|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
Bobboau
Cadet
Joined: Jun 28, 2008
Posts: 2
Location: USA
|
 Posted: Sat Jun 28, 2008 6:28 pm Post subject: mallware beyond my power, requesting backup |
|
|
ok, I have been out of the loop for a year or two due to me not getting infected with anything since forever. but recently a friend of mine got something really nasty that wiped out his restore points and started throughing popups at him like mad. I managed to kill off a few of the nasties, but there are at least a few that are still causing me problems. namely there is at least one popup generator attached to IE, and I suspect a root kit I can't do anything about and a trojan or two. he has counterspy installed but due to either malicious interference or simply the crappiness of this PC it locks up when ever I have it run a scan (except in safe mode, but after the scan when I go to view results none of the stuff it found is there)
I hope this is the correct forum for posting this request if not please move (my apologies to the moderator).
| Quote: | Deckard's System Scanner v20071014.68
Run by Owner on 2008-06-28 12:43:10
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
17: 2008-06-28 17:45:34 UTC - RP34 - Deckard's System Scanner Restore Point
16: 2008-06-28 07:01:59 UTC - RP33 - Software Distribution Service 3.0
15: 2008-06-28 04:58:06 UTC - RP32 - Software Distribution Service 3.0
14: 2008-06-04 04:53:20 UTC - RP31 - System Checkpoint
13: 2008-06-02 04:30:56 UTC - RP30 - CounterSpy - 6/1/2008 11:30:24 PM
-- First Restore Point --
1: 2008-05-24 17:04:47 UTC - RP18 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 255 MiB (512 MiB recommended).
-- HijackThis (run as Owner.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:48:07 PM, on 6/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINNT\system32\ctfmon.exe
C:\WINNT\System32\nvsvc32.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\Program Files\Motorola Wireless\WU830G USB Adapter\OdHost.exe
C:\Program Files\Motorola Wireless\WU830G USB Adapter\WLUSBCfg.exe
C:\WINNT\system32\wscntfy.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\DOCUME~1\Owner\Desktop\Owner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.charter.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - Global Startup: Motorola Wireless USB Adapter.lnk = ?
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab?AuthParam=1209436136_804474e1c850080fde4d548c896a7f01&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
--
End of file - 3401 bytes
-- HijackThis Fixed Entries (C:\DOCUME~1\Owner\Desktop\backups\) ---------------
backup-20080627-202725-303 O2 - BHO: mysidesearch browser optimizer - {bd1e4d74-cf04-febf-3da7-397bcf8fbec3} - C:\WINNT\system32\{46c64063-2b28-eabf-e6dc-451a7e1b88cb}.dll
backup-20080627-202725-524 O2 - BHO: (no name) - {4A25B8B9-B518-4E50-90B8-E50ED6670936} - C:\WINNT\system32\wvUmmJAQ.dll (file missing)
backup-20080627-202725-669 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
backup-20080627-202726-367 O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
backup-20080627-202726-553 O2 - BHO: (no name) - {D2376FB3-3D0D-414D-83AA-3AD6AD6B111F} - C:\WINNT\system32\awtsQGxy.dll (file missing)
backup-20080627-202800-794 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
backup-20080627-203026-128 O4 - HKLM\..\Run: [{66-62-29-9A-DW}] C:\WINNT\system32\jswnw64k.exe DWram
backup-20080627-203026-322 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
backup-20080627-203026-328 O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINNT\system32\mcntnkdm.exe DWram
backup-20080627-203026-398 O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
backup-20080627-203026-813 O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\aro.exe -rem
backup-20080627-203150-427 O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
backup-20080627-204120-166 O4 - HKLM\..\Run: [SBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
backup-20080627-204120-199 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
backup-20080627-204120-376 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
backup-20080627-204120-387 O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
backup-20080627-204120-562 O4 - HKLM\..\RunOnce: [OOBEDDDemise] cmd /x /c erase C:\WINNT\System32\oobe\msoobe.exe
backup-20080627-204120-938 R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw==
backup-20080627-204121-151 O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
backup-20080627-204121-172 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
backup-20080627-204121-230 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20080627-204121-691 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
backup-20080627-204121-805 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20080627-204121-970 O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
backup-20080627-204122-130 O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
backup-20080627-204122-194 O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
backup-20080627-204122-270 O20 - Winlogon Notify: awtsQGxy - awtsQGxy.dll (file missing)
backup-20080627-204122-434 O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
backup-20080627-204122-465 O23 - Service: PictureTaker - Unknown owner - c:\fixit\pt\PCTKRNT.SYS (file missing)
backup-20080627-204759-951 O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
backup-20080627-204930-832 O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
backup-20080627-204930-990 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
backup-20080627-204947-612 O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
backup-20080628-011644-596 O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
backup-20080628-011644-761 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
backup-20080628-011645-311 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
backup-20080628-011645-677 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 slipp - c:\winnt\system32\drivers\slipp.sys
R2 MASPINT - c:\winnt\system32\drivers\maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT>
R2 RioPNP - c:\winnt\system32\drivers\riopnp.sys <Not Verified; RioPort.com; >
R3 CBTNDIS5 (CBTNDIS5 NDIS Protocol Driver) - c:\winnt\system32\cbtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 PCDRDRV (Pcdr Helper Driver) - c:\atf\qctest\pcdoc\pcdrdrv.sys (file missing)
S3 PcdrNt - c:\winnt\system32\drivers\pcdrnt.sys <Not Verified; PC-Doctor Inc.; PC-Doctor NT 3.0>
S3 SBAPIFS - c:\winnt\system32\drivers\sbapifs.sys (file missing)
S3 wanatw (WAN Miniport (ATW)) - c:\winnt\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S4 PictureTaker - c:\fixit\pt\pctkrnt.sys (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-06-27 18:06:27 418 --ah----- C:\WINNT\Tasks\User_Feed_Synchronization-{99A54D75-34FD-4E11-91FE-09D093AD2723}.job
2002-12-23 15:35:33 412 --a------ C:\WINNT\Tasks\Symantec NetDetect.job
-- Files created between 2008-05-28 and 2008-06-28 -----------------------------
2008-06-28 01:43:47 0 d-------- C:\Program Files\Lavasoft
2008-06-28 01:43:46 0 d------c- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-28 01:42:31 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-27 21:45:12 0 --a------ C:\WINNT\system32\SBRC.dat
2008-06-27 20:09:53 0 d------c- C:\VundoFix Backups
2008-06-05 19:32:44 756 --a------ C:\WINNT\system32\wshiv6o.dat
2008-06-05 19:32:44 756 --a------ C:\WINNT\system32\WMADMDD.dat
2008-06-05 19:32:44 813 --a------ C:\WINNT\system32\authzpn.dat
2008-06-05 19:32:44 0 --a------ C:\WINNT\system32\ati3dvag.dat
2008-06-03 23:41:32 88961 --a------ C:\WINNT\system32\mysidesearch_sidebar_uninstall.exe
2008-06-03 18:24:54 3398 --a------ C:\WINNT\system32\usrvoich.dat
2008-06-03 18:24:54 0 --a------ C:\WINNT\system32\usrsdnia.dat
2008-06-03 18:24:54 281 --a------ C:\WINNT\system32\spoozss.dat
2008-06-03 18:24:54 6693 --a------ C:\WINNT\system32\qmgrprxw.dat
2008-06-03 18:24:54 7955 --a------ C:\WINNT\system32\msafn.dat
2008-06-02 04:28:16 10753087 --a------ C:\WINNT\system32\SBSP.dat
2008-06-02 04:27:59 153 --a------ C:\WINNT\system32\SBFC.dat
2008-06-02 04:25:53 200768 --a------ C:\WINNT\system32\tcnttkdm.exe
2008-06-02 04:25:50 401972 --a------ C:\WINNT\system32\g59.exe
2008-06-01 21:55:47 0 d-------- C:\Documents and Settings\Owner\Application Data\Sunbelt Software
2008-06-01 21:55:42 0 d------c- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
2008-06-01 21:54:47 0 d-------- C:\Program Files\Sunbelt Software
2008-06-01 21:40:19 0 d-------- C:\Documents and Settings\Owner\Application Data\Sammsoft
2008-06-01 21:40:02 0 d-------- C:\Program Files\Advanced Registry Optimizer
-- Find3M Report ---------------------------------------------------------------
2008-06-27 18:06:04 861 --a------ C:\WINNT\system32\winpfz33.sys
2008-06-27 18:03:01 354 ---hs---- C:\WINNT\system32\ecoctyaf.ini2
2008-06-01 23:32:38 0 d-------- C:\Program Files\Common Files
2008-06-01 20:04:59 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2008-05-20 22:23:43 0 d-------- C:\Program Files\Trend Micro
2008-05-20 22:05:07 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-05-20 21:55:44 0 d-------- C:\Program Files\Symantec
2008-05-19 23:01:54 1014927 --ahs---- C:\WINNT\system32\QAJmmUvw.ini2
2008-05-19 15:20:33 2624 --a------ C:\WINNT\system32\kvyfkyqk.exe
2008-05-18 13:35:12 2112 --a------ C:\WINNT\system32\eaujunvs.exe
2008-05-18 13:34:40 3648 --a------ C:\WINNT\system32\siycecll.dll
2008-05-17 07:21:07 2112 --a------ C:\WINNT\system32\vgvayuvi.exe
2008-05-17 07:12:33 3648 --a------ C:\WINNT\system32\etwrytlo.dll
2008-05-15 18:34:43 2112 --a------ C:\WINNT\system32\gjwwjmvu.exe
2008-05-15 18:26:26 3648 --a------ C:\WINNT\system32\cjaseoid.dll
2008-05-14 18:29:48 2112 --a------ C:\WINNT\system32\bvcnyldf.exe
2008-05-14 18:26:17 3648 --a------ C:\WINNT\system32\wowwlcft.dll
2008-05-13 18:16:20 2112 --a------ C:\WINNT\system32\ubpmofla.exe
2008-05-13 18:08:31 3648 --a------ C:\WINNT\system32\wccjasgv.dll
2008-05-12 06:01:35 2112 --a------ C:\WINNT\system32\lnwsjdxu.exe
2008-05-11 06:00:03 2112 --a------ C:\WINNT\system32\bdxapdve.exe
2008-05-09 20:32:18 2112 --a------ C:\WINNT\system32\ytxdwsda.exe
2008-05-08 20:32:30 2112 --a------ C:\WINNT\system32\syselxya.exe
2008-05-07 20:29:10 2112 --a------ C:\WINNT\system32\bilrxusg.exe
2008-05-06 19:12:33 2112 --a------ C:\WINNT\system32\jelxiqgo.exe
2008-04-28 22:18:36 89070 --a------ C:\WINNT\system32\myss_sb_uninstall.exe
2008-04-28 22:15:41 298311 --a------ C:\WINNT\system32\gside.exe
2008-04-28 21:32:49 0 d-------- C:\Program Files\Java
2008-04-26 10:10:43 0 --a------ C:\WINNT\system32\taskkill.exe
2008-04-26 10:09:35 399926 --a------ C:\WINNT\system32\g80.exe
2008-04-26 10:08:44 49160 --a------ C:\WINNT\system32\rwwnw64d.exe <Not Verified; ; Browser Driver>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/29/2007 06:24 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [12/01/2007 07:47 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"@"="" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07/27/2007 05:24 AM]
"ctfmon.exe"="C:\WINNT\system32\ctfmon.exe" [08/04/2004 02:56 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Motorola Wireless USB Adapter.lnk - C:\Program Files\Motorola Wireless\WU830G USB Adapter\Startup.EXE [6/6/2005 11:34:50 AM]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINNT\system32\wvUmmJAQ
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBCSSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe]
path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
backup=C:\WINNT\pss\PowerReg Scheduler V3.exeStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\PowerReg Scheduler.exe
backup=C:\WINNT\pss\PowerReg Scheduler.exeStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
"C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\Program Files\AIM\aim.exe -cnetwait.odl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GWMDMMSG]
GWMDMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Homeland Network]
"C:\Program Files\HomelandNetwork\HomelandNetwork.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1130100499\ee\AOLHostManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hot Key Kbd 9910 Daemon]
SK9910DM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Keyboard Preload Check]
C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:"Keyboard Preload Check"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaLoads Installer]
"C:\Program Files\DownloadWare\dw.exe" /H
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyStartUp10.0]
"C:\Program Files\Microsoft Money\System\Activation.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV Agent]
C:\PROGRA~1\NORTON~1\navapw32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~3.DLL,ClientStartup -s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2P Networking]
C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PromulGate]
"C:\Program Files\DelFin\PromulGate\PgMonitr.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaveNow]
C:\Program Files\SaveNow\SaveNow.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search-Exe]
"C:\Program Files\se\v11\se.EXE" /H
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
C:\Program Files\Microsoft Works\wkfud.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\LaunchU3.exe -a
*Newly Created Service* - SYMTDI
-- End of Deckard's System Scanner: finished at 2008-06-28 12:50:18 ------------
|
| Quote: | Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) 4 CPU 2.40GHz
Percentage of Memory in Use: 68%
Physical Memory (total/avail): 254.98 MiB / 81.41 MiB
Pagefile Memory (total/avail): 625.63 MiB / 297.92 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1931.66 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 37.27 GiB total, 9.72 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST340016A - 37.27 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.27 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINNT\\system32\\P2P Networking\\P2P Networking.exe"="C:\\WINNT\\system32\\P2P Networking\\P2P Networking.exe:*:Disabled:P2P Networking"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealOne Player"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINNT\\system32\\java.exe"="C:\\WINNT\\system32\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=BOOMER
ComSpec=C:\WINNT\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
KBUQUAGEZRGWQYE=KXWFSYG
LOGONSERVER=\\BOOMER
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\Program Files\PC-Doctor for Windows\services;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0204
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=BOOMER
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINNT
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Owner (admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\WINNT\IsUninst.exe -fC:\WINNT\orun32.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINNT\INF\PCHealth.inf
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 5.0 --> C:\WINNT\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 9 ActiveX --> C:\WINNT\System32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Advanced Registry Optimizer --> "C:\Program Files\Advanced Registry Optimizer\unins000.exe" /silent
Backyard Basketball --> C:\WINNT\IsUninst.exe -fC:\HEGames\Basketball\Uninst.isu -c"C:\HEGames\Basketball\Uninst.dll
Backyard Basketball 2004 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B2AB8AF6-AE06-438F-A3D5-C9FBFBDB0AC0}
Backyard Football 2004 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{211C4AB9-E3FD-44CE-A495-75B8F545886A}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Do More 5.0 --> MsiExec.exe /I{75C023EC-64A0-44F7-9D99-C6F6E21EB6F0}
Drive Manager --> "C:\Program Files\InstallShield Installation Information\{B90E85EB-B7C9-44F7-8CAA-935BC628F6ED}\setup.exe" -runfromtemp -l0x0409 -removeonly
Drive Manager --> MsiExec.exe /I{B90E85EB-B7C9-44F7-8CAA-935BC628F6ED}
FinePixViewer Ver.4.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
GTW V.92 Voicemodem --> C:\WINNT\GWMDMU.exe verbose
HelpSpot --> MsiExec.exe /I{F1FBF021-B965-42D3-BF63-D7A121B5490D}
HijackThis 2.0.2 --> "C:\Documents and Settings\Owner\Desktop\HijackThis.exe" /uninstall
Homeland Network --> "C:\Program Files\HomelandNetwork\HomelandNetwork.exe" /Uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINNT\$NtUninstallKB929399$\spuninst\spuninst.exe"
ImageMixer VCD2 for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934E9442-D305-4ACF-AD87-A6C11D677CB9}\setup.exe"
Intel(R) PRO Ethernet Adapter and Software --> Prounstl.exe
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Lernout & Hauspie TruVoice American English TTS Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINNT\INF\tv_enua.inf, Uninstall
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.7 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINNT\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Encarta Encyclopedia Standard 2002 --> MsiExec.exe /I{01001202-823E-46CD-A70E-BEE818F97169}
Microsoft Money 2002 --> MsiExec.exe /I{E7298FD5-1386-11D5-8D6C-0050DAD32D95}
Microsoft Money 2002 System Pack --> MsiExec.exe /I{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}
Microsoft Picture It! Photo 2002 --> MsiExec.exe /I{C769A271-7E1C-48F9-B331-474600DD4C06}
Microsoft Streets and Trips 2002 --> MsiExec.exe /I{12BDDF23-B1DB-49C8-92D3-3E6841CCED61}
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINNT\INF\msTTS.inf, Uninstall
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINNT\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002 --> MsiExec.exe /I{911B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works 2002 Setup Launcher --> C:\Program Files\Microsoft Works Suite 2002\Setup\Launcher.exe d:\
Microsoft Works 6.0 --> MsiExec.exe /I{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}
Microsoft Works Suite Add-in for Microsoft Word --> MsiExec.exe /I{C3A439E4-7303-491F-A678-CEA36A87D517}
MicroStaff WINASPI --> C:\MWASPI\uninst.exe
Motorola Wireless USB Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57BFC2F4-2A2E-4DC3-A0C0-E53A147631E2}\setup.exe" -l0x9
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MySidesearch Search Assistant Adzgalore --> C:\WINNT\system32\{46c64063-2b28-eabf-e6dc-451a7e1b88cb}.dll-uninst.exe
Need For Speed III --> C:\WINNT\UNINST.EXE -f"C:\Program Files\Electronic Arts\Need For Speed III\DeIsL2.isu" -c"C:\Program Files\Electronic Arts\Need For Speed III\eauninst.dll"
Network Play System (Patching) --> C:\WINNT\IsUninst.exe -f"C:\Program Files\Electronic Arts\Network Play System\NPSPatch.isu"
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINNT\System32\nvinstnt.dll,NvUninstallNT4 nvgw.inf
Odyssey Client --> MsiExec.exe /X{99D42EC7-652B-4819-B3E6-6450C815E03F}
PC-Doctor Consumer UI --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
PC-Doctor Diagnostics --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
PC-Doctor for Windows --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
PC-Doctor Services --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
PhoneTools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3436EE2-D5CB-4249-840B-3A0140CC34C3}\setup.exe" -l0x9 ControlPanel
PS/2 Millennium Keyboard --> skuninst.exe SK_PS2MillenniumKeyboard
Quicken 2002 New User Edition --> C:\WINNT\IsUninst.exe -f"C:\Program Files\QUICKENW\Uninst.isu" -c"C:\Program Files\QUICKENW\uninst.dll"
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RAW FILE CONVERTER LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D680C913-5955-469D-9D88-C1940F7506D6}\SETUP.EXE" -l0x9
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINNT\$NtUninstallKB923723$\spuninst\spuninst.exe"
Shockwave --> C:\WINNT\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\System32\Macromed\SHOCKW~1\Install.log
USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C8F7C1E5-0150-11D6-A96C-00D05908F85D}\Setup.exe" -l0x9
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Media Format 11 runtime --> "C:\WINNT\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type5911 / Error
Event Submitted/Written: 06/28/2008 00:46:35 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application counterspy.exe, version 2.5.0.1043, faulting module oleaut32.dll, version 5.1.2600.3266, fault address 0x000380d5.
Processing media-specific event for [counterspy.exe!ws!]
Event Record #/Type5898 / Error
Event Submitted/Written: 06/27/2008 06:17:16 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
Event Record #/Type5897 / Error
Event Submitted/Written: 06/27/2008 06:17:16 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
Event Record #/Type5894 / Error
Event Submitted/Written: 06/27/2008 05:51:49 PM
Event ID/Source: 8193 / VSS
Event Description:
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.
Event Record #/Type5893 / Error
Event Submitted/Written: 06/27/2008 05:51:49 PM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type39000 / Warning
Event Submitted/Written: 06/28/2008 08:22:51 AM
Event ID/Source: 4 / E100B
Event Description:
Adapter Intel(R) PRO/100 VE Network Connection: Adapter Link Down
Event Record #/Type38998 / Error
Event Submitted/Written: 06/28/2008 02:35:21 AM
Event ID/Source: 20106 / RemoteAccess
Event Description:
Unable to add the interface {E3C7CE58-AE47-4E78-BD58-AE7D02916A1D} with the Router Manager for the IP protocol. The
following error occurred: Cannot complete this function.
Event Record #/Type38967 / Error
Event Submitted/Written: 06/28/2008 01:59:19 AM
Event ID/Source: 20106 / RemoteAccess
Event Description:
Unable to add the interface {E3C7CE58-AE47-4E78-BD58-AE7D02916A1D} with the Router Manager for the IP protocol. The
following error occurred: Cannot complete this function.
Event Record #/Type38933 / Error
Event Submitted/Written: 06/28/2008 00:42:44 AM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The Sunbelt CounterSpy Antispyware service terminated unexpectedly. It has done this 4 time(s).
Event Record #/Type38929 / Error
Event Submitted/Written: 06/28/2008 00:42:22 AM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The Sunbelt CounterSpy Antispyware service terminated unexpectedly. It has done this 3 time(s).
-- End of Deckard's System Scanner: finished at 2008-06-28 12:50:18 ------------
|
[/quote]
|
|
| Back to top |
|
 |
tetak
MIRT Team Lead
Premium Member
Joined: Jan 19, 2007
Posts: 5869
|
| Posted: Sat Jun 28, 2008 6:52 pm Post subject: |
|
|
Hi Bobboau, welcome to CastleCops.
I've moved your post to the HijackThis Logs forum.
_________________
Got Windows XP? Help protect your PC from malware with Microsofts anti-spyware program Windows Defender.
Download it for free from http://www.microsoft.com/athome/security/spyware/software/default.mspx
|
|
| Back to top |
|
|
Bobboau
Cadet
Joined: Jun 28, 2008
Posts: 2
Location: USA
|
| Posted: Mon Jun 30, 2008 5:45 am Post subject: |
|
|
so, what are the chances at least part of my problem is in c:\winnt\system32\drivers\slipp.sys?
|
|
| Back to top |
|
|
Prince_Serendip
Site Moderator
Joined: Sep 07, 2002
Posts: 17542
|
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
