAskToolbar.dll [2009-02-26 809864]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
'SunJavaUpdateSched'=C:Program Files (x86)Javajre6binjusched.exe [2009-05-04 148888]
'StartCCC'=C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe [2008-01-21 61440]
'mcagent_exe'=C:Program Files (x86)McAfee.comAgentmcagent.exe [2007-11-01 582992]
'PDVDDXSrv'=C:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exe [2008-05-23 128296]
'GrooveMonitor'=C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe [2007-08-24 33648]
'Performance Center'=C:Program Files (x86)AscentivePerformance CenterApcMain.exe [2008-05-16 3231744]
'PC SpeedScan Pro'=C:Program Files (x86)AscentivePC SpeedScan ProPCSpeedScan.exe [2008-08-21 2093056]
'PC ScanAndSweep'=C:Program Files (x86)AscentivePC ScanAndSweepPCScanAndSweep.exe [2008-10-06 2519040]
'LifeCam'=C:Program Files (x86)Microsoft LifeCamLifeExp.exe [2007-05-17 279912]
'QuickTime Task'=C:Program Files (x86)QuickTimeQTTask.exe [2009-01-05 413696]
'SSBkgdUpdate'=C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe [2006-10-25 210472]
'PaperPort PTD'=C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe [2007-10-11 29984]
'IndexSearch'=C:Program Files (x86)ScanSoftPaperPortIndexSearch.exe [2007-10-11 46368]
'PPort11reminder'=C:Program Files (x86)ScanSoftPaperPortEregEreg.exe [2007-08-31 328992]
'BrMfcWnd'=C:Program Files (x86)BrotherBrmfcmonBrMfcWnd.exe [2008-04-11 1085440]
'ControlCenter3'=C:Program Files (x86)BrotherControlCenter3brctrcen.exe [2007-12-21 86016]
'iTunesHelper'=C:Program Files (x86)iTunesiTunesHelper.exe [2009-04-02 342312]
'Adobe Reader Speed Launcher'=C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce]
'Malwarebytes' Anti-Malware'=C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe [2009-05-26 414480]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
'SightSpeed'=C:Program Files (x86)Dell Video ChatDellVideoChat.exe [2008-08-15 4812664]
'ehTray.exe'=C:WindowsehomeehTray.exe [2008-01-20 138240]
'Aim6'= []
'MsnMsgr'=C:Program Files (x86)Windows LiveMessengerMsnMsgr.Exe [2007-10-18 5724184]
'igndlm.exe'=C:Program Files (x86)Download ManagerDLM.exe [2008-08-01 1103216]
'swg'=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2008-11-04 68856]
'Steam'=c:program files (x86)steamsteam.exe [2009-06-01 1217784]
'ManyCam'=C:Program Files (x86)ManyCam 2.4ManyCam.exe [2009-04-17 1824040]
'WMPNSCFG'=C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe []
'Zilla Popup Killer'=C:Program Files (x86)Zilla Popup KillerZillaPop.exe [2006-05-03 524288]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
'AppInit_DLLS'='C:Program Files (x86)OpinionSquareopai.dll'
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
'{B5A7F190-DDA6-4420-B3BA-52453494E6CD}'=C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalmcmscsvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMCODS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkmcmscsvc]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMCODS]
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkMpfService]
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
'LogonHoursAction'=2
'DontDisplayLogonHoursWarnings'=1
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
'dontdisplaylastusername'=0
'legalnoticecaption'=
'legalnoticetext'=
'shutdownwithoutlogon'=1
'undockwithoutlogon'=1
'EnableUIADesktopToggle'=0
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
'NoDriveTypeAutoRun'=145
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
'NoActiveDesktop'=
'NoActiveDesktopChanges'=
'ForceActiveDesktopOn'=
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{639c8e46-3e4d-11de-8c9b-002170453a65}]
shellAutoRuncommand - K:LaunchU3.exe -a
List of files/folders created in the last 1 months
2009-06-10 01:06:38 ----D---- C:rsit
2009-06-10 01:06:38 ----D---- C:Program Files (x86)trend micro
2009-06-10 00:59:59 ----D---- C:UsersBrianAppDataRoamingMalwarebytes
2009-06-10 00:59:55 ----D---- C:ProgramDataMalwarebytes
2009-06-10 00:59:54 ----D---- C:Program Files (x86)Malwarebytes' Anti-Malware
2009-06-10 00:58:00 ----SHD---- C:Config.Msi
2009-06-09 15:17:44 ----A---- C:Windowshdd.ini
2009-06-09 15:17:43 ----D---- C:UsersBrianAppDataRoamingR-Wipe&Clean
2009-06-09 15:17:43 ----D---- C:Program Files (x86)R-Wipe&Clean
2009-06-09 15:15:39 ----D---- C:Program Files (x86)Zilla Popup Killer
2009-06-07 20:34:05 ----D---- C:UsersBrianAppDataRoamingU3
2009-06-04 13:37:02 ----HD---- C:WindowsPIF
2009-06-04 13:37:02 ----D---- C:Program Files (x86)PlayMP3z
2009-06-04 13:37:02 ----D---- C:Program Files (x86)HandyInternetAdvice
2009-06-01 04:29:25 ----D---- C:Program Files (x86)Common FilesAdobe AIR
2009-05-31 18:30:17 ----D---- C:ProgramDataNOS
2009-05-31 18:30:15 ----D---- C:Program Files (x86)NOS
2009-05-23 23:31:37 ----D---- C:UsersBrianAppDataRoamingLimeWire
List of files/folders modified in the last 1 months
2009-06-10 01:06:50 ----D---- C:WindowsPrefetch
2009-06-10 01:06:49 ----D---- C:WindowsTemp
2009-06-10 01:06:38 ----RD---- C:Program Files (x86)
2009-06-10 00:59:56 ----D---- C:Windowssystem32drivers
2009-06-10 00:59:55 ----D---- C:ProgramData
2009-06-10 00:58:15 ----SHD---- C:WindowsInstaller
2009-06-10 00:58:14 ----D---- C:Program Files (x86)Nokia
2009-06-10 00:58:14 ----D---- C:Program Files (x86)Common Files
2009-06-10 00:58:02 ----D---- C:Windowsinf
2009-06-10 00:05:28 ----SHD---- C:System Volume Information
2009-06-09 15:17:44 ----D---- C:WindowsSysWOW64
2009-06-09 15:17:44 ----D---- C:Windows
2009-06-09 15:04:30 ----D---- C:WindowsSystem32
2009-06-09 14:13:27 ----D---- C:UsersBrianAppDataRoamingMozilla
2009-06-09 14:13:24 ----D---- C:Program Files (x86)Mozilla Firefox
2009-06-09 01:45:51 ----D---- C:WindowsMinidump
2009-06-09 01:44:31 ----D---- C:Program Files (x86)EA GAMES
2009-06-09 01:42:55 ----D---- C:WindowsTasks
2009-06-09 01:42:29 ----D---- C:Program Files (x86)Steam
2009-06-09 00:36:12 ----D---- C:UsersBrianAppDataRoamingFMZilla
2009-06-08 19:26:06 ----A---- C:Windowsntbtlog.txt
2009-06-04 13:37:23 ----D---- C:Program Files (x86)Windows Media Player
2009-06-03 03:00:22 ----D---- C:Windowswinsxs
2009-06-02 07:58:38 ----HD---- C:Program Files (x86)InstallShield Installation Information
2009-06-01 11:51:08 ----D---- C:Program Files (x86)Common FilesSteam
2009-06-01 04:29:36 ----SD---- C:WindowsDownloaded Program Files
2009-06-01 04:29:33 ----D---- C:Program Files (x86)Adobe
2009-06-01 04:29:26 ----D---- C:ProgramDataAdobe
2009-06-01 04:23:52 ----SHD---- C:$Recycle.Bin
2009-06-01 04:23:02 ----RD---- C:Users
2009-05-31 18:33:48 ----D---- C:Program Files (x86)Common FilesAdobe
2009-05-23 23:24:37 ----D---- C:downloads
2009-05-14 03:01:05 ----D---- C:Program Files (x86)Windows Mail
2009-05-14 03:00:54 ----D---- C:ProgramDataMicrosoft Help
2009-05-14 03:00:51 ----RSD---- C:Windowsassembly
2009-05-11 13:53:10 ----D---- C:UsersBrianAppDataRoamingMove Networks
List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)
R1 mfehidk;McAfee Inc. mfehidk; C:Windowssystem32driversmfehidk.sys []
R1 MPFP;MPFP; C:WindowsSystem32DriversMpfp.sys []
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:Windowssystem32DRIVERSRtNdPt60.sys []
R3 atikmdag;atikmdag; C:Windowssystem32DRIVERSatikmdag.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:Windowssystem32DRIVERSGEARAspiWDM.sys []
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:Windowssystem32driversHdAudio.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:Windowssystem32driversRTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:Windowssystem32driversksthunk.sys []
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:Windowssystem32DRIVERSManyCam_x64.sys []
R3 mfeavfk;McAfee Inc. mfeavfk; C:Windowssystem32driversmfeavfk.sys []
R3 mfesmfk;McAfee Inc. mfesmfk; C:Windowssystem32driversmfesmfk.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:Windowssystem32DRIVERSRtlh64.sys []
R3 USBAAPL64;Apple Mobile USB Driver; C:WindowsSystem32Driversusbaapl64.sys []
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys []
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:Windowssystem32DRIVERSBrSerIf.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys []
S3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:Windowssystem32DRIVERSe1e6032e.sys []
S3 mferkdk;McAfee Inc. mferkdk; C:Windowssystem32driversmferkdk.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:Windowssystem32DRIVERSpccsmcfdx64.sys []
S3 R300;R300; C:Windowssystem32DRIVERSatikmdag.sys []
![Soft Soft](/uploads/1/2/4/7/124734853/355354663.png)
S3 UMPass;Microsoft UMPass Driver; C:Windowssystem32DRIVERSumpass.sys []
S3 usbaudio;USB Audio Driver (WDM); C:Windowssystem32driversusbaudio.sys []
S3 usbscan;USB Scanner Driver; C:Windowssystem32DRIVERSusbscan.sys []
S3 VX3000;VX-3000; C:Windowssystem32DRIVERSVX3000.sys []
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:Windowssystem32DRIVERSxusb21.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys []
S4 iaStor;Intel AHCI Controller; C:Windowssystem32driversiastor.sys []
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32driverswmiacpi.sys []
List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)
R2 AERTFilters;Andrea RT Filters Service; C:Windowssystem32AERTSr64.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:Program Files (x86)Common FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-03-06 132424]
R2 Ati External Event Utility;Ati External Event Utility; C:Windowssystem32Ati2evxx.exe []
R2 Bonjour Service;Bonjour Service; C:Program Files (x86)BonjourmDNSResponder.exe [2008-12-12 238888]
R2 DockLoginService;Dock Login Service; C:Program FilesDellDellDockDockLogin.exe [2008-08-22 214016]
R2 mcmscsvc;McAfee Services; C:PROGRA~2McAfeeMSCmcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:PROGRA~2COMMON~1mcafeemnamcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:PROGRA~2COMMON~1mcafeemcproxymcproxy.exe [2007-12-11 358224]
R2 McShield;McAfee Real-time Scanner; C:PROGRA~1McAfeeVIRUSS~1mcshield.exe [2007-07-24 153408]
R2 MpfService;McAfee Personal Firewall Service; C:Program Files (x86)McAfeeMPFMPFSrv.exe [2007-07-18 856864]
R2 MSCamSvc;MSCamSvc; C:Program Files (x86)Microsoft LifeCamMSCamS64.exe [2007-05-17 443752]
R2 MSK80Service;McAfee Anti-Spam Service; C:Program Files (x86)McAfeeMSKMskSrver.exe [2007-11-26 23880]
R2 Net Driver HPZ12;Net Driver HPZ12; C:WindowsSystem32svchost.exe [2008-01-20 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:WindowsSystem32svchost.exe [2008-01-20 21504]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:Program Files (x86)ViewpointCommonViewpointService.exe [2007-01-04 24652]
R3 iPod Service;iPod Service; C:Program Files (x86)iPodbiniPodService.exe [2009-04-02 656168]
R3 McSysmon;McAfee SystemGuards; C:PROGRA~2McAfeeVIRUSS~1mcsysmon.exe [2007-12-05 695624]
R3 Steam Client Service;Steam Client Service; C:Program Files (x86)Common FilesSteamSteamService.exe [2009-06-01 322032]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2008-01-20 93696]
S3 GameConsoleService;GameConsoleService; C:Program Files (x86)WildTangentDell GamesDell Game ConsoleGameConsoleService.exe [2008-07-04 164600]
S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-04-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe [2004-10-22 73728]
S3 McODS;McAfee Scanner; C:PROGRA~1McAfeeVIRUSS~1mcods.exe [2007-11-07 702792]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program Files (x86)Microsoft OfficeOffice12GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:Program Files (x86)Common FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%sysWow64perfhost.exe,-2; C:WindowsSysWow64perfhost.exe [2008-01-20 19968]
S3 ServiceLayer;ServiceLayer; C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe [2009-03-04 621056]
S3 stllssvr;stllssvr; C:Program Files (x86)Common FilesSureThing Sharedstllssvr.exe [2008-03-24 74384]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:Program Files (x86)Windows LiveMessengerusnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:Program Files (x86)Windows LiveinstallerWLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
and RSIT info.txt
info.txt logfile of random's system information tool 1.06 2009-06-10 01:06:52
Uninstall list
-->'C:Program Files (x86)WildTangentDell GamesBejeweled 2 DeluxeUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesBlasterball 2 RevolutionUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesBuild-a-lot 2Uninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesChuzzle DeluxeUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesDell Game ConsoleUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesDream ChroniclesUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesFATEUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesPolar BowlerUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesPolar GolferUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesPolar PoolUninstall.exe'
-->'C:Program Files (x86)WildTangentDell GamesVirtual Villagers - The Secret CityUninstall.exe'
-->C:Program Files (x86)DivXDivXConverterUninstall.exe /CONVERTER
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {00C5525B-3CB3-467D-8100-2E6FB306CD86}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->c:Program Files (x86)Common FilesAdobe AIRVersions1.0ResourcesAdobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 Plugin-->C:WindowsSysWOW64MacromedFlashuninstall_plugin.exe
Adobe Flash Player ActiveX-->C:WindowsSysWOW64MacromedFlashuninstall_activeX.exe
Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
AIM 6-->C:Program Files (x86)AIM6uninst.exe
AIM Toolbar-->'C:Program Files (x86)AIM Toolbaruninstall.exe'
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
ATI Catalyst Control Center-->RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime0901Intel32Ctor.dll,LaunchSetup 'C:Program Files (x86)InstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}setup.exe' -l0x9
Brother MFL-Pro Suite MFC-490CW-->'C:Program Files (x86)InstallShield Installation Information{D9461574-5FC0-4641-BBDC-D1038B196F55}Setup.exe' -runfromtemp -l0x0009 UNINSTALL Reg=BH9_C2 -removeonly
Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Browser Address Error Redirector-->regsvr32 /u /s 'C:Program Files (x86)DellBAEBAE.dll'
Dell Best of Web-->MsiExec.exe /I{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}
Dell Getting Started Guide-->MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
Dell Video Chat (remove only)-->C:Program Files (x86)Dell Video Chatuninst.exe
DELL0604-->MsiExec.exe /I{3D8F9830-D6A3-413A-9A54-993827A73E47}
Dell-eBay-->MsiExec.exe /I{B935C985-A17F-484B-8470-09E4FC27DC26}
DivX Codec-->C:Program Files (x86)DivXDivXCodecUninstall.exe /CODEC
DivX Converter-->C:Program Files (x86)DivXDivXConverterUninstall.exe /CONVERTER
DivX Player-->C:Program Files (x86)DivXDivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:Program Files (x86)DivXDivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:Program Files (x86)DivXDivXWebPlayerUninstall.exe /PLUGIN
Download Manager 2.3.7-->C:Program Files (x86)Download Manageruninst.exe
Download Updater (AOL LLC)-->C:Program Files (x86)Common FilesSoftware Update Utilityuninstall.exe
Dream Render 2.20-->'C:Program FilesDreamRenderunins000.exe'
EDocs-->RunDll32 C:PROGRA~2COMMON~1INSTAL~1engine6INTEL3~1ctor.dll,LaunchSetup 'C:Program Files (x86)InstallShield Installation Information{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}setup.exe'
FFHandyInternetAdvice-->C:Program Files (x86)Mozilla FirefoxextensionsHandyInternetAdvice@HandyInternetAdviceuninstall.exe uninstall=handyinternetadviceff
Google Toolbar for Internet Explorer-->'C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarManager_BDA1448D3D255554.exe' /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->'C:Program Files (x86)trend microHijackThis.exe' /uninstall
Java™ 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Malwarebytes' Anti-Malware-->'C:Program Files (x86)Malwarebytes' Anti-Malwareunins000.exe'
ManyCam 2.4 (remove only)-->'C:Program Files (x86)ManyCam 2.4uninstall.exe'
McAfee SecurityCenter-->C:Program Files (x86)McAfeeMSCmcuninst.exe
Medieval II Total War-->'C:Program Files (x86)InstallShield Installation Information{A9D0745C-BABD-472B-8AF0-FAF888D31046}setup.exe' -runfromtemp -l0x0009 -removeonly
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft LifeCam-->MsiExec.exe /X{63AFACBC-4795-4A1B-8037-5085DC03FC54}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->'C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe' /uninstall ENTERPRISER /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.10)-->C:Program Files (x86)Mozilla Firefoxuninstallhelper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{82427977-8776-4087-90CA-9F65174D3C4D}
PC Connectivity Solution-->MsiExec.exe /I{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}
PC ScanAndSweep-->C:Program Files (x86)InstallShield Installation Information{323C7763-A048-4E06-A339-729632A3F95E}setup.exe -runfromtemp -l0x0009 -removeonly
PC SpeedScan Pro-->C:Program Files (x86)InstallShield Installation Information{80F24F31-F641-4349-83F3-59E335976D16}setup.exe -runfromtemp -l0x0009 -removeonly
Performance Center-->C:Program Files (x86)InstallShield Installation Information{BB05BD70-4605-4829-93FC-AD80D8CC5B66}setup.exe -runfromtemp -l0x0009 -removeonly
Picasa 3-->'C:Program Files (x86)GooglePicasa3Uninstall.exe'
PlayMP3z-->C:Program Files (x86)PlayMP3zuninstall.exe uninstall=playmp3z
PowerDVD-->RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime1100Intel32Ctor.dll,LaunchSetup 'C:Program Files (x86)InstallShield Installation Information{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}setup.exe' -l0x9 -cluninstall
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek Ethernet Network Card Diagnostic tool for Windows Vista-->C:Program Files (x86)InstallShield Installation Information{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd64.exe -r -m -nrg2709
Roxio Creator Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Creator Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Creator Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Creator DE-->C:ProgramDataUninstall{09760D42-E223-42AD-8C3E-55B47D0DDAC3}setup.exe /x {09760D42-E223-42AD-8C3E-55B47D0DDAC3}
Roxio Creator DE-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Creator Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
R-Wipe&Clean 8.6-->'C:Program Files (x86)R-Wipe&Cleanunins000.exe'
ScanSoft PaperPort 11-->MsiExec.exe /I{7A8FF745-BBC5-482B-88E4-18D3178249A9}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Spyware Striker-->C:Program Files (x86)InstallShield Installation Information{E8B0BD86-073B-4D7E-B0F1-CC37E70014D4}setup.exe -runfromtemp -l0x0009 -removeonly
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TBS WMP Plug-in-->C:PROGRA~2COMMON~1INSTAL~1Driver1050INTEL3~1IDriver.exe /M{13515135-48BB-4184-8C1F-2FAE0138E200}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
Viewpoint Media Player-->C:Program Files (x86)ViewpointViewpoint Media PlayermtsAxInstaller.exe /u
Warhammer 40,000: Dawn of War II-->'C:Program Files (x86)Steamsteam.exe' steam://uninstall/15620
WildTangent Games-->'C:Program Files (x86)WildTangentDell GamesUninstall.exe'
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Zilla Popup Killer 5.0.0.0-->'C:Program Files (x86)Zilla Popup Killerunins000.exe'
Hosts File
127.0.0.1 ZillaPopupKiller
127.0.0.1 123banners.com
127.0.0.1 control.123banners.com
127.0.0.1 ftp.123banners.com
127.0.0.1 ftp.control.123banners.com
127.0.0.1 www.123banners.com
127.0.0.1 247media.com
127.0.0.1 agami.247media.com
127.0.0.1 ap.www.sabela.com
127.0.0.1 au.www.sabela.com
Security center information
AS: Windows Defender
System event log
Computer Name: Brian-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 34344
Source Name: Tcpip
Time Written: 20090609194429.757356-000
Event Type: Warning
User:
Computer Name: Brian-PC
Event Code: 36
Message: The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization.
Record Number: 34352
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090609232801.000000-000
Event Type: Warning
User:
Computer Name: Brian-PC
Event Code: 10000
Message: Unable to start a DCOM Server: {2692A9D5-61DF-46D5-A5A1-A6CCA921D578}. The error:
'786'
Happened while starting this command:
'C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe' -Embedding
Record Number: 34364
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090610040004.000000-000
Event Type: Error
User:
Computer Name: Brian-PC
Event Code: 3004
Message: Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow.
For more information please see the following:
Not Applicable
Scan ID: {8AAE7DE7-2169-4498-A239-1F17F56DCE2F}
User: Brian-PCBrian
Name: Unknown
ID:
Severity ID:
Category ID:
Path Found: file:C:Windowssystem32driversetchosts
Alert Type: Unclassified software
Detection Type:
Record Number: 34371
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090610043206.000000-000
Event Type: Warning
User:
Computer Name: Brian-PC
Event Code: 3004
Message: Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow.
For more information please see the following:
Not Applicable
Scan ID: {F1DF8B1E-EC30-4AB7-A160-A68BAF6B9280}
User: Brian-PCBrian
Name: Unknown
ID:
Severity ID:
Category ID:
Path Found: regkey:HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionRunOnceMalwarebytes' Anti-Malware;runonce:HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionRunOnceMalwarebytes' Anti-Malware;file:C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe
Alert Type: Unclassified software
Detection Type:
Record Number: 34378
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090610050000.000000-000
Event Type: Warning
User:
Application event log
Computer Name: Brian-PC
Event Code: 4621
Message: The COM+ Event System could not remove the EventSystem.EventSubscription object {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The HRESULT was 80070005.
Record Number: 5186
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090609044026.000000-000
Event Type: Error
User:
Computer Name: Brian-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
20 user registry handles leaked from RegistryUserS-1-5-21-895920143-1221994733-1013656619-1002:
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002
Process 800 (DeviceHarddiskVolume3WindowsSystem32winlogon.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002Software
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002Software
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatestrust
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatesCA
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePoliciesMicrosoftSystemCertificates
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePoliciesMicrosoftSystemCertificates
Process 800 (DeviceHarddiskVolume3WindowsSystem32winlogon.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePoliciesMicrosoftWindowsSaferCodeIdentifiers
Process 824 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePoliciesMicrosoftWindowsSaferCodeIdentifiers
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatesSmartCardRoot
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePolicies
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwarePolicies
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftWindows NTCurrentVersionNetworkLocation Awareness
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatesMy
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatesMy
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftWindowsCurrentVersionInternet SettingsZoneMap
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftWindowsCurrentVersionInternet SettingsZoneMap
Process 1000 (DeviceHarddiskVolume3WindowsSystem32svchost.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002SoftwareMicrosoftSystemCertificatesRoot
Record Number: 5188
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090609044028.000000-000
Event Type: Warning
User: NT AUTHORITYSYSTEM
Computer Name: Brian-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from RegistryUserS-1-5-21-895920143-1221994733-1013656619-1002_Classes:
Process 1488 (DeviceHarddiskVolume3WindowsSystem32spoolsv.exe) has opened key REGISTRYUSERS-1-5-21-895920143-1221994733-1013656619-1002_CLASSESLocal SettingsSoftwareMicrosoftWindowsShellMuiCache
Record Number: 5190
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090609044028.000000-000
Event Type: Warning
User: NT AUTHORITYSYSTEM
Computer Name: Brian-PC
Event Code: 10010
Message: Application 'C:Program Files (x86)ProxureMCE Tunes ProMCETunesExtenderSupport.exe' (pid 4772) cannot be restarted - Application SID does not match Conductor SID..
Record Number: 5193
Source Name: Microsoft-Windows-RestartManager
Time Written: 20090609054335.617356-000
Event Type: Warning
User: Brian-PCBrian
Computer Name: Brian-PC
Event Code: 1002
Message: The program firefox.exe version 1.9.0.3399 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: cb4 Start Time: 01c9e93b98ce37ac Termination Time: 7
Record Number: 5210
Source Name: Application Hang
Time Written: 20090609195945.000000-000
Event Type: Error
User:
Security event log
Computer Name: Brian-PC
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: BRIAN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x268
Process Name: C:WindowsSystem32services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 13162
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090610041357.236000-000
Event Type: Audit Success
User:
Computer Name: Brian-PC
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 13163
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090610041357.236000-000
Event Type: Audit Success
User:
Computer Name: Brian-PC
Event Code: 4648
Message: A logon was attempted using explicit credentials.
Subject:
Security ID: S-1-5-18
Account Name: BRIAN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}
Target Server:
Target Server Name: localhost
Additional Information: localhost
Process Information:
Process ID: 0x268
Process Name: C:WindowsSystem32services.exe
Network Information:
Network Address: -
Port: -
This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 13164
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090610045731.276000-000
Event Type: Audit Success
User:
Computer Name: Brian-PC
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: BRIAN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x268
Process Name: C:WindowsSystem32services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 13165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090610045731.276000-000
Event Type: Audit Success
User:
Computer Name: Brian-PC
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 13166
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090610045731.276000-000
Event Type: Audit Success
User:
Environment variables
'ComSpec'=%SystemRoot%system32cmd.exe
'FP_NO_HOST_CHECK'=NO
'OS'=Windows_NT
'Path'=C:Program Files (x86)PC Connectivity Solution;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program Files (x86)ATI TechnologiesATI.ACECore-Static;C:Program Files (x86)Common FilesRoxio SharedDLLShared;C:Program Files (x86)Common FilesRoxio Shared10.0DLLShared;C:Program Files (x86)QuickTimeQTSystem
'PATHEXT'=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
'PROCESSOR_ARCHITECTURE'=AMD64
'TEMP'=%SystemRoot%TEMP
'TMP'=%SystemRoot%TEMP
'USERNAME'=SYSTEM
'windir'=%SystemRoot%
'PROCESSOR_LEVEL'=6
'PROCESSOR_IDENTIFIER'=Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
'PROCESSOR_REVISION'=0f0b
'NUMBER_OF_PROCESSORS'=4
'TRACE_FORMAT_SEARCH_PATH'=NTREL202.ntdev.corp.microsoft.com34FB5F65-FFEB-4B61-BF0E-A6A76C450FAATraceFormat
'DFSTRACINGON'=FALSE
'RoxioCentral'=C:Program Files (x86)Common FilesRoxio Shared10.0Roxio Central36
'CLASSPATH'=.;C:Program Files (x86)Javajre1.6.0_07libextQTJava.zip
'QTJAVA'=C:Program Files (x86)Javajre1.6.0_07libextQTJava.zip
-----------------EOF-----------------