|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
07-21-2007, 10:17 AM
|
#1 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 17
OS: Windows xp
|
Help I have virus's
I am running zone alarm on my computer and every 5 minutes it comes up with a detection of some virus "AdWare.Win32.Virtumonde.af " this is what is comes up with each time I do this..Right now from searching the forums I am running kaspersky on line scan..I dont know what to do from there. Any help would be appreciated.
|
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
07-21-2007, 12:09 PM
|
#2 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 17
OS: Windows xp
|
Re: Here is the scan results now what?
Saturday, July 21, 2007 1:04:46 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.93.0 Kaspersky Anti-Virus database last update: 21/07/2007 Kaspersky Anti-Virus database records: 366160 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ K:\ Scan Statistics Total number of scanned objects 112420 Number of viruses found 7 Number of infected objects 13 Number of suspicious objects 0 Duration of the scan process 01:46:42 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Application Data\MailFrontier\logger\all\20070721.txt Object is locked skipped C:\Documents and Settings\Owner\Application Data\tmp6B.tmp.exe Infected: Trojan.Win32.BHO.bi skipped C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{FD25AF82-E85C-427E-B407-2883BF49331D}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{FD25AF82-E85C-427E-B407-2883BF49331D}\Microsoft\Outlook Express\Inbox.dbx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{FD25AF82-E85C-427E-B407-2883BF49331D}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{FD25AF82-E85C-427E-B407-2883BF49331D}\Microsoft\Outlook Express\Pop3uidl.dbx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007072120070722\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temp\hpotdd009.log Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\My Documents\sinstaller2.exe/stream/data0001 Infected: not-a-virus:AdWare.Win32.Comet.ac skipped C:\Documents and Settings\Owner\My Documents\sinstaller2.exe/stream Infected: not-a-virus:AdWare.Win32.Comet.ac skipped C:\Documents and Settings\Owner\My Documents\sinstaller2.exe NSIS: infected - 2 skipped C:\Documents and Settings\Owner\ntuser.dat Object is locked skipped C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped C:\hp\bin\KillWind.exe Infected: not-a-virus:RiskTool.Win32.PsKill.p skipped C:\Program Files\HughesNet Tools\log\mpbtn.log Object is locked skipped C:\Program Files\HughesNet Tools\SmartBridge\AlertFilter.log Object is locked skipped C:\Program Files\HughesNet Tools\SmartBridge\log\httpclient.log Object is locked skipped C:\Program Files\HughesNet Tools\SmartBridge\SmartBridge.log Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\chandir.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\chandir.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\chn.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\chn.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\D0000000.FCS Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\inuse.txt Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\L0000008.FCS Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\main.log Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_die.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_die.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_dnd.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_dnd.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_ext.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_ext.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_rcv.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_rcv.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\storydb.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\storydb.idx Object is locked skipped C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\MailBuddy.log Object is locked skipped C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\Matador_Outlook_Express.log Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP680\A0128301.exe Infected: Trojan-Downloader.Win32.Agent.auv skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP680\A0128335.exe Infected: Trojan-Downloader.Win32.Agent.auv skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP681\A0128376.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.af skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP682\A0129996.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ke skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP682\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{50F65F0D-13D7-4896-BFE3-4AD61B6B9938}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\awtqo.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.af skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\dcimlcy.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ke skipped C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped C:\WINDOWS\system32\drivers\fidbox2.dat Object is locked skipped C:\WINDOWS\system32\drivers\fidbox2.idx Object is locked skipped C:\WINDOWS\system32\gebcd.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.af skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\spool\PRINTERS\00002.SPL Object is locked skipped C:\WINDOWS\tuturr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP682\change.log Object is locked skipped Scan process completed. |
|
|
|
|
07-21-2007, 04:30 PM
|
#3 (permalink) |
|
Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy
Join Date: May 2005
Posts: 24,465
OS: N/A
|
Re: Help I have virus's
1. Download & Save this file to Desktop -> http://download.bleepingcomputer.com...a/ComboFix.exe
2. Double click on combofix.exe & follow the prompts. 3. When finished, it shall produce a log for you. Post that log & a fresh HJT log in your next reply Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall
__________________
Question - what have you done for the community today? |
|
|
|
|
07-21-2007, 05:42 PM
|
#5 (permalink) |
|
Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy
Join Date: May 2005
Posts: 24,465
OS: N/A
|
Re: Help I have virus's
Download http://download.bleepingcomputer.com...HiJackThis.exe
1. If it gives you an intro screen, just choose - Do a system scan and save a logfile. 2. If you don't get the intro screen, just hit [Scan] and then click on Save log. 3. Post the HiJackThis.log file
__________________
Question - what have you done for the community today? |
|
|
|
|
07-21-2007, 11:32 PM
|
#6 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 17
OS: Windows xp
|
Re: Help I have virus's
hERE IS THE COMBO FIX LOG NOW OFF TO DO THE HJT LOG
"Owner" - 2007-07-21 23:40:40 - ComboFix 07-07-22.2 - Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-06-22 to 2007-07-22 ))))))))))))))))))))))))))))))) 2007-07-21 18:36 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-21 16:15 9,122 --a------ C:\WINDOWS\system32\pmnnn.exe 2007-07-21 13:19 82,258 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-07-21 13:19 82,258 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-07-21 13:19 <DIR> d-------- C:\Program Files\Kaspersky Lab 2007-07-21 13:10 <DIR> d-------- C:\kav 2007-07-21 10:48 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-07-21 10:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab 2007-07-20 23:31 <DIR> d-------- C:\Program Files\iWin.com Games 2007-07-20 22:15 182,272 --a------ C:\WINDOWS\patchw32.dll 2007-07-20 22:15 <DIR> d-------- C:\Program Files\ubi.com 2007-07-20 22:15 <DIR> d-------- C:\Program Files\Common Files\PocketSoft 2007-07-20 22:04 <DIR> d-------- C:\WINDOWS\UbiSoft 2007-07-20 22:04 <DIR> d-------- C:\Program Files\Ubi Soft 2007-07-20 21:41 <DIR> d-------- C:\DOCUME~1\Scott\APPLIC~1\MailFrontier 2007-07-20 14:56 32,800 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-07-20 14:56 3,549,984 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-07-20 00:56 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive 2007-07-20 00:55 <DIR> d-------- C:\Program Files\Common Files\Motive 2007-07-20 00:52 <DIR> d-------- C:\Program Files\Motive 2007-07-20 00:52 <DIR> d-------- C:\Program Files\HughesNet Tools 2007-07-19 15:17 58,798 --a------ C:\DOCUME~1\Scott\APPLIC~1\tmp9.tmp.exe 2007-07-19 15:08 76,130 --a------ C:\DOCUME~1\Scott\APPLIC~1\tmp45.tmp.exe 2007-07-19 15:06 128,231 --a------ C:\DOCUME~1\Scott\APPLIC~1\tmp43.tmp.exe 2007-07-19 14:49 58,798 --a------ C:\DOCUME~1\Scott\APPLIC~1\tmp42.tmp.exe 2007-07-19 14:46 76,130 --a------ C:\DOCUME~1\Scott\APPLIC~1\tmp40.tmp.exe 2007-07-19 14:38 128,231 --a------ C:\DOCUME~1\Scott\APPLIC~1\tmp37.tmp.exe 2007-07-18 14:12 720,896 --a------ C:\WINDOWS\iun6002ev.exe 2007-07-18 14:12 <DIR> d-------- C:\Program Files\Bejeweled 2 Deluxe 2007-07-14 08:25 <DIR> d-------- C:\DOCUME~1\Scott\APPLIC~1\AdobeUM 2007-07-10 12:20 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\acccore 2007-07-10 12:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP 2007-07-10 12:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL 2007-07-10 12:19 <DIR> d-------- C:\Program Files\AIM6 2007-07-10 12:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads 2007-07-09 17:46 92,208 --------- C:\WINDOWS\system32\WING.DLL 2007-07-09 17:46 188,960 --------- C:\WINDOWS\system32\WINGDE.DLL 2007-07-08 00:48 <DIR> d-------- C:\Program Files\LimeWire 2007-07-07 23:40 <DIR> d-------- C:\Program Files\DreamQuest 2007-07-04 19:40 <DIR> d-------- C:\Program Files\LucasArts 2007-07-04 19:37 <DIR> d-------- C:\DISNEY (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-22 00:30:15 4,052 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2007-07-22 00:30:14 48,188 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-07-21 06:51:45 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat 2007-07-21 05:46:02 30 ----a-w C:\WINDOWS\popcinfo.dat 2007-07-21 03:15:20 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-07-20 20:00:13 -------- d-----w C:\Program Files\MySpace 2007-07-20 19:58:11 -------- d-----w C:\Program Files\Common Files\Symantec Shared 2007-07-20 05:56:18 2,551 ----a-w C:\Program Files\DOWNLOAD_INSTALL.LOG 2007-07-16 18:42:41 6,630 ----a-w C:\DOCUME~1\Owner\APPLIC~1\wklnhst.dat 2007-07-10 17:21:40 -------- d-----w C:\DOCUME~1\Owner\APPLIC~1\Viewpoint 2007-07-10 17:20:08 -------- d-----w C:\Program Files\Viewpoint 2007-07-10 17:19:42 -------- d-----w C:\Program Files\Common Files\AOL 2007-07-09 22:46:08 -------- d-----w C:\Program Files\LEGO Media 2007-06-15 17:41:01 -------- d-----w C:\Program Files\Bonjour 2007-06-15 16:58:58 -------- d-----w C:\Program Files\AdwareAlert 2007-06-15 05:07:00 -------- d-----w C:\Program Files\HughesNet 2007-06-15 05  27 -------- d-----w C:\DOCUME~1\Owner\APPLIC~1\Motive2007-06-14 20:14:42 -------- d-----w C:\Program Files\Sony Pictures Games 2007-06-14 19:44:36 -------- d-----w C:\Program Files\Return to Castle Wolfenstein 2007-06-14 19:43:51 -------- d-----w C:\Program Files\Ricochet Lost Worlds 2007-05-21 19:25:03 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll 2007-05-21 19:25:03 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll 2007-05-21 19:25:03 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll 2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2006-07-11 20:21:48 774,144 ----a-w C:\Program Files\RngInterstitial.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3E48B471-EB2E-4ccf-9EA9-8905F737B895}] 2007-06-15 00:07 94208 --a------ C:\Program Files\HughesNet\SrchHelp\1.bin\HGNSRCAS.DLL [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6c3b059c-ee42-4194-9e1c-8d8a917cb788}] C:\WINDOWS\system32\dcimlcy.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 14:47 C:\WINDOWS\ALCXMNTR.EXE] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-06-14 16:24] "NapsterShell"="C:\Program Files\Napster\napster.exe" [] "PC Pitstop Optimize Scheduler"="C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe" [2007-04-05 12:53] "Motive SmartBridge"="C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe" [2006-02-03 17:07] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2007-03-09 19:50] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2004-01-09 04:34] "ares"="C:\Program Files\Ares\Ares.exe" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56] "Aim6"="" [] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06] hp psc 2000 Series.lnk - C:\Program Files\HP\Digital Imaging\bin\hpobnz08.exe [2003-04-06 01:37:10] hpoddt01.exe.lnk - C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe [2003-04-06 02 58]HughesNet Tools.lnk - C:\Program Files\HughesNet Tools\bin\matcli.exe [2007-07-20 00:53:10] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04] Updates from HP.lnk - C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe [2004-04-01 16:16:45] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cidgmt] cidgmt.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dcimlcy] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=c:\windows\system32\jkklkhh.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages :\WINDOW scecli [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^IMStart.lnk] path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\IMStart.lnk backup=C:\WINDOWS\pss\IMStart.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdwareAlert] C:\Program Files\AdwareAlert\adwarealert.Exe -boot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor] ALCXMNTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTMSG] LTMSG.exe 7 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2] C:\WINDOWS\system32\ps2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] "C:\Windows\Creator\Remind_XP.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] VTTimer.exe fasttx2k - System32\DRIVERS\fasttx2k.sys ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-21 23:44:13 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-21 23:45:22 C:\ComboFix-quarantined-files.txt ... 2007-07-21 23:44 --- E O F --- |
|
|
|
|
07-21-2007, 11:37 PM
|
#7 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 17
OS: Windows xp
|
Re: Help I have virus's
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:34:02 AM, on 7/22/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpobnz08.exe C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe C:\Program Files\HP\Digital Imaging\bin\hpoevm08.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\HP\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Documents and Settings\Owner\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=192.168.0.1:87 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;192.168.0.1;systemcontrolcenter.com;*.local;localhost;<local> R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {3E48B476-EB2E-4ccf-9EA9-8905F737B895} - C:\Program Files\HughesNet\SrchHelp\1.bin\HGNSRCAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3E48B471-EB2E-4ccf-9EA9-8905F737B895} - C:\Program Files\HughesNet\SrchHelp\1.bin\HGNSRCAS.DLL O2 - BHO: (no name) - {6c3b059c-ee42-4194-9e1c-8d8a917cb788} - C:\WINDOWS\system32\dcimlcy.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: HughesNet Toolbar BHO - {CB2D4F91-8F9E-4992-880E-5962045A36E1} - C:\Program Files\HughesNet\bar\1.bin\HGNBAR.DLL O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll O3 - Toolbar: &HughesNet Toolbar - {CB2D4F99-8F9E-4992-880E-5962045A36E1} - C:\Program Files\HughesNet\bar\1.bin\HGNBAR.DLL O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray O4 - HKLM\..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe (User '?') O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User '?') O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [Aim6] (User '?') O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User '?') O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\HP\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/mini...ansporter.cab? O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1131250498281 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1134601802718 O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://cam1.sturgisrallycams.com/act...CamControl.cab O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/40...ds/Coupons.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../Installer.exe O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/game...utLauncher.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326 O20 - AppInit_DLLs: c:\windows\system32\jkklkhh.dll O20 - Winlogon Notify: cidgmt - cidgmt.dll (file missing) O20 - Winlogon Notify: dcimlcy - C:\WINDOWS\ O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe (file missing) -- End of file - 10273 bytes |
|
|
|
|
07-22-2007, 04:07 AM
|
#8 (permalink) |
|
Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy
Join Date: May 2005
Posts: 24,465
OS: N/A
|
Re: Help I have virus's
Go to Start > Control Panel > Add or Remove Programs and uninstall the following programs:
--------------- Do a HijackThis scan & place a check next to these items and select "Fix checked": R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: (no name) - {6c3b059c-ee42-4194-9e1c-8d8a917cb788} - C:\WINDOWS\system32\dcimlcy.dll (file missing) O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/mini...ansporter.cab? O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/40...ds/Coupons.cab O20 - AppInit_DLLs: c:\windows\system32\jkklkhh.dll O20 - Winlogon Notify: cidgmt - cidgmt.dll (file missing) O20 - Winlogon Notify: dcimlcy - C:\WINDOWS\ --------------- Open notepad and copy/paste the text in the quotebox below into it: Code:
http://www.techsupportforum.com/security-center/hijackthis-log-help/169026-help-i-have-viruss.html
Collect::
C:\WINDOWS\system32\pmnnn.exe
C:\DOCUME~1\Scott\APPLIC~1\tmp9.tmp.exe
C:\DOCUME~1\Scott\APPLIC~1\tmp45.tmp.exe
C:\DOCUME~1\Scott\APPLIC~1\tmp43.tmp.exe
C:\DOCUME~1\Scott\APPLIC~1\tmp42.tmp.exe
C:\DOCUME~1\Scott\APPLIC~1\tmp40.tmp.exe
C:\DOCUME~1\Scott\APPLIC~1\tmp37.tmp.exe
File::
C:\WINDOWS\iun6002ev.exe
Folder::
C:\DOCUME~1\Owner\APPLIC~1\Viewpoint
C:\Program Files\Viewpoint
C:\Program Files\AdwareAlert
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6c3b059c-ee42-4194-9e1c-8d8a917cb788}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcxMonitor"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cidgmt]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dcimlcy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Notification Packages"=hex(7):73,63,65,63,6c,69,00,00
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdwareAlert]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
 Refering to the picture above, drag CFScript.txt into ComboFix.exe When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply. Additonally, ComboFix will generate a zipped file on your Desktop, called Submit [Date Time].zip Please submit this file to: http://www.bleepingcomputer.com/subm....php?channel=4 The file must be uploaded before proceeding to the next step. --------------- Please perform an online scan using Internet Explorer at http://www.kaspersky.com/virusscanner Answer Yes, when prompted to install an ActiveX component.
* If you're downloading torrents in the background, please disconnect all of them. Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%. --------------- In your next post, please include fresh logs from:
__________________
Question - what have you done for the community today? |
|
|
|
|
07-22-2007, 10:52 PM
|
#9 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 17
OS: Windows xp
|
Re: Help I have virus's
***New on line scan**** Looks like I lost a couple of virus's but not all I dont know..Thanks for all the help
Sunday, July 22, 2007 11:46:23 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.93.0 Kaspersky Anti-Virus database last update: 22/07/2007 Kaspersky Anti-Virus database records: 366624 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ K:\ Scan Statistics Total number of scanned objects 108995 Number of viruses found 3 Number of infected objects 5 Number of suspicious objects 0 Duration of the scan process 01:44:39 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\007e_File_Monitoring_eventlog.rpt Object is locked skipped C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\0080_Web_Monitoring_eventlog.rpt Object is locked skipped C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\0082_AdBlocker_eventcritlog.rpt Object is locked skipped C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\0082_AdBlocker_eventlog.rpt Object is locked skipped C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.idx Object is locked skipped C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\detected.rpt Object is locked skipped C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\eventlog.rpt Object is locked skipped C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Report\report.rpt Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007072220070723\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temp\hpotdd014.log Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\ntuser.dat Object is locked skipped C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped C:\hp\bin\KillWind.exe Infected: not-a-virus:RiskTool.Win32.PsKill.p skipped C:\Program Files\HughesNet Tools\SmartBridge\AlertFilter.log Object is locked skipped C:\Program Files\HughesNet Tools\SmartBridge\log\httpclient.log Object is locked skipped C:\Program Files\HughesNet Tools\SmartBridge\SmartBridge.log Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\chandir.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\chandir.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\chn.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\chn.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\D0000000.FCS Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\inuse.txt Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\L0000008.FCS Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\main.log Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_die.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_die.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_dnd.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_dnd.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_ext.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_ext.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_rcv.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\prs_rcv.idx Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\storydb.dat Object is locked skipped C:\Program Files\Updates from HP\137903\Users\Default\Data\storydb.idx Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP682\A0130349.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.af skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP682\A0130350.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.af skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP682\A0130354.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ke skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP682\A0130359.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.af skipped C:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP683\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped C:\WINDOWS\system32\drivers\fidbox2.dat Object is locked skipped C:\WINDOWS\system32\drivers\fidbox2.idx Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\spool\PRINTERS\00002.SPL Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\System Volume Information\_restore{70304573-AB33-4072-AA96-4495C42D15E3}\RP683\change.log Object is locked skipped Scan process completed. Scan Of Computer *** Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:48:42 PM, on 7/22/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpobnz08.exe C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe C:\Program Files\HP\Digital Imaging\bin\hpoevm08.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\HP\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\Documents and Settings\Owner\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=192.168.0.1:87 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;192.168.0.1;systemcontrolcenter.com;*.local;localhost;<local> R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {3E48B476-EB2E-4ccf-9EA9-8905F737B895} - C:\Program Files\HughesNet\SrchHelp\1.bin\HGNSRCAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3E48B471-EB2E-4ccf-9EA9-8905F737B895} - C:\Program Files\HughesNet\SrchHelp\1.bin\HGNSRCAS.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: HughesNet Toolbar BHO - {CB2D4F91-8F9E-4992-880E-5962045A36E1} - C:\Program Files\HughesNet\bar\1.bin\HGNBAR.DLL O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll O3 - Toolbar: &HughesNet Toolbar - {CB2D4F99-8F9E-4992-880E-5962045A36E1} - C:\Program Files\HughesNet\bar\1.bin\HGNBAR.DLL O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray O4 - HKLM\..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe (User '?') O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User '?') O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [Aim6] (User '?') O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User '?') O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\HP\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1131250498281 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1134601802718 O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://cam1.sturgisrallycams.com/act...CamControl.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../Installer.exe O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/game...utLauncher.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326 O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe (file missing) -- End of file - 9658 bytes The Combo Fix Log Owner" - 2007-07-22 13:45:07 - ComboFix 07-07-22.2 - Service Pack 2 NTFS Command switches used :: C:\Documents and Settings\Owner\Desktop\CFScript ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\DOCUME~1\Owner\APPLIC~1\Viewpoint C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\-104426001.swf C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\-1077454628.mtz C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\-1079101228.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\-505970296.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\-540444473.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\1122031235.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\1344396731.swf C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\1686570019.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\264740967.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\27572851.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\288018514.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00\URLCache.ini C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-104428668.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-105675675.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-1077454635.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-1299186445.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-1733022897.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-2115813063.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-331358051.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-505970281.mtz C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-530124400.mtz C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-590269809.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-603258608.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-843764878.mtz C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-886504912.swf C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\-963781237.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\1139878762.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\136302023.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\454659531.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01\URLCache.ini C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\-1260778778.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\-221763573.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\-578137404.swf C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\-657172214.swf C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\-968039016.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\1085130500.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\1686621792.swf C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\2113524737.mtj&p2=1&p3=07650006416658330373588818117449&p4=50463258 C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\343937850.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\407034558.ini C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\527541197.swf C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\945653107.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02\URLCache.ini C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-1077990444.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-1161485473.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-1459212672.swf C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-1894009033.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-1930803057.swf C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-46166133.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-53182661.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-615068164.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-70733690.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-783842327.mtz C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\-797206940.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\1214742160.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\1689554658.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\501228538.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\545157766.mts C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\665917381.mzv C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03\URLCache.ini C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Experience Technology\Resources\UpdateVersionList_v2.mtx C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\URLCache.ini C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_01\URLCache.ini C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_02\URLCache.ini C:\DOCUME~1\Owner\APPLIC~1\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_03\URLCache.ini C:\DOCUME~1\Scott\APPLIC~1\tmp37.tmp.exe C:\DOCUME~1\Scott\APPLIC~1\tmp40.tmp.exe C:\DOCUME~1\Scott\APPLIC~1\tmp42.tmp.exe C:\DOCUME~1\Scott\APPLIC~1\tmp43.tmp.exe C:\DOCUME~1\Scott\APPLIC~1\tmp45.tmp.exe C:\DOCUME~1\Scott\APPLIC~1\tmp9.tmp.exe C:\Program Files\AdwareAlert C:\Program Files\AdwareAlert\adwarealert.exe C:\Program Files\AdwareAlert\ErrorLog.txt C:\Program Files\AdwareAlert\Launcher.exe C:\Program Files\AdwareAlert\SpyLog.txt C:\Program Files\AdwareAlert\unins000.exe C:\Program Files\Viewpoint C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream_0302021C.dll C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream_0302021C_.dll C:\Program Files\Viewpoint\Viewpoint Media Player\AxMetaStream_0305000D.dll C:\Program Files\Viewpoint\Viewpoint Media Player\ClassIDs.ini C:\Program Files\Viewpoint\Viewpoint Media Player\ComponentMgr_0305000D.dll C:\Program Files\Viewpoint\Viewpoint Media Player\ComponentRegistry.ini C:\Program Files\Viewpoint\Viewpoint Media Player\Components\AOLUserShell.dll C:\Program Files\Viewpoint\Viewpoint Media Player\Components\Cursors.dll C:\Program Files\Viewpoint\Viewpoint Media Player\Components\JpegReader.dll C:\Program Files\Viewpoint\Viewpoint Media Player\Components\Mts3Reader.dll C:\Program Files\Viewpoint\Viewpoint Media Player\Components\SceneComponent.dll C:\Program Files\Viewpoint\Viewpoint Media Player\Components\SreeDMMX.dll C:\Program Files\Viewpoint\Viewpoint Media Player\Components\SWFView.dll C:\Program Files\Viewpoint\Viewpoint Media Player\Components\VMgr.dll C:\Program Files\Viewpoint\Viewpoint Media Player\Components\VMPSpeech.dll C:\Program Files\Viewpoint\Viewpoint Media Player\Components\VMPVideo.dll C:\Program Files\Viewpoint\Viewpoint Media Player\Components\WaveletReader.dll C:\Program Files\Viewpoint\Viewpoint Media Player\HostRegistry.ini C:\Program Files\Viewpoint\Viewpoint Media Player\MetaStreamConfig.ini C:\Program Files\Viewpoint\Viewpoint Media Player\MetaStreamID.ini C:\Program Files\Viewpoint\Viewpoint Media Player\MtsAxInstaller.exe C:\WINDOWS\iun6002ev.exe C:\WINDOWS\system32\pmnnn.exe ((((((((((((((((((((((((( Files Created from 2007-06-22 to 2007-07-22 ))))))))))))))))))))))))))))))) 2007-07-21 18:36 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-21 13:19 82,258 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-07-21 13:19 82,258 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-07-21 13:19 <DIR> d-------- C:\Program Files\Kaspersky Lab 2007-07-21 13:10 <DIR> d-------- C:\kav 2007-07-21 10:48 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-07-21 10:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab 2007-07-20 23:31 <DIR> d-------- C:\Program Files\iWin.com Games 2007-07-20 22:15 182,272 --a------ C:\WINDOWS\patchw32.dll 2007-07-20 22:15 <DIR> d-------- C:\Program Files\ubi.com 2007-07-20 22:15 <DIR> d-------- C:\Program Files\Common Files\PocketSoft 2007-07-20 22:04 <DIR> d-------- C:\WINDOWS\UbiSoft 2007-07-20 22:04 <DIR> d-------- C:\Program Files\Ubi Soft 2007-07-20 21:41 <DIR> d-------- C:\DOCUME~1\Scott\APPLIC~1\MailFrontier 2007-07-20 14:56 37,152 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-07-20 14:56 3,643,168 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-07-20 00:56 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive 2007-07-20 00:55 <DIR> d-------- C:\Program Files\Common Files\Motive 2007-07-20 00:52 <DIR> d-------- C:\Program Files\Motive 2007-07-20 00:52 <DIR> d-------- C:\Program Files\HughesNet Tools 2007-07-18 14:12 <DIR> d-------- C:\Program Files\Bejeweled 2 Deluxe 2007-07-14 08:25 <DIR> d-------- C:\DOCUME~1\Scott\APPLIC~1\AdobeUM 2007-07-10 12:20 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\acccore 2007-07-10 12:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP 2007-07-10 12:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL 2007-07-10 12:19 <DIR> d-------- C:\Program Files\AIM6 2007-07-10 12:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads 2007-07-09 17:46 92,208 --------- C:\WINDOWS\system32\WING.DLL 2007-07-09 17:46 188,960 --------- C:\WINDOWS\system32\WINGDE.DLL 2007-07-08 00:48 <DIR> d-------- C:\Program Files\LimeWire 2007-07-07 23:40 <DIR> d-------- C:\Program Files\DreamQuest 2007-07-04 19:40 <DIR> d-------- C:\Program Files\LucasArts 2007-07-04 19:37 <DIR> d-------- C:\DISNEY (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-22 16:53:48 -------- d-----w C:\DOCUME~1\Owner\APPLIC~1\Lavasoft 2007-07-22 00:30:15 4,052 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2007-07-22 00:30:14 48,188 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-07-21 06:51:45 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat 2007-07-21 05:46:02 30 ----a-w C:\WINDOWS\popcinfo.dat 2007-07-21 03:15:20 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-07-20 20:00:13 -------- d-----w C:\Program Files\MySpace 2007-07-20 19:58:11 -------- d-----w C:\Program Files\Common Files\Symantec Shared 2007-07-20 05:56:18 2,551 ----a-w C:\Program Files\DOWNLOAD_INSTALL.LOG 2007-07-16 18:42:41 6,630 ----a-w C:\DOCUME~1\Owner\APPLIC~1\wklnhst.dat 2007-07-10 17:19:42 -------- d-----w C:\Program Files\Common Files\AOL 2007-07-09 22:46:08 -------- d-----w C:\Program Files\LEGO Media 2007-06-15 17:41:01 -------- d-----w C:\Program Files\Bonjour 2007-06-15 05:07:00 -------- d-----w C:\Program Files\HughesNet 2007-06-15 05 27 -------- d-----w C:\DOCUME~1\Owner\APPLIC~1\Motive2007-06-14 20:14:42 -------- d-----w C:\Program Files\Sony Pictures Games 2007-06-14 19:44:36 -------- d-----w C:\Program Files\Return to Castle Wolfenstein 2007-06-14 19:43:51 -------- d-----w C:\Program Files\Ricochet Lost Worlds 2007-05-21 19:25:03 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll 2007-05-21 19:25:03 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll 2007-05-21 19:25:03 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll 2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2006-07-11 20:21:48 774,144 ----a-w C:\Program Files\RngInterstitial.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3E48B471-EB2E-4ccf-9EA9-8905F737B895}] 2007-06-15 00:07 94208 --a------ C:\Program Files\HughesNet\SrchHelp\1.bin\HGNSRCAS.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-06-14 16:24] "NapsterShell"="C:\Program Files\Napster\napster.exe" [] "PC Pitstop Optimize Scheduler"="C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe" [2007-04-05 12:53] "Motive SmartBridge"="C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe" [2006-02-03 17:07] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2007-03-09 19:50] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupNotify"="c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe" [2004-01-09 04:34] "ares"="C:\Program Files\Ares\Ares.exe" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56] "Aim6"="" [] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06] hp psc 2000 Series.lnk - C:\Program Files\HP\Digital Imaging\bin\hpobnz08.exe [2003-04-06 01:37:10] hpoddt01.exe.lnk - C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe [2003-04-06 02 58]HughesNet Tools.lnk - C:\Program Files\HughesNet Tools\bin\matcli.exe [2007-07-20 00:53:10] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04] Updates from HP.lnk - C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe [2004-04-01 16:16:45] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^IMStart.lnk] path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\IMStart.lnk backup=C:\WINDOWS\pss\IMStart.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KBD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTMSG] LTMSG.exe 7 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2] C:\WINDOWS\system32\ps2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] "C:\Windows\Creator\Remind_XP.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] VTTimer.exe fasttx2k - System32\DRIVERS\fasttx2k.sys *Newly Created Service* - CATCHME ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-22 13:52:10 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-22 13:54:01 C:\ComboFix-quarantined-files.txt ... 2007-07-22 13:53 C:\ComboFix2.txt ... 2007-07-21 23:45 --- E O F --- |
|
|
|
|
07-22-2007, 11:02 PM
|
#10 (permalink) |
|
Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy
Join Date: May 2005
Posts: 24,465
OS: N/A
|
Re: Help I have virus's
Of the stuff Kaspersky found,
C:\QooBox\ is ComboFix's quarantine folder. You can safely delete it C:\System Volume Information\ is where System Restore's cache is stored. Whatever is in there can't harm you unless you choose to perform a manual restore. Nevertheless, we shall be reseting/clearing the cache in a little while ---------------------- Now that your system is clean, kindly follow these simple steps in order to keep your computer clean and secure:
Update all these programs regularly. Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released. Follow this list and your potential for being infected again will reduce dramatically. Here are some additional utilities that will further enhance your safety.
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein - http://computercops.biz/postlite7736-.html After doing all these, your system will be optimised against future threats. It's okay to delete the Hijack This folder in a couple weeks if everything is working okay. Have a safe & happy computing day.  Please respond to this thread one more time so we can mark this thread as resolved.
__________________
Question - what have you done for the community today? |
|
|
|
|
07-22-2007, 11:45 PM
|
#11 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 17
OS: Windows xp
|
Re: Help I have virus's
CLEAR & RESET SYSTEM RESTORE'S CACHE - (System Volume Information folder)
Go to Start → Run → type control sysdm.cpl,,4 & press Enter Tick on the checkbox - Turn off System Restore on all drives Click Apply Turn it back 'On' by unticking the same checkbox & click OK ****WHEN I DO THIS THIS IS WHAT IT COMES BACK AT ME AND SAYS SYSTEM RESTORE ENCOUNTERED AN ERROR TRYING TO ENABLE/DISABLE ONE OR MORE DRIVES. PLEASE RESTART YOUR MACHINE AND TRY AGAIN..... ***I HAVE RESTARTED THREE TIMES NOW AND STILL GIVES ME THE SAME MESSAGE....NOW WHAT DO I DO? |
|
|
|
|
07-23-2007, 06:41 AM
|
#12 (permalink) |
|
Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy
Join Date: May 2005
Posts: 24,465
OS: N/A
|
Re: Help I have virus's
Sounds like a problem with one of your drives.
To found out which, go back to the System Restore window. Select each drive individually & click the Settings button Then tick "Turn Off System Restore on this drive" When you reach the troubled drive, you should get an error message. Let me know which drive & what the error message says
__________________
Question - what have you done for the community today? |
|
|
|
|
07-23-2007, 09:43 AM
|
#13 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 17
OS: Windows xp
|
Re: Help I have virus's
D drive I get the same message as before telling me to shut computer down.
When I do C drive it tells me that I c drive is the system drive you cant turn this off with doing all the drives click next to continue, I do this and it just quits... |
|
|
|
|
07-23-2007, 10:04 AM
|
#14 (permalink) |
|
Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy
Join Date: May 2005
Posts: 24,465
OS: N/A
|
Re: Help I have virus's
Try downloading this tool > http://www.techsupportforum.com/sect...eckard/dss.exe
Besides generating some logs, it has the added capability of restoring System Restore
__________________
Question - what have you done for the community today? |
|
|
|
|
07-23-2007, 10:42 AM
|
#15 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 17
OS: Windows xp
|
Re: Help I have virus's
Deckard's System Scanner v20070711.54
Run by Owner on 2007-07-23 at 11:32:10 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Unable to create System Restore WMI object; error code: 0x00000001 Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Owner.exe) ----------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:35:26 AM, on 7/23/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\isafe.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpobnz08.exe C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe C:\Program Files\HP\Digital Imaging\bin\hpoevm08.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\HP\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe C:\Documents and Settings\Owner\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=192.168.0.1:87 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;192.168.0.1;systemcontrolcenter.com;*.local;localhost;<local> R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {3E48B476-EB2E-4ccf-9EA9-8905F737B895} - C:\Program Files\HughesNet\SrchHelp\1.bin\HGNSRCAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3E48B471-EB2E-4ccf-9EA9-8905F737B895} - C:\Program Files\HughesNet\SrchHelp\1.bin\HGNSRCAS.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: HughesNet Toolbar BHO - {CB2D4F91-8F9E-4992-880E-5962045A36E1} - C:\Program Files\HughesNet\bar\1.bin\HGNBAR.DLL O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll O3 - Toolbar: &HughesNet Toolbar - {CB2D4F99-8F9E-4992-880E-5962045A36E1} - C:\Program Files\HughesNet\bar\1.bin\HGNBAR.DLL O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray O4 - HKLM\..\Run: [PC Pitstop Optimize Scheduler] C:\Program Files\PCPitstop\Optimize\PCPOptimize.exe -boot O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\HUGHES~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe (User '?') O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User '?') O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [Aim6] (User '?') O4 - HKUS\S-1-5-21-1192511399-3926228266-1578188767-1003\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User '?') O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\HP\Digital Imaging\bin\hpobnz08.exe O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: HughesNet Tools.lnk = C:\Program Files\HughesNet Tools\bin\matcli.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/do...e_Inst_Win.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1131250498281 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1134601802718 O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://cam1.sturgisrallycams.com/act...CamControl.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../Installer.exe O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/game...utLauncher.cab O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe (file missing) -- End of file - 10073 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- 3 catchme - c:\docume~1\owner\locals~1\temp\catchme.sys (file missing) <Verified; Sensaura Ltd; > 3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell> 3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\program files\common files\motive\mrendis5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows> 3 o1394bul - c:\docume~1\scott\locals~1\temp\o1394bul.sys (file missing) <Not Verified; Motive, Inc.; Motive Rawether for Windows> 3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- 2 aawservice (Ad-Aware 2007 Service) - c:\program files\lavasoft\ad-aware 2007\aawservice.exe 2 Bonjour Service - c:\program files\bonjour\mdnsresponder.exe 3 CAISafe (CA ISafe) - c:\windows\system32\zonelabs\isafe.exe <Not Verified; Computer Associates International, Inc.; ISafe> 3 WmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing) <Not Verified; Computer Associates International, Inc.; ISafe> -- Files created between 2007-06-23 and 2007-07-23 ----------------------------- 2007-07-23 11:19:50 0 d-------- C:\Program Files\Lavasoft 2007-07-23 11:19:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-07-23 11:08:56 0 d-------- C:\Program Files\SpywareBlaster 2007-07-23 11:07:39 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-07-23 10:53:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-07-23 10:19:00 0 d-------- C:\WINDOWS\CAVTemp 2007-07-23 01:07:06 0 d-------- C:\Documents and Settings\Owner\Application Data\MailFrontier 2007-07-23 00:57:11 12288 --a------ C:\WINDOWS\system32\vetntmsg.dll 2007-07-23 00:57:11 15668 --a------ C:\WINDOWS\system32\drivers\vet-rec.sys 2007-07-23 00:57:11 21605 --a------ C:\WINDOWS\system32\drivers\vet-filt.sys 2007-07-23 00:57:11 77824 --a------ C:\WINDOWS\system32\driverif.dll <Not Verified; Computer Associates International, Inc.; CA driverif> 2007-07-21 13:19:06 0 d-------- C:\Program Files\Kaspersky Lab 2007-07-21 13:10:27 0 d-------- C:\kav 2007-07-21 10:48:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2007-07-21 10:48:55 0 d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-07-20 23:31:28 0 d-------- C:\Program Files\iWin.com Games 2007-07-20 22:15:33 182272 --a------ C:\WINDOWS\patchw32.dll 2007-07-20 22:15:32 0 d-------- C:\Program Files\Common Files\PocketSoft 2007-07-20 22:15:24 0 d-------- C:\Program Files\ubi.com 2007-07-20 22:04:30 0 d-------- C:\Program Files\Ubi Soft 2007-07-20 22:04:02 0 d-------- C:\WINDOWS\UbiSoft 2007-07-20 21:41:15 0 d-------- C:\Documents and Settings\Scott\Application Data\MailFrontier 2007-07-20 00:56:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Motive 2007-07-20 00:55:03 0 d-------- C:\Program Files\Common Files\Motive 2007-07-20 00:52:20 0 d-------- C:\Program Files\HughesNet Tools 2007-07-20 00:52:19 0 d-------- C:\Program Files\Motive 2007-07-18 14:12:52 0 d-------- C:\Program Files\Bejeweled 2 Deluxe 2007-07-14 08:25:56 0 d-------- C:\Documents and Settings\Scott\Application Data\AdobeUM 2007-07-10 12:20:54 0 d-------- C:\Documents and Settings\Owner\Application Data\acccore 2007-07-10 12:20:33 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP 2007-07-10 12:20:20 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL 2007-07-10 12:19:30 0 d-------- C:\Program Files\AIM6 2007-07-10 12:16:00 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads 2007-07-09 17:46:10 188960 -----n--- C:\WINDOWS\system32\WINGDE.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System> 2007-07-09 17:46:10 92208 -----n--- C:\WINDOWS\system32\WING.DLL <Not Verified; Microsoft Corporation; WinG> 2007-07-08 00:48:00 0 d-------- C:\Program Files\LimeWire 2007-07-07 23:40:29 0 d-------- C:\Program Files\DreamQuest 2007-07-04 19:40:46 0 d-------- C:\Program Files\LucasArts 2007-07-04 19:37:57 0 d-------- C:\DISNEY -- Find3M Report --------------------------------------------------------------- 2007-07-23 11:34:56 0 d-------- C:\Program Files\Trend Micro 2007-07-23 10:18:59 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-07-23 00:34:49 30 --a------ C:\WINDOWS\popcinfo.dat 2007-07-22 11:53:48 0 d-------- C:\Documents and Settings\Owner\Application Data\Lavasoft 2007-07-20 22:15:20 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-07-20 15:00:13 0 d-------- C:\Program Files\MySpace 2007-07-20 14:58:11 0 d-------- C:\Program Files\Common Files\Symantec Shared 2007-07-20 00:56:18 2551 --a------ C:\Program Files\DOWNLOAD_INSTALL.LOG 2007-07-16 13:42:41 6630 --a------ C:\Documents and Settings\Owner\Application Data\wklnhst.dat 2007-07-14 08:08:31 0 d-------- C:\Program Files\Java 2007-07-10 12:19:42 0 d-------- C:\Program Files\Common Files\AOL 2007-07-09 17:46:08 0 d-------- C:\Program Files\LEGO Media 2007-06-15 12:41:01 0 d-------- C:\Program Files\Bonjour 2007-06-15 00:07:00 0 d-------- C:\Program Files\HughesNet 2007-06-15 00 27 0 d-------- C:\Documents and Settings\Owner\Application Data\Motive2007-06-14 15:14:42 0 d-------- C:\Program Files\Sony Pictures Games 2007-06-14 14:44:36 0 d-------- C:\Program Files\Return to Castle Wolfenstein 2007-06-14 14:43:51 0 d-------- C:\Program Files\Ricochet Lost Worlds 2007-05-21 14:25:03 21840 --a-----t C:\WINDOWS\system32\SIntfNT.dll 2007-05-21 14:25:03 17212 --a-----t C:\WINDOWS\system32\SIntf32.dll 2007-05-21 14:25:03 12067 --a-----t C:\WINDOWS\system32\SIntf16.dll 2007-05-03 10:08:40 23819 --a------ C:\logfile -- Registry Dump --------------------------------------------------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll {3E48B471-EB2E-4ccf-9EA9-8905F737B895} C:\Program Files\HughesNet\SrchHelp\1.bin\HGNSRCAS.DLL {53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll {CB2D4F91-8F9E-4992-880E-5962045A36E1} C:\Program Files\HughesNet\bar\1.bin\HGNBAR.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\"" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "NapsterShell"="C:\\Program Files\\Napster\\napster.exe /systray" "PC Pitstop Optimize Scheduler"="C:\\Program Files\\PCPitstop\\Optimize\\PCPOptimize.exe -boot" "Motive SmartBridge"="C:\\PROGRA~1\\HUGHES~1\\SMARTB~1\\MotiveSB.exe" "Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "BackupNotify"="c:\\Program Files\\HP\\Digital Imaging\\bin\\backupnotify.exe" "ares"="\"C:\\Program Files\\Ares\\Ares.exe\" -h" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "Aim6"="" "SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "MySpaceIM"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Quicken Scheduled Updates.lnk" "backup"="C:\\WINDOWS\\pss\\Quicken Scheduled Updates.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Quicken\\bagent.exe " "item"="Quicken Scheduled Updates" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Updates from HP.lnk" "backup"="C:\\WINDOWS\\pss\\Updates from HP.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\UPDATE~1\\137903\\Program\\BACKWE~1.EXE -startup" "item"="Updates from HP" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^IMStart.lnk] "path"="C:\\Documents and Settings\\Owner\\Start Menu\\Programs\\Startup\\IMStart.lnk" "backup"="C:\\WINDOWS\\pss\\IMStart.lnkStartup" "location"="Startup" "command"="C:\\Program Files\\InterMute\\IMStart.exe " "item"="IMStart" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ccApp" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="C:\\Program Files\\iTunes\\iTunesHelper.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KBD" "hkey"="HKLM" "command"="C:\\HP\\KBD\\KBD.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTMSG] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LTMSG" "hkey"="HKLM" "command"="LTMSG.exe 7" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ps2" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\ps2.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RECGUARD" "hkey"="HKLM" "command"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Remind_XP" "hkey"="HKLM" "command"="\"C:\\Windows\\Creator\\Remind_XP.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UsrPrmpt" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Symantec Shared\\Security Center\\UsrPrmpt.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="jusched" "hkey"="HKLM" "command"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="realsched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VTTimer" "hkey"="HKLM" "command"="VTTimer.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_AAWSERVICE -- End of Deckard's System Scanner: finished at 2007-07-23 at 11:37:36 --------- |
|
|
|
|
07-23-2007, 11:32 AM
|
#16 (permalink) | |
|
Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy
Join Date: May 2005
Posts: 24,465
OS: N/A
|
Re: Help I have virus's
Quote:
Let's have a look at Windows Event Viewer. It might give us a clue as to what is causing these issues Go to Start > Run - type in eventvwr <Press Enter>  This is a picture of what the event viewer looks like. You will see Application, Security & System listed in the left pane.
Repeat steps 1-6 for System
__________________
Question - what have you done for the community today? |
|
|
|
|
|
07-23-2007, 11:57 AM
|
#17 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 17
OS: Windows xp
|
Re: Help I have virus's
This is the application: the system is below..I seen so many errors on both that I just didnt know where to begin so Im sending these first and maybe you can tell me which ones to look at and send the other notes
Type Date Time Source Category Event User Computer Error 6/21/2007 6:26:25 PM Application Hang (101) 1002 N/A HOME Error 6/21/2007 11:29:38 PM Application Hang (101) 1002 N/A HOME Error 7/20/2007 12:43:42 AM Application Hang (101) 1002 N/A HOME Error 7/20/2007 12:42:55 AM Application Hang (101) 1002 N/A HOME Error 7/20/2007 12:42:55 AM Application Hang (101) 1002 N/A HOME Error 7/19/2007 12:51:06 PM Application Error None 1000 N/A HOME Error 7/19/2007 11:46:34 AM Application Error None 1001 N/A HOME Error 7/19/2007 11:46:27 AM Application Error None 1000 N/A HOME Error 6/26/2007 8:48:16 PM Application Hang (101) 1002 N/A HOME Error 7/12/2007 12:34:24 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 11:39:36 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 11:39:25 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 11:37:18 PM Application Hang (101) 1002 N/A HOME Error 7/4/2007 12:49:40 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 11:24:05 PM Application Hang (101) 1002 N/A HOME Error 7/4/2007 2:45:04 PM Microsoft Zoo Tycoon None 1000 N/A HOME Error 7/4/2007 2:45:22 PM Microsoft Zoo Tycoon None 1000 N/A HOME Error 7/4/2007 2:50:09 PM Microsoft Zoo Tycoon None 1000 N/A HOME Error 7/7/2007 11:20:33 PM Application Hang None 1001 N/A HOME Error 7/21/2007 1:14:01 PM MsiInstaller None 11704 Owner HOME Error 7/7/2007 11:20:29 PM Application Hang (101) 1002 N/A HOME Error 7/21/2007 11:00:29 AM Application Hang (101) 1002 N/A HOME Error 7/20/2007 1:14:01 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Error 7/20/2007 10:05:31 PM Application Hang (101) 1002 N/A HOME Error 7/6/2007 7 58 PM crypt32 None 8 N/A HOMEError 7/6/2007 7 58 PM crypt32 None 8 N/A HOMEError 7/6/2007 7 58 PM crypt32 None 8 N/A HOMEError 7/20/2007 2:58:09 PM Automatic LiveUpdate Scheduler (1) 101 Owner HOME Error 7/6/2007 7:08:09 PM crypt32 None 8 N/A HOME Error 7/6/2007 7:08:09 PM crypt32 None 8 N/A HOME Error 7/6/2007 7:08:09 PM crypt32 None 8 N/A HOME Error 7/6/2007 7:08:11 PM crypt32 None 8 N/A HOME Error 7/6/2007 7:08:11 PM crypt32 None 8 N/A HOME Error 7/6/2007 7:08:11 PM crypt32 None 8 N/A HOME Error 7/6/2007 7:08:15 PM crypt32 None 8 N/A HOME Error 7/6/2007 7:08:23 PM crypt32 None 8 N/A HOME Error 7/7/2007 11:11:35 AM Application Hang (101) 1002 N/A HOME Error 7/7/2007 11:11:35 AM Application Hang (101) 1002 N/A HOME Error 7/7/2007 11:11:35 AM Application Hang (101) 1002 N/A HOME Error 7/7/2007 11:11:42 AM Application Hang None 1001 N/A HOME Error 7/7/2007 11:11:50 AM Application Hang None 1001 N/A HOME Error 7/7/2007 11:11:51 AM Application Hang None 1001 N/A HOME Error 7/7/2007 11:44:55 AM Application Hang (101) 1002 N/A HOME Error 7/7/2007 11:54:52 AM Application Hang (101) 1002 N/A HOME Error 7/7/2007 11:58:06 AM Application Hang (101) 1002 N/A HOME Error 7/7/2007 12:22:13 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 12:22:25 PM Application Hang None 1001 N/A HOME Error 7/7/2007 12:26:37 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 12:33:56 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 12:34:00 PM Application Hang None 1001 N/A HOME Error 7/7/2007 2:30:26 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 2:33:47 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 2:33:52 PM Application Hang None 1001 N/A HOME Error 7/7/2007 2:37:21 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 2:37:26 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 2:39:15 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 2:39:18 PM Application Hang None 1001 N/A HOME Error 7/7/2007 2:40:42 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 2:40:51 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 2:40:51 PM Application Hang (101) 1002 N/A HOME Error 7/7/2007 11:07:30 PM Application Hang (101) 1002 N/A HOME Error 7/20/2007 12:44:14 AM Application Hang None 1001 N/A HOME Warning 7/5/2007 6:12:10 PM Userenv None 1517 SYSTEM HOME Warning 7/4/2007 8:03:29 PM Userenv None 1517 SYSTEM HOME Warning 7/21/2007 4:01:24 PM Userenv None 1517 SYSTEM HOME Warning 7/3/2007 11:21:41 AM Userenv None 1517 SYSTEM HOME Warning 6/21/2007 9:32:57 PM Userenv None 1517 SYSTEM HOME Warning 7/23/2007 12:36:24 AM Userenv None 1517 SYSTEM HOME Warning 7/8/2007 1:20:49 AM Userenv None 1517 SYSTEM HOME Warning 7/8/2007 10:18:51 AM Userenv None 1517 SYSTEM HOME Warning 7/8/2007 2:32:57 PM Userenv None 1517 SYSTEM HOME Warning 7/8/2007 9:44:50 PM Userenv None 1517 SYSTEM HOME Warning 7/9/2007 5:51:21 PM Userenv None 1517 SYSTEM HOME Warning 7/9/2007 10:19:25 PM Userenv None 1517 SYSTEM HOME Warning 7/10/2007 10:53:28 PM Userenv None 1517 SYSTEM HOME Warning 7/11/2007 9:44:36 AM Userenv None 1517 SYSTEM HOME Warning 7/11/2007 3:09:47 PM Userenv None 1517 SYSTEM HOME Warning 7/20/2007 1 13 PM Userenv None 1517 SYSTEM HOMEWarning 7/1/2007 3:41:57 PM Userenv None 1517 SYSTEM HOME Warning 7/12/2007 11:55:13 PM Userenv None 1517 SYSTEM HOME Warning 7/14/2007 12:57:52 AM Userenv None 1517 SYSTEM HOME Warning 7/14/2007 8:13:07 AM Userenv None 1517 SYSTEM HOME Warning 7/15/2007 3:12:12 PM Userenv None 1517 SYSTEM HOME Warning 7/15/2007 3:37:03 PM Userenv None 1517 SYSTEM HOME Warning 7/16/2007 4:19:35 PM Userenv None 1517 SYSTEM HOME Warning 7/16/2007 10:05:39 PM Userenv None 1517 SYSTEM HOME Warning 7/18/2007 11:46:12 PM Userenv None 1517 SYSTEM HOME Warning 6/24/2007 11:04:58 PM Userenv None 1517 SYSTEM HOME Warning 7/23/2007 12:47:10 AM Userenv None 1517 SYSTEM HOME Warning 6/23/2007 11:41:33 AM Userenv None 1517 SYSTEM HOME Warning 7/23/2007 1:00:07 AM Userenv None 1517 SYSTEM HOME Warning 6/23/2007 8 44 AM Userenv None 1517 SYSTEM HOMEWarning 7/23/2007 10:16:23 AM Userenv None 1517 SYSTEM HOME Warning 7/6/2007 10:37:12 AM Userenv None 1517 SYSTEM HOME Information 7/20/2007 2:09:48 AM ccSvcHst None 35 SYSTEM HOME Information 7/20/2007 2:09:48 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/20/2007 2:09:48 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/20/2007 2:09:48 AM ccSvcHst None 34 SYSTEM HOME Information 7/20/2007 2:09:48 AM SymAppCore None 0 N/A HOME Information 7/20/2007 2:09:34 AM ccSvcHst None 35 SYSTEM HOME Information 7/20/2007 2:09:33 AM ccSvcHst None 34 SYSTEM HOME Information 7/20/2007 2:09:33 AM ccSvcHst None 35 SYSTEM HOME Information 7/20/2007 2:09:33 AM ccSvcHst None 34 SYSTEM HOME Information 7/20/2007 1:35:00 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/20/2007 1:35:00 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/20/2007 1:24:21 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/20/2007 1:20:14 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/20/2007 1:19:09 AM Bonjour Service None 1 N/A HOME Information 7/20/2007 1:19:06 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/20/2007 1:19:06 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/20/2007 1:18:59 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/20/2007 1:18:59 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/20/2007 2:09:55 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/20/2007 2:09:55 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/20/2007 2:09:55 AM ccSvcHst None 34 SYSTEM HOME Information 7/20/2007 2:09:55 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 11:51:49 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 10:53:58 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 10:53:58 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 10:52:54 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 6:49:05 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 6:49:05 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 6:47:47 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 3:44:41 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 3:41:44 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 3:40:01 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 3:17:38 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 3:17:38 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 3:15:40 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 3:10:44 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 3:10:35 PM Bonjour Service None 1 N/A HOME Information 7/19/2007 3:10:34 PM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 3:10:34 PM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 3:10:34 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 3:10:34 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 3:10:28 PM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 3:10:27 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 3:10:27 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 3:10:27 PM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 3:10:27 PM SymAppCore None 0 N/A HOME Information 7/19/2007 3:10:27 PM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 3:10:26 PM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 3:10:26 PM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 3:10:25 PM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 2:33:32 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 2:32:26 PM Winlogon None 1002 N/A HOME Information 7/20/2007 2:09:59 AM Bonjour Service None 1 N/A HOME Information 7/20/2007 2:10:23 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/20/2007 2:14:57 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 11:44:17 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 11:44:17 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 11:43:11 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 11:38:09 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 11:38:09 AM Bonjour Service None 1 N/A HOME Information 7/19/2007 11:38:08 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 11:38:08 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 11:38:07 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 11:38:07 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 11:37:59 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 11:37:59 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 11:37:59 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 11:37:57 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 11:37:57 AM SymAppCore None 0 N/A HOME Information 7/19/2007 11:37:57 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 11:37:56 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 11:37:56 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 11:37:55 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 1:00:53 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 1:00:50 AM Bonjour Service None 1 N/A HOME Information 7/19/2007 1:00:50 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 1:00:50 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 1:00:49 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 1:00:49 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 1:00:39 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 1:00:39 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 1:00:39 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 1:00:38 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 1:00:38 AM SymAppCore None 0 N/A HOME Information 7/19/2007 1:00:38 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 1:00:38 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 1:00:38 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 1:00:37 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 12:58:00 AM Bonjour Service None 1 N/A HOME Information 7/19/2007 12:57:59 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 12:57:59 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 12:57:59 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 12:57:59 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/19/2007 12:57:52 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 12:57:51 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 12:57:51 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/19/2007 12:57:51 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 12:57:51 AM SymAppCore None 0 N/A HOME Information 7/19/2007 12:57:50 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 12:57:50 AM ccSvcHst None 34 SYSTEM HOME Information 7/19/2007 12:57:50 AM ccSvcHst None 35 SYSTEM HOME Information 7/19/2007 12:57:49 AM ccSvcHst None 34 SYSTEM HOME Information 7/20/2007 2:15:59 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 8:43:11 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 8:43:11 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 8:42:05 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 4:51:00 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 4:51:00 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 4:49:48 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 12:50:56 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 12:50:56 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 12:49:04 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 8:43:57 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 8:43:57 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 8:43:01 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 4:24:29 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 4:24:29 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 4:23:34 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 4:18:34 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 12:36:42 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 12:36:42 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/18/2007 12:35:48 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 8:31:59 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 8:31:59 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 8:30:53 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 5:00:47 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 5:00:47 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 4:58:47 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 4:54:04 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/17/2007 4:53:44 PM Bonjour Service None 1 N/A HOME Information 7/17/2007 4:53:43 PM ccSvcHst None 35 SYSTEM HOME Information 7/17/2007 4:53:43 PM ccSvcHst None 34 SYSTEM HOME Information 7/17/2007 4:53:43 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 4:53:43 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 4:53:36 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/17/2007 4:53:36 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/17/2007 4:53:36 PM ccSvcHst None 35 SYSTEM HOME Information 7/17/2007 4:53:36 PM ccSvcHst None 34 SYSTEM HOME Information 7/17/2007 4:53:36 PM SymAppCore None 0 N/A HOME Information 7/17/2007 4:53:35 PM ccSvcHst None 35 SYSTEM HOME Information 7/17/2007 4:53:35 PM ccSvcHst None 34 SYSTEM HOME Information 7/17/2007 4:53:35 PM ccSvcHst None 35 SYSTEM HOME Information 7/17/2007 4:53:34 PM ccSvcHst None 34 SYSTEM HOME Information 7/17/2007 5:55:45 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 5:55:45 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 5:54:51 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 2:13:14 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 2:13:14 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/17/2007 2:12:20 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 10:25:44 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/16/2007 10:08:30 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 10:08:30 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 10:07:12 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/20/2007 2:15:59 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 10:03:40 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/16/2007 6:37:06 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 6:37:06 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 6:35:40 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 6:30:39 PM Bonjour Service None 1 N/A HOME Information 7/16/2007 6:30:39 PM ccSvcHst None 35 SYSTEM HOME Information 7/16/2007 6:30:39 PM ccSvcHst None 34 SYSTEM HOME Information 7/16/2007 6:30:38 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 6:30:38 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 6:30:32 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/16/2007 6:30:32 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/16/2007 6:30:32 PM ccSvcHst None 35 SYSTEM HOME Information 7/16/2007 6:30:32 PM ccSvcHst None 34 SYSTEM HOME Information 7/16/2007 6:30:31 PM SymAppCore None 0 N/A HOME Information 7/16/2007 6:30:31 PM ccSvcHst None 35 SYSTEM HOME Information 7/16/2007 6:30:31 PM ccSvcHst None 34 SYSTEM HOME Information 7/16/2007 6:30:31 PM ccSvcHst None 35 SYSTEM HOME Information 7/16/2007 6:30:30 PM ccSvcHst None 34 SYSTEM HOME Information 7/16/2007 4:20:08 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/20/2007 5:46:05 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 3:41:38 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 3:41:38 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 3:40:38 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 12:10:30 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 12:10:30 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 12:08:02 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 12:03:01 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/16/2007 12:03:00 PM Bonjour Service None 1 N/A HOME Information 7/16/2007 12:02:59 PM ccSvcHst None 35 SYSTEM HOME Information 7/16/2007 12:02:59 PM ccSvcHst None 34 SYSTEM HOME Information 7/16/2007 12:02:59 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 12:02:59 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 12:02:50 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/16/2007 12:02:50 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/16/2007 12:02:50 PM ccSvcHst None 35 SYSTEM HOME Information 7/16/2007 12:02:50 PM ccSvcHst None 34 SYSTEM HOME Information 7/16/2007 12:02:50 PM SymAppCore None 0 N/A HOME Information 7/16/2007 12:02:49 PM ccSvcHst None 35 SYSTEM HOME Information 7/16/2007 12:02:49 PM ccSvcHst None 34 SYSTEM HOME Information 7/16/2007 12:02:49 PM ccSvcHst None 35 SYSTEM HOME Information 7/16/2007 12:02:49 PM ccSvcHst None 34 SYSTEM HOME Information 7/16/2007 11:26:30 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/16/2007 9:24:16 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 9:24:16 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 9:23:20 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 5:04:47 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 5:04:47 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 5:03:51 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 1:22:14 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 1:22:14 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/16/2007 1:21:02 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 11:58:19 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/15/2007 9:17:08 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 9:17:08 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 9:16:22 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/15/2007 9:15:44 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/20/2007 5:46:57 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 3:19:56 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 3:19:56 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 3:18:46 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 3:14:11 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/15/2007 3:13:43 PM Bonjour Service None 1 N/A HOME Information 7/15/2007 3:13:43 PM ccSvcHst None 35 SYSTEM HOME Information 7/15/2007 3:13:43 PM ccSvcHst None 34 SYSTEM HOME Information 7/15/2007 3:13:43 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 3:13:43 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 3:13:35 PM ccSvcHst None 35 SYSTEM HOME Information 7/15/2007 3:13:35 PM ccSvcHst None 34 SYSTEM HOME Information 7/15/2007 3:13:35 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/15/2007 3:13:35 PM LiveUpdate Notice Service None 0 N/A HOME Information 7/15/2007 3:13:34 PM SymAppCore None 0 N/A HOME Information 7/15/2007 3:13:33 PM ccSvcHst None 35 SYSTEM HOME Information 7/15/2007 3:13:33 PM ccSvcHst None 34 SYSTEM HOME Information 7/15/2007 3:13:33 PM ccSvcHst None 35 SYSTEM HOME Information 7/15/2007 3:13:32 PM ccSvcHst None 34 SYSTEM HOME Information 7/20/2007 5:46:57 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 3:12:09 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 3:12:09 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/15/2007 3:09:59 PM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/14/2007 8:59:43 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/14/2007 8:59:43 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/14/2007 8:58:33 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/14/2007 8:53:59 AM LiveUpdate Notice Service None 0 N/A HOME Information 7/14/2007 8:53:29 AM Bonjour Service None 1 N/A HOME Information 7/14/2007 8:53:29 AM ccSvcHst None 35 SYSTEM HOME Information 7/14/2007 8:53:29 AM ccSvcHst None 34 SYSTEM HOME Information 7/14/2007 8:53:29 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/14/2007 8:53:29 AM Automatic LiveUpdate Scheduler (1) 101 SYSTEM HOME Information 7/14/2007 8:53:22 AM ccSvcHst None 35 SYSTEM HOME Information 7/14/2007 8:53:22 AM ccSvcHst None 34 SYSTEM HOME This is the system: Type Date Time Source Category Event User Computer Error 4/11/2007 8:43:43 AM DCOM None 10010 SYSTEM HOME Error 4/12/2007 1:50:53 PM DCOM None 10010 SYSTEM HOME Error 4/13/2007 5:40:33 PM DCOM None 10010 SYSTEM HOME Error 4/14/2007 8:00:01 PM DCOM None 10010 SYSTEM HOME Error 4/15/2007 8:30:31 PM DCOM None 10010 SYSTEM HOME Error 4/16/2007 9:30:33 PM DCOM None 10010 SYSTEM HOME Error 4/17/2007 9:39:14 PM DCOM None 10010 SYSTEM HOME Error 4/19/2007 1:41:26 AM DCOM None 10010 SYSTEM HOME Error 4/20/2007 2:31:28 AM DCOM None 10010 SYSTEM HOME Error 4/21/2007 3:15:42 AM DCOM None 10010 SYSTEM HOME Error 4/22/2007 3:41:07 AM DCOM None 10010 SYSTEM HOME Error 4/22/2007 9:15:30 PM W32Time None 17 N/A HOME Error 4/22/2007 9:15:30 PM W32Time None 29 N/A HOME Error 4/22/2007 9:15:47 PM W32Time None 17 N/A HOME Error 4/22/2007 9:15:47 PM W32Time None 29 N/A HOME Error 4/22/2007 9:30:46 PM W32Time None 17 N/A HOME Error 4/22/2007 9:30:46 PM W32Time None 29 N/A HOME Error 4/22/2007 10:00:46 PM W32Time None 17 N/A HOME Error 4/22/2007 10:00:46 PM W32Time None 29 N/A HOME Error 4/22/2007 11:00:47 PM W32Time None 17 N/A HOME Error 4/22/2007 11:00:47 PM W32Time None 29 N/A HOME Error 4/23/2007 1:00:47 AM W32Time None 17 N/A HOME Error 4/23/2007 1:00:47 AM W32Time None 29 N/A HOME Error 4/23/2007 4:19:12 AM DCOM None 10010 SYSTEM HOME Error 4/23/2007 5:00:47 AM W32Time None 17 N/A HOME Error 4/23/2007 5:00:47 AM W32Time None 29 N/A HOME Error 4/23/2007 1:00:47 PM W32Time None 17 N/A HOME Error 4/23/2007 1:00:47 PM W32Time None 29 N/A HOME Error 4/24/2007 5:00:47 AM W32Time None 17 N/A HOME Error 4/24/2007 5:00:47 AM W32Time None 29 N/A HOME Error 4/24/2007 5:19:11 AM DCOM None 10010 SYSTEM HOME Error 4/24/2007 9:00:47 PM W32Time None 17 N/A HOME Error 4/24/2007 9:00:47 PM W32Time None 29 N/A HOME Error 4/24/2007 9:21:42 PM Windows Update Agent Software Sync 16 N/A HOME Error 4/25/2007 5:20:16 AM DCOM None 10010 SYSTEM HOME Error 4/25/2007 1:00:48 PM W32Time None 17 N/A HOME Error 4/25/2007 1:00:48 PM W32Time None 29 N/A HOME Error 4/26/2007 5:00:48 AM W32Time None 17 N/A HOME Error 4/26/2007 5:00:48 AM W32Time None 29 N/A HOME Error 4/26/2007 6:19:11 AM DCOM None 10010 SYSTEM HOME Error 4/26/2007 7:49:36 AM W32Time None 17 N/A HOME Error 4/26/2007 7:49:36 AM W32Time None 29 N/A HOME Error 4/26/2007 7:49:51 AM W32Time None 17 N/A HOME Error 4/26/2007 7:49:51 AM W32Time None 29 N/A HOME Error 4/26/2007 8:04:51 AM W32Time None 17 N/A HOME Error 4/26/2007 8:04:51 AM W32Time None 29 N/A HOME Error 4/26/2007 8:34:52 AM W32Time None 17 N/A HOME Error 4/26/2007 8:34:52 AM W32Time None 29 N/A HOME Error 4/26/2007 9:34:52 AM W32Time None 17 N/A HOME Error 4/26/2007 9:34:52 AM W32Time None 29 N/A HOME Error 4/26/2007 11:34:52 AM W32Time None 17 N/A HOME Error 4/26/2007 11:34:52 AM W32Time None 29 N/A HOME Error 4/26/2007 3:34:52 PM W32Time None 17 N/A HOME Error 4/26/2007 3:34:52 PM W32Time None 29 N/A HOME Error 4/26/2007 9:21:42 PM Windows Update Agent Software Sync 16 N/A HOME Error 4/26/2007 11:34:52 PM W32Time None 17 N/A HOME Error 4/26/2007 11:34:52 PM W32Time None 29 N/A HOME Error 4/27/2007 6:53:13 AM DCOM None 10010 SYSTEM HOME Error 4/27/2007 3:34:52 PM W32Time None 17 N/A HOME Error 4/27/2007 3:34:52 PM W32Time None 29 N/A HOME Error 4/28/2007 7:34:52 AM W32Time None 17 N/A HOME Error 4/28/2007 7:34:52 AM W32Time None 29 N/A HOME Error 4/28/2007 7:53:13 AM DCOM None 10010 SYSTEM HOME Error 4/28/2007 6:37:55 PM DCOM None 10005 SYSTEM HOME Error 4/28/2007 9:21:42 PM Windows Update Agent Software Sync 16 N/A HOME Error 4/28/2007 11:34:52 PM W32Time None 17 N/A HOME Error 4/28/2007 11:34:52 PM W32Time None 29 N/A HOME Error 4/29/2007 8:39:29 AM DCOM None 10005 SYSTEM HOME Error 4/29/2007 8:53:13 AM DCOM None 10010 SYSTEM HOME Error 4/29/2007 3:34:53 PM W32Time None 17 N/A HOME Error 4/29/2007 3:34:53 PM W32Time None 29 N/A HOME Error 4/29/2007 7:47:08 PM DCOM None 10005 SYSTEM HOME Error 4/29/2007 11:38:37 PM DCOM None 10010 Owner HOME Error 4/30/2007 7:34:53 AM W32Time None 17 N/A HOME Error 4/30/2007 7:34:53 AM W32Time None 29 N/A HOME Error 4/30/2007 8:54:18 AM DCOM None 10010 SYSTEM HOME Error 4/30/2007 4:43:35 PM DCOM None 10005 SYSTEM HOME Error 4/30/2007 9:21:44 PM Windows Update Agent Software Sync 16 N/A HOME Error 4/30/2007 11:34:54 PM W32Time None 17 N/A HOME Error 4/30/2007 11:34:54 PM W32Time None 29 N/A HOME Error 5/1/2007 4:34:13 AM DCOM None 10005 SYSTEM HOME Error 5/1/2007 6:14:05 AM DCOM None 10005 SYSTEM HOME Error 5/1/2007 8:58:19 AM DCOM None 10010 SYSTEM HOME Error 5/1/2007 3:34:54 PM W32Time None 17 N/A HOME Error 5/1/2007 3:34:54 PM W32Time None 29 N/A HOME Error 5/1/2007 5:23:07 PM Dhcp None 1002 N/A HOME Error 5/1/2007 5:23:26 PM W32Time None 17 N/A HOME Error 5/1/2007 5:23:26 PM W32Time None 29 N/A HOME Error 5/1/2007 5:38:26 PM W32Time None 17 N/A HOME Error 5/1/2007 5:38:26 PM W32Time None 29 N/A HOME Error 5/1/2007 6:08:26 PM W32Time None 17 N/A HOME Error 5/1/2007 6:08:26 PM W32Time None 29 N/A HOME Error 5/1/2007 7:08:26 PM W32Time None 17 N/A HOME Error 5/1/2007 7:08:26 PM W32Time None 29 N/A HOME Error 5/1/2007 9:08:26 PM W32Time None 17 N/A HOME Error 5/1/2007 9:08:26 PM W32Time None 29 N/A HOME Error 5/2/2007 1:08:26 AM W32Time None 17 N/A HOME Error 5/2/2007 1:08:26 AM W32Time None 29 N/A HOME Error 5/2/2007 9:08:26 AM W32Time None 17 N/A HOME Error 5/2/2007 9:08:26 AM W32Time None 29 N/A HOME Error 5/2/2007 9:53:13 AM DCOM None 10010 SYSTEM HOME Error 5/2/2007 9:21:43 PM Windows Update Agent Software Sync 16 N/A HOME Error 5/3/2007 1:08:27 AM W32Time None 17 N/A HOME Error 5/3/2007 1:08:27 AM W32Time None 29 N/A HOME Error 5/3/2007 5:43:20 AM DCOM None 10005 SYSTEM HOME Error 5/3/2007 8:00:11 AM W32Time None 17 N/A HOME Error 5/3/2007 8:00:11 AM W32Time None 29 N/A HOME Error 5/3/2007 8:00:14 AM W32Time None 17 N/A HOME Error 5/3/2007 8:00:14 AM W32Time None 29 N/A HOME Error 5/3/2007 8:00:17 AM W32Time None 17 N/A HOME Error 5/3/2007 8:00:17 AM W32Time None 29 N/A HOME Error 5/3/2007 8:00:34 AM W32Time None 17 N/A HOME Error 5/3/2007 8:00:34 AM W32Time None 29 N/A HOME Error 5/3/2007 8:08:48 AM Dhcp None 1002 N/A HOME Error 5/3/2007 8:09:06 AM W32Time None 17 N/A HOME Error 5/3/2007 8:09:06 AM W32Time None 29 N/A HOME Error 5/3/2007 8:24:06 AM W32Time None 17 N/A HOME Error 5/3/2007 8:24:06 AM W32Time None 29 N/A HOME Error 5/3/2007 8:49:12 AM Dhcp None 1002 N/A HOME Error 5/3/2007 8:49:44 AM W32Time None 17 N/A HOME Error 5/3/2007 8:49:44 AM W32Time None 29 N/A HOME Error 5/3/2007 8:49:59 AM W32Time None 17 N/A HOME Error 5/3/2007 8:49:59 AM W32Time None 29 N/A HOME Error 5/3/2007 9:04:59 AM W32Time None 17 N/A HOME Error 5/3/2007 9:04:59 AM W32Time None 29 N/A HOME Error 5/3/2007 9:34:59 AM W32Time None 17 N/A HOME Error 5/3/2007 9:34:59 AM W32Time None 29 N/A HOME Error 5/3/2007 11:00:16 AM SideBySide None 32 N/A HOME Error 5/3/2007 11:00:16 AM SideBySide None 59 N/A HOME Error 5/3/2007 11:00:16 AM SideBySide None 59 N/A HOME Error 5/3/2007 11:00:16 AM SideBySide None 32 N/A HOME Error 5/3/2007 11:00:16 AM SideBySide None 59 N/A HOME Error 5/3/2007 11:00:16 AM SideBySide None 59 N/A HOME Error 5/3/2007 11:01:35 AM SideBySide None 32 N/A HOME Error 5/3/2007 11:01:35 AM SideBySide None 59 N/A HOME Error 5/3/2007 11:01:35 AM SideBySide None 59 N/A HOME Error 5/3/2007 11:01:35 AM SideBySide None 32 N/A HOME Error 5/3/2007 11:01:35 AM SideBySide None 59 N/A HOME Error 5/3/2007 11:01:35 AM SideBySide None 59 N/A HOME Error 5/3/2007 11:27:49 AM DCOM None 10010 SYSTEM HOME Error 5/4/2007 12:05:45 PM DCOM None 10010 SYSTEM HOME Error 5/5/2007 1 50 PM DCOM None 10010 SYSTEM HOMEError 5/6/2007 1:57:42 AM Dhcp None 1002 N/A HOME Error 5/6/2007 8:31:54 AM Dhcp None 1002 N/A HOME Error 5/6/2007 2 40 PM DCOM None 10010 SYSTEM HOMEError 5/7/2007 4:23:00 AM DCOM None 10005 SYSTEM HOME Error 5/7/2007 2:14:59 PM DCOM None 10010 SYSTEM HOME Error 5/8/2007 2:30:47 PM DCOM None 10010 SYSTEM HOME Error 5/9/2007 3:14:12 PM DCOM None 10010 SYSTEM HOME Error 5/10/2007 3:15:16 PM DCOM None 10010 SYSTEM HOME Error 5/11/2007 4:14:11 PM DCOM None 10010 SYSTEM HOME Error 5/12/2007 9:15:15 AM DCOM None 10005 SYSTEM HOME Error 5/12/2007 11:21:25 AM cdrom None 7 N/A HOME Error 5/12/2007 11:21:37 AM cdrom None 7 N/A HOME Error 5/12/2007 11:21:45 AM cdrom None 7 N/A HOME Error 5/12/2007 11:21:53 AM cdrom None 7 N/A HOME Error 5/12/2007 11:21:57 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:01 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:09 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:13 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:17 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:21 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:25 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:29 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:33 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:37 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:41 AM cdrom None 7 N/A HOME Error 5/12/2007 11:22:45 AM cdrom None 7 N/A HOME Error 5/12/2007 4:20:48 PM DCOM None 10010 SYSTEM HOME Error 5/13/2007 5:20:48 PM DCOM None 10010 SYSTEM HOME Error 5/14/2007 12:51:53 AM Dhcp None 1002 N/A HOME Error 5/14/2007 2:02:57 PM Dhcp None 1002 N/A HOME Error 5/14/2007 2:03:16 PM W32Time None 17 N/A HOME Error 5/14/2007 2:03:16 PM W32Time None 29 N/A HOME Error 5/14/2007 2:18:16 PM W32Time None 17 N/A HOME Error 5/14/2007 2:18:16 PM W32Time None 29 N/A HOME Error 5/15/2007 12:02:12 AM W32Time None 17 N/A HOME Error 5/15/2007 12:02:12 AM W32Time None 29 N/A HOME Error 5/15/2007 2:31:13 AM DCOM None 10010 SYSTEM HOME Error 5/16/2007 3:05:47 AM DCOM None 10010 SYSTEM HOME Error 5/17/2007 12:30:19 AM Dhcp None 1002 N/A HOME Error 5/17/2007 7:25:21 AM Dhcp None 1002 N/A HOME Error 5/17/2007 3:51:37 PM Dhcp None 1002 N/A HOME Error 5/17/2007 4:17:04 PM DCOM None 10010 SYSTEM HOME Error 5/18/2007 12:29:24 PM Dhcp None 1002 N/A HOME Error 5/18/2007 4:33:36 PM DCOM None 10010 SYSTEM HOME Error 5/19/2007 5:30:12 PM cdrom None 7 N/A HOME Error 5/19/2007 5:30:19 PM cdrom None 7 N/A HOME Error 5/19/2007 5:30:26 PM cdrom None 7 N/A HOME Error 5/19/2007 5:30:32 PM cdrom None 7 N/A HOME Error 5/19/2007 5:30:37 PM cdrom None 7 N/A HOME Error 5/19/2007 5:30:45 PM cdrom None 7 N/A HOME Error 5/19/2007 5:30:50 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:00 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:04 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:10 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:14 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:18 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:22 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:28 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:31 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:34 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:37 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:40 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:43 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:46 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:49 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:54 PM cdrom None 7 N/A HOME Error 5/19/2007 5:31:58 PM cdrom None 7 N/A HOME Error 5/19/2007 5:32:01 PM cdrom None 7 N/A HOME Error 5/19/2007 5:32:04 PM cdrom None 7 N/A HOME Error 5/19/2007 5:32:07 PM cdrom None 7 N/A HOME Error 5/19/2007 5:32:10 PM cdrom None 7 N/A HOME Error 5/19/2007 5:32:15 PM cdrom None 7 N/A HOME Error 5/19/2007 5:32:21 PM cdrom None 7 N/A HOME Error 5/19/2007 5:32:23 PM cdrom None 7 N/A HOME Error 5/19/2007 6:05:15 PM DCOM None 10010 SYSTEM HOME Error 5/20/2007 6:33:36 PM DCOM None 10010 SYSTEM HOME Error 5/22/2007 2:08:10 AM DCOM None 10010 SYSTEM HOME Error 5/22/2007 9:58:10 PM cdrom None 7 N/A HOME Error 5/22/2007 9:58:14 PM cdrom None 7 N/A HOME Error 5/22/2007 9:58:18 PM cdrom None 7 N/A HOME Error 5/22/2007 9:58:21 PM cdrom None 7 N/A HOME Error 5/22/2007 9:58:30 PM cdrom None 7 N/A HOME Error 5/22/2007 9:58:34 PM cdrom None 7 N/A HOME Error 5/22/2007 9:58:37 PM cdrom None 7 N/A HOME Error 5/22/2007 9:58:41 PM cdrom None 7 N/A HOME Error 5/22/2007 9:58:45 PM cdrom None 7 N/A HOME Error 5/22/2007 9:58:57 PM cdrom None 7 N/A HOME Error 5/22/2007 9:59:01 PM cdrom None 7 N/A HOME Error 5/23/2007 2:51:09 AM DCOM None 10010 SYSTEM HOME Error 5/24/2007 3:16:56 AM DCOM None 10010 SYSTEM HOME Error 5/25/2007 1:29:25 PM DCOM None 10010 SYSTEM HOME Error 5/26/2007 1:37:13 PM DCOM None 10010 SYSTEM HOME Error 5/27/2007 2:36:48 PM DCOM None 10010 SYSTEM HOME Error 5/28/2007 3:55:59 PM DCOM None 10010 SYSTEM HOME Error 5/29/2007 5:44:20 PM DCOM None 10010 SYSTEM HOME Error 5/30/2007 8:20:34 PM Dhcp None 1002 N/A HOME Error 5/30/2007 8:40:02 PM DCOM None 10010 SYSTEM HOME Error 6/1/2007 12:42:22 AM DCOM None 10010 SYSTEM HOME Error 6/1/2007 8:24:12 PM Dhcp None 1002 N/A HOME Error 6/2/2007 12:15:53 PM DCOM None 10010 SYSTEM HOME Error 6/2/2007 8:33:18 PM Dhcp None 1002 N/A HOME Error 6/3/2007 6:01:13 PM DCOM None 10010 SYSTEM HOME Error 6/4/2007 6:27:11 PM DCOM None 10010 SYSTEM HOME Error 6/5/2007 12:05:15 AM W32Time None 17 N/A HOME Error 6/5/2007 12:05:15 AM W32Time None 29 N/A HOME Error 6/5/2007 12:20:15 AM W32Time None 17 N/A HOME Error 6/5/2007 12:20:15 AM W32Time None 29 N/A HOME Error 6/5/2007 12:50:15 AM W32Time None 17 N/A HOME Error 6/5/2007 12:50:15 AM W32Time None 29 N/A HOME Error 6/5/2007 8:51:47 PM DCOM None 10010 SYSTEM HOME Error 6/6/2007 8:04:44 AM W32Time None 17 N/A HOME Error 6/6/2007 8:04:44 AM W32Time None 29 N/A HOME Error 6/6/2007 8:05:01 AM W32Time None 17 N/A HOME Error 6/6/2007 8:05:01 AM W32Time None 29 N/A HOME Error 6/6/2007 8:20:01 AM W32Time None 17 N/A HOME Error 6/6/2007 8:20:01 AM W32Time None 29 N/A HOME Error 6/6/2007 8:50:01 AM W32Time None 17 N/A HOME Error 6/6/2007 8:50:01 AM W32Time None 29 N/A HOME Error 6/6/2007 9:50:01 AM W32Time None 17 N/A HOME Error 6/6/2007 9:50:01 AM W32Time None 29 N/A HOME Error 6/6/2007 11:50:01 AM W32Time None 17 N/A HOME Error 6/6/2007 11:50:01 AM W32Time None 29 N/A HOME Error 6/6/2007 3:50:01 PM W32Time None 17 N/A HOME Error 6/6/2007 3:50:01 PM W32Time None 29 N/A HOME Error 6/6/2007 9:08:29 PM DCOM None 10010 SYSTEM HOME Error 6/6/2007 11:50:01 PM W32Time None 17 N/A HOME Error 6/6/2007 11:50:01 PM W32Time None 29 N/A HOME Error 6/8/2007 9:56:32 PM Dhcp None 1002 N/A HOME Error 6/9/2007 5:58:54 PM DCOM None 10010 SYSTEM HOME Error 6/10/2007 6 57 PM DCOM None 10010 SYSTEM HOMEError 6/11/2007 6:21:55 PM DCOM None 10010 SYSTEM HOME Error 6/12/2007 6:32:49 PM DCOM None 10010 SYSTEM HOME Error 6/14/2007 12:53:35 PM DCOM None 10010 SYSTEM HOME Error 6/15/2007 12:17:00 PM SRTSPL None 33 N/A HOME Error 6/15/2007 2:46:54 PM DCOM None 10010 SYSTEM HOME Error 6/16/2007 4:49:55 PM DCOM None 10010 SYSTEM HOME Error 6/17/2007 6 40 PM DCOM None 10010 SYSTEM HOMEError 6/18/2007 10:46:20 PM Dhcp None 1002 N/A HOME Error 6/18/2007 11:08:34 PM DCOM None 10010 SYSTEM HOME Error 6/19/2007 11:45:05 PM DCOM None 10010 SYSTEM HOME Error 6/21/2007 12:24:53 AM DCOM None 10010 SYSTEM HOME Error 6/21/2007 11:00:15 PM W32Time None 17 N/A HOME Error 6/21/2007 11:00:15 PM W32Time None 29 N/A HOME Error 6/21/2007 11:15:15 PM W32Time None 17 N/A HOME Error 6/21/2007 11:15:15 PM W32Time None 29 N/A HOME Error 6/21/2007 11:45:15 PM W32Time None 17 N/A HOME Error 6/21/2007 11:45:15 PM W32Time None 29 N/A HOME Error 6/22/2007 12:29:35 AM DCOM None 10010 SYSTEM HOME Error 6/22/2007 12:45:15 AM W32Time None 17 N/A HOME Error 6/22/2007 12:45:15 AM W32Time None 29 N/A HOME Error 6/22/2007 2:45:15 AM W32Time None 17 N/A HOME Error 6/22/2007 2:45:15 AM W32Time None 29 N/A HOME Error 6/22/2007 6:45:15 AM W32Time None 17 N/A HOME Error 6/22/2007 6:45:15 AM W32Time None 29 N/A HOME Error 6/22/2007 2:45:15 PM W32Time None 17 N/A HOME Error 6/22/2007 2:45:15 PM W32Time None 29 N/A HOME Error 6/23/2007 7:50:12 AM W32Time None 17 N/A HOME Error 6/23/2007 7:50:12 AM W32Time None 29 N/A HOME Error 6/23/2007 7:50:28 AM W32Time None 17 N/A HOME Error 6/23/2007 7:50:28 AM W32Time None 29 N/A HOME Error 6/23/2007 8:05:29 AM W32Time None 17 N/A HOME Error 6/23/2007 8:05:29 AM W32Time None 29 N/A HOME Error 6/23/2007 11:39:20 AM Dhcp None 1002 N/A HOME Error 6/23/2007 11:39:47 AM W32Time None 17 N/A HOME Error 6/23/2007 11:39:47 AM W32Time None 29 N/A HOME Error 6/23/2007 11:40:02 AM W32Time None 17 N/A HOME Error 6/23/2007 11:40:02 AM W32Time None 29 N/A HOME Error 6/24/2007 10:20:16 PM W32Time None 17 N/A HOME Error 6/24/2007 10:20:16 PM W32Time None 29 N/A HOME Error 6/24/2007 10:20:31 PM W32Time None 17 N/A HOME Error 6/24/2007 10:20:31 PM W32Time None 29 N/A HOME Error 6/24/2007 10:28:40 PM Windows Update Agent Software Sync 16 N/A HOME Error 6/24/2007 10:35:32 PM W32Time None 17 N/A HOME Error 6/24/2007 10:35:32 PM W32Time None 29 N/A HOME Error 6/24/2007 11:05:32 PM W32Time None 17 N/A HOME Error 6/24/2007 11:05:32 PM W32Time None 29 N/A HOME Error 6/24/2007 11:30:07 PM DCOM None 10010 SYSTEM HOME Error 6/25/2007 12:05:32 AM W32Time None 17 N/A HOME Error 6/25/2007 12:05:32 AM W32Time None 29 N/A HOME Error 6/25/2007 2:05:32 AM W32Time None 17 N/A HOME Error 6/25/2007 2:05:32 AM W32Time None 29 N/A HOME Error 6/25/2007 6:05:32 AM W32Time None 17 N/A HOME Error 6/25/2007 6:05:32 AM W32Time None 29 N/A HOME Error 6/25/2007 2:05:32 PM W32Time None 17 N/A HOME Error 6/25/2007 2:05:32 PM W32Time None 29 N/A HOME Error 6/26/2007 12:24:01 AM DCOM None 10010 SYSTEM HOME Error 6/26/2007 6:05:32 AM W32Time None 17 N/A HOME Error 6/26/2007 6:05:32 AM W32Time None 29 N/A HOME Error 6/27/2007 1:23:57 AM DCOM None 10010 SYSTEM HOME Error 6/28/2007 1:33:34 AM DCOM None 10010 SYSTEM HOME Error 6/29/2007 2:23:57 AM DCOM None 10010 SYSTEM HOME Error 6/30/2007 3:23:57 AM DCOM None 10010 SYSTEM HOME Error 6/30/2007 9:29:18 AM Dhcp None 1002 N/A HOME Error 7/1/2007 1:10:21 PM DCOM None 10010 SYSTEM HOME Error 7/2/2007 1:24:18 PM DCOM None 10010 SYSTEM HOME Error 7/2/2007 10:03:19 PM Dhcp None 1002 N/A HOME Error 7/2/2007 10:04:12 PM Dhcp None 1002 N/A HOME Error 7/3/2007 9:57:18 AM Dhcp None 1002 N/A HOME Error 7/3/2007 1:51:32 PM DCOM None 10010 SYSTEM HOME Error 7/4/2007 2:35:03 PM DCOM None 10010 SYSTEM HOME Error 7/4/2007 7:37:04 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:07 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:11 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:19 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:26 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:30 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:35 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:39 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:44 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:48 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:52 PM cdrom None 7 N/A HOME Error 7/4/2007 7:38:56 PM cdrom None 7 N/A HOME Error 7/4/2007 7:39:04 PM cdrom None 7 N/A HOME Error 7/4/2007 7:39:08 PM cdrom None 7 N/A HOME Error 7/4/2007 7:39:14 PM cdrom None 7 N/A HOME Error 7/4/2007 7:39:18 PM cdrom None 7 N/A HOME Error 7/4/2007 7:39:22 PM cdrom None 7 N/A HOME Error 7/4/2007 7:39:26 PM cdrom None 7 N/A HOME Error 7/4/2007 7:51:48 PM cdrom None 7 N/A HOME Error 7/4/2007 7:51:52 PM cdrom None 7 N/A HOME Error 7/4/2007 7:51:56 PM cdrom None 7 N/A HOME Error 7/4/2007 7:52:36 PM cdrom None 7 N/A HOME Error 7/4/2007 7:52:40 PM cdrom None 7 N/A HOME Error 7/4/2007 7:52:44 PM cdrom None 7 N/A HOME Error 7/4/2007 7:53:00 PM cdrom None 7 N/A HOME Error 7/4/2007 7:53:04 PM cdrom None 7 N/A HOME Error 7/4/2007 7:53:08 PM cdrom None 7 N/A HOME Error 7/4/2007 7:53:12 PM cdrom None 7 N/A HOME Error 7/4/2007 7:53:20 PM cdrom None 7 N/A HOME Error 7/4/2007 7:53:24 PM cdrom None 7 N/A HOME Error 7/4/2007 7:53:32 PM cdrom None 7 N/A HOME Error 7/4/2007 7:53:36 PM cdrom None 7 N/A HOME Error 7/4/2007 7:53:39 PM cdrom None 7 N/A HOME Error 7/4/2007 7:53:43 PM cdrom None 7 N/A HOME Error 7/4/2007 8:02:30 PM cdrom None 7 N/A HOME Error 7/4/2007 8:02:34 PM cdrom None 7 N/A HOME Error 7/4/2007 8:02:38 PM cdrom None 7 N/A HOME Error 7/4/2007 8:02:47 PM cdrom None 7 N/A HOME Error 7/4/2007 8:02:50 PM cdrom None 7 N/A HOME Error 7/4/2007 8:02:54 PM cdrom None 7 N/A HOME Error 7/4/2007 8:02:58 PM cdrom None 7 N/A HOME Error 7/4/2007 8:03:02 PM cdrom None 7 N/A HOME Error 7/4/2007 8:03:06 PM cdrom None 7 N/A HOME Error 7/4/2007 8:03:10 PM cdrom None 7 N/A HOME Error 7/4/2007 8:03:14 PM cdrom None 7 N/A HOME Error 7/6/2007 10:53:15 AM DCOM None 10010 SYSTEM HOME Error 7/6/2007 7:00:12 PM Dhcp None 1002 N/A HOME Error 7/6/2007 7:00:35 PM Dhcp None 1002 N/A HOME Error 7/6/2007 7:00:59 PM Dhcp None 1002 N/A HOME Error 7/6/2007 7:01:27 PM Dhcp None 1002 N/A HOME Error 7/6/2007 7:09:50 PM Dhcp None 1002 N/A HOME Error 7/6/2007 7:21:03 PM Dhcp None 1002 N/A HOME Error 7/6/2007 7:31:21 PM Server None 2505 N/A HOME Error 7/6/2007 10:13:54 PM Dhcp None 1002 N/A HOME Error 7/7/2007 12:39:04 PM Dhcp None 1002 N/A HOME Error 7/7/2007 2:02:55 PM DCOM None 10010 SYSTEM HOME Error 7/8/2007 2:25:17 PM DCOM None 10010 SYSTEM HOME Error 7/9/2007 3:25:51 PM DCOM None 10010 SYSTEM HOME Error 7/10/2007 4:26:22 PM DCOM None 10010 SYSTEM HOME Error 7/11/2007 4:35:21 PM DCOM None 10010 SYSTEM HOME Error 7/12/2007 5:31:16 PM DCOM None 10010 SYSTEM HOME Error 7/13/2007 10:09:14 AM Dhcp None 1002 N/A HOME Error 7/13/2007 5:45:54 PM DCOM None 10010 SYSTEM HOME Error 7/15/2007 3:13:29 PM Dhcp None 1002 N/A HOME Error 7/16/2007 2:41:11 AM DCOM None 10010 SYSTEM HOME Error 7/17/2007 3:34:39 AM DCOM None 10010 SYSTEM HOME Error 7/17/2007 4:53:32 PM Dhcp None 1002 N/A HOME Error 7/18/2007 3:57:45 AM DCOM None 10010 SYSTEM HOME Error 7/19/2007 1:12:20 PM DCOM None 10010 SYSTEM HOME Error 7/20/2007 1:14:01 PM DCOM None 10005 SYSTEM HOME Error 7/20/2007 1:16:06 PM DCOM None 10005 SYSTEM HOME Error 7/20/2007 1:54:33 PM DCOM None 10010 SYSTEM HOME Error 7/21/2007 5:15:36 PM DCOM None 10010 SYSTEM HOME Error 7/21/2007 11:38:41 PM Dhcp None 1002 N/A HOME Error 7/22/2007 5:55:28 PM DCOM None 10010 SYSTEM HOME Warning 4/9/2007 10:30:47 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:30:47 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:30:47 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:30:47 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:30:47 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:30:47 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:30:47 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:30:47 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:30:47 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:30:47 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:39 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:39 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:43:43 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 256 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:44:07 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 10:51:38 PM PlugPlayManager None 257 N/A HOME Warning 4/9/2007 11:22:15 PM W32Time None 36 N/A HOME Warning 4/10/2007 7:51:48 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:48 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:48 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:48 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:51:58 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:52:01 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:52:01 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:52:01 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:52:01 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 7:52:01 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 9:44:41 PM Tcpip None 4226 N/A HOME Warning 4/10/2007 10:32:07 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:07 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:12 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:13 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:16 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:17 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:27 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:28 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME Warning 4/10/2007 10:32:32 PM PlugPlayManager None 257 N/A HOME |
|
|
|
|
07-23-2007, 11:59 AM
|
#18 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 17
OS: Windows xp
|
Re: Help I have virus's
Here is a couple of events that happened
Event Type: Error Event Source: Application Hang Event Category: (101) Event ID: 1002 Date: 6/21/2007 Time: 6:26:25 PM User: N/A Computer: HOME Description: Hanging application iexplore.exe, version 7.0.6000.16473, hang module hungapp, version 0.0.0.0, hang address 0x00000000. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 48 61 6e 67 ion Hang 0010: 20 20 69 65 78 70 6c 6f iexplo 0018: 72 65 2e 65 78 65 20 37 re.exe 7 0020: 2e 30 2e 36 30 30 30 2e .0.6000. 0028: 31 36 34 37 33 20 69 6e 16473 in 0030: 20 68 75 6e 67 61 70 70 hungapp 0038: 20 30 2e 30 2e 30 2e 30 0.0.0.0 0040: 20 61 74 20 6f 66 66 73 at offs 0048: 65 74 20 30 30 30 30 30 et 00000 0050: 30 30 30 000 Event Type: Error Event Source: Application Hang Event Category: (101) Event ID: 1002 Date: 6/21/2007 Time: 11:29:38 PM User: N/A Computer: HOME Description: Hanging application iexplore.exe, version 7.0.6000.16473, hang module hungapp, version 0.0.0.0, hang address 0x00000000. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 48 61 6e 67 ion Hang 0010: 20 20 69 65 78 70 6c 6f iexplo 0018: 72 65 2e 65 78 65 20 37 re.exe 7 0020: 2e 30 2e 36 30 30 30 2e .0.6000. 0028: 31 36 34 37 33 20 69 6e 16473 in 0030: 20 68 75 6e 67 61 70 70 hungapp 0038: 20 30 2e 30 2e 30 2e 30 0.0.0.0 0040: 20 61 74 20 6f 66 66 73 at offs 0048: 65 74 20 30 30 30 30 30 et 00000 0050: 30 30 30 000 Event Type: Error Event Source: Application Hang Event Category: (101) Event ID: 1002 Date: 7/20/2007 Time: 12:43:42 AM User: N/A Computer: HOME Description: Hanging application BackWeb-137903.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 48 61 6e 67 ion Hang 0010: 20 20 42 61 63 6b 57 65 BackWe 0018: 62 2d 31 33 37 39 30 33 b-137903 0020: 2e 65 78 65 20 30 2e 30 .exe 0.0 0028: 2e 30 2e 30 20 69 6e 20 .0.0 in 0030: 68 75 6e 67 61 70 70 20 hungapp 0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0 0040: 61 74 20 6f 66 66 73 65 at offse 0048: 74 20 30 30 30 30 30 30 t 000000 0050: 30 30 00 |
|
|
|
|
07-23-2007, 12:10 PM
|
#19 (permalink) |
|
Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy
Join Date: May 2005
Posts: 24,465
OS: N/A
|
Re: Help I have virus's
Nope. That's not it.
From Event Viewer's left pane, right click on Applications & Save Log Save the file as a txt file Repeat the above for System. Then zip both logs & attach them
__________________
Question - what have you done for the community today? |
|
|
|
| Thread Tools | |
|
|
