Deckard's System Scanner v20071014.68
Run by kl on 2008-03-23 14:38:05
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
-- Last 5 Restore Point(s) --
71: 2008-03-23 02:32:32 UTC - RP490 - Deckard's System Scanner Restore Point
70: 2008-03-22 04:32:09 UTC - RP489 - System Checkpoint
69: 2008-03-21 04:14:09 UTC - RP488 - System Checkpoint
68: 2008-03-20 03:36:51 UTC - RP487 - Software Distribution Service 3.0
67: 2008-03-20 03:30:09 UTC - RP486 - Spyware Terminator - restore point
-- First Restore Point --
1: 2007-12-25 20:07:26 UTC - RP420 - System Checkpoint
Performed disk cleanup.
Percentage of Memory in Use: 82% (more than 75%).Total Physical Memory: 383 MiB (512 MiB recommended).-- HijackThis (run as kl.exe) --------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:38:11 PM, on 3/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mim.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\PROGRA~1\YAHOO!\browser\ycommon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\SYSTEM32\notepad.exe
C:\Documents and Settings\kl\desktop\dss.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\DOCUME~1\kl\Desktop\kl.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapp.../search/ie.htmlR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://softwarerefer...=...6Ojg5&lid=2R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://red.clientapp...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapp.../search/ie.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapp...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB002" /M "Stylus Photo R220"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Yahoo! Pager] "C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe" -quiet (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Yahoo! Pager] "C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe" -quiet (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Yahoo! Pager] "C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe" -quiet (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Yahoo! Pager] "C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe" -quiet (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O8 - Extra context menu item: &Search -
http://kl.bar.need2f...earch.html?p=KLO8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Win32 Classes -
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://www2.snapfish...fishActivia.cabO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace....ploader1005.cabO16 - DPF: {D1D98C0F-A339-42AB-BD5F-EA0FF5D0E65F} (RockYou Image Uploader Control) -
http://www.rockyou.c...ageUploader.cabO18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
--
End of file - 9609 bytes
-- HijackThis Fixed Entries (C:\DOCUME~1\kl\Desktop\backups\) ------------------
backup-20080322-222524-152 O21 - SSODL: altvxvm - {8AA0D7A6-35AD-4BF0-A0A2-D0737F77016F} - C:\WINDOWS\altvxvm.dll
backup-20080322-222546-791 O21 - SSODL: bokpkov - {C5B961F1-70C2-4015-BAB9-6F8BCAA332C8} - C:\WINDOWS\bokpkov.dll
backup-20080322-222604-580 O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
-- File Associations -----------------------------------------------------------
.bat - batfile - DefaultIcon - C:\WINDOWS\SYSTEM32\SHELL32.DLL,-153.com - comfile - DefaultIcon - C:\WINDOWS\SYSTEM32\SHELL32.DLL,2.hlp - hlpfile - DefaultIcon - C:\WINDOWS\SYSTEM32\SHELL32.DLL,23.ini - inifile - DefaultIcon - shell32.dll,-151.js - JSFile - DefaultIcon - C:\WINDOWS\system32\migicons.exe,17.reg - regfile - DefaultIcon - C:\WINDOWS\regedit.exe,1.scr - scrfile - shell\open\command - "%1" %*.txt - txtfile - DefaultIcon - shell32.dll,-152.vbs - VBSFile - DefaultIcon - C:\WINDOWS\system32\migicons.exe,16-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 MASPINT - c:\windows\system32\drivers\maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT>
R2 SbcpHid - c:\windows\system32\drivers\sbcphid.sys
S3 catchme - c:\docume~1\kl\locals~1\temp\catchme.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 sp_rssrv (Spyware Terminator Realtime Shield Service) - "c:\program files\spyware terminator\sp_rsser.exe" <Not Verified; Crawler.com; Crawler Spyware Terminator>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Process Modules -------------------------------------------------------------
C:\WINDOWS\SYSTEM32\winlogon.exe (pid 360)
2007-12-05 13:57:54 99328 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>
C:\WINDOWS\SYSTEM32\svchost.exe (pid 552)
2007-12-05 13:57:54 99328 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>
C:\WINDOWS\SYSTEM32\svchost.exe (pid 624)
2007-12-05 13:57:54 99328 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>
C:\WINDOWS\SYSTEM32\svchost.exe (pid 684)
2007-12-05 13:57:54 99328 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>
C:\WINDOWS\SYSTEM32\svchost.exe (pid 744)
2007-12-05 13:57:54 99328 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>
C:\WINDOWS\SYSTEM32\svchost.exe (pid 800)
2007-12-05 13:57:54 99328 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>
C:\WINDOWS\explorer.exe (pid 992)
2003-10-07 04:41:56 81920 --a------ C:\Program Files\SBC Self Support Tool\SmartBridge\SBHook.dll <Not Verified; Motive Communications, Inc.; Motive System>
2007-12-05 13:57:54 99328 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>
2006-12-28 21:03:02 110592 --a------ C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll <Not Verified; ; dBShell Module>
C:\WINDOWS\SYSTEM32\svchost.exe (pid 720)
2007-12-05 13:57:54 99328 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>
-- Scheduled Tasks -------------------------------------------------------------
2008-03-23 14:31:00 390 --a------ C:\WINDOWS\Tasks\PCHealth Scheduler for Data Collection.job
2008-03-22 22:52:58 358 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2008-03-14 20:00:02 534 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - HP Authorized Customer.job
2008-03-05 23:00:02 502 --a------ C:\WINDOWS\Tasks\Tune-up Application Start.job
-- Files created between 2008-02-23 and 2008-03-23 -----------------------------
2008-03-23 00:27:48 0 d-------- C:\WINDOWS\ERUNT
2008-03-22 22:33:54 0 d-------- C:\Documents and Settings\kl\Application Data\Malwarebytes
2008-03-22 22:33:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-22 22:33:34 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-22 21:23:12 0 d-------- C:\Program Files\backups
2008-03-19 20:59:05 0 d-------- C:\Program Files\Crawler
2008-03-19 20:56:51 138752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-03-19 20:56:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-03-19 20:56:47 0 d-------- C:\Documents and Settings\kl\Application Data\Spyware Terminator
2008-03-19 20:56:38 0 d-------- C:\Program Files\Spyware Terminator
2008-03-19 14:19:22 0 d--hs---- C:\FOUND.001
2008-03-12 22:39:45 0 d-------- C:\Program Files\Common Files\Scanner
2008-03-12 22:39:38 0 d-------- C:\Program Files\CA Yahoo! Anti-Spy
-- Find3M Report ---------------------------------------------------------------
2008-03-22 21:47:54 10150 --a------ C:\Program Files\hijackthis.log <HIJACK~1.LOG>
2008-03-22 10:19:40 10191 --a------ C:\Program Files\hijackthis 3-22-08.txt
2008-03-19 20:46:08 1309 --a------ C:\Documents and Settings\kl\Application Data\update.log
2008-03-17 07:30:44 31232 --a------ C:\Documents and Settings\kl\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-02-03 20:35:58 0 d-------- C:\Program Files\Spyware Doctor
2008-02-03 20:35:58 0 d-------- C:\Documents and Settings\kl\Application Data\PC Tools
2008-02-01 23:16:40 0 d-------- C:\Program Files\XoftSpySE
2008-02-01 23:10:10 0 d-------- C:\Program Files\Trojan Killer
2008-01-31 11:10:30 0 d-------- C:\Program Files\Adssite Games Collection
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [08/15/2000 05:25 PM]
"Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" [08/15/2000 05:25 PM]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [12/22/2003 08:38 AM]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 04:50 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [08/13/2004 08:17 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [07/22/2005 05:12 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [06/24/2005 03:16 PM]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [10/06/2004 05:56 PM]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [02/04/2002 10:32 PM]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [09/10/2002 09:26 PM]
"Motive SmartBridge"="C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe" [12/10/2003 04:52 AM]
"EPSON Stylus Photo R220 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.exe" [03/09/2005 04:00 AM]
"MimBoot"="C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe" [01/19/2006 11:06 AM]
"MMTray"="C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe" [01/19/2006 11:06 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [03/18/2006 12:24 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [04/13/2005 03:48 AM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [12/10/2007 02:53 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [01/19/2007 12:54 PM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Yahoo! Pager"="C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe" -quiet
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [9/16/2003 5:19:24 AM]
SBC Self Support Tool.lnk - C:\Program Files\SBC Self Support Tool\bin\matcli.exe [1/16/2006 2:21:43 PM]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"MMTray"=
"hpsysdrv"=C:\WINDOWS\SYSTEM32\hpsysdrv.exe
"Delay"=C:\WINDOWS\delayrun.exe
"MotiveMonitor"=C:\Program Files\Motive\motmon.exe
"WorksFUD"=C:\Program Files\Microsoft Works\wkfud.exe
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
"LoadQM"=loadqm.exe
"Symantec Core LC"=C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
"REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:WIN9X /user /install
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /user /install
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}]
C:\WINDOWS\SYSTEM32\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl
-- End of Deckard's System Scanner: finished at 2008-03-23 14:41:24 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel Pentium III processor
Percentage of Memory in Use: 84%
Physical Memory (total/avail): 382.48 MiB / 60.06 MiB
Pagefile Memory (total/avail): 919.54 MiB / 330.89 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1916.79 MiB
A: is Removable (No Media)
C: is Fixed (FAT32) - 37.27 GiB total, 11.49 GiB free.
M: is CDROM (No Media)
N: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - MAXTOR 4K040H2 - 37.28 GiB - 1 partition
\PARTITION0 (bootable) - Unknown - 37.28 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
AV: Symantec AntiVirus Corporate Edition v9.0.2.1000 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\WinMX\\WinMX.exe"="C:\\Program Files\\WinMX\\WinMX.exe:*:Enabled:WinMX Application"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Kazaa\\Kazaa.exe"="C:\\Program Files\\Kazaa\\Kazaa.exe:*:Enabled:Kazaa"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\BearShare\\BearShare.exe"="C:\\Program Files\\BearShare\\BearShare.exe:*:Enabled:BearShare"
"C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\kl\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HPPAV
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\kl
LOGONSERVER=\\HPPAV
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\COMMAND;C:\WINDOWS\system32\WBEM
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 10, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=080a
ProgramFiles=C:\Program Files
PROMPT=$p$g
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\kl\LOCALS~1\Temp
TMP=C:\DOCUME~1\kl\LOCALS~1\Temp
USERDOMAIN=HPPAV
USERNAME=kl
USERPROFILE=C:\Documents and Settings\kl
winbootdir=C:\WINDOWS
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
kl
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> "C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /UNINSTALL /PROMPT
--> C:\PROGRA~1\SBCSEL~1\CustomUninstall.exe SBC
--> C:\PROGRA~1\Yahoo!\Common\unyt.exe
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Adaptec\Easy CD Creator 4\CreateCD\UNINST.ISU"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Adaptec\Easy CD Creator 4\UNINST.ISU"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Adaptec\Easy CD Creator 4\UNINST.ISU"
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\mrun32.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adaptec DirectCD --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Adaptec\DirectCD\DCDUnins.isu" -cC:\PROGRA~1\ADAPTEC\DIRECTCD\Dcduhlp.dll
Adaptec Easy CD Creator 4 --> "C:\Program Files\Common Files\Adaptec\ECDCUNIN\SETUP.EXE" +s -l0009 -fECDC.INS
Adaptec UDF Reader --> C:\WINDOWS\SYSTEM32\udfrunin.exe
Adobe Acrobat 4.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\98\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\98\Uninst.dll"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adssite Games Collection --> C:\Program Files\Adssite Games Collection\uninstall.exe
BackWeb --> C:\WINDOWS\bwUninst.exe
BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
CA Yahoo! Anti-Spy (remove only) --> "C:\Program Files\CA Yahoo! Anti-Spy\uninstall.exe"
Crawler Toolbar with Web Security Guard --> C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe uninst
dBpowerAMP Music Converter --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
eHelp --> C:\PROGRA~1\EHELP\UNINST~1.EXE Hewlett-Packard
EPSON ESPR220 Reference Guide --> C:\Program Files\epson\guide\spr220_e\uninstall.exe
EPSON Print CD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\setup.exe" -l0x9 -SYSTEM
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Fellowes NEATO MediaFACE II --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MediaFACE II\Uninstall.isu"
FinePixViewer Ver.4.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
HijackThis 2.0.2 --> "C:\Program Files\HijackThis.exe" /uninstall
HP Image Zone 3.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Internet Center --> wscript "C:\HP Internet\Surfboard\uninst.vbs"
HP PSC & OfficeJet 3.5 --> "C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update --> MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}
HP_WildTangent_Games --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\ENGINE\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44635DD7-3F85-4368-8186-6A662A03714C}\setup.exe"
ImageMixer VCD2 for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934E9442-D305-4ACF-AD87-A6C11D677CB9}\setup.exe"
Intel A/V Codecs V2.0 --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\CDUninst.isu
InterVideo WinDVD --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\InterVideo\WinDVD\Uninst.isu"
iPod for Windows 2005-06-26 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{654F0312-CB3D-4FE2-962C-6BB9752E9146} /l1033
iPod for Windows 2006-01-10 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
iTunes --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{47808F78-F178-49DC-B708-15FE538B16FF}
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VCSETUP.EXE /REMOVE
LiveUpdate 2.5 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
MAGIX music studio 7 --> C:\MAGIX\ms7\unwise.exe C:\MAGIX\ms7\INSTALL.LOG
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Memories Disc Creator 2.0 --> MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Money 2001 --> MsiExec.exe /I{D085A1B6-90A4-11D3-82B7-00C04FA309DE}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Works 6.0 --> MsiExec.exe /I{F8D0829C-9C6F-11D3-8080-00C04FA329AA}
Microsoft Works and Money 2001 Setup Launcher --> C:\Program Files\Microsoft Works and Money 2001\Setup\Launcher.exe m:\cd1\
MicroStaff WINASPI --> C:\MWASPI\uninst.exe
Morpheus 5.2 (remove only) --> "C:\Program Files\Morpheus\UninstMorpheus.exe"
Musicmatch® Jukebox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst
My Photo Center --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\My Photo Center\Uninst.isu"
Nero - Burning Rom --> MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
One-touch Multimedia Keyboard --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Netropa\One-touch Multimedia Keyboard\Uninst.isu" -c"C:\Program Files\Netropa\One-touch Multimedia Keyboard\uninst.dll"
PC-Doctor for Windows --> C:\WINDOWS\UNWISE.EXE C:\WINDOWS\SYSTEM\INSTALL.LOG
Python 1.5 combined Win32 extensions --> C:\PROGRA~1\PYTHON\UNWISE~1.EXE C:\PROGRA~1\PYTHON\W32INST.LOG
Python 1.5.2 (final) --> C:\PROGRA~1\PYTHON\UNWISE.EXE C:\PROGRA~1\PYTHON\INSTALL.LOG
QuickLink III --> C:\Program Files\QuickLink III\SETUP.EXE
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RAW FILE CONVERTER LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D680C913-5955-469D-9D88-C1940F7506D6}\SETUP.EXE" -l0x9
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SBC Self Support Tool --> C:\WINDOWS\Motive\SBC\MCCUninst.exe
SBC Yahoo! Applications --> C:\PROGRA~1\YAHOO!\COMMON\uninstall.exe
Scientific Atlanta WebSTAR 2000 series Cable Modem --> UNDPX2K.EXE
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
Spyware Terminator --> "C:\Program Files\Spyware Terminator\unins000.exe"
Symantec AntiVirus --> MsiExec.exe /I{848AC794-8B81-440A-81AE-6474337DB527}
Tcl 8.0.5 for Windows --> C:\PROGRA~1\TCL\UNWISE.EXE C:\PROGRA~1\TCL\INSTALL.LOG
Trellix Web --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Trellix Web\Uninst.isu"
Windows Installer Clean Up --> MsiExec.exe /I{121634B0-2F4A-11D3-ADA3-00C04F52DD53}
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows XP Uninstall --> %SYSTEMROOT%\system32\osuninst.exe
WinZip Self-Extractor --> "C:\Program Files\WinZip Self-Extractor\wzipse32.exe" -uninstall
Yahoo! Mail Quick Select Tool (PhotoMail) --> C:\PROGRA~1\YAHOO!\COMMON\unymb.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type6794 / Error
Event Submitted/Written: 03/23/2008 01:33:04 PM
Event ID/Source: 5 / Symantec AntiVirus
Event Description:
Threat Found!Threat: Downloader in File: C:\Documents and Settings\kl\Local Settings\Temporary Internet Files\Content.IE5\CTMJOHYB\main[1].htm by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Delete succeeded : Access denied. Action Description: The file was deleted successfully.
Event Record #/Type6790 / Error
Event Submitted/Written: 03/23/2008 00:48:22 AM
Event ID/Source: 5 / Symantec AntiVirus
Event Description:
Threat Found!Threat: Downloader in File: C:\Documents and Settings\kl\Local Settings\Temporary Internet Files\Content.IE5\STYBSDIN\main[1].htm by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Delete succeeded : Access denied. Action Description: The file was deleted successfully.
Event Record #/Type6782 / Error
Event Submitted/Written: 03/23/2008 00:00:03 AM
Event ID/Source: 5 / Symantec AntiVirus
Event Description:
Threat Found!Threat: Downloader in File: C:\Documents and Settings\kl\Local Settings\Temporary Internet Files\Content.IE5\WDANSDE3\main[1].htm by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Delete succeeded : Access denied. Action Description: The file was deleted successfully.
Event Record #/Type6778 / Error
Event Submitted/Written: 03/22/2008 10:58:01 PM
Event ID/Source: 5 / Symantec AntiVirus
Event Description:
Threat Found!Threat: Downloader in File: C:\Documents and Settings\kl\Local Settings\Temporary Internet Files\Content.IE5\KXAT67W3\do[1].js by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access denied. Action Description: The file was left unchanged.
Event Record #/Type6777 / Error
Event Submitted/Written: 03/22/2008 10:28:13 PM
Event ID/Source: 5 / Symantec AntiVirus
Event Description:
Threat Found!Threat: Downloader in File: C:\Documents and Settings\kl\Local Settings\Temporary Internet Files\Content.IE5\K5QFSPA7\main[1].htm by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Delete succeeded : Access denied. Action Description: The file was deleted successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type41145 / Error
Event Submitted/Written: 03/23/2008 00:05:00 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
IKFileSec
Event Record #/Type41144 / Error
Event Submitted/Written: 03/23/2008 00:05:00 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The PC Tools Security Service service failed to start due to the following error:
%%1053
Event Record #/Type41143 / Error
Event Submitted/Written: 03/23/2008 00:05:00 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the PC Tools Security Service service to connect.
Event Record #/Type41109 / Error
Event Submitted/Written: 03/23/2008 00:37:09 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
IKFileSec
Event Record #/Type41106 / Error
Event Submitted/Written: 03/23/2008 00:27:59 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AFD
Fips
IKFileSec
IPSec
MRxSmb
NetBIOS
NetBT
P3
RasAcd
Rdbss
SAVRT
SYMTDI
Tcpip
-- End of Deckard's System Scanner: finished at 2008-03-23 14:41:24 ------------
[Custom Input]
< purity >
C:\WINDOWS\aѕsembly moved successfully.
C:\WINDOWS\WіnSxS moved successfully.
C:\WINDOWS\system32\ΑрpPatch moved successfully.
C:\Program Files\ΑрpPatch moved successfully.
C:\Documents and Settings\kl\My Documents\AрpPatch moved successfully.
C:\Documents and Settings\kl\Application Data\Μicrosoft.NET moved successfully.
C:\Documents and Settings\kl\Application Data\sеcurity moved successfully.
C:\Documents and Settings\kl\Application Data\ѕecurity moved successfully.
C:\Documents and Settings\kl\Application Data\sуstem moved successfully.
OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03232008_133745