from main.txt:
Deckard's System Scanner v20071014.68
Run by Owner on 2008-05-11 14:31:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
130: 2008-05-11 18:31:36 UTC - RP130 - Deckard's System Scanner Restore Point
129: 2008-05-11 03:10:35 UTC - RP129 - System Checkpoint
128: 2008-05-10 01:18:05 UTC - RP128 - System Checkpoint
127: 2008-05-09 01:01:18 UTC - RP127 - System Checkpoint
126: 2008-05-07 21:27:09 UTC - RP126 - Last known good configuration
-- First Restore Point --
1: 2008-05-07 21:25:53 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Owner.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:33:03 PM, on 5/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://us8.hpwis.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us8.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us8.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: {cc662a5f-85a8-223b-d8e4-f800320c1c51} - {15c1c023-008f-4e8d-b322-8a58f5a266cc} - C:\WINDOWS\system32\iphdmifx.dll
O2 - BHO: (no name) - {48A62760-1CBF-427E-9BBE-284ED3DA2755} - C:\WINDOWS\system32\jkkICSkl.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [BM1f008110] Rundll32.exe "C:\WINDOWS\system32\elgwrsxb.dll",s
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - Winlogon Notify: tuvVOHBS - tuvVOHBS.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
--
End of file - 7156 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 fasttx2k - c:\windows\system32\drivers\fasttx2k.sys <Not Verified; Promise Technology, Inc.; Promise FastTrak Series Driver>
R2 npkcrypt - c:\program files\localms\npkcrypt.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-05-10 19:13:33 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-05-03 01:13:41 272 --a------ C:\WINDOWS\Tasks\easy Internet sign-up.job
-- Files created between 2008-04-11 and 2008-05-11 -----------------------------
2008-05-11 05:40:39 106496 --a------ C:\WINDOWS\system32\iphdmifx.dll
2008-05-11 05:37:39 2048 --a------ C:\WINDOWS\system32\nnylirgf.exe
2008-05-11 05:34:39 95232 --a------ C:\WINDOWS\system32\aclnroip.dll
2008-05-11 05:31:39 104960 --a------ C:\WINDOWS\system32\elgwrsxb.dll
2008-05-10 19:13:24 0 d-------- C:\Program Files\Apple Software Update
2008-05-10 05:34:41 104960 --a------ C:\WINDOWS\system32\snqgeqpq.dll
2008-05-10 05:34:39 2048 --a------ C:\WINDOWS\system32\rpgtaxbq.exe
2008-05-10 05:31:40 103936 --a------ C:\WINDOWS\system32\vtrgnrbw.dll
2008-05-10 00:40:05 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2008-05-10 00:39:59 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-05-09 05:38:04 2048 --a------ C:\WINDOWS\system32\cotsifpa.exe
2008-05-09 05:29:05 104960 --a------ C:\WINDOWS\system32\yyxxuvue.dll
2008-05-08 19:56:05 0 d-------- C:\Program Files\Trend Micro
2008-05-08 19:51:55 0 d-------- C:\HJT
2008-05-08 17:52:02 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-08 17:51:50 0 d-------- C:\Documents and Settings\Owner\Application Data\Mozilla
2008-05-08 16:15:19 45056 --a------ C:\WINDOWS\system32\pmnnnOhf.dll
2008-05-08 16:07:35 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-08 16:06:56 0 d-------- C:\Program Files\Spyware Doctor
2008-05-08 16:06:56 0 d-------- C:\Documents and Settings\Owner\Application Data\PC Tools
2008-05-08 16:06:41 45056 --a------ C:\WINDOWS\system32\ljJBsQjI.dll
2008-05-08 05:34:54 2048 --a------ C:\WINDOWS\system32\nyfjpcjp.exe
2008-05-08 05:31:54 106496 --a------ C:\WINDOWS\system32\uvtxevvv.dll
2008-05-08 05:28:54 106496 --a------ C:\WINDOWS\system32\casytjbf.dll
2008-05-07 17:25:43 1039915 --ahs---- C:\WINDOWS\system32\lkSCIkkj.ini2
2008-05-07 17:22:54 43008 --a------ C:\WINDOWS\system32\wvUOeFXq.dll
2008-05-07 17:21:14 43008 --a------ C:\WINDOWS\system32\vtUnkkIB.dll
2008-05-07 17:20:53 0 d-------- C:\Program Files\Total Video Converter
2008-05-07 17:20:43 43008 --a------ C:\WINDOWS\system32\ddcBSIbB.dll
2008-05-07 16:14:26 239610956 --a------ C:\Documents
2008-05-06 16:29:33 0 d-------- C:\Documents and Settings\Owner\Application Data\Apple Computer
2008-05-06 16:28:46 0 d-------- C:\Program Files\iPod
2008-05-06 16:28:10 0 d-------- C:\Program Files\iTunes
2008-05-06 16:27:49 0 d-------- C:\Program Files\Bonjour
2008-05-06 16:26:50 0 d-------- C:\Program Files\QuickTime
2008-05-06 16:26:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-06 16:26:12 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-05-06 16:25:51 0 d-------- C:\Program Files\Common Files\Apple
2008-05-06 16:25:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-05-04 11:34:20 0 d-------- C:\Documents and Settings\Owner\Application Data\Media Player Classic
2008-05-04 11:22:20 0 d-------- C:\Program Files\MSXML 6.0
2008-05-04 11:09:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-05-04 11:08:43 0 d-------- C:\Documents and Settings\Owner\Application Data\Azureus
2008-05-04 02:07:37 0 d-------- C:\Program Files\Microsoft SQL Server
2008-05-04 02:01:47 0 d-------- C:\Program Files\Microsoft Visual Studio 9.0
2008-05-04 02:01:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-05-04 01:56:02 0 d-------- C:\Program Files\MSBuild
2008-05-04 01:55:55 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-05-04 01:55:47 0 d-------- C:\Program Files\Reference Assemblies
2008-05-04 01:46:51 0 d-------- C:\wamp
2008-05-04 01:45:12 1073152 --a------ C:\WINDOWS\system32\libmysql_c.dll
2008-05-04 01:45:09 0 d-------- C:\Program Files\PremiumSoft
2008-05-04 01:39:18 0 d-------- C:\temp
2008-05-04 01:12:09 0 d-------- C:\Program Files\LocalMS
2008-05-04 00:34:01 0 d-------- C:\Documents and Settings\Owner\Application Data\Nexon
2008-05-04 00:30:40 0 d-------- C:\Documents and Settings\Owner\Application Data\WinRAR
2008-05-04 00:19:19 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-05-04 00:17:00 0 d-------- C:\WINDOWS\Prefetch
2008-05-03 17:19:49 0 d-------- C:\Documents and Settings\LocalService\Desktop
2008-05-03 15:41:47 0 d-------- C:\WINDOWS\peernet
2008-05-03 15:41:43 0 d-------- C:\WINDOWS\provisioning
2008-05-03 15:35:27 0 d-------- C:\WINDOWS\ServicePackFiles
2008-05-03 15:22:46 0 d-------- C:\WINDOWS\EHome
2008-05-03 15:07:55 164352 --a------ C:\WINDOWS\system32\unrar.dll
2008-05-03 15:07:50 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-05-03 15:07:50 144384 --a------ C:\WINDOWS\system32\Iacenc.dll <Not Verified; Intel Corporation; Indeo® audio software>
2008-05-03 15:07:50 39936 --a------ C:\WINDOWS\system32\huffyuv.dll <Not Verified; Disappearing Inc.; Huffyuv>
2008-05-03 15:07:49 2102272 --a------ C:\WINDOWS\system32\x264vfw.dll
2008-05-03 15:07:49 630784 --a------ C:\WINDOWS\system32\vp7vfw.dll <Not Verified; On2.com; On2_VP70>
2008-05-03 15:07:49 438272 --a------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6>
2008-05-03 15:07:46 159839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-05-03 15:07:46 755027 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-05-03 15:07:45 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-03 15:07:45 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-03 15:07:43 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-03 15:07:41 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-05-03 15:07:37 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-05-03 15:04:59 0 d-------- C:\Program Files\Azureus
2008-05-03 15:03:25 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2008-05-03 15:02:09 0 d-------- C:\Documents and Settings\Owner\Application Data\Google
2008-05-03 15:02:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-05-03 15:01:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-05-03 15:01:26 0 d-------- C:\Program Files\Google
2008-05-03 14:45:41 171280 --a------ C:\WINDOWS\system32\jit.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:41 46352 --a------ C:\WINDOWS\setdebug.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:40 139536 --a------ C:\WINDOWS\system32\javaee.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:40 6550 --a------ C:\WINDOWS\jautoexp.dat
2008-05-03 14:45:39 313856 --a------ C:\WINDOWS\system32\dx3j.dll <Not Verified; Microsoft Corporation; Microsoft® DirectX for Java>
2008-05-03 14:45:34 113 --a------ C:\WINDOWS\system32\zonedon.reg
2008-05-03 14:45:34 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2008-05-03 14:45:33 171792 --a------ C:\WINDOWS\system32\wjview.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:33 286992 --a------ C:\WINDOWS\system32\vmhelper.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:33 21264 --a------ C:\WINDOWS\system32\msjdbc10.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:32 947472 --a------ C:\WINDOWS\system32\msjava.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:32 154384 --a------ C:\WINDOWS\system32\msawt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:32 172304 --a------ C:\WINDOWS\system32\jview.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:32 15120 --a------ C:\WINDOWS\system32\jdbgmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:31 404752 --a------ C:\WINDOWS\system32\javart.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:30 63248 --a------ C:\WINDOWS\system32\javaprxy.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:30 187152 --a------ C:\WINDOWS\system32\javacypt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 14:45:29 49424 --a------ C:\WINDOWS\system32\clspack.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-03 10:07:19 0 d-------- C:\WINDOWS\system32\bits
2008-05-03 10:06:22 0 d-------- C:\WINDOWS\system32\PreInstall
2008-05-03 10:06:18 0 d--h----- C:\WINDOWS\$hf_mig$
2008-05-03 10:03:34 0 d-------- C:\Program Files\Symantec AntiVirus
2008-05-03 10:00:11 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-05-03 09:58:57 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-05-03 04:01:28 0 d--hs---- C:\System Volume Information
2008-05-03 01:14:10 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-05-03 01:13:08 245920 -r-hs---- C:\cmldr
2008-05-03 01:12:44 0 d-------- C:\Program Files\hp deskjet 3420 series
2008-05-03 01:12:42 0 dr-hs---- C:\cmdcons
2008-05-03 01:12:38 0 d-------- C:\WINDOWS\setup.pss
2008-05-03 01:12:24 0 d-------- C:\WINDOWS\setupupd
2008-05-03 01:08:25 262144 --a------ C:\Documents and Settings\All Users\NTUSER.DAT
2008-05-03 01:07:40 9856 --a------ C:\WINDOWS\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
2008-05-03 01:07:40 212480 --a------ C:\WINDOWS\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
2008-05-03 01:06:35 24576 --a------ C:\WINDOWS\system32\xpsp1hfm.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-03 01:05:20 0 d-------- C:\Documents and Settings\Default User\WINDOWS
2008-05-03 01:05:20 0 d-------- C:\Documents and Settings\Default User\Application Data\Symantec
2008-05-03 01:05:20 0 d-------- C:\Documents and Settings\Default User\Application Data\Sonic
2008-05-03 01:05:20 0 d-------- C:\Documents and Settings\Default User\Application Data\Share-to-Web Upload Folder
2008-05-03 01:05:20 0 d-------- C:\Documents and Settings\Default User\Application Data\SampleView
2008-05-03 01:05:20 0 d-------- C:\Documents and Settings\Default User\Application Data\Real
2008-05-03 01:05:20 0 d-------- C:\Documents and Settings\Default User\Application Data\InterTrust
2008-05-03 01:05:20 0 d-------- C:\Documents and Settings\Default User\Application Data\interMute
2008-05-03 01:05:20 0 d-------- C:\Documents and Settings\Default User\Application Data\Adobe
2008-05-02 22:01:46 245 --a------ C:\WINDOWS\system\hpsysdrv.dat
2008-05-02 21:58:58 0 d-------- C:\I386
2008-05-02 21:47:38 0 dr------- C:\Program Files
2008-05-02 21:47:38 0 dr------- C:\Documents and Settings\Owner\Start Menu
2008-05-02 21:47:38 0 dr-h----- C:\Documents and Settings\Owner\SendTo
2008-05-02 21:47:38 0 dr------- C:\Documents and Settings\Owner\My Documents
2008-05-02 21:47:38 0 dr------- C:\Documents and Settings\Owner\Favorites
2008-05-02 21:47:37 0 dr-h----- C:\Documents and Settings\Owner\Application Data
2008-05-02 21:47:37 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-05-02 21:47:37 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-05-02 21:47:37 0 d--h----- C:\Documents and Settings\Default User\Local Settings
2008-05-02 21:47:37 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-05-02 21:47:36 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-05-02 21:47:36 0 dr------- C:\Documents and Settings\All Users\Documents
2008-05-02 21:47:31 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-05-02 21:47:08 0 dr------- C:\WINDOWS\Offline Web Pages
2008-05-02 21:45:20 0 dr-hs--c- C:\WINDOWS\system32\dllcache
-- Find3M Report ---------------------------------------------------------------
2008-05-10 00:39:59 0 d-------- C:\Program Files\Common Files
2008-05-04 11:07:41 0 d-------- C:\Program Files\Messenger
2008-05-03 15:41:47 0 d-------- C:\Program Files\Movie Maker
2008-05-03 15:34:44 0 d-------- C:\Program Files\Windows NT
2008-05-03 15:03:25 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-05-03 14:55:16 0 d-------- C:\Program Files\Hewlett-Packard
2008-05-03 14:48:59 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-03 14:48:05 0 d-------- C:\Program Files\MUSICMATCH
2008-05-03 14:46:51 0 d-------- C:\Program Files\Online Services
2008-05-03 14:39:23 0 d-------- C:\Program Files\Quicken
2008-05-03 14:36:58 0 d-------- C:\Program Files\Common Files\Real
2008-05-03 14:32:45 0 d-------- C:\Documents and Settings\Owner\Application Data\interMute
2008-05-03 10:04:29 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-05-03 10:04:05 0 d-------- C:\Program Files\Symantec
2008-05-03 09:58:57 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-03 01:21:02 0 d-------- C:\Program Files\Common Files\Adobe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15c1c023-008f-4e8d-b322-8a58f5a266cc}]
05/11/2008 05:40 AM 106496 --a------ C:\WINDOWS\system32\iphdmifx.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{48A62760-1CBF-427E-9BBE-284ED3DA2755}]
C:\WINDOWS\system32\jkkICSkl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [05/07/1998 07:04 PM]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [03/11/2003 08:11 PM]
"KBD"="C:\HP\KBD\KBD.EXE" [02/11/2003 10:02 PM]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [09/14/2002 12:42 AM]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [03/03/2003 12:44 PM]
"nwiz"="nwiz.exe" [03/03/2003 12:44 PM C:\WINDOWS\system32\nwiz.exe]
"PS2"="C:\WINDOWS\system32\ps2.exe" [10/16/2002 06:57 PM]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe" [05/22/2002 01:28 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [06/09/2004 08:31 PM]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [07/07/2004 07:29 PM]
"AlcxMonitor"="ALCXMNTR.EXE" [09/07/2004 01:47 PM C:\WINDOWS\ALCXMNTR.EXE]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [02/01/2008 12:55 PM]
"BM1f008110"="C:\WINDOWS\system32\elgwrsxb.dll" [05/11/2008 05:31 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIEW"="nview.dll,nViewLoadHook" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [05/03/2008 03:01 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:56 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [5/3/2008 3:01:28 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
C:\Program Files\Softex\OmniPass\opxpgina.dll 02/21/2003 06:50 AM 40960 C:\Program Files\Softex\OmniPass\OPXPGina.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tuvVOHBS]
tuvVOHBS.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\jkkICSkl
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
-- End of Deckard's System Scanner: finished at 2008-05-11 14:37:03 ------------
from extra.txt:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 2.60GHz
CPU 1: Intel® Pentium® 4 CPU 2.60GHz
Percentage of Memory in Use: 71%
Physical Memory (total/avail): 511.36 MiB / 148.28 MiB
Pagefile Memory (total/avail): 1249.4 MiB / 716.41 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1921.93 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 107.61 GiB total, 93.75 GiB free.
D: is Fixed (FAT32) - 4.17 GiB total, 0.67 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is Removable (FAT32)
\\.\PHYSICALDRIVE0 - ST3120025A - 111.79 GiB - 2 partitions
\PARTITION0 - Unknown - 4.17 GiB - D:
\PARTITION1 (bootable) - Installable File System - 107.61 GiB - C:
\\.\PHYSICALDRIVE1 - USB Reader USB Device
\\.\PHYSICALDRIVE2 - USB Reader USB Device
\\.\PHYSICALDRIVE3 - USB Reader USB Device
\\.\PHYSICALDRIVE4 - USB Reader USB Device
\\.\PHYSICALDRIVE5 - Apple iPod USB Device - 3.77 GiB - 1 partition
\PARTITION0 - Unknown - 3.68 GiB - K:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AV: Symantec AntiVirus Corporate Edition v9.0.1.1000 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Updates from HP\\137903\\Program\\BackWeb-137903.exe"="C:\\Program Files\\Updates from HP\\137903\\Program\\BackWeb-137903.exe:*:Enabled:BackWeb-137903"
"C:\\wamp\\bin\\apache\\apache2.2.8\\bin\\httpd.exe"="C:\\wamp\\bin\\apache\\apache2.2.8\\bin\\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\\Documents and Settings\\Owner\\Desktop\\TitanMSRev003\\MapleStoryServer\\Debug\\MapleStoryServer.exe"="C:\\Documents and Settings\\Owner\\Desktop\\TitanMSRev003\\MapleStoryServer\\Debug\\MapleStoryServer.exe:*:Enabled:MapleStoryServer"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-O0KWKW9JWC
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\YOUR-O0KWKW9JWC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PCToolsDir=C:\Documents and Settings\All Users\Start Menu\Programs\Hewlett-Packard\HP Pavilion PC Tools
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=YOUR-O0KWKW9JWC
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Owner
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Azureus Vuze --> C:\Program Files\Azureus\uninstall.exe
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
hp deskjet 3420 series (Remove only) --> C:\Program Files\hp deskjet 3420 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=USB/DeskJet 3420/ -vproduct=3420 -huninstall
HP Deskjet printer preloaded drivers --> MsiExec.exe /X{48BD24F5-13DE-493A-A7CE-28A85113FF0C}
HP Instant Support --> C:\PROGRA~1\HPINST~1\UNWISE.EXE C:\PROGRA~1\HPINST~1\INSTALL.LOG
HP Photosmart printers preloaded drivers --> MsiExec.exe /X{9E88DAA4-1352-4272-BA3A-897668408400}
Intel® Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
IntelliMover Data Transfer Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14589F05-C658-4594-9429-D437BA688686}\Setup.exe" -l0x9
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
K-Lite Codec Pack 3.9.0 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
KBD --> C:\HP\KBD\KBD.EXE uninstalled
Lernout & Hauspie TruVoice American English TTS Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 2.0 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
OmniPass --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}\Setup.exe" -l0x9
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
S3Display --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Simple Installer - Multilanguage Version --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EEF397AC-DAEF-4C04-90A9-5B2BD31875DC}\setup.exe"
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
Symantec AntiVirus --> MsiExec.exe /I{848AC794-8B81-440A-81AE-6474337DB527}
toolkit --> c:\Windows\HPTK\unhptkit.exe
Weblink --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4FCC384C-18EA-4E25-9281-A06AE006D219}\setup.exe" -l0x9
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WordPerfect Productivity Pack --> c:\WINDOWS\Corel\Uninst32.exe
WordPerfect Productivity Pack --> C:\WINDOWS\Corel\uninst32.exe
XML Paper Specification Shared Components Pack 1.0 -->
-- Application Event Log -------------------------------------------------------
Event Record #/Type778 / Warning
Event Submitted/Written: 05/11/2008 02:25:57 PM
Event ID/Source: 1015 / EvntAgnt
Event Description:
TraceLevel parameter not located in registry;
Default trace level used is 32.
Event Record #/Type777 / Warning
Event Submitted/Written: 05/11/2008 02:25:57 PM
Event ID/Source: 1003 / EvntAgnt
Event Description:
TraceFileName parameter not located in registry;
Default trace file used is .
Event Record #/Type764 / Warning
Event Submitted/Written: 05/11/2008 01:53:08 PM
Event ID/Source: 1015 / EvntAgnt
Event Description:
TraceLevel parameter not located in registry;
Default trace level used is 32.
Event Record #/Type763 / Warning
Event Submitted/Written: 05/11/2008 01:53:08 PM
Event ID/Source: 1003 / EvntAgnt
Event Description:
TraceFileName parameter not located in registry;
Default trace file used is .
Event Record #/Type754 / Error
Event Submitted/Written: 05/10/2008 08:05:33 PM
Event ID/Source: 5 / Symantec AntiVirus
Event Description:
Threat Found!Threat: Downloader in File: C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\ESQYSMAX\4_swp[1].htm by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Delete succeeded : Access denied. Action Description: The file was deleted successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type4660 / Warning
Event Submitted/Written: 05/10/2008 03:58:10 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.
Event Record #/Type4478 / Error
Event Submitted/Written: 05/08/2008 04:18:49 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The PC Tools Auxiliary Service service terminated unexpectedly. It has done this 1 time(s).
Event Record #/Type4448 / Error
Event Submitted/Written: 05/08/2008 04:11:22 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
Event Record #/Type4419 / Warning
Event Submitted/Written: 05/08/2008 08:13:49 AM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.
Event Record #/Type4377 / Warning
Event Submitted/Written: 05/07/2008 04:31:28 PM
Event ID/Source: 51 / Disk
Event Description:
An error was detected on device \Device\Harddisk5\D during a paging operation.
-- End of Deckard's System Scanner: finished at 2008-05-11 14:37:03 ------------