Hi Jack This Log

shawnselig · July 18, 2005

Logfile of HijackThis v1.99.1

Scan saved at 8:30:56 AM, on 07/18/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\WINDOWS\system32\crypserv.exe

C:\Program Files\ewido\security suite\ewidoctrl.exe

C:\Program Files\ewido\security suite\ewidoguard.exe

C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Dell Support\DSAgnt.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program Files\Mirc 6.16\mirc.exe

C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Real\RealPlayer\RealPlay.exe

C:\hijackthis\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.eastlink.ca/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com

O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - C:\WINDOWS\SYSTEM32\HDBHO.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll

O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)

O9 - Extra button: WIC Messenger - {CD3A1E66-5772-4b4d-B69A-A21F377499B6} - C:\Program Files\WIC Messenger\wicmessenger.exe (file missing)

O9 - Extra 'Tools' menuitem: WIC Messenger - {CD3A1E66-5772-4b4d-B69A-A21F377499B6} - C:\Program Files\WIC Messenger\wicmessenger.exe (file missing)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://D:\content\include\XPPatchInstaller.CAB

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by20fd.bay20.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {C432C4BD-3566-411C-8F3C-E5E0D3AE5D33} (CBrowser Class) - http://www.streamingfaith.com/common/mbrow...MINIBrowser.CAB

O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab

O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.streamload.com/Upload/XUpload.ocx

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...389/mcfscan.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Atribune · July 18, 2005

Download the RKFiles.zip from here:

http://skads.org/special/rkfiles.zip

1. Reboot into safe mode

2. Open the C:\Antispyware\RKFiles folder

* Locate and double-click the RKFILES.BAT to run this tool.

* Sit back and wait untill its finished.

* When it is finally finished a text file will open.

* Save the contents of that text file.

Note: It should save by default to C:\Log.txt

3. Reboot back to Normal Mode.

4. Post the log

Also lets do silent runners

* Please click this link to download Silent Runners.

* Save it to the desktop.

* Run Silent Runner's by doubleclicking the "Silent Runners" icon on your desktop.

* You will see a text file appear on the desktop - it's not done yet, just let it run (it won't appear to be doing anything!)

* Once you receive the prompt "All Done!", double-click on the new text file on the desktop and copy that entire log and paste it here.

*NOTE* If you receive any warning message about scripts, please choose to allow the script to run.

shawnselig · July 18, 2005

07/18/2005 8:42:57 AM Service Control Manager Information None 7036 N/A D3S6H341 The ewido security suite guard service entered the stopped state.

07/18/2005 8:38:54 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/18/2005 8:38:42 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/18/2005 8:38:42 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/18/2005 8:25:53 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/18/2005 8:25:42 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/18/2005 8:25:42 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/18/2005 8:21:01 AM Application Popup Information None 26 N/A D3S6H341 "Application popup: NPROTECT.EXE - Application Error : The instruction at ""0x0124131b"" referenced memory at ""0x0027fffc"". The memory could not be ""read"".

Click on OK to terminate the program"

07/18/2005 8:18:24 AM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/18/2005 8:18:24 AM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/18/2005 8:18:23 AM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/18/2005 8:18:23 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/18/2005 8:18:22 AM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/18/2005 8:18:22 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/18/2005 8:18:22 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/18/2005 8:18:22 AM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/18/2005 8:18:21 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/18/2005 8:18:21 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/18/2005 8:18:21 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/18/2005 8:18:20 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/18/2005 8:18:20 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/18/2005 8:18:20 AM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/18/2005 8:17:49 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/18/2005 8:17:49 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/18/2005 8:17:49 AM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/18/2005 8:17:49 AM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/18/2005 8:17:45 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/18/2005 8:17:13 AM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/18/2005 8:17:08 AM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/18/2005 8:17:35 AM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/18/2005 8:17:18 AM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/18/2005 8:17:18 AM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/18/2005 7:37:56 AM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/18/2005 7:37:55 AM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/18/2005 7:37:55 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/18/2005 7:37:54 AM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/18/2005 7:37:53 AM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/18/2005 7:37:53 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/18/2005 7:37:52 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/18/2005 7:37:51 AM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/18/2005 7:37:51 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/18/2005 7:37:51 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/18/2005 7:37:51 AM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/18/2005 7:37:22 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/18/2005 7:37:21 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/18/2005 7:37:20 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/18/2005 7:37:19 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/18/2005 7:37:19 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/18/2005 7:37:19 AM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/18/2005 7:37:18 AM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/18/2005 7:37:15 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/18/2005 7:36:42 AM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/18/2005 7:36:39 AM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/18/2005 7:37:05 AM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/18/2005 7:36:49 AM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/18/2005 7:36:49 AM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/18/2005 7:35:53 AM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/18/2005 7:30:04 AM Service Control Manager Error None 7034 N/A D3S6H341 The Symantec Event Manager service terminated unexpectedly. It has done this 1 time(s).

07/18/2005 7:25:22 AM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/18/2005 7:25:22 AM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/18/2005 7:25:22 AM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/18/2005 7:25:22 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/18/2005 7:25:21 AM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/18/2005 7:25:21 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/18/2005 7:25:21 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/18/2005 7:25:21 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/18/2005 7:25:21 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/18/2005 7:25:21 AM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/18/2005 7:25:21 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/18/2005 7:25:19 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/18/2005 7:25:19 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/18/2005 7:25:19 AM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/18/2005 7:24:49 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/18/2005 7:24:49 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/18/2005 7:24:49 AM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/18/2005 7:24:48 AM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/18/2005 7:24:41 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/18/2005 7:24:09 AM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/18/2005 7:24:06 AM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/18/2005 7:24:31 AM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/18/2005 7:24:15 AM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/18/2005 7:24:15 AM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/18/2005 7:21:44 AM Service Control Manager Error None 7034 N/A D3S6H341 The Symantec Event Manager service terminated unexpectedly. It has done this 1 time(s).

07/18/2005 7:21:14 AM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/18/2005 7:21:14 AM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/18/2005 7:21:14 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/18/2005 7:21:14 AM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/18/2005 7:21:14 AM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/18/2005 7:21:14 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/18/2005 7:21:13 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/18/2005 7:21:13 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/18/2005 7:21:13 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/18/2005 7:21:13 AM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/18/2005 7:21:13 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/18/2005 7:21:12 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/18/2005 7:21:11 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/18/2005 7:21:11 AM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/18/2005 7:20:41 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/18/2005 7:20:41 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/18/2005 7:20:41 AM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/18/2005 7:20:40 AM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/18/2005 7:20:35 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/18/2005 7:20:04 AM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/18/2005 7:20:01 AM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/18/2005 7:20:30 AM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/18/2005 7:20:10 AM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/18/2005 7:20:10 AM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/18/2005 7:19:13 AM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/18/2005 7:12:28 AM Service Control Manager Information None 7036 N/A D3S6H341 The IMAPI CD-Burning COM Service service entered the running state.

07/18/2005 7:12:28 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The IMAPI CD-Burning COM Service service was successfully sent a start control.

07/18/2005 7:12:27 AM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/18/2005 7:12:27 AM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/18/2005 7:12:27 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/18/2005 7:12:26 AM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/18/2005 7:12:26 AM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/18/2005 7:12:26 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/18/2005 7:12:25 AM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/18/2005 7:12:25 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/18/2005 7:12:25 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/18/2005 7:12:25 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/18/2005 7:12:24 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/18/2005 7:12:24 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/18/2005 7:12:24 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/18/2005 7:12:24 AM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/18/2005 7:11:53 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/18/2005 7:11:53 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/18/2005 7:11:53 AM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/18/2005 7:11:53 AM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/18/2005 7:11:28 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/18/2005 7:10:58 AM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/18/2005 7:10:55 AM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/18/2005 7:11:20 AM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/18/2005 7:11:05 AM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/18/2005 7:11:05 AM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/17/2005 9:04:01 PM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/17/2005 9:03:38 PM Application Popup Information None 26 N/A D3S6H341 Application popup: dwwin.exe - DLL Initialization Failed : The application failed to initialize because the window station is shutting down.

07/17/2005 9:02:55 PM Application Popup Information None 26 N/A D3S6H341 Application popup: msmsgs.exe - Application Error : The exception unknown software exception (0xc0000409) occurred in the application at location 0x59a7adc1.

07/17/2005 6:28:41 PM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/17/2005 6:28:40 PM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/17/2005 6:28:39 PM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/17/2005 6:28:39 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/17/2005 6:28:38 PM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/17/2005 6:28:38 PM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/17/2005 6:28:37 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/17/2005 6:28:37 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/17/2005 6:28:37 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/17/2005 6:28:36 PM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/17/2005 6:28:36 PM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/17/2005 6:28:36 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/17/2005 6:28:36 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/17/2005 6:28:36 PM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/17/2005 6:28:05 PM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/17/2005 6:28:05 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/17/2005 6:28:05 PM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/17/2005 6:28:05 PM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/17/2005 6:28:01 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/17/2005 6:27:29 PM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/17/2005 6:27:27 PM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/17/2005 6:27:52 PM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/17/2005 6:27:34 PM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/17/2005 6:27:34 PM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/17/2005 3:50:54 PM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/17/2005 3:35:50 PM Application Popup Information None 26 N/A D3S6H341 "Application popup: iexplore.exe - Application Error : The instruction at ""0x1001a584"" referenced memory at ""0x1001a584"". The memory could not be ""read"".

Click on OK to terminate the program"

07/17/2005 3:27:11 PM Tcpip Information None 4201 N/A D3S6H341 The system detected that network adapter \DEVICE\TCPIP_{9813F5A3-7C77-4E1A-BC71-3C2E47EF6126} was connected to the network, and has initiated normal operation over the network adapter.

07/17/2005 3:27:11 PM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/17/2005 3:27:05 PM E100B Warning None 4 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down

07/17/2005 3:26:54 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/17/2005 3:26:53 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/17/2005 3:25:54 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/17/2005 3:25:53 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/17/2005 3:25:28 PM Tcpip Information None 4201 N/A D3S6H341 The system detected that network adapter \DEVICE\TCPIP_{9813F5A3-7C77-4E1A-BC71-3C2E47EF6126} was connected to the network, and has initiated normal operation over the network adapter.

07/17/2005 3:25:23 PM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/17/2005 3:25:08 PM Tcpip Information None 4202 N/A D3S6H341 The system detected that network adapter \DEVICE\TCPIP_{9813F5A3-7C77-4E1A-BC71-3C2E47EF6126} was disconnected from the network, and the adapter's network configuration has been released. If the network adapter was not disconnected, this may indicate that it has malfunctioned. Please contact your vendor for updated drivers.

07/17/2005 3:25:01 PM E100B Warning None 4 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Down

07/17/2005 3:13:11 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/17/2005 3:13:09 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/17/2005 2:50:51 PM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/17/2005 2:50:50 PM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/17/2005 2:50:50 PM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/17/2005 2:50:50 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/17/2005 2:50:50 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/17/2005 2:50:49 PM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/17/2005 2:50:49 PM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/17/2005 2:50:49 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/17/2005 2:50:47 PM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/17/2005 2:50:47 PM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/17/2005 2:50:47 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/17/2005 2:50:46 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/17/2005 2:50:46 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/17/2005 2:50:44 PM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/17/2005 2:50:44 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/17/2005 2:50:44 PM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/17/2005 2:50:44 PM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/17/2005 2:50:42 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/17/2005 2:50:09 PM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/17/2005 2:50:07 PM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/17/2005 2:50:33 PM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/17/2005 2:50:15 PM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/17/2005 2:50:15 PM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/17/2005 10:12:11 AM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/17/2005 10:00:10 AM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/17/2005 10:00:08 AM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/17/2005 10:00:08 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/17/2005 10:00:08 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/17/2005 10:00:08 AM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/17/2005 10:00:08 AM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/17/2005 10:00:08 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/17/2005 10:00:07 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/17/2005 10:00:07 AM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/17/2005 10:00:07 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/17/2005 10:00:05 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/17/2005 10:00:05 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/17/2005 10:00:05 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/17/2005 10:00:05 AM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/17/2005 9:59:34 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/17/2005 9:59:34 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/17/2005 9:59:34 AM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/17/2005 9:59:34 AM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/17/2005 9:59:32 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/17/2005 9:59:00 AM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/17/2005 9:58:55 AM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/17/2005 9:59:23 AM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/17/2005 9:59:05 AM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/17/2005 9:59:05 AM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/17/2005 9:53:21 AM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/17/2005 9:52:36 AM Service Control Manager Information None 7036 N/A D3S6H341 The ewido security suite guard service entered the running state.

07/17/2005 9:52:36 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The ewido security suite guard service was successfully sent a start control.

07/17/2005 9:51:37 AM Service Control Manager Information None 7036 N/A D3S6H341 The ewido security suite guard service entered the stopped state.

07/17/2005 9:51:24 AM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/17/2005 9:51:23 AM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/17/2005 9:51:21 AM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/17/2005 9:51:21 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/17/2005 9:51:20 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/17/2005 9:51:20 AM Service Control Manager Information None 7036 N/A D3S6H341 The ewido security suite guard service entered the running state.

07/17/2005 9:51:20 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The ewido security suite guard service was successfully sent a start control.

07/17/2005 9:51:20 AM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/17/2005 9:51:20 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/17/2005 9:51:20 AM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/17/2005 9:51:20 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/17/2005 9:51:19 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/17/2005 9:51:19 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/17/2005 9:51:19 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/17/2005 9:51:19 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/17/2005 9:51:19 AM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/17/2005 9:50:56 AM DCOM Error None 10010 D3S6H341\barb selig D3S6H341 The server {3C9EFEC1-8D1A-11D5-989F-0000E87B4FB1} did not register with DCOM within the required timeout.

07/17/2005 9:50:48 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/17/2005 9:50:48 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/17/2005 9:50:48 AM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/17/2005 9:50:48 AM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/17/2005 9:50:41 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/17/2005 9:50:05 AM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/17/2005 9:50:03 AM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/17/2005 9:50:32 AM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/17/2005 9:50:10 AM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/17/2005 9:50:10 AM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/16/2005 10:38:25 PM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/16/2005 10:35:24 PM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/16/2005 10:35:23 PM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/16/2005 10:35:22 PM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/16/2005 10:35:22 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/16/2005 10:35:21 PM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/16/2005 10:35:21 PM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/16/2005 10:35:21 PM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/16/2005 10:35:20 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/16/2005 10:35:20 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/16/2005 10:35:20 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/16/2005 10:35:19 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/16/2005 10:35:18 PM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/16/2005 10:35:18 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/16/2005 10:35:18 PM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/16/2005 10:34:47 PM Service Control Manager Information None 7036 N/A D3S6H341 The Fax service entered the stopped state.

07/16/2005 10:34:47 PM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/16/2005 10:34:47 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/16/2005 10:34:47 PM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/16/2005 10:34:47 PM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/16/2005 10:34:45 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/16/2005 10:34:35 PM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/16/2005 10:34:12 PM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/16/2005 10:34:02 PM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/16/2005 10:34:17 PM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/16/2005 10:34:17 PM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/16/2005 4:14:44 PM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/16/2005 3:04:57 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/16/2005 3:04:56 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/16/2005 3:03:58 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/16/2005 3:03:56 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/16/2005 10:33:03 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/16/2005 10:33:02 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/16/2005 10:05:37 AM Service Control Manager Information None 7036 N/A D3S6H341 The IMAPI CD-Burning COM Service service entered the stopped state.

07/16/2005 10:04:08 AM Service Control Manager Information None 7036 N/A D3S6H341 The IMAPI CD-Burning COM Service service entered the running state.

07/16/2005 10:04:08 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The IMAPI CD-Burning COM Service service was successfully sent a start control.

07/16/2005 8:45:54 AM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/16/2005 8:45:53 AM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/16/2005 8:45:53 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/16/2005 8:45:53 AM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/16/2005 8:45:53 AM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/16/2005 8:45:53 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/16/2005 8:45:53 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/16/2005 8:45:53 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/16/2005 8:45:53 AM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/16/2005 8:45:53 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/16/2005 8:45:51 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/16/2005 8:45:51 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/16/2005 8:45:51 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/16/2005 8:45:51 AM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/16/2005 8:45:21 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/16/2005 8:45:21 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fax service entered the stopped state.

07/16/2005 8:45:21 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/16/2005 8:45:21 AM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/16/2005 8:45:17 AM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/16/2005 8:45:14 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/16/2005 8:44:41 AM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/16/2005 8:44:39 AM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/16/2005 8:45:03 AM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/16/2005 8:44:46 AM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/16/2005 8:44:46 AM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/16/2005 8:30:13 AM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/16/2005 8:12:21 AM Application Popup Information None 26 N/A D3S6H341 "Application popup: wmplayer.exe - Application Error : The instruction at ""0x078f0807"" referenced memory at ""0x08be8c30"". The memory could not be ""read"".

Click on OK to terminate the program"

07/16/2005 7:32:34 AM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/16/2005 7:32:34 AM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/16/2005 7:32:32 AM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/16/2005 7:32:32 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/16/2005 7:32:32 AM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/16/2005 7:32:32 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/16/2005 7:32:31 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/16/2005 7:32:31 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/16/2005 7:32:31 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/16/2005 7:32:31 AM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/16/2005 7:32:31 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/16/2005 7:32:30 AM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/16/2005 7:32:30 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/16/2005 7:32:30 AM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/16/2005 7:32:00 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fax service entered the stopped state.

07/16/2005 7:31:59 AM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/16/2005 7:31:59 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/16/2005 7:31:59 AM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/16/2005 7:31:59 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/16/2005 7:31:59 AM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/16/2005 7:31:52 AM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/16/2005 7:31:24 AM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/16/2005 7:31:15 AM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/16/2005 7:31:29 AM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/16/2005 7:31:29 AM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/15/2005 8:34:55 PM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/15/2005 2:37:57 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/15/2005 2:37:56 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/15/2005 2:37:03 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/15/2005 2:37:02 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/15/2005 2:19:43 PM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/15/2005 2:19:43 PM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/15/2005 2:19:42 PM Service Control Manager Information None 7036 N/A D3S6H341 The Application Layer Gateway Service service entered the running state.

07/15/2005 2:19:42 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Application Layer Gateway Service service was successfully sent a start control.

07/15/2005 2:19:41 PM Service Control Manager Information None 7036 N/A D3S6H341 The SSDP Discovery Service service entered the running state.

07/15/2005 2:19:41 PM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the stopped state.

07/15/2005 2:19:41 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Norton Unerase Protection Driver service was successfully sent a start control.

07/15/2005 2:19:41 PM Service Control Manager Information None 7036 N/A D3S6H341 The Network Location Awareness (NLA) service entered the running state.

07/15/2005 2:19:40 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The SSDP Discovery Service service was successfully sent a start control.

07/15/2005 2:19:40 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Network Location Awareness (NLA) service was successfully sent a start control.

07/15/2005 2:19:38 PM Service Control Manager Information None 7036 N/A D3S6H341 The Symantec Password Validation service entered the running state.

07/15/2005 2:19:38 PM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/15/2005 2:19:38 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Symantec Password Validation service was successfully sent a start control.

07/15/2005 2:19:38 PM Service Control Manager Error None 7011 N/A D3S6H341 Timeout (30000 milliseconds) waiting for a transaction response from the ewido security suite control service.

07/15/2005 2:19:08 PM Service Control Manager Information None 7036 N/A D3S6H341 The Fast User Switching Compatibility service entered the running state.

07/15/2005 2:19:08 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fast User Switching Compatibility service was successfully sent a start control.

07/15/2005 2:19:08 PM Service Control Manager Information None 7036 N/A D3S6H341 The Terminal Services service entered the running state.

07/15/2005 2:19:07 PM Service Control Manager Error None 7026 N/A D3S6H341 The following boot-start or system-start driver(s) failed to load:

black

07/15/2005 2:19:03 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The Fax service was successfully sent a stop control.

07/15/2005 2:18:31 PM E100B Information None 5 N/A D3S6H341 Adapter Intel® PRO/100 VE Network Connection: Adapter Link Up

07/15/2005 2:18:26 PM redbook Information None 10 N/A D3S6H341 This drive has not been shown to support digital audio playback.

07/15/2005 2:18:53 PM Service Control Manager Error None 7000 N/A D3S6H341 The Plextor ConvertX PX-M401U service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/15/2005 2:18:36 PM EventLog Information None 6005 N/A D3S6H341 The Event log service was started.

07/15/2005 2:18:36 PM EventLog Information None 6009 N/A D3S6H341 Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free.

07/15/2005 1:22:54 PM EventLog Information None 6006 N/A D3S6H341 The Event log service was stopped.

07/15/2005 1:22:01 PM USER32 Warning None 1073 NT AUTHORITY\SYSTEM D3S6H341 The attempt to power off D3S6H341 failed

07/15/2005 10:06:51 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/15/2005 10:03:44 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/15/2005 9:22:09 AM Service Control Manager Information None 7036 N/A D3S6H341 The ewido security suite guard service entered the running state.

07/15/2005 9:22:09 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM D3S6H341 The ewido security suite guard service was successfully sent a start control.

07/15/2005 9:21:02 AM Service Control Manager Information None 7036 N/A D3S6H341 The ewido security suite guard service entered the stopped state.

07/15/2005 8:44:09 AM Application Popup Information None 26 N/A D3S6H341 "Application popup: CiceroUIWndFrame: iexplore.exe - Application Error : The instruction at ""0x018227cd"" referenced memory at ""0x018227cd"". The memory could not be ""read"".

Click on OK to terminate the program"

07/15/2005 8:15:48 AM Tcpip Warning None 4226 N/A D3S6H341 TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

07/15/2005 7:41:05 AM Windows File Protection Information None 64005 N/A D3S6H341 The protected system file tcpip.sys was not restored to its original, valid version because the Windows File Protection restoration process was cancelled by user interaction, user name is barb selig. The file version of the bad file is 5.1.2600.2685.

07/15/2005 7:40:59 AM Application Popup Information None 26 N/A D3S6H341 Application popup: Windows File Protection : Possible reasons for this problem:

â€¢ You have inserted the wrong CD. (i.e., a different Windows product CD than the version installed)

â€¢ The CD-ROM drive in your system is not functioning.

07/15/2005 7:23:27 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/15/2005 7:23:23 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The SDDMI2 service was successfully sent a start control.

07/15/2005 7:17:34 AM Service Control Manager Information None 7036 N/A D3S6H341 The Computer Browser service entered the stopped state.

07/15/2005 7:17:34 AM Service Control Manager Information None 7036 N/A D3S6H341 The Remote Access Connection Manager service entered the running state.

07/15/2005 7:17:33 AM Service Control Manager Information None 7035 D3S6H341\barb selig D3S6H341 The Remote Access Connection Manager service was successfully sent a start control.

07/15/2005 7:17:32

shawnselig · July 18, 2005

07/18/2005 8:38:42 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 8:25:42 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 8:25:15 AM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/18/2005 8:21:37 AM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/18/2005 8:21:37 AM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/18/2005 8:18:21 AM ccPwdSvc Information None 2 NT AUTHORITY\SYSTEM D3S6H341 Application terminated

07/18/2005 8:18:20 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 8:17:45 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/18/2005 8:17:45 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/18/2005 8:17:35 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/18/2005 8:17:34 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/18/2005 8:17:32 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/18/2005 8:17:31 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 8:17:31 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/18/2005 8:17:31 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/18/2005 8:17:31 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/18/2005 8:17:30 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/18/2005 8:17:30 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/18/2005 8:17:30 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/18/2005 8:17:30 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/18/2005 7:41:13 AM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/18/2005 7:41:13 AM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/18/2005 7:37:22 AM ccPwdSvc Information None 2 NT AUTHORITY\SYSTEM D3S6H341 Application terminated

07/18/2005 7:37:21 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 7:37:14 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/18/2005 7:37:14 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/18/2005 7:37:05 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/18/2005 7:37:03 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/18/2005 7:37:02 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/18/2005 7:37:00 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 7:37:00 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/18/2005 7:37:00 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/18/2005 7:37:00 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/18/2005 7:37:00 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/18/2005 7:37:00 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/18/2005 7:36:59 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/18/2005 7:36:59 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/18/2005 7:35:51 AM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/18/2005 7:28:35 AM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/18/2005 7:28:35 AM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/18/2005 7:25:21 AM ccPwdSvc Information None 2 NT AUTHORITY\SYSTEM D3S6H341 Application terminated

07/18/2005 7:25:19 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 7:24:41 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/18/2005 7:24:41 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/18/2005 7:24:31 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/18/2005 7:24:29 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/18/2005 7:24:28 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/18/2005 7:24:26 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 7:24:26 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/18/2005 7:24:26 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/18/2005 7:24:26 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/18/2005 7:24:26 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/18/2005 7:24:26 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/18/2005 7:24:26 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/18/2005 7:24:26 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/18/2005 7:21:11 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 7:20:35 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/18/2005 7:20:35 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/18/2005 7:20:30 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/18/2005 7:20:30 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/18/2005 7:20:26 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/18/2005 7:20:24 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 7:20:24 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/18/2005 7:20:24 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/18/2005 7:20:24 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/18/2005 7:20:23 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/18/2005 7:20:23 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/18/2005 7:20:23 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/18/2005 7:20:23 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/18/2005 7:19:11 AM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/18/2005 7:15:22 AM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/18/2005 7:15:22 AM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/18/2005 7:13:37 AM Application Hang Error None 1001 N/A D3S6H341 Fault bucket 155330254.

07/18/2005 7:13:33 AM Application Hang Error (101) 1002 N/A D3S6H341 Hanging application nero.exe, version 6.6.0.3, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

07/18/2005 7:12:24 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 7:11:28 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/18/2005 7:11:28 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/18/2005 7:11:20 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/18/2005 7:11:19 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/18/2005 7:11:18 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/18/2005 7:11:16 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/18/2005 7:11:16 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/18/2005 7:11:16 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/18/2005 7:11:16 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/18/2005 7:11:16 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/18/2005 7:11:16 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/18/2005 7:11:16 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/18/2005 7:11:16 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/17/2005 9:03:58 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/17/2005 6:31:53 PM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/17/2005 6:31:53 PM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/17/2005 6:28:36 PM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/17/2005 6:28:01 PM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/17/2005 6:28:01 PM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/17/2005 6:27:52 PM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/17/2005 6:27:50 PM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/17/2005 6:27:49 PM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/17/2005 6:27:47 PM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/17/2005 6:27:47 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/17/2005 6:27:47 PM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/17/2005 6:27:47 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/17/2005 6:27:47 PM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/17/2005 6:27:47 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/17/2005 6:27:47 PM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/17/2005 6:27:46 PM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/17/2005 3:50:51 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/17/2005 2:54:36 PM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/17/2005 2:54:36 PM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/17/2005 2:50:47 PM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/17/2005 2:50:42 PM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/17/2005 2:50:42 PM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/17/2005 2:50:33 PM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/17/2005 2:50:32 PM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/17/2005 2:50:28 PM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/17/2005 2:50:26 PM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/17/2005 2:50:26 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/17/2005 2:50:26 PM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/17/2005 2:50:26 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/17/2005 2:50:26 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/17/2005 2:50:26 PM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/17/2005 2:50:26 PM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/17/2005 2:50:26 PM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/17/2005 10:12:09 AM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/17/2005 10:03:25 AM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/17/2005 10:03:25 AM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/17/2005 10:00:05 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/17/2005 9:59:32 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/17/2005 9:59:32 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/17/2005 9:59:23 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/17/2005 9:59:21 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/17/2005 9:59:19 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/17/2005 9:59:17 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/17/2005 9:59:17 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/17/2005 9:59:17 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/17/2005 9:59:17 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/17/2005 9:59:16 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/17/2005 9:59:16 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/17/2005 9:59:16 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/17/2005 9:59:16 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/17/2005 9:53:21 AM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/17/2005 9:51:20 AM ccPwdSvc Information None 2 NT AUTHORITY\SYSTEM D3S6H341 Application terminated

07/17/2005 9:51:19 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/17/2005 9:50:41 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/17/2005 9:50:41 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/17/2005 9:50:32 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/17/2005 9:50:28 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/17/2005 9:50:25 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/17/2005 9:50:22 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/17/2005 9:50:22 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/17/2005 9:50:22 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/17/2005 9:50:22 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/17/2005 9:50:22 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/17/2005 9:50:22 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/17/2005 9:50:22 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/17/2005 9:50:22 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/16/2005 10:38:25 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/16/2005 10:35:18 PM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/16/2005 10:34:45 PM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/16/2005 10:34:45 PM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/16/2005 10:34:35 PM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/16/2005 10:34:33 PM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/16/2005 10:34:31 PM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/16/2005 10:34:30 PM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/16/2005 10:34:29 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/16/2005 10:34:29 PM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/16/2005 10:34:29 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/16/2005 10:34:29 PM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/16/2005 10:34:29 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/16/2005 10:34:29 PM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/16/2005 10:34:29 PM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/16/2005 4:14:41 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/16/2005 8:49:05 AM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/16/2005 8:49:05 AM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/16/2005 8:45:51 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/16/2005 8:45:13 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/16/2005 8:45:13 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/16/2005 8:45:04 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/16/2005 8:45:02 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/16/2005 8:45:00 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/16/2005 8:44:58 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/16/2005 8:44:58 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/16/2005 8:44:58 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/16/2005 8:44:58 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/16/2005 8:44:58 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/16/2005 8:44:58 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/16/2005 8:44:57 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/16/2005 8:44:57 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/16/2005 8:30:12 AM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/16/2005 7:35:51 AM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/16/2005 7:35:51 AM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/16/2005 7:32:30 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/16/2005 7:31:57 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/16/2005 7:31:57 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/16/2005 7:31:51 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/16/2005 7:31:48 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/16/2005 7:31:46 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/16/2005 7:31:45 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/16/2005 7:31:45 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/16/2005 7:31:45 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/16/2005 7:31:45 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/16/2005 7:31:43 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/16/2005 7:31:43 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/16/2005 7:31:43 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/16/2005 7:31:43 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/15/2005 8:34:52 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/15/2005 2:22:55 PM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/15/2005 2:22:54 PM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/15/2005 2:19:38 PM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/15/2005 2:19:02 PM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/15/2005 2:19:02 PM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/15/2005 2:18:53 PM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/15/2005 2:18:51 PM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/15/2005 2:18:50 PM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/15/2005 2:18:48 PM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/15/2005 2:18:48 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/15/2005 2:18:48 PM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/15/2005 2:18:48 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/15/2005 2:18:48 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/15/2005 2:18:48 PM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/15/2005 2:18:47 PM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/15/2005 2:18:47 PM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/15/2005 1:22:50 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/15/2005 7:21:17 AM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/15/2005 7:21:16 AM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/15/2005 7:17:32 AM ccPwdSvc Information None 2 NT AUTHORITY\SYSTEM D3S6H341 Application terminated

07/15/2005 7:17:29 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/15/2005 7:17:19 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/15/2005 7:17:19 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/15/2005 7:17:12 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/15/2005 7:17:10 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/15/2005 7:17:09 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/15/2005 7:17:06 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/15/2005 7:17:06 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/15/2005 7:17:06 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/15/2005 7:17:06 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/15/2005 7:17:06 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/15/2005 7:17:06 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/15/2005 7:17:06 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/15/2005 7:17:06 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/14/2005 2:59:25 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/14/2005 12:43:35 PM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/14/2005 12:43:35 PM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/14/2005 12:41:59 PM Application Hang Error (101) 1002 N/A D3S6H341 Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

07/14/2005 12:41:44 PM Application Hang Error (101) 1002 N/A D3S6H341 Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

07/14/2005 12:39:48 PM ccPwdSvc Information None 2 NT AUTHORITY\SYSTEM D3S6H341 Application terminated

07/14/2005 12:39:46 PM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/14/2005 12:39:40 PM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/14/2005 12:39:40 PM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/14/2005 12:39:32 PM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/14/2005 12:39:30 PM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/14/2005 12:39:28 PM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/14/2005 12:39:26 PM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/14/2005 12:39:26 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/14/2005 12:39:26 PM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/14/2005 12:39:26 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/14/2005 12:39:26 PM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/14/2005 12:39:26 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/14/2005 12:39:26 PM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/14/2005 12:39:26 PM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/14/2005 12:38:16 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/14/2005 8:03:38 AM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/14/2005 8:03:38 AM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/14/2005 7:59:48 AM ccPwdSvc Information None 2 NT AUTHORITY\SYSTEM D3S6H341 Application terminated

07/14/2005 7:59:46 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/14/2005 7:59:37 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/14/2005 7:59:37 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/14/2005 7:59:36 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/14/2005 7:59:35 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/14/2005 7:59:34 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/14/2005 7:59:31 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/14/2005 7:59:31 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/14/2005 7:59:31 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/14/2005 7:59:31 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/14/2005 7:59:31 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/14/2005 7:59:31 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/14/2005 7:59:31 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/14/2005 7:59:31 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/13/2005 8:37:54 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/13/2005 8:37:02 PM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/13/2005 8:36:55 PM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/13/2005 8:36:55 PM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/13/2005 8:36:54 PM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/13/2005 8:36:53 PM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/13/2005 8:36:51 PM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/13/2005 8:36:49 PM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/13/2005 8:36:49 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/13/2005 8:36:49 PM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/13/2005 8:36:49 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/13/2005 8:36:48 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/13/2005 8:36:48 PM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/13/2005 8:36:48 PM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/13/2005 8:36:48 PM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/13/2005 8:35:40 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/13/2005 4:37:10 PM Application Hang Error (101) 1002 N/A D3S6H341 Hanging application wmplayer.exe, version 10.0.0.3646, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

07/13/2005 3:35:03 PM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/13/2005 3:35:03 PM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/13/2005 3:31:07 PM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/13/2005 3:31:02 PM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/13/2005 3:31:02 PM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/13/2005 3:31:02 PM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/13/2005 3:31:01 PM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/13/2005 3:30:58 PM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/13/2005 3:30:56 PM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/13/2005 3:30:56 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/13/2005 3:30:56 PM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/13/2005 3:30:56 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/13/2005 3:30:56 PM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/13/2005 3:30:56 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/13/2005 3:30:56 PM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/13/2005 3:30:56 PM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/13/2005 12:40:03 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/13/2005 8:24:42 AM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/13/2005 8:24:42 AM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/13/2005 8:20:50 AM ccPwdSvc Information None 2 NT AUTHORITY\SYSTEM D3S6H341 Application terminated

07/13/2005 8:20:49 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/13/2005 8:20:45 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/13/2005 8:20:45 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/13/2005 8:20:42 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/13/2005 8:20:41 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/13/2005 8:20:39 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/13/2005 8:20:38 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/13/2005 8:20:38 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/13/2005 8:20:38 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/13/2005 8:20:38 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/13/2005 8:20:38 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/13/2005 8:20:38 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/13/2005 8:20:38 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/13/2005 8:20:38 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/13/2005 8:19:32 AM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/13/2005 8:16:14 AM ccPwdSvc Information None 2 NT AUTHORITY\SYSTEM D3S6H341 Application terminated

07/13/2005 8:16:13 AM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/13/2005 8:16:09 AM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/13/2005 8:16:09 AM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/13/2005 8:16:08 AM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/13/2005 8:16:07 AM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/13/2005 8:16:06 AM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/13/2005 8:16:04 AM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/13/2005 8:16:04 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/13/2005 8:16:04 AM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/13/2005 8:16:04 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/13/2005 8:16:04 AM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/13/2005 8:16:04 AM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/13/2005 8:16:03 AM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/13/2005 8:16:03 AM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/12/2005 8:36:58 PM Userenv Warning None 1517 NT AUTHORITY\SYSTEM D3S6H341 Windows saved user D3S6H341\barb selig registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

07/12/2005 7:10:46 PM Application Hang Error (101) 1002 N/A D3S6H341 Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

07/12/2005 5:16:49 PM LoadPerf Information None 1000 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data contains the new index values assigned to this service.

07/12/2005 5:16:49 PM LoadPerf Information None 1001 N/A D3S6H341 Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.

07/12/2005 5:12:58 PM ccPwdSvc Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/12/2005 5:12:48 PM Microsoft Fax Warning Initialization/Termination 32068 N/A D3S6H341 The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly. Country/region code: '*' Area code: '*'

07/12/2005 5:12:48 PM Microsoft Fax Warning Initialization/Termination 32026 N/A D3S6H341 Fax Service failed to initialize any assigned fax devices (virtual or TAPI). No faxes can be sent or received until a fax device is installed.

07/12/2005 5:12:48 PM SecurityCenter Information None 1800 N/A D3S6H341 The Windows Security Center Service has started.

07/12/2005 5:12:47 PM WMDM PMSP Service Information None 105 N/A D3S6H341 The service was started.

07/12/2005 5:12:46 PM NProtectService Information None 3 NT AUTHORITY\SYSTEM D3S6H341 The service was started.

07/12/2005 5:12:45 PM ccEvtMgr Information None 1 NT AUTHORITY\SYSTEM D3S6H341 Application started

07/12/2005 5:12:45 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to create the Trust Module.

07/12/2005 5:12:45 PM ccEvtMgr Warning None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Loaded the default configuration settings.

07/12/2005 5:12:45 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Failed to load the configuration settings.

07/12/2005 5:12:45 PM Creative Service for CDROM Access Information None 105 N/A D3S6H341 The service was started.

07/12/2005 5:12:45 PM ccEvtMgr Error None 13 NT AUTHORITY\SYSTEM D3S6H341 ccEvtMgr: Settings server is not installed.

07/12/2005 5:12:45 PM ccEvtMgr Information None 26 NT AUTHORITY\SYSTEM D3S6H341 Application starting

07/12/2005 5:12:45 PM Avg7UpdSvc Information None 1 N/A D3S6H341 Service started

07/12/2005 11:41:30 AM Application Error Error None 1000 N/A D3S6H341 Faulting application n2 studio center.exe, version 2.0.0.0, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0001eb33.

07/12/2005 11:37:18 AM Application Error Error None 1001 N/A D3S6H341 Fault bucket 184091312.

07/12/2005 11:37:16 AM Application Error Error None 1000 N/A D3S6H341 Faulting application n2 studio center.exe, version 2.0.0.0, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0001eb33.

07/12/2005 10:24:31 AM MsiInstaller Information None 1005 D3S6H341\barb selig D3S6H341 The Windows Installer initiated a system restart to complete or continue the configuration of 'Symantec Network Drivers Update'.

07/12/2005 10:24:31 AM MsiInstaller Information None 11707 D3S6H341\barb selig D3S6H341 Product: Symantec Network Drivers Update -- Installation operation completed successfully.

0

shawnselig · July 18, 2005

C:\Documents and Settings\Administrator.D3S6H341\Desktop

PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, THERE MIGHT BE LEGIT FILES LISTED AND PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

Files Found in system Folder............

------------------------

C:\WINDOWS\SYSTEM32\cpuinf32.dll: UPX!

C:\WINDOWS\SYSTEM32\kl_upx.exe: UPX!

C:\WINDOWS\SYSTEM32\kl_upx.exe: >UPX!t

C:\WINDOWS\SYSTEM32\kl_upx.exe: t[hUPX!

C:\WINDOWS\SYSTEM32\kl_upx.exe: MThUPX!PQ

C:\WINDOWS\SYSTEM32\kl_upx.exe: hUPX!

C:\WINDOWS\SYSTEM32\kl_upx.exe: UPX!t

C:\WINDOWS\SYSTEM32\kl_upx.exe: hUPX!PQ

C:\WINDOWS\SYSTEM32\kl_upx.exe: JMUPX!

C:\WINDOWS\SYSTEM32\kl_upx.exe: UPX!

C:\WINDOWS\SYSTEM32\kl_upx.exe: JMUPX!

C:\WINDOWS\SYSTEM32\kl_upx.exe: JMPDUPX!

C:\WINDOWS\SYSTEM32\kl_upx.exe: UPX!

C:\WINDOWS\SYSTEM32\kl_upx.exe: UPX!u

C:\WINDOWS\SYSTEM32\kl_upx.exe: JMPOUPX!

C:\WINDOWS\SYSTEM32\kl_upx.exe: JMPDUPX!

C:\WINDOWS\SYSTEM32\dfrg.msc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAwGpEc213

C:\WINDOWS\SYSTEM32\DivX.dll: PEC2

C:\WINDOWS\SYSTEM32\ODBCJET.HLP: +0`3Spec2

Files Found in all users startup Folder............

------------------------

Files Found in all users windows Folder............

------------------------

C:\WINDOWS\choice.exe: UPX!

C:\WINDOWS\RMAgentOutput.dll: UPX!

C:\WINDOWS\tsc.exe: UPX!

C:\WINDOWS\vsapi32.dll: UPX!t4

Finished

bye

shawnselig · July 18, 2005

"Silent Runners.vbs", revision 39, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:

---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]

"AWMON" = ""C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"" ["Lavasoft Sweden"]

"DellSupport" = ""C:\Program Files\Dell Support\DSAgnt.exe" /startup" ["Gteko Ltd."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

"ISUSScheduler" = ""C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start" ["InstallShield Software Corporation"]

"TkBellExe" = ""C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."]

"ccRegVfy" = ""C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"" ["Symantec Corporation"]

"ccApp" = ""C:\Program Files\Common Files\Symantec Shared\ccApp.exe"" ["Symantec Corporation"]

"AWMON" = ""C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"" ["Lavasoft Sweden"]

"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]

"AVG7_CC" = "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP" ["GRISOFT, s.r.o."]

"AVG7_EMC" = "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe" ["GRISOFT, s.r.o."]

"ISUSPM Startup" = "c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup" ["InstallShield Software Corporation"]

"PinnacleDriverCheck" = "C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg" [empty string]

"Symantec NetDriver Monitor" = "C:\PROGRA~1\SYMNET~1\SNDMon.exe" ["Symantec Corporation"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{02DCA195-602B-4B1F-83FF-381B7E804BDB}\(Default) = (no title provided)

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\SYSTEM32\HDBHO.dll" [null data]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]

{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}\(Default) = "eBay Toolbar Helper" [from CLSID]

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll" [null data]

{243B17DE-77C7-46BF-B94B-0B5F309A0E64}\(Default) = (no title provided)

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Microsoft Money\System\mnyside.dll" [MS]

{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)

-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]

{5CA3D70E-1895-11CF-8E15-001234567890}\(Default) = "DriveLetterAccess" [from CLSID]

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\dla\tfswshx.dll" ["Sonic Solutions"]

{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = "Google Toolbar Helper" [from CLSID]

-> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

"{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip"

-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

"{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip"

-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

"{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip"

-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]

"{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip"

-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]

"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]

"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]

"{DEE12703-6333-4D4E-8F34-738C4DCC2E04}" = "RecordNow! SendToExt"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Sonic\RecordNow! Deluxe\shlext.dll" [null data]

"{5CA3D70E-1895-11CF-8E15-001234567890}" = "DriveLetterAccess"

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\dla\tfswshx.dll" ["Sonic Solutions"]

"{336B02CE-F88A-4aea-8731-79EF94D3723A}" = "Free AOL & Unlimited Internet.url"

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\aod\aodshext.dll" [null data]

"{92085AD4-F48A-450D-BD93-B28CC7DF67CE}" = "eBay Toolbar"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll" [null data]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]

"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]

"{27E11846-A7C7-4DF8-8680-63653355A754}" = "Microsoft Security Extensibility Snap-in"

-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\PROTOCOL.INI:Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â

Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â " [** WMI GetObject error **]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

INFECTION WARNING! "{54D9498B-CF93-414F-8984-8CE7FDE0D391}" = "ewido shell guard"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ewido\security suite\shellhook.dll" ["TODO: <Firmenname>"]

HKLM\System\CurrentControlSet\Control\Session Manager\

INFECTION WARNING! "BootExecute" = "autocheck autochk * smrgdf C:\PROGRA~1\iolo\SYSTEM~1\" [file not found], [MS], [file not found], [null data], [file not found]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\

AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]

ewido\(Default) = "{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ewido\security suite\context.dll" ["ewido networks"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"

-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

ewido\(Default) = "{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ewido\security suite\context.dll" ["ewido networks"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"

-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"

-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing, Inc."]

Active Desktop and Wallpaper:

-----------------------------

Active Desktop is disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Control Panel\Desktop\

"Wallpaper" = "C:\Documents and Settings\barb selig\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

Startup items in "barb selig" & "All Users" startup folders:

------------------------------------------------------------

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

"Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]

Winsock2 Service Provider DLLs:

-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:

------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = "&Google" [from CLSID]

-> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = "&Google" [from CLSID]

-> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = "&Google" [from CLSID]

-> {CLSID}\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

"{92085AD4-F48A-450D-BD93-B28CC7DF67CE}" = "eBay Toolbar" [from CLSID]

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll" [null data]

Explorer Bars

Dormant Explorer Bars in "View, Explorer Bar" menu

HKLM\Software\Classes\CLSID\{D6A116E7-5906-42E4-87F6-E7E15936415E}\ = "MoneySide"

Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32\(Default) = "C:\Program Files\Microsoft Money\System\mnyside.dll" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

"MenuText" = "Sun Java Console"

"CLSIDExtension" = "{08B0E5C0-4FCB-11CF-AAA5-00401C608501}"

{9819CC0E-9669-4D01-9CD7-2C66DA43AC6C}\

{CD3A1E66-5772-4B4D-B69A-A21F377499B6}\

"ButtonText" = "WIC Messenger"

"MenuText" = "WIC Messenger"

"Exec" = "C:\Program Files\WIC Messenger\wicmessenger.exe" [file not found]

{CD67F990-D8E9-11D2-98FE-00C0F0318AFE}\

{E023F504-0C5A-4750-A1E7-A9046DEA8A21}\

"ButtonText" = "MoneySide"

"CLSIDExtension" = "{DD6687B5-CB43-4211-BFC9-2942CCBDCB3E}"

-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Microsoft Money\System\mnyside.dll" [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

AVG7 Alert Manager Server, Avg7Alrt, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe" ["GRISOFT, s.r.o."]

AVG7 Update Service, Avg7UpdSvc, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe" ["GRISOFT, s.r.o."]

Creative Service for CDROM Access, Creative Service for CDROM Access, "C:\WINDOWS\System32\CTsvcCDA.exe" ["Creative Technology Ltd"]

Crypkey License, Crypkey License, "crypserv.exe" ["Kenonic Controls Ltd."]

ewido security suite control, ewido security suite control, "C:\Program Files\ewido\security suite\ewidoctrl.exe" ["ewido networks"]

ewido security suite guard, ewido security suite guard, "C:\Program Files\ewido\security suite\ewidoguard.exe" ["ewido networks"]

LexBce Server, LexBceS, "C:\WINDOWS\system32\LEXBCES.EXE" ["Lexmark International, Inc."]

Norton Unerase Protection, NProtectService, "C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE" ["Symantec Corporation"]

NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]

Speed Disk service, Speed Disk service, "C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE" ["Symantec Corporation"]

Symantec Core LC, Symantec Core LC, "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" ["Symantec Corporation"]

Symantec Event Manager, ccEvtMgr, ""C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"" ["Symantec Corporation"]

WMDM PMSP Service, WMDM PMSP Service, "C:\WINDOWS\system32\MsPMSPSv.exe" [MS]

----------

+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

+ The search for DESKTOP.INI DLL launch points on all local fixed drives

took 42 seconds.

+ The search for all Registry CLSIDs containing dormant Explorer Bars

took 15 seconds.

---------- (total run time: 88 seconds)

Atribune · July 18, 2005

Please locate zip and email the following files to [email protected]

C:\WINDOWS\SYSTEM32\cpuinf32.dll

C:\WINDOWS\SYSTEM32\kl_upx.exe

shawnselig · July 18, 2005

Logfile of HijackThis v1.99.1

Scan saved at 4:04:12 PM, on 07/18/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Dell Support\DSAgnt.exe

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\WINDOWS\system32\crypserv.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\System32\alg.exe

C:\hijackthis\hijackthis\HijackThis.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe