# "Windows Operating System" in Startup (msconfig)



## Goodgosh (Jul 17, 2010)

Hi, I've searched the net and this forum but can't seem to find an answer. I'm sure it's probably simple but I've never seen it before when I was using XP.

Why is there an entry in Startup titled "Windows Operating System"?

I'm loathe to uncheck it, I just don't understand why it would be there? 

Thanks for any advice


----------



## dvk01 (Dec 14, 2002)

look along the list & you will see it says sidebar 
without it your gadgets won't work & W7 uses gadagets very well


----------



## Goodgosh (Jul 17, 2010)

Hi dvk01, thanks very much for replying. I had a look along the line and it looks like it might be there because of my old Creative Labs Emu Soundcard because it doesn't mention a sidebar but it says RegSRV CTASIO and in the Registry it mentions Wow64 which is probably because the card is 32 bit?

So I guess it must be cool, thanks for the advice, I learnt something new :up:


----------



## dvk01 (Dec 14, 2002)

just to double check something with this for my knowledge store rather than any suspicion of anything being wrong

Download *RSIT* (random's system information tool) from here to your desktop, then click on the *RSIT.exe* to start the scan. ( vista or Windows 7, right click the rsit.exe and select run as admin)

If necessary allow it to locate or download a copy of HijackThis as needed.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

*RSIT will also create a second log*, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can use separate posts here when replying and posting the log files if needed.


----------



## Goodgosh (Jul 17, 2010)

Hi dvk01, Zonealarm won't allow RSIT on my computer lol and Hijackthis is acting funny. First notice said 'Access to hosts file is denied for some reason' and then it said it couldn't find the Hijackthis.log file in C:\Program files\Hijackthis and it asked me if I wanted to make the log file myself and I ticked Yes and all that happened was a blank notepad opened. 

When it scanned it came up wth a list but I can't copy and paste it and don't know how to create a log file manually.


----------



## dvk01 (Dec 14, 2002)

zone alarm shouldn't block it 

the hosts file message is normal with vista or windows 7 

that is why we say right click rsit & run as admin to overcome that


----------



## Goodgosh (Jul 17, 2010)

Hi I just ignored Zonealarm Extreme and ran it as admin. Hope everything's hunky dory

Logfile of random's system information tool 1.08 (written by random/random)
Run by First at 2011-03-11 13:40:48
Microsoft Windows 7 Ultimate 
System drive C: has 11 GB (41%) free of 26 GB
Total RAM: 1790 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:40:50 PM, on 3/11/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\CTHELPER.EXE
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe
C:\Program Files\Belkin\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\First\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\First.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Increase performance and video formats for your HTML5 - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ZoneAlarm ForceField IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7277 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Toolbar Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-08-27 595432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-02-11 1246600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Toolbar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-08-27 595432]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AsioThk32Reg"=REGSVR32.EXE /S CTASIO.DLL []
"CTHelper"=C:\Windows\system32\CTHELPER.EXE [2010-02-23 23040]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2010-02-23 23552]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2010-08-29 1039360]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\Belkin\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-03-11 13:37:03 ----D---- C:\rsit
2011-03-11 13:29:32 ----D---- C:\Program Files (x86)\Microsoft Office
2011-03-11 00:23:33 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-03-10 21:39:54 ----D---- C:\Program Files (x86)\Trend Micro
2011-03-10 18:08:22 ----D---- C:\Program Files (x86)\Veetle
2011-03-10 10:45:08 ----D---- C:\Windows\SysWOW64\Wat
2011-03-10 10:30:49 ----A---- C:\Windows\SysWOW64\d3d10_1.dll
2011-03-10 05:31:25 ----A---- C:\Windows\SysWOW64\wcncsvc.dll
2011-03-10 05:24:19 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2011-03-10 05:18:30 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2011-03-10 05:18:30 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2011-03-10 05:18:30 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2011-03-10 05:18:30 ----A---- C:\Windows\SysWOW64\mscoree.dll
2011-03-10 05:18:30 ----A---- C:\Windows\SysWOW64\dfshim.dll
2011-03-10 04:14:24 ----D---- C:\Users\First\AppData\Roaming\WinRAR
2011-03-10 03:12:29 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2011-03-10 03:12:17 ----A---- C:\Windows\SysWOW64\mshtml.dll
2011-03-10 03:12:13 ----A---- C:\Windows\SysWOW64\iertutil.dll
2011-03-10 03:12:11 ----A---- C:\Windows\SysWOW64\mstime.dll
2011-03-10 03:12:11 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2011-03-10 03:12:11 ----A---- C:\Windows\SysWOW64\iepeers.dll
2011-03-10 03:12:11 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2011-03-10 03:12:10 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2011-03-10 03:12:10 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2011-03-10 03:12:10 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2011-03-10 03:12:10 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2011-03-10 03:12:05 ----A---- C:\Windows\SysWOW64\kerberos.dll
2011-03-10 03:12:02 ----A---- C:\Windows\SysWOW64\tzres.dll
2011-03-10 03:11:47 ----A---- C:\Windows\SysWOW64\d2d1.dll
2011-03-10 03:11:46 ----A---- C:\Windows\SysWOW64\DWrite.dll
2011-03-10 03:11:40 ----A---- C:\Windows\SysWOW64\EncDec.dll
2011-03-10 03:11:40 ----A---- C:\Windows\SysWOW64\CPFilters.dll
2011-03-10 03:11:39 ----A---- C:\Windows\SysWOW64\sbe.dll
2011-03-10 03:11:35 ----A---- C:\Windows\SysWOW64\t2embed.dll
2011-03-10 03:11:32 ----A---- C:\Windows\SysWOW64\ole32.dll
2011-03-10 03:11:30 ----A---- C:\Windows\SysWOW64\taskschd.dll
2011-03-10 03:11:30 ----A---- C:\Windows\SysWOW64\taskeng.exe
2011-03-10 03:11:30 ----A---- C:\Windows\SysWOW64\taskcomp.dll
2011-03-10 03:11:29 ----A---- C:\Windows\SysWOW64\schtasks.exe
2011-03-10 03:11:28 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2011-03-10 03:11:27 ----A---- C:\Windows\SysWOW64\secproc_isv.dll
2011-03-10 03:11:27 ----A---- C:\Windows\SysWOW64\secproc.dll
2011-03-10 03:11:26 ----A---- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2011-03-10 03:11:26 ----A---- C:\Windows\SysWOW64\secproc_ssp.dll
2011-03-10 03:11:26 ----A---- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2011-03-10 03:11:26 ----A---- C:\Windows\SysWOW64\RMActivate_ssp.exe
2011-03-10 03:11:26 ----A---- C:\Windows\SysWOW64\RMActivate_isv.exe
2011-03-10 03:11:26 ----A---- C:\Windows\SysWOW64\RMActivate.exe
2011-03-10 03:11:21 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2011-03-10 03:11:03 ----A---- C:\Windows\SysWOW64\shell32.dll
2011-03-10 03:11:01 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2011-03-10 03:10:57 ----A---- C:\Windows\SysWOW64\psisdecd.dll
2011-03-10 03:10:48 ----A---- C:\Windows\SysWOW64\schannel.dll
2011-03-10 03:10:46 ----A---- C:\Windows\SysWOW64\comctl32.dll
2011-03-10 03:10:42 ----A---- C:\Windows\SysWOW64\ieframe.dll
2011-03-10 03:10:41 ----A---- C:\Windows\SysWOW64\urlmon.dll
2011-03-10 03:10:41 ----A---- C:\Windows\SysWOW64\upnp.dll
2011-03-10 03:10:41 ----A---- C:\Windows\SysWOW64\msxml6.dll
2011-03-10 03:10:40 ----A---- C:\Windows\SysWOW64\wscapi.dll
2011-03-10 03:10:40 ----A---- C:\Windows\SysWOW64\wininet.dll
2011-03-10 03:10:40 ----A---- C:\Windows\SysWOW64\winhttp.dll
2011-03-10 03:10:40 ----A---- C:\Windows\SysWOW64\WebClnt.dll
2011-03-10 03:10:40 ----A---- C:\Windows\SysWOW64\slwga.dll
2011-03-10 03:10:40 ----A---- C:\Windows\SysWOW64\msxml3.dll
2011-03-10 03:10:40 ----A---- C:\Windows\SysWOW64\davclnt.dll
2011-03-10 03:10:39 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2011-03-10 03:10:39 ----A---- C:\Windows\SysWOW64\ieui.dll
2011-03-10 03:10:34 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2011-03-10 03:10:33 ----A---- C:\Windows\explorer.exe
2011-03-10 03:10:32 ----A---- C:\Windows\SysWOW64\explorer.exe
2011-03-10 03:10:31 ----A---- C:\Windows\SysWOW64\setup16.exe
2011-03-10 03:10:30 ----A---- C:\Windows\SysWOW64\wow32.dll
2011-03-10 03:10:30 ----A---- C:\Windows\SysWOW64\user.exe
2011-03-10 03:10:30 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2011-03-10 03:10:30 ----A---- C:\Windows\SysWOW64\instnm.exe
2011-03-10 03:10:29 ----A---- C:\Windows\SysWOW64\rtutils.dll
2011-03-10 03:10:22 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2011-03-10 03:10:22 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-03-10 03:10:15 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2011-03-10 03:10:13 ----A---- C:\Windows\SysWOW64\mf.dll
2011-03-10 03:10:11 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL
2011-03-10 03:10:11 ----A---- C:\Windows\SysWOW64\mfreadwrite.dll
2011-03-10 03:10:11 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll
2011-03-10 03:10:11 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll
2011-03-10 03:10:10 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll
2011-03-10 03:10:03 ----A---- C:\Windows\SysWOW64\webio.dll
2011-03-10 03:10:01 ----A---- C:\Windows\SysWOW64\iccvid.dll
2011-03-10 03:09:58 ----A---- C:\Windows\SysWOW64\vbscript.dll
2011-03-10 03:09:58 ----A---- C:\Windows\SysWOW64\jscript.dll
2011-03-10 03:09:45 ----A---- C:\Windows\SysWOW64\wmpmde.dll
2011-03-10 03:09:44 ----A---- C:\Windows\SysWOW64\quartz.dll
2011-03-10 03:09:43 ----A---- C:\Windows\SysWOW64\tsbyuv.dll
2011-03-10 03:09:43 ----A---- C:\Windows\SysWOW64\msyuv.dll
2011-03-10 03:09:43 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2011-03-10 03:09:43 ----A---- C:\Windows\SysWOW64\msrle32.dll
2011-03-10 03:09:43 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2011-03-10 03:09:43 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2011-03-10 03:09:43 ----A---- C:\Windows\SysWOW64\avifil32.dll
2011-03-10 03:09:29 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2011-03-10 03:09:29 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2011-03-10 03:09:29 ----A---- C:\Windows\SysWOW64\ntdll.dll
2011-03-10 03:09:23 ----A---- C:\Windows\SysWOW64\fontsub.dll
2011-03-10 03:09:23 ----A---- C:\Windows\SysWOW64\atmlib.dll
2011-03-10 03:09:23 ----A---- C:\Windows\SysWOW64\atmfd.dll
2011-03-10 03:09:14 ----A---- C:\Windows\SysWOW64\sspicli.dll
2011-03-10 03:09:14 ----A---- C:\Windows\SysWOW64\secur32.dll
2011-03-10 03:09:13 ----A---- C:\Windows\SysWOW64\mfc40u.dll
2011-03-10 03:09:13 ----A---- C:\Windows\SysWOW64\mfc40.dll
2011-03-10 03:09:11 ----A---- C:\Windows\SysWOW64\msasn1.dll
2011-03-10 03:09:09 ----A---- C:\Windows\SysWOW64\mstscax.dll
2011-03-10 03:09:09 ----A---- C:\Windows\SysWOW64\mstsc.exe
2011-03-10 03:09:05 ----A---- C:\Windows\SysWOW64\wmp.dll
2011-03-10 03:09:03 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2011-03-10 03:09:00 ----A---- C:\Windows\SysWOW64\odbc32.dll
2011-03-10 03:08:55 ----A---- C:\Windows\SysWOW64\sscore.dll
2011-03-10 02:31:04 ----D---- C:\Users\First\AppData\Roaming\vlc
2011-03-10 02:30:26 ----D---- C:\Program Files (x86)\VideoLAN
2011-03-10 02:23:38 ----D---- C:\Users\First\AppData\Roaming\DivX
2011-03-10 02:23:26 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2011-03-10 02:22:44 ----D---- C:\Program Files (x86)\Common Files\DivX Shared
2011-03-10 02:22:02 ----D---- C:\Program Files (x86)\DivX
2011-03-10 02:21:36 ----D---- C:\ProgramData\DivX
2011-03-10 00:02:17 ----D---- C:\Users\First\AppData\Roaming\skypePM
2011-03-09 23:59:49 ----D---- C:\Windows\SoftwareDistribution
2011-03-09 23:57:27 ----D---- C:\Windows\Prefetch
2011-03-09 23:57:00 ----ASH---- C:\pagefile.sys
2011-03-09 23:56:53 ----SHD---- C:\System Volume Information
2011-03-09 23:56:53 ----ASH---- C:\hiberfil.sys
2011-03-09 23:55:58 ----D---- C:\Windows\Panther
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\es-MX
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\es-AR
2011-03-09 23:47:46 ----D---- C:\Users\First\AppData\Roaming\#ISW.FS#
2011-03-09 22:53:54 ----D---- C:\Program Files (x86)\Common Files\Skype
2011-03-09 22:53:53 ----RD---- C:\Program Files (x86)\Skype
2011-03-09 22:53:53 ----D---- C:\Users\First\AppData\Roaming\Skype
2011-03-09 22:53:50 ----D---- C:\ProgramData\Skype
2011-03-09 22:51:07 ----D---- C:\Users\First\AppData\Roaming\Macromedia
2011-03-09 22:51:07 ----D---- C:\Users\First\AppData\Roaming\Adobe
2011-03-09 22:50:34 ----D---- C:\Windows\SysWOW64\Macromed
2011-03-09 13:29:20 ----D---- C:\Program Files (x86)\MRU-Blaster
2011-03-09 13:24:00 ----D---- C:\Program Files (x86)\MultiRes
2011-03-09 13:03:08 ----D---- C:\Users\First\AppData\Roaming\Mozilla
2011-03-09 13:03:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-03-09 12:56:57 ----D---- C:\ProgramData\Raxco
2011-03-09 12:55:53 ----D---- C:\Program Files (x86)\Raxco
2011-03-09 12:44:16 ----D---- C:\Windows\pss
2011-03-09 12:34:09 ----ASH---- C:\Users\First\AppData\Roaming\Sys6925.Config Collection.sys
2011-03-09 12:34:00 ----D---- C:\Program Files (x86)\jv16 PowerTools 2010
2011-03-09 12:24:18 ----A---- C:\Windows\SysWOW64\oestore.dll
2011-03-09 12:24:17 ----D---- C:\Program Files (x86)\Acesoft
2011-03-09 12:16:19 ----D---- C:\ProgramData\Kaspersky SDK
2011-03-09 12:11:12 ----D---- C:\Users\First\AppData\Roaming\MailFrontier
2011-03-09 12:11:12 ----D---- C:\Users\First\AppData\Roaming\CheckPoint
2011-03-09 12:05:37 ----A---- C:\Windows\zllsputility.exe
2011-03-09 12:05:08 ----A---- C:\Windows\SysWOW64\vsregexp.dll
2011-03-09 12:04:41 ----A---- C:\Windows\SysWOW64\zlcommdb.dll
2011-03-09 12:04:41 ----A---- C:\Windows\SysWOW64\zlcomm.dll
2011-03-09 12:04:37 ----A---- C:\Windows\SysWOW64\vswmi.dll
2011-03-09 12:04:36 ----D---- C:\Windows\SysWOW64\ZoneLabs
2011-03-09 12:04:36 ----A---- C:\Windows\SysWOW64\zpeng25.dll
2011-03-09 12:04:36 ----A---- C:\Windows\SysWOW64\vsxml.dll
2011-03-09 12:04:36 ----A---- C:\Windows\SysWOW64\vspubapi.dll
2011-03-09 12:04:36 ----A---- C:\Windows\SysWOW64\vsmonapi.dll
2011-03-09 12:04:34 ----A---- C:\Windows\SysWOW64\vsdata.dll
2011-03-09 12:04:30 ----D---- C:\Program Files (x86)\Zone Labs
2011-03-09 12:03:45 ----D---- C:\ProgramData\CheckPoint
2011-03-09 12:03:44 ----D---- C:\Windows\Internet Logs
2011-03-09 12:03:43 ----A---- C:\Windows\SysWOW64\vsutil.dll
2011-03-09 12:03:43 ----A---- C:\Windows\SysWOW64\vsinit.dll
2011-03-09 11:53:16 ----D---- C:\Users\First\AppData\Roaming\EmuPatchMixDSP
2011-03-09 11:52:17 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-03-09 11:29:47 ----D---- C:\Program Files (x86)\Creative Professional
2011-03-09 11:29:42 ----A---- C:\Windows\SysWOW64\cttele.dll
2011-03-09 11:29:41 ----A---- C:\Windows\SysWOW64\wrap_oal.dll
2011-03-09 11:29:41 ----A---- C:\Windows\SysWOW64\OpenAL32.dll
2011-03-09 11:27:27 ----D---- C:\Windows\SysWOW64\Data
2011-03-09 11:27:27 ----A---- C:\Windows\SysWOW64\INRES.DLL
2011-03-09 11:27:27 ----A---- C:\Windows\SysWOW64\CTXFIRES.DLL
2011-03-09 11:27:27 ----A---- C:\Windows\SysWOW64\CTPRES.DLL
2011-03-09 11:27:27 ----A---- C:\Windows\SysWOW64\CTDCRES.DLL
2011-03-09 11:26:37 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2011-03-09 10:54:55 ----D---- C:\ProgramData\LogiShrd
2011-03-09 10:52:01 ----D---- C:\Users\First\AppData\Roaming\Leadertech
2011-03-09 10:51:51 ----D---- C:\Windows\SysWOW64\logishrd
2011-03-09 10:51:47 ----D---- C:\ProgramData\Logitech
2011-03-09 10:51:45 ----D---- C:\Program Files (x86)\Common Files\LWS
2011-03-09 10:51:35 ----D---- C:\Program Files (x86)\Logitech
2011-03-09 10:51:31 ----SHD---- C:\Windows\Installer
2011-03-09 08:09:12 ----D---- C:\Program Files (x86)\Common Files\logishrd
2011-03-09 08:06:49 ----A---- C:\Windows\SysWOW64\cabview.dll
2011-03-09 08:06:48 ----A---- C:\Windows\SysWOW64\wintrust.dll
2011-03-09 08:06:19 ----D---- C:\Users\First\AppData\Roaming\Identities
2011-03-09 08:05:51 ----SD---- C:\Users\First\AppData\Roaming\Microsoft
2011-03-09 08:05:51 ----D---- C:\Users\First\AppData\Roaming\Media Center Programs
2011-03-09 08:05:15 ----SHD---- C:\Recovery

======List of files/folders modified in the last 1 months======

2011-03-11 13:40:49 ----D---- C:\Windows\Temp
2011-03-11 13:29:32 ----RD---- C:\Program Files (x86)
2011-03-11 13:29:32 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2011-03-11 13:02:55 ----D---- C:\Windows\Microsoft.NET
2011-03-11 13:02:53 ----RSD---- C:\Windows\assembly
2011-03-11 12:07:13 ----D---- C:\Windows\System32
2011-03-11 12:07:13 ----D---- C:\Windows\inf
2011-03-11 00:23:42 ----D---- C:\Windows\SysWOW64
2011-03-11 00:23:40 ----D---- C:\Windows\SysWOW64\en-US
2011-03-10 14:31:45 ----D---- C:\Windows\rescache
2011-03-10 10:47:37 ----D---- C:\Windows
2011-03-10 10:47:35 ----D---- C:\Windows\winsxs
2011-03-10 10:31:51 ----D---- C:\Windows\debug
2011-03-10 10:15:05 ----D---- C:\Program Files (x86)\Internet Explorer
2011-03-10 10:14:57 ----D---- C:\Program Files (x86)\Windows Mail
2011-03-10 10:14:55 ----D---- C:\Windows\ehome
2011-03-10 10:14:53 ----D---- C:\Windows\SysWOW64\migration
2011-03-10 10:14:52 ----D---- C:\Windows\AppPatch
2011-03-10 10:14:44 ----D---- C:\Program Files (x86)\Windows Media Player
2011-03-10 04:14:06 ----RD---- C:\Program Files
2011-03-10 02:23:26 ----D---- C:\Program Files (x86)\Common Files
2011-03-10 02:21:36 ----HD---- C:\ProgramData
2011-03-09 23:57:27 ----D---- C:\Windows\CSC
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\zh-TW
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\zh-CN
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\sv-SE
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\ru-RU
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\pt-BR
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\pl-PL
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\nl-NL
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\nb-NO
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\ko-KR
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\ja-JP
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\it-IT
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\fr-FR
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\fi-FI
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\es-ES
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\de-DE
2011-03-09 23:50:30 ----D---- C:\Windows\SysWOW64\da-DK
2011-03-09 12:04:34 ----D---- C:\Windows\SysWOW64\drivers
2011-03-09 11:27:28 ----D---- C:\Windows\system
2011-03-09 10:55:39 ----SD---- C:\ProgramData\Microsoft
2011-03-09 08:29:45 ----D---- C:\Windows\Logs
2011-03-09 08:06:03 ----SHD---- C:\$Recycle.Bin
2011-03-09 08:05:30 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys []
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys []
R2 DefragFS;DefragFS; C:\Windows\SysWOW64\drivers\DefragFS.sys []
R2 ISWKL;ZoneAlarm ForceField ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-08-27 33008]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys []
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS []
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys []
R3 CTEDSPIO.SYS;CTEDSPIO.SYS; C:\Windows\System32\drivers\CTEDSPIO.SYS []
R3 CTEDSPSY.SYS;CTEDSPSY.SYS; C:\Windows\System32\drivers\CTEDSPSY.SYS []
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys []
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys []
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys []
R3 icsak;icsak; \??\C:\Program Files\CheckPoint\ZAForceField\AK\icsak.sys [2010-08-27 44784]
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys []
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys []
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS []
S3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS []
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS []
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys []
S3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS []
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS []
S3 CTEAPSFX.SYS;CTEAPSFX.SYS; C:\Windows\System32\drivers\CTEAPSFX.SYS []
S3 CTEAPSFX;CTEAPSFX; C:\Windows\system32\drivers\CTEAPSFX.SYS []
S3 CTEDSPFX.SYS;CTEDSPFX.SYS; C:\Windows\System32\drivers\CTEDSPFX.SYS []
S3 CTEDSPFX;CTEDSPFX; C:\Windows\system32\drivers\CTEDSPFX.SYS []
S3 CTEDSPIO;CTEDSPIO; C:\Windows\system32\drivers\CTEDSPIO.SYS []
S3 CTEDSPSY;CTEDSPSY; C:\Windows\system32\drivers\CTEDSPSY.SYS []
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS []
S3 CTERFXFX;CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS []
S3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS []
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS []
S3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS []
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS []
S3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS []
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS []
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []
S3 zghsmdm;ZTE General Handset USB Modem Proprietary; C:\Windows\system32\DRIVERS\zghsmdm.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 IswSvc;ZoneAlarm ForceField IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-08-27 823272]
R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2010-11-30 2610952]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2010-08-29 2434568]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PDEngine;PDEngine; C:\Program Files\Raxco\PerfectDisk\PDEngine.exe [2010-11-30 2266376]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 UmRdpService;Remote Desktop Services UserMode Port Redirector; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.08 2011-03-11 13:37:17

======Uninstall list======

-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5633D266-6BAE-41CE-987F-0FE5F5F92D64}\setup.exe" -l0x9 
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10n_Plugin.exe -maintain plugin
CameraHelperMsi-->MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3}
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
E-MU Audio Drivers-->"C:\Program Files (x86)\Creative Professional\Digital Audio System\Drivers\DrvInst\Setup.exe" /remove
E-muPatchMix DSP-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5633D266-6BAE-41CE-987F-0FE5F5F92D64}\setup.exe" -l0x9 /remove
erLT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
jv16 PowerTools 2010-->"C:\Program Files (x86)\jv16 PowerTools 2010\Uninstall\uninstall.exe" "/U:C:\Program Files (x86)\jv16 PowerTools 2010\Uninstall\uninstall.xml"
Logitech Vid HD-->C:\Program Files (x86)\Logitech\Vid HD\uninst.exe
Logitech Webcam Software-->"C:\Program Files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=ENU /guid="{D40EB009-0499-459c-A8AF-C9C110766215}"
LWS Facebook-->MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
LWS Gallery-->MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
LWS Help_main-->MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9}
LWS Launcher-->MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
LWS Motion Detection-->MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA}
LWS Pictures And Video-->MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967}
LWS Twitter-->MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48}
LWS Video Mask Maker-->MsiExec.exe /I{EED027B7-0DB6-404B-8F45-6DFEE34A0441}
LWS Webcam Software-->MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189}
LWS WLM Plugin-->MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D}
LWS YouTube Plugin-->MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox (3.6.15)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MRU-Blaster v1.5 (Database 3/28/2004)-->"C:\Program Files (x86)\MRU-Blaster\unins000.exe"
MultiRes (remove only)-->C:\Program Files (x86)\MultiRes\uninstal.exe
Skype Toolbars-->MsiExec.exe /I{A29549FD-65F3-440C-A552-6B8114CF319D}
Skype 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Tracks Eraser Pro v8.0 build 1000-->"C:\Program Files (x86)\Acesoft\Tracks Eraser Pro\unins000.exe"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Veetle TV 0.9.18-->C:\Program Files (x86)\Veetle\UninstallVeetleTV.exe
VLC media player 1.1.7-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
ZoneAlarm Extreme Security-->C:\Program Files (x86)\Zone Labs\ZoneAlarm\zauninst.exe

======System event log======

Computer Name: First-PC
Event Code: 11
Message: The driver detected a controller error on \Device\Harddisk3\DR3.
Record Number: 1539
Source Name: Disk
Time Written: 20110309140233.196473-000
Event Type: Error
User:

Computer Name: First-PC
Event Code: 1014
Message: Name resolution for the name www.tutorialsite.org timed out after none of the configured DNS servers responded.
Record Number: 1417
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20110309133144.951335-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: First-PC
Event Code: 7030
Message: The ZoneAlarm ForceField IswSvc service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Record Number: 1109
Source Name: Service Control Manager
Time Written: 20110309120544.728447-000
Event Type: Error
User:

Computer Name: First-PC
Event Code: 7030
Message: The TrueVector Internet Monitor service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Record Number: 1097
Source Name: Service Control Manager
Time Written: 20110309120439.205699-000
Event Type: Error
User:

Computer Name: 37L4247E29-32
Event Code: 7023
Message: The Windows Time service terminated with the following error: 
The system cannot find the file specified.
Record Number: 384
Source Name: Service Control Manager
Time Written: 20110309160047.385600-000
Event Type: Error
User:

=====Application event log=====

Computer Name: First-PC
Event Code: 1000
Message: Faulting application name: setup.exe_InstallShield (R), version: 9.1.0.429, time stamp: 0x3fb01c5d
Faulting module name: iuser.dll, version: 9.1.0.429, time stamp: 0x3fb01b4a
Exception code: 0xc0000005
Fault offset: 0x00014129
Faulting process id: 0x8b8
Faulting application start time: 0x01cbde49776ef7cb
Faulting application path: C:\Windows\temp\CRF000\setup.exe
Faulting module path: C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
Report Id: c20e6d8d-4a3c-11e0-954f-000a3a8263d5
Record Number: 339
Source Name: Application Error
Time Written: 20110309110244.000000-000
Event Type: Error
User:

Computer Name: First-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL - 
1 user registry handles leaked from \Registry\User\S-1-5-21-3334396786-252937225-3728919729-1000:
Process 468 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3334396786-252937225-3728919729-1000

Record Number: 217
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110309104639.640792-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: First-PC
Event Code: 40961
Message: ASR Warning: Failed to collect disk information for ASR Backup. Reason: Unable to obtain disk information for device 3 (Win32 error code 0x15).
Record Number: 205
Source Name: VSS
Time Written: 20110309082217.000000-000
Event Type: Warning
User:

Computer Name: First-PC
Event Code: 40961
Message: ASR Warning: Failed to collect disk information for ASR Backup. Reason: Unable to obtain disk information for device 3 (Win32 error code 0x15).
Record Number: 196
Source Name: VSS
Time Written: 20110309080853.000000-000
Event Type: Warning
User:

Computer Name: First-PC
Event Code: 1008
Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.

Record Number: 97
Source Name: Microsoft-Windows-Search
Time Written: 20110309080516.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: A security-enabled local group was changed.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Changed Attributes:
SAM Account Name: -
SID History: -

Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110309235714.161279-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: A security-enabled local group was created.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
 Account Domain: WORKGROUP
Logon ID: 0x3e7

New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Attributes:
SAM Account Name: Backup Operators
SID History: -

Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110309235714.161279-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x3380b
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110309235713.755678-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110309235711.743275-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110309235711.665275-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\CheckPoint\fde
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=AMD64 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"tvdumpflags"=8

-----------------EOF-----------------


----------



## dvk01 (Dec 14, 2002)

That all looks fine & is just your sound card


----------



## Goodgosh (Jul 17, 2010)

Hi dvk01, thanks for having a look


----------



## dvk01 (Dec 14, 2002)

:up:


----------

