Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Process Abusing The Cpu


  • This topic is locked This topic is locked
2 replies to this topic

#1 DigiTechie

DigiTechie

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 06 April 2008 - 12:49 AM

Good day to all.

Introduction: I don't know what happened to my PC. A certain chain of events took place but I'm not sure what could be the cause of it being so slow now. The O/S seems to be operating normally, even though explorer takes a bit longer to open and there's seem to be a slight lag. When I open up DivX player or Media Player then the PC slows down to a crawl. I have noticed that the "system" process utilizes about 80% of the CPU whenever I open one of those programs. The same happens when I try to run a game. I'm not sure if it's hardware related or maybe some sort of infection.
What happened: I downloaded and installed a copy of Daemon Tools 4.12 lite. In the beginning stages of the installation, the installer requests for the PC to be rebooted. I had some error in my taskbar about Write Delayed Failed - something like that. E:]mfst$ - something something. I think it might have had something to do with on of my hard-drives. Anyways, so I rebooted the PC to complete the Daemon Tools installation and then it kept on saying "NTLDR is missing", so I couldn't get into Windows. I gave the PC a bit of a cleanup. I cleaned the CPU-fan & heatsink as it was very dirty, and also reseated and cleaned all the drive-contacts. I tried to boot up again and this time it worked. It must have had something to do with one of the HDD's losing connection for a moment or so.
Conclusion: Since then, the pc seems to be very slow (see introduction). I have followed the "Preparation Guide for use before posting about your potential Malware problem". My PC is a PentiumD 2.8 GHz with 2GB Ram, 1300XT ATI Radeon PCIe display card running basic applications. Nothing fancy.

Here are the LOGS. Sincerely Appreciated!!!

Deckard's System Scanner v20071014.68
Run by Administrator on 2008-04-06 07:12:55
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:17:00 AM, on 4/6/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.1830)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
C:\Program Files (x86)\Virtual CD v4\System\vcdsecs.exe
C:\WINDOWS\emmon.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\CLI.EXE
C:\PROGRA~2\VIRTUA~1\System\VCDPlay.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\PROGRA~2\TRENDM~1\HIJACK~1\Administrator.exe

F2 - REG:system.ini: UserInit=userinit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files (x86)\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [VCDPlayer] C:\PROGRA~2\VIRTUA~1\System\VCDPlay.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\SysWow64\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files (x86)\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [MSPQM] rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
O4 - HKLM\..\RunOnce: [MSKSSRV] rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
O4 - HKLM\..\RunOnce: [CCDECODE0] rundll32.exe streamci,StreamingDeviceSetup {562370a8-f8dd-11d2-bc64-00a0c95ec22e},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINDOWS\INF\CCDECODE.inf,CCDECODE.Interface.Install
O4 - HKLM\..\RunOnce: [nabtsfec0] rundll32.exe streamci,StreamingDeviceSetup {07DAD662-22F1-11d1-A9F4-00C04FBBDE8F},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINDOWS\INF\NABTSFEC.inf,NABTSFEC.Interface.Install
O4 - HKLM\..\RunOnce: [WSTCODEC0] rundll32.exe streamci,StreamingDeviceSetup {70BC06E0-5666-11d3-A184-00105AEF9F33},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINDOWS\INF\WSTCODEC.inf,WSTCODEC.Interface.Install
O4 - HKLM\..\RunOnce: [SLIP0] rundll32.exe streamci,StreamingDeviceSetup {03884CB6-E89A-4deb-B69E-8DC621686E6A},GLOBAL,{FD0A5AF4-B41D-11d2-9C95-00C04F7971E0},C:\WINDOWS\INF\slip.inf,VBIcodec
O4 - HKCU\..\Run: [AWMON] "C:\Program Files (x86)\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{06C107D1-5469-422A-8A5C-F82B43A2D4B9}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{06C107D1-5469-422A-8A5C-F82B43A2D4B9}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{06C107D1-5469-422A-8A5C-F82B43A2D4B9}: NameServer = 192.168.1.1
O17 - HKLM\System\CS4\Services\Tcpip\..\{06C107D1-5469-422A-8A5C-F82B43A2D4B9}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1.0\r3hook.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2saag.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VCDSecS - H+H Software GmbH - C:\Program Files (x86)\Virtual CD v4\System\vcdsecs.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

--
End of file - 7858 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys (file missing)
R0 atapi (Standard IDE/ESDI Hard Disk Controller) - c:\windows\system32\drivers\atapi.sys (file missing)
R0 cercsr6 - c:\windows\system32\drivers\cercsr6.sys (file missing)
R0 crcdisk (CRC Disk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing)
R0 Disk (Disk Driver) - c:\windows\system32\drivers\disk.sys (file missing)
R0 dmboot - c:\windows\system32\drivers\dmboot.sys (file missing)
R0 dmio (Logical Disk Manager Driver) - c:\windows\system32\drivers\dmio.sys (file missing)
R0 dmload - c:\windows\system32\drivers\dmload.sys (file missing)
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing)
R0 Ftdisk (Volume Manager Driver) - c:\windows\system32\drivers\ftdisk.sys (file missing)
R0 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys (file missing)
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing)
R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing)
R0 Mup - c:\windows\system32\drivers\mup.sys (file missing)
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys (file missing)
R0 ohci1394 (Texas Instruments OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys (file missing)
R0 PartMgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys (file missing)
R0 PCI (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys (file missing)
R0 PCIIde - c:\windows\system32\drivers\pciide.sys (file missing)
R0 PxHlpa64 - c:\windows\system32\drivers\pxhlpa64.sys (file missing)
R0 sptd - c:\windows\system32\drivers\sptd.sys (file missing)
R0 VolSnap (Storage volumes) - c:\windows\system32\drivers\volsnap.sys (file missing)
R1 AFD - c:\windows\system32\drivers\afd.sys (file missing)
R1 Beep - c:\windows\system32\drivers\beep.sys (file missing)
R1 Cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys (file missing)
R1 Fips - c:\windows\system32\drivers\fips.sys (file missing)
R1 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys (file missing)
R1 imapi (CD-Burning Filter Driver) - c:\windows\system32\drivers\imapi.sys (file missing)
R1 IPSec (IPSEC driver) - c:\windows\system32\drivers\ipsec.sys (file missing)
R1 Kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys (file missing)
R1 kl1 - c:\windows\system32\drivers\kl1.sys (file missing)
R1 KLIF (Kaspersky Lab Driver) - c:\windows\system32\drivers\klif.sys (file missing)
R1 mnmdd - c:\windows\system32\drivers\mnmdd.sys (file missing)
R1 Mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys (file missing)
R1 MRxSmb - c:\windows\system32\drivers\mrxsmb.sys (file missing)
R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing)
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing)
R1 NetBT (NetBios over Tcpip) - c:\windows\system32\drivers\netbt.sys (file missing)
R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing)
R1 Null - c:\windows\system32\drivers\null.sys (file missing)
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing)
R1 Rdbss - c:\windows\system32\drivers\rdbss.sys (file missing)
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing)
R1 redbook (Digital CD Audio Playback Filter Driver) - c:\windows\system32\drivers\redbook.sys (file missing)
R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys (file missing)
R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing)
R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys (file missing)
R1 VgaSave (VGA Display Controller.) - c:\windows\system32\drivers\vga.sys (file missing)
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys (file missing)
R2 CdaD10BA - c:\windows\system32\drivers\cdad10ba.sys (file missing)
R2 Secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing)
R3 Arp1394 (1394 ARP Client Protocol) - c:\windows\system32\drivers\arp1394.sys (file missing)
R3 ati2mtag - c:\windows\system32\drivers\ati2mtag.sys (file missing)
R3 audstub (Audio Stub Driver) - c:\windows\system32\drivers\audstub.sys (file missing)
R3 e1express (Intel® PRO/1000 PCI Express Network Connection Driver) - c:\windows\system32\drivers\e1e5132e.sys (file missing)
R3 Gpc (Generic Packet Classifier) - c:\windows\system32\drivers\msgpc.sys (file missing)
R3 HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing)
R3 HTTP - c:\windows\system32\drivers\http.sys (file missing)
R3 IAMTXPE (Driver for Intel® Active Management Technology - KCS) - c:\windows\system32\drivers\iamtxpe.sys (file missing)
R3 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys (file missing)
R3 IpNat (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing)
R3 klim5 (Kaspersky Anti-Virus NDIS Filter) - c:\windows\system32\drivers\klim5.sys (file missing)
R3 kmixer (Microsoft Kernel Wave Audio Mixer) - c:\windows\system32\drivers\kmixer.sys (file missing)
R3 ksthunk (Kernel Streaming WOW64 Thunk Service) - c:\windows\system32\drivers\ksthunk.sys (file missing)
R3 MRxDAV (WebDav Client Redirector) - c:\windows\system32\drivers\mrxdav.sys (file missing)
R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys (file missing)
R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys (file missing)
R3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys (file missing)
R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys (file missing)
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing)
R3 NIC1394 (1394 Net Driver) - c:\windows\system32\drivers\nic1394.sys (file missing)
R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys (file missing)
R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing)
R3 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\psched.sys (file missing)
R3 Ptilink (Direct Parallel Link Driver) - c:\windows\system32\drivers\ptilink.sys (file missing)
R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing)
R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys (file missing)
R3 Raspti (Direct Parallel) - c:\windows\system32\drivers\raspti.sys (file missing)
R3 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys (file missing)
R3 rtl8139 (Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver) - c:\windows\system32\drivers\rtl39a64.sys (file missing)
R3 serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys (file missing)
R3 sfng64 (Sonic Focus Plugin for Sigmatel HDA) - c:\windows\system32\drivers\sfng64.sys (file missing)
R3 Srv - c:\windows\system32\drivers\srv.sys (file missing)
R3 STHDA (SigmaTel High Definition Audio CODEC (for 64-bit Windows)) - c:\windows\system32\drivers\sthda64.sys (file missing)
R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys (file missing)
R3 sysaudio (Microsoft Kernel System Audio Device) - c:\windows\system32\drivers\sysaudio.sys (file missing)
R3 Update (Microcode Update Driver) - c:\windows\system32\drivers\update.sys (file missing)
R3 USB28xxBGA (USB 2800 Device) - c:\windows\system32\drivers\embda64.sys (file missing)
R3 USB28xxOEM (USB 28xx OEM Filter) - c:\windows\system32\drivers\emoem64.sys (file missing)
R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys (file missing)
R3 usbhub (USB2 Enabled Hub) - c:\windows\system32\drivers\usbhub.sys (file missing)
R3 usbstor (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys (file missing)
R3 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys (file missing)
R3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)
R3 wdmaud (Microsoft WINMM WDM Audio Compatibility Driver) - c:\windows\system32\drivers\wdmaud.sys (file missing)
R4 Cdfs - c:\windows\system32\drivers\cdfs.sys (file missing)
R4 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing)

S1 Fdc - c:\windows\system32\drivers\fdc.sys (file missing)
S1 Flpydisk - c:\windows\system32\drivers\flpydisk.sys (file missing)
S1 Sfloppy - c:\windows\system32\drivers\sfloppy.sys (file missing)
S2 NAVAPEL - c:\program files (x86)\navnt\navapel.sys (file missing)
S3 aec (Microsoft Kernel Acoustic Echo Canceller) - c:\windows\system32\drivers\aec.sys (file missing)
S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys (file missing)
S3 Atmarpc (ATM ARP Client Protocol) - c:\windows\system32\drivers\atmarpc.sys (file missing)
S3 CCDECODE (Closed Caption Decoder) - c:\windows\system32\drivers\ccdecode.sys (file missing)
S3 HidUsb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys (file missing)
S3 Ip6Fw (IPv6 Windows Firewall Driver) - c:\windows\system32\drivers\ip6fw.sys (file missing)
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys (file missing)
S3 IpInIp (IP in IP Tunnel Driver) - c:\windows\system32\drivers\ipinip.sys (file missing)
S3 IRENUM (IR Enumerator Service) - c:\windows\system32\drivers\irenum.sys (file missing)
S3 Modem - c:\windows\system32\drivers\modem.sys (file missing)
S3 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys (file missing)
S3 MPE (BDA MPE Filter) - c:\windows\system32\drivers\mpe.sys (file missing)
S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys (file missing)
S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys (file missing)
S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys (file missing)
S3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - c:\windows\system32\drivers\mstee.sys (file missing)
S3 NABTSFEC (NABTS/FEC VBI Codec) - c:\windows\system32\drivers\nabtsfec.sys (file missing)
S3 NdisIP (Microsoft TV/Video Connection) - c:\windows\system32\drivers\ndisip.sys (file missing)
S3 RDPWD - c:\windows\system32\drivers\rdpwd.sys (file missing)
S3 SLIP (BDA Slip De-Framer) - c:\windows\system32\drivers\slip.sys (file missing)
S3 splitter (Microsoft Kernel Audio Splitter) - c:\windows\system32\drivers\splitter.sys (file missing)
S3 streamip (BDA IPSink) - c:\windows\system32\drivers\streamip.sys (file missing)
S3 swmidi (Microsoft Kernel GS Wavetable Synthesizer) - c:\windows\system32\drivers\swmidi.sys (file missing)
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing)
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing)
S3 usbscan (USB Scanner Driver) - c:\windows\system32\drivers\usbscan.sys (file missing)
S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing)
S3 WSTCODEC (World Standard Teletext Codec) - c:\windows\system32\drivers\wstcodec.sys (file missing)
S4 ACPIEC - c:\windows\system32\drivers\acpiec.sys (file missing)
S4 Fastfat - c:\windows\system32\drivers\fastfat.sys (file missing)
S4 Pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing)
S4 sr (System Restore Filter Driver) - c:\windows\system32\drivers\sr.sys (file missing)
S4 Udfs - c:\windows\system32\drivers\udfs.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Ati HotKey Poller - c:\windows\system32\ati2evxx.exe (file missing)
R2 Eventlog (Event Log) - c:\windows\system32\services.exe (file missing)
R2 PlugPlay (Plug and Play) - c:\windows\system32\services.exe (file missing)
R2 PolicyAgent (IPSEC Services) - c:\windows\system32\lsass.exe (file missing)
R2 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe (file missing)
R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files (x86)\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>
R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe (file missing)
R2 VCDSecS - c:\program files (x86)\virtual cd v4\system\vcdsecs.exe
R3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe (file missing)

S3 dmadmin (Logical Disk Manager Administrative Service) - c:\windows\system32\dmadmin.exe /com (file missing)
S3 HTTPFilter (HTTP SSL) - c:\windows\system32\lsass.exe (file missing)
S3 ImapiService (IMAPI CD-Burning COM Service) - c:\windows\system32\imapi.exe (file missing)
S3 Netlogon (Net Logon) - c:\windows\system32\lsass.exe (file missing)
S3 NMIndexingService - "c:\program files (x86)\common files\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home>
S3 NtLmSsp (NT LM Security Support Provider) - c:\windows\system32\lsass.exe (file missing)
S3 RDSessMgr (Remote Desktop Help Session Manager) - c:\windows\system32\sessmgr.exe (file missing)
S3 vds (Virtual Disk Service) - c:\windows\system32\vds.exe (file missing)
S3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe (file missing)
S3 WmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
S4 TlntSvr (Telnet) - c:\windows\system32\tlntsvr.exe (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller
Device ID: PCI\VEN_8086&DEV_2772&SUBSYS_544E8086&REV_02\3&61AAA01&0&10
Manufacturer:
Name: Video Controller
PNP Device ID: PCI\VEN_8086&DEV_2772&SUBSYS_544E8086&REV_02\3&61AAA01&0&10
Service:


-- Files created between 2008-03-06 and 2008-04-06 -----------------------------

2008-04-05 22:58:25 0 d-------- C:\WINDOWS\LastGood.Tmp
2008-04-05 22:23:45 0 d-------- C:\WINDOWS\adfs
2008-04-05 22:23:36 0 d-------- C:\WINDOWS\system32\en
2008-04-05 22:10:17 0 d-------- C:\WINDOWS\ServicePackFiles
2008-04-05 21:50:52 0 d---s---- C:\WINDOWS\system32\config
2008-04-05 21:29:32 0 d-a------ C:\WINDOWS\PolicyBackup
2008-04-05 20:18:56 0 d-------- C:\Program Files (x86)\Kaspersky Lab
2008-04-05 20:18:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-05 20:16:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-04-05 18:03:56 0 d-------- C:\Program Files (x86)\Trend Micro
2008-04-05 16:35:13 0 d-------- C:\Program Files (x86)\The Adventure Company
2008-04-05 16:24:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools
2008-04-05 16:24:29 0 d-------- C:\Program Files (x86)\DAEMON Tools Lite
2008-04-05 14:40:39 4096 --a------ C:\WINDOWS\d3dx.dat
2008-04-05 14:40:24 0 d-------- C:\Program Files (x86)\Supple
2008-03-30 10:03:53 0 d-------- C:\Documents and Settings\Administrator\Application Data\Ahead
2008-03-26 22:52:57 0 d-------- C:\TempIRC
2008-03-26 21:18:42 0 d-------- C:\Documents and Settings\Administrator\Application Data\BitTorrent
2008-03-26 21:18:12 0 d-------- C:\Program Files (x86)\BitTorrent
2008-03-26 20:19:58 55972 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-03-26 20:09:14 0 d-------- C:\DOWNLOADZ
2008-03-26 20:05:33 0 d-------- C:\Program Files (x86)\mIRC
2008-03-26 19:35:53 0 d---s---- C:\Documents and Settings\Administrator\UserData
2008-03-25 22:34:46 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-03-25 21:08:58 0 d-------- C:\Program Files (x86)\Common Files\Adobe
2008-03-25 21:08:48 0 d-------- C:\WINDOWS\SxsCaPendDel
2008-03-25 20:35:24 691545 --a------ C:\WINDOWS\unins000.exe
2008-03-25 20:35:24 2550 --a------ C:\WINDOWS\unins000.dat
2008-03-25 20:05:51 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-03-25 19:52:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-03-25 18:31:58 348672 --a------ C:\WINDOWS\emunist.exe <Not Verified; Kworld Computer Co., Ltd.; Uninstallation Program>
2008-03-25 13:14:42 0 d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-03-25 13:09:36 0 d-------- C:\Documents and Settings\Administrator\Application Data\Corel
2008-03-25 13:08:38 0 d-------- C:\Program Files (x86)\Common Files\Borland Shared
2008-03-25 13:08:09 0 d-------- C:\Program Files (x86)\WordPerfect Office 11
2008-03-25 13:08:09 0 d-------- C:\Program Files (x86)\Common Files\Corel
2008-03-23 11:53:21 0 d-------- C:\WINDOWS\system32\CBA
2008-03-23 11:53:17 0 d-------- C:\Program Files (x86)\NavNT
2008-03-23 08:37:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-22 21:37:41 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-03-22 21:37:38 0 d-------- C:\Program Files (x86)\Codec Pack - All In 1
2008-03-22 08:44:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\CyberLink
2008-03-22 08:44:01 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-03-22 08:41:03 0 d-------- C:\Program Files (x86)\Nero
2008-03-22 08:41:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-03-21 09:56:00 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2008-03-21 09:56:00 38912 -----n--- C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2008-03-21 09:56:00 544768 -----n--- C:\WINDOWS\system32\imagx5.dll <Not Verified; Pegasus Software, LLC; ImagXpress>
2008-03-21 09:56:00 569344 -----n--- C:\WINDOWS\system32\imagr5.dll <Not Verified; Pegasus Software,LLC; ImagXpress>
2008-03-21 09:55:59 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2008-03-21 09:55:59 0 d-------- C:\Program Files (x86)\Common Files\Ahead
2008-03-21 09:55:55 0 d-------- C:\Program Files (x86)\Ahead
2008-03-21 09:43:03 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-03-21 09:43:02 0 d-------- C:\Program Files (x86)\DVD Shrink
2008-03-21 09:41:21 0 d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2008-03-21 09:40:00 0 d-------- C:\Sierra
2008-03-19 20:05:14 0 d-------- C:\Program Files (x86)\CyberLink
2008-03-18 18:19:28 1056768 -----n--- C:\WINDOWS\system32\ROBOEX32.DLL <Not Verified; Blue Sky Software Corporation.; RoboHELP Classic 2000>
2008-03-18 18:19:27 57344 -----n--- C:\WINDOWS\system32\VCDScsi.dll <Not Verified; H+H Software GmbH; Virtual CD>
2008-03-18 18:19:27 200704 -----n--- C:\WINDOWS\system32\vcdextse.dll <Not Verified; H+H Software GmbH; Virtual CD>
2008-03-18 18:19:27 102400 -----n--- C:\WINDOWS\system32\VCDEnv.dll <Not Verified; H+H Software GmbH; Virtual CD 4>
2008-03-18 18:19:27 81920 --a------ C:\WINDOWS\system32\vcdcomm.dll <Not Verified; H+H Software GmbH; Virtual CD>
2008-03-18 18:19:27 41808 -----n--- C:\WINDOWS\system32\drivers\vcdmpdrv.sys <Not Verified; H+H Software GmbH; H+H Virtual CD v4>
2008-03-18 18:19:27 0 d-------- C:\Program Files (x86)\Virtual CD v4
2008-03-18 18:17:13 0 d-------- C:\Program Files (x86)\Lavasoft
2008-03-17 21:30:59 0 d-------- C:\Program Files (x86)\Activision
2008-03-17 20:02:58 0 d-------- C:\Program Files (x86)\Dude
2008-03-17 19:59:49 98304 --a------ C:\WINDOWS\system32\AxTreeCtrl.dll <Not Verified; Hainsoft.com; AxTreeCtrl Module>
2008-03-17 19:59:49 96256 --a------ C:\WINDOWS\msspr.exe <Not Verified; Hainsoft.com; MSSPR>
2008-03-17 19:59:49 0 d-------- C:\Program Files (x86)\LanHelper
2008-03-17 05:40:05 0 d-------- C:\Program Files (x86)\DivX
2008-03-16 23:19:38 0 d-------- C:\Program Files (x86)\Common Files\ODBC
2008-03-16 23:19:36 0 d--hs---- C:\WINDOWS\Installer
2008-03-16 23:19:32 0 d-------- C:\Program Files (x86)\Common Files\SpeechEngines
2008-03-16 23:19:29 0 dr------- C:\Program Files
2008-03-16 23:19:29 0 dr------- C:\Program Files (x86)
2008-03-16 23:19:29 0 d-------- C:\Program Files (x86)\Common Files
2008-03-16 23:19:03 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-03-16 23:19:03 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-03-16 23:19:03 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-03-16 23:19:03 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-03-16 23:19:03 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-03-16 23:19:03 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-03-16 23:19:03 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-03-16 23:19:03 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-03-16 23:19:03 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-03-16 23:19:03 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-03-16 23:19:03 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-03-16 23:19:03 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-03-16 23:19:03 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-03-16 23:19:03 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-03-16 23:19:03 0 dr------- C:\Documents and Settings\All Users\Documents
2008-03-16 23:19:03 0 dr------- C:\Documents and Settings\All Users\Desktop
2008-03-16 23:18:51 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-03-16 23:18:51 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-03-16 23:18:44 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-03-16 23:18:44 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-03-16 23:18:36 0 d-------- C:\Documents and Settings
2008-03-16 23:18:35 0 d--hs---- C:\System Volume Information
2008-03-16 23:13:43 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-03-16 23:09:24 0 d-------- C:\WINDOWS
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\WinSxS
2008-03-16 23:09:24 0 dr------- C:\WINDOWS\Web
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\twain_32
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\SysWOW64
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\wbem
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\usmt
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\mui
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\InstallShield
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\ias
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\export
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\Drivers
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\3076
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\2052
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\1054
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\1042
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\1041
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\1037
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\1033
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\1031
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\1028
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system32\1025
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\system
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\srchasst
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\security
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\Resources
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\repair
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\Provisioning
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\pchealth
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\mui
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\msapps
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\msagent64
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\msagent
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\Media
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\java
2008-03-16 23:09:24 0 d--h----- C:\WINDOWS\inf
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\ime
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\ime (x86)
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\Help
2008-03-16 23:09:24 0 dr--s---- C:\WINDOWS\Fonts
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\Driver Cache
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\dell
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\Debug
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\Cursors
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\Connection Wizard
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\Config
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\AppPatch
2008-03-16 23:09:24 0 d-------- C:\WINDOWS\addins
2008-03-16 23:00:58 0 d-------- C:\Program Files (x86)\Symantec
2008-03-16 23:00:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-16 22:58:46 0 d-------- C:\Program Files (x86)\Microsoft Works
2008-03-16 22:58:14 0 d-------- C:\Program Files (x86)\Microsoft.NET
2008-03-16 22:56:22 0 d--h----- C:\WINDOWS\ShellNew
2008-03-16 22:56:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-16 22:55:35 0 dr-h----- C:\MSOCache
2008-03-16 22:53:54 0 d-------- C:\Program Files (x86)\DAMN NFO Viewer
2008-03-16 22:48:12 0 d-------- C:\Program Files (x86)\Smart Projects
2008-03-16 22:44:53 0 d-------- C:\MAIL
2008-03-16 22:43:53 0 d-------- C:\Documents and Settings\Administrator\Application Data\WinRAR
2008-03-16 22:41:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-03-16 22:20:36 40960 --a------ C:\WINDOWS\system32\SFIMLARK.dll <Not Verified; Sonic Focus, Inc; Sonic Focus SFIMLARK>
2008-03-16 22:20:36 61440 --a------ C:\WINDOWS\system32\SFIDLOCK.dll <Not Verified; Sonic Focus, Inc; Silicon Pixels SFIDLOCK>
2008-03-16 22:20:36 274432 --a------ C:\WINDOWS\system32\IASMXDLL.dll <Not Verified; Sonic Focus, Inc; Sonic Focus IASMXDLL>
2008-03-16 22:20:36 274432 --a------ C:\WINDOWS\system32\IASDLL.dll <Not Verified; Sonic Focus, Inc; Sonic Focus IASDLL>
2008-03-16 22:20:36 53248 --a------ C:\WINDOWS\system32\IASBB.dll <Not Verified; Sonic Focus, Inc; IASBB>
2008-03-16 22:20:36 14848 --a------ C:\WINDOWS\system32\DPGCALL.DLL <Not Verified; Sonic Focus, Inc; DPGCALL>
2008-03-16 22:20:36 0 d-------- C:\Program Files (x86)\Intel Audio Studio
2008-03-16 22:17:17 0 d-------- C:\Program Files (x86)\SigmaTel
2008-03-16 22:16:41 0 d-------- C:\Documents and Settings\Administrator\Application Data\ATI
2008-03-16 22:12:23 0 d-------- C:\Program Files (x86)\Intel
2008-03-16 22:07:34 0 d-------- C:\Program Files (x86)\Common Files\ATI Technologies
2008-03-16 21:57:34 585216 -----n--- C:\WINDOWS\system32\ati2saag.exe <Not Verified; ; ATI Smart>
2008-03-16 21:56:59 0 d-------- C:\Program Files (x86)\ATI Technologies
2008-03-16 21:56:57 0 d--h----- C:\Program Files (x86)\InstallShield Installation Information
2008-03-16 21:56:21 0 d-------- C:\Program Files (x86)\Common Files\InstallShield
2008-03-16 21:54:21 0 d-------- C:\Program Files (x86)\MSXML 4.0
2008-03-16 21:54:06 0 d-------- C:\TempEI4
2008-03-16 21:49:22 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-03-16 21:49:15 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-03-16 21:49:15 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-03-16 21:49:15 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-03-16 21:49:15 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-03-16 21:49:14 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-03-16 21:49:14 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-03-16 21:49:14 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-03-16 21:49:14 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-03-16 21:49:14 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-03-16 21:49:14 4456448 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-03-16 21:49:14 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-03-16 21:49:14 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-03-16 21:49:14 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-03-16 21:49:11 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-03-16 21:49:07 0 d-------- C:\WINDOWS\Prefetch
2008-03-16 21:49:04 241664 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-03-16 21:49:04 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-03-16 21:49:04 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2008-03-16 21:49:04 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-03-16 21:49:04 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-03-16 21:49:02 241664 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-03-16 21:49:02 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-03-16 21:49:02 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-03-16 21:49:02 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-03-16 21:49:02 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-03-16 21:43:28 0 d-------- C:\WINDOWS\system32\inetsrv
2008-03-16 21:43:28 0 d-------- C:\WINDOWS\system32\ime
2008-03-16 21:43:28 0 d-------- C:\Program Files (x86)\system
2008-03-16 21:43:28 0 d-------- C:\Program Files (x86)\speechengines
2008-03-16 21:43:28 0 d-------- C:\Program Files (x86)\microsoft shared
2008-03-16 21:43:15 241664 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-03-16 21:43:06 0 d--h----- C:\WINDOWS\$hf_mig$
2008-03-16 21:42:40 0 -rahs---- C:\MSDOS.SYS
2008-03-16 21:42:40 0 -rahs---- C:\IO.SYS
2008-03-16 21:42:40 0 --a------ C:\CONFIG.SYS
2008-03-16 21:42:40 0 --a------ C:\AUTOEXEC.BAT
2008-03-16 21:42:00 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-03-16 21:40:30 0 dr------- C:\WINDOWS\Offline Web Pages
2008-03-16 21:40:30 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-03-16 21:39:58 0 d-------- C:\WINDOWS\system32\Macromed
2008-03-16 21:39:48 0 d-------- C:\Program Files (x86)\Movie Maker
2008-03-16 21:39:11 0 d---s---- C:\WINDOWS\Tasks
2008-03-16 21:38:15 0 d-------- C:\WINDOWS\Registration
2008-03-16 21:37:45 0 d-------- C:\Program Files (x86)\MSN Gaming Zone
2008-03-16 21:37:40 0 d-------- C:\Program Files (x86)\Windows NT
2008-03-16 21:36:53 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2008-03-25 13:09:40 61678 --a------ C:\Documents and Settings\Administrator\Application Data\PFP110JPR.{PB
2008-03-25 13:09:40 12358 --a------ C:\Documents and Settings\Administrator\Application Data\PFP110JCM.{PB
2008-03-16 23:19:03 62 --ahs---- C:\Documents and Settings\Administrator\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------



-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8032 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-04-06 07:20:26 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows® XP Professional x64 Edition (build 3790) SP 2.0
Architecture: X64; Language: English

CPU 0: Intel® Pentium® D CPU 2.80GHz
Percentage of Memory in Use: 26%
Physical Memory (total/avail): 2037.85 MiB / 1488.86 MiB
Pagefile Memory (total/avail): 3954.75 MiB / 3437.66 MiB
Virtual Memory (total/avail): 4095.88 MiB / 3931.16 MiB

C: is Fixed (NTFS) - 29.29 GiB total, 7.32 GiB free.
D: is Fixed (NTFS) - 39.06 GiB total, 20.51 GiB free.
E: is Fixed (NTFS) - 109.99 GiB total, 29.08 GiB free.
F: is Fixed (NTFS) - 465.76 GiB total, 12.89 GiB free.
G: is Fixed (NTFS) - 45.23 GiB total, 44.42 GiB free.
H: is CDROM (Unformatted)
I: is CDROM (No Media)

\\.\PHYSICALDRIVE1 - Maxtor 6V160E0 - 149.05 GiB - 2 partitions
\PARTITION0 - Logical Disk Manager - 39.06 GiB - D:
\PARTITION1 (bootable) - Logical Disk Manager - 109.99 GiB - E:

\\.\PHYSICALDRIVE0 - WDC WD800BB-00FRA0 - 74.53 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 29.29 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 45.23 GiB - G:

\\.\PHYSICALDRIVE2 - Seagate FreeAgent Pro USB Device - 465.76 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 465.76 GiB - F:



-- Security Center -------------------------------------------------------------

Windows Internal Firewall is enabled.

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files (x86)\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files (x86)\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files (x86)\\BitTorrent\\bittorrent.exe"="C:\\Program Files (x86)\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\English\\setup.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\English\\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup"
"C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"="C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\\Program Files (x86)\\mIRC\\mirc.exe"="C:\\Program Files (x86)\\mIRC\\mirc.exe:*:Enabled:mIRC"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=LOUISPC
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\LOUISPC
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files (x86)\ATI Technologies\ATI.ACE\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=EM64T Family 15 Model 4 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0404
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=LOUISPC
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files (x86)\DivX\ConverterUninstall.exe /CONVERTER
--> C:\Program Files (x86)\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
Ad-Aware SE Professional --> C:\PROGRA~2\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~2\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player ActiveX --> C:\WINDOWS\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
ATI - Software Uninstall Utility --> C:\Program Files (x86)\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> MsiExec.exe /I{E9F19993-D0DD-4A4D-94ED-1F32B3CE2CE7}
ATI Parental Control & Encoder --> MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
ATI Problem Report Wizard --> MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8}
Aura 2: The Sacred Rings --> "C:\Program Files (x86)\The Adventure Company\Aura 2 The Sacred Rings\unins000.exe"
AVIVO Codecs --> MsiExec.exe /X{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}
BitTorrent 5.0.9 --> "C:\Program Files (x86)\BitTorrent\uninstall.exe"
Call of Duty® 2 --> C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l1033
Codec Pack - All In 1 6.0.3.0 --> C:\WINDOWS\iun6002.exe "C:\Program Files (x86)\Codec Pack - All In 1\irunin.ini"
DivX --> C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files (x86)\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Shrink 3.1.7 --> "C:\Program Files (x86)\DVD Shrink\unins000.exe"
DVD Suite --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Empire Earth --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2447500B-22D7-47BD-9B13-1A927F43A267}\Setup.exe"
HijackThis 2.0.2 --> "C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel Audio Studio 2.0 --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3D1B20A6-E31D-4BB5-BC5C-DDD3B0D91728}\setup.exe" -l0x9
IsoBuster 2.0 --> "C:\Program Files (x86)\Smart Projects\IsoBuster\Uninst\unins000.exe"
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
LanHelper v1.71 --> "C:\Program Files (x86)\LanHelper\unins000.exe"
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
mIRC --> "C:\Program Files (x86)\mIRC\mirc.exe" -uninstall
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 Parser and SDK --> MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 7 Essentials --> MsiExec.exe /X{55A960A6-0CAC-4EBB-9D7E-199545391033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
PowerDVD --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Security Update for Microsoft .NET Framework 2.0 (x64) (KB928365) --> C:\WINDOWS\SysWOW64\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {B6EC01E7-431D-4D29-B9D4-E1D74CAF0AB0}
SigmaTel Audio --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Spybot - Search & Destroy --> "C:\Program Files (x86)\Spybot - Search & Destroy\unins001.exe"
Spybot - Search & Destroy 1.5.2.20 --> "C:\WINDOWS\unins000.exe"
The Dude --> "C:\Program Files (x86)\Dude\uninstall.exe"
Virtual CD v4 --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4216BCC9-8DF8-4159-ADC1-F31C314C6149}\Setup.exe"
WinRAR archiver --> C:\Program Files (x86)\WinRAR\uninstall.exe
WordPerfect Office 11 --> MsiExec.exe /I{54F90B55-BEB3-4F0D-8802-228822FA5921}


-- Application Event Log -------------------------------------------------------

Event Record #/Type948 / Error
Event Submitted/Written: 04/06/2008 07:15:56 AM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Event Record #/Type940 / Warning
Event Submitted/Written: 04/06/2008 06:57:55 AM
Event ID/Source: 5603 / WinMgmt
Event Description:
A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Event Record #/Type939 / Warning
Event Submitted/Written: 04/06/2008 06:57:55 AM
Event ID/Source: 5603 / WinMgmt
Event Description:
A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Event Record #/Type933 / Warning
Event Submitted/Written: 04/06/2008 06:56:43 AM
Event ID/Source: 1005 / Windows Product Activation
Event Description:
30

Event Record #/Type921 / Error
Event Submitted/Written: 04/05/2008 08:18:57 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type24741 / Error
Event Submitted/Written: 04/06/2008 06:58:54 AM
Event ID/Source: 7022 / Service Control Manager
Event Description:
The Kaspersky Anti-Virus 7.0 service hung on starting.

Event Record #/Type24740 / Error
Event Submitted/Written: 04/06/2008 06:57:46 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The NAVAPEL service failed to start due to the following error:
%%2

Event Record #/Type24735 / Error
Event Submitted/Written: 04/06/2008 06:55:53 AM / 04/06/2008 06:56:53 AM
Event ID/Source: 1060 / Application Popup
Event Description:
\SystemRoot\SysWow64\Drivers\vcdmpdrv.SYS has been blocked from loading due to incompatibility with this system. Please contact your software
vendor for a compatible version of the driver.

Event Record #/Type24700 / Warning
Event Submitted/Written: 04/05/2008 09:29:16 PM
Event ID/Source: 27 / e1express
Event Description:
\Device\{06C107D1-5469-422A-8A5C-F82B43AIntel® PRO/1000 PM Network Connection

Event Record #/Type24681 / Error
Event Submitted/Written: 04/05/2008 08:27:15 PM
Event ID/Source: 7022 / Service Control Manager
Event Description:
The Kaspersky Anti-Virus 7.0 service hung on starting.



-- End of Deckard's System Scanner: finished at 2008-04-06 07:20:26 ------------

BC AdBot (Login to Remove)

 


#2 annabackwards

annabackwards

  • Members
  • 1,381 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Sydney, Australia.
  • Local time:01:02 PM

Posted 18 April 2008 - 01:38 AM

Hello

I apologize for the delay in response as we get overwhelmed at times but we are trying our best to keep up.
If you have since resolved the original problem you were having would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.

Thanks and again sorry for the delay.

Please download Deckard's System Scanner (DSS) and save to your Desktop.
alternate download site

DSS will do the following:
  • Create a new System Restore point in Windows XP and Vista.
  • Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives.
  • Check some important areas of your system and produce a report for an analyst to review.
  • Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes.
You must be logged onto an account with administrator privileges when using.
  • Close all applications and windows.
  • Double-click on dss.exe to run it and follow the prompts.
  • If your anti-virus or firewall complains, please allow this script to run as it is not
    malicious.
  • When the scan is complete, two text files will open in Notepad:
    • main.txt <- this one will be maximized
    • extra.txt <- this one will be minimized
  • If not, they both can be found in the C:\Deckard\System Scanner folder.
  • Please copy (Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your next reply.
-- When running DSS, some firewalls may warn that it is trying to access the Internet especially if your asked to download the most current version of HijackThis. Please ensure that you allow it permission to do so.
-- If you get a warning from your anti-virus while DSS is scanning, please allow DSS to continue as the scan is not harmful.



Next
Please do an online scan with Kaspersky WebScanner

Click on Accept Button

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Posted Image

Surf smarter, surf faster, surf safer, surf with Mozilla Firefox

#3 don77

don77

    Forum Regular


  • Members
  • 3,212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston Mass
  • Local time:09:02 PM

Posted 24 April 2008 - 08:55 PM

Due to the lack of feedback, this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users