Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
https://www.boards.ie/group/1878-subscribers-forum
Private Group for paid up members of Boards.ie. Join the club.
Private Group for paid up members of Boards.ie. Join the club.
Hi all, please see this major site announcement: https://www.boards.ie/discussion/2058427594/boards-ie-2026
Hijack this scan?
-
06-04-2008 03:07AM#1
Comments
-
-
thanks i did the same as you told the other guy. Is there a trojan or keylogger of somesort. am i just being paranoid. lol
Deckard's System Scanner v20071014.68
Run by Owner on 2008-04-07 17:20:57
Computer is in Normal Mode.
-- System Restore
-- Last 5 Restore Point(s) --
43: 2008-04-07 15:58:54 UTC - RP345 - Deckard's System Scanner Restore Point
42: 2008-04-06 20:57:57 UTC - RP344 - XP Repair Pro Backup - 4/6/2008 21:57:48
41: 2008-04-06 09:12:27 UTC - RP343 - System Checkpoint
40: 2008-04-04 18:19:26 UTC - RP342 - Installed Windows XP KB941644.
39: 2008-04-04 13:15:21 UTC - RP341 - XP Repair Pro Backup - 4/4/2008 14:15:12
-- First Restore Point --
1: 2008-02-23 00:17:57 UTC - RP303 - Spybot-S&D Spyware removal
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Owner.exe)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:23:00 PM, on 04/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Owner\My Documents\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [XPRepairPro2007] C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Microgaming\Poker\nordicbetMPP\MPPoker.exe
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - https://www-307.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by133fd.bay133.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - (no file)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: PostgreSQL Database Server 8.2 (pgsql-8.2) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.2\bin\pg_ctl.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 6550 bytes
-- File Associations
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.10.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.10.0>
S3 BCM43XX (BCM 802.11b Network Adapter Driver) - c:\windows\system32\drivers\bcmwl5.sys (file missing)
S3 Profos - c:\program files\common files\bitdefender\bitdefender threat scanner\profos.sys (file missing)
S3 Trufos - c:\program files\common files\bitdefender\bitdefender threat scanner\trufos.sys (file missing)
S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 pgsql-8.2 (PostgreSQL Database Server 8.2) - "c:\program files\postgresql\8.2\bin\pg_ctl.exe" runservice -n "pgsql-8.2" -d "c:\program files\postgresql\8.2\data\" <Not Verified; PostgreSQL Global Development Group; PostgreSQL>
R2 SUService (System Update) - c:\program files\lenovo\system update\suservice.exe <Not Verified; Lenovo Group Limited; ThinkVantage System Update Service>
R2 TVT Scheduler - "c:\program files\common files\lenovo\scheduler\tvtsched.exe" <Not Verified; Lenovo Group Limited; tvtsched Module>
S2 LiveUpdate Notice Ex (LiveUpdate Notice Service Ex) -
S3 ACS (ACU Configuration Service) - c:\windows\system32\acs.exe
-- Device Manager: Disabled
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/1000 MT Mobile Connection
Device ID: PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0
Manufacturer: Intel
Name: Intel(R) PRO/1000 MT Mobile Connection
PNP Device ID: PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0
Service: E1000
-- Scheduled Tasks
2008-04-05 16:35:04 284 --a
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-03-07 and 2008-04-07
2008-04-07 17:19:10 0 d
C:\Program Files\Trend Micro
2008-04-06 17:06:01 0 d
C:\WINDOWS\$regcmp$
2008-04-04 18:26:07 0 d
C:\Program Files\File Shredder
2008-04-04 08:53:17 6709 --a
C:\1179410.dat
2008-04-04 08:17:45 7486 --a
C:\297090.dat
2008-04-04 07:04:10 6534 --a
C:\2394524.dat
2008-04-04 06:58:33 4523 --a
C:\297941.dat
2008-04-04 06:58:27 8534 --a
C:\1032785.dat
2008-04-04 06:23:58 8784 --a
C:\1170289.dat
2008-04-04 06:17:14 9155 --a
C:\2421023.dat
2008-04-03 23:45:17 0 d
C:\Program Files\Spyware Doctor
2008-04-03 23:45:17 0 d
C:\Documents and Settings\Owner\Application Data\PC Tools
2008-03-31 23:30:29 0 d
C:\Program Files\PartyGaming
2008-03-31 16:43:34 0 d
C:\158c498fa0373693f46cf7e7283b
2008-03-31 16:40:10 0 d
C:\506fbe9fca49c3c87c
2008-03-29 05:06:17 4212 ---h
C:\WINDOWS\system32\zllictbl.dat
2008-03-29 05:05:54 0 d
C:\WINDOWS\system32\ZoneLabs
2008-03-29 05:05:00 0 d
C:\WINDOWS\Internet Logs
2008-03-20 15:11:39 0 d
C:\Microgaming
2008-03-19 17:05:59 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-19 17:05:47 0 d
C:\Program Files\Windows Live
2008-03-19 17:05:30 0 d
C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-15 17:51:06 0 d
C:\Program Files\iPod
2008-03-15 17:50:52 0 d
C:\Program Files\iTunes
-- Find3M Report
2008-04-07 05:03:37 0 d
C:\Documents and Settings\Owner\Application Data\Microgaming
2008-04-07 04:11:57 0 d
C:\Program Files\Full Tilt Poker
2008-04-07 01:17:02 0 d
C:\Program Files\Poker Tracker V2
2008-04-07 00:54:50 0 d
C:\Program Files\PokerStars
2008-04-06 17:07:54 0 d
C:\Program Files\Registry Clean Expert
2008-04-05 16:17:04 0 d
C:\Program Files\MansionPoker
2008-03-29 03:54:16 0 d
C:\Program Files\Windows Desktop Search
2008-03-29 03:54:11 0 d
C:\Program Files\Common Files\Lenovo
2008-03-28 05:12:06 664 --a
C:\WINDOWS\system32\d3d9caps.dat
2008-03-19 17:07:37 0 d
C:\Program Files\MSN Messenger
2008-03-19 17:05:59 0 d
C:\Program Files\Common Files
2008-03-17 08:36:31 0 d
C:\Documents and Settings\Owner\Application Data\Real
2008-03-13 22:36:50 0 d
C:\Program Files\boylesportspokercomMPP
2008-03-12 20:55:37 0 d
C:\Documents and Settings\Owner\Application Data\SopCast
2008-02-25 02:31:11 2560 --a
C:\WINDOWS\system32\bitcometres.dll <Not Verified; BitComet; BitComet BCTP Helper>
2008-02-25 02:29:55 0 d
C:\Program Files\BitComet
2008-02-24 05:14:19 0 d
C:\Program Files\SopCast
2008-02-21 18:04:36 0 d
C:\Documents and Settings\Owner\Application Data\Move Networks
2008-02-21 17:30:46 4225 --a----c- C:\WINDOWS\mozver.dat
2008-02-14 15:11:27 0 d
C:\Program Files\Common Files\Adobe
2008-02-09 21:13:40 0 d
C:\Program Files\UltimateBet
2008-02-09 17:54:58 0 d
C:\Program Files\QuickTime
-- Registry Dump
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [12/10/2007 02:53 PM]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [03/09/2007 07:50 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 12:34 PM]
"XPRepairPro2007"="C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe" [07/04/2007 04:51 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/28/2006 01:00 PM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [02/05/2007 03:39 PM 294400]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean Expert Scheduler]
"C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XPRepairPro2007]
C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
"XPRepairPro2007"=C:\Program Files\XP Repair Pro 2007\XPRepairPro.exe /r
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14d4e6c1-ecbe-11db-9d1a-806d6172696f}]
AutoRun\command-
\autorun.exe
-- Hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
7964 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-04-07 17:24:19
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
-- System Information
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) M processor 1600MHz
Percentage of Memory in Use: 60%
Physical Memory (total/avail): 1022.92 MiB / 404.89 MiB
Pagefile Memory (total/avail): 2460.82 MiB / 1846.78 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1905.48 MiB
C: is Fixed (NTFS) - 37.26 GiB total, 20.68 GiB free. is CDROM (UDF)
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - FUJITSU MHT2040AH - 37.26 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.26 GiB - C:
-- Security Center
AUOptions is set to notify before install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: ZoneAlarm Pro Firewall v7.0.470.000 (Check Point, LTD.)
AV: Kaspersky Anti-Virus v6.0.2.621 ()
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\DTD Poker\\UA.exe"="C:\\Program Files\\DTD Poker\\UA.exe:*:Enabled:UA Application"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"="C:\\Program Files\\TVUPlayer\\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\\Program Files\\TVAnts\\Tvants.exe"="C:\\Program Files\\TVAnts\\Tvants.exe:*:Enabled:TVAnts"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"="C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\\Program Files\\SunPoker.com\\UA.exe"="C:\\Program Files\\SunPoker.com\\UA.exe:*:Enabled:UA Application"
"C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\Documents and Settings\\Owner\\Application Data\\SopCast\\adv\\SopAdver.exe"="C:\\Documents and Settings\\Owner\\Application Data\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Documents and Settings\\Owner\\Local Settings\\Temp\\CRY800.tmp\\install.exe"="C:\\Documents and Settings\\Owner\\Local Settings\\Temp\\CRY800.tmp\\install.exe:*:Enabled:setup wizard"
"C:\\Program Files\\Java\\jre1.5.0_03\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_03\\bin\\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\William Hill Poker\\UA.exe"="C:\\Program Files\\William Hill Poker\\UA.exe:*:Enabled:UA Application"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\PPMate\\ppmnet.exe"="C:\\Program Files\\PPMate\\ppmnet.exe:*:Disabled:PPMate"
"C:\\Program Files\\PPMate\\ppmate.exe"="C:\\Program Files\\PPMate\\ppmate.exe:*:Disabled:PPMate"
"C:\\Program Files\\PPMate\\ppamnet.exe"="C:\\Program Files\\PPMate\\ppamnet.exe:*:Disabled:PPMate"
"C:\\Program Files\\VIPER TV PLAYER (v5)\\VIPER TV PLAYER (v 7.1.1).exe"="C:\\Program Files\\VIPER TV PLAYER (v5)\\VIPER TV PLAYER (v 7.1.1).exe:*:Disabled:VIPER TV PLAYER (v 7.1.1)"
"C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"="C:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe:*:Disabled:TrueVector Service"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Disabled:Windows Live Call"
-- Environment Variables
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=OWNER-AAFC29AA4
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\OWNER-AAFC29AA4
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Intel\DMIX;C:\Program Files\Common Files\Lenovo;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 9 Stepping 5, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0905
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
tvdumpflags=8
TVT=C:\Program Files\Lenovo
USERDOMAIN=OWNER-AAFC29AA4
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS
-- User Profiles
Owner (admin)
postgres
-- Add/Remove Programs
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
--> MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Betfair Poker --> MsiExec.exe /X{D4A6F05B-D32D-4EA3-B288-05894E803225}
BitComet 0.99 --> C:\Program Files\BitComet\uninst.exe
BlueSquare Poker --> "C:\Poker\BlueSquare Poker\_SetupPoker.exe" /uninstall
Boyle Poker --> C:\PROGRA~1\BOYLES~1\BOYLES~1\UNWISE.EXE C:\PROGRA~1\BOYLES~1\BOYLES~1\INSTALL.LOG
Boylepoker Poker --> C:\MICROG~1\Poker\BOYLES~1\BOYLES~1\UNWISE.EXE C:\MICROG~1\Poker\BOYLES~1\BOYLES~1\INSTALL.LOG
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DriverAgent Plugin for Netscape by TouchStone Software --> RunDll32.exe advpack.dll, LaunchINFSection driveragent_np.inf,TVICHW32Remove
File Shredder 2.0 --> "C:\Program Files\File Shredder\unins000.exe"
Football Manager 2008 --> "C:\Program Files\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall Football Manager 2008.exe"
Full Tilt Poker --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -l0x9 -removeonly
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IBM ThinkPad UltraNav Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Intel(R) PRO Network Connections 12.0.36.0 --> MsiExec.exe /i{EEE90C2D-8ACE-4007-9CF6-B07D0516F6B9} ARPREMOVE=1
iTunes --> MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kaspersky Anti-Virus 6.0 --> MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920}
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
MANSION Poker (remove only) --> "C:\Program Files\MansionPoker\uninstall.exe"
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Owner\Application Data\Move Networks\ie_bin\Uninst.exe
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
NordicBet Poker --> C:\MICROG~1\Poker\NORDIC~1\NORDIC~1\UNWISE.EXE C:\MICROG~1\Poker\NORDIC~1\NORDIC~1\INSTALL.LOG
ParadisePoker - Sportingodds --> C:\PROGRA~1\PARADI~1\UNWISE.EXE C:\PROGRA~1\PARADI~1\INSTALL.LOG
PartyPoker --> "C:\Program Files\PartyGaming\PartyPoker\Uninstall.exe" "C:\Program Files\PartyGaming\PartyPoker\install.log"
Poker Tracker Version 2.16.02b --> "C:\Program Files\Poker Tracker V2\unins000.exe"
PokerAce Hud (remove only) --> "C:\Program Files\PokerAce Hud\uninstall.exe"
PokerStars --> "C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
PostgreSQL 8.2 --> MsiExec.exe /I{1F701DBD-1660-4108-B10A-FB435EA63BF0}
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
REALTEK GbE & FE Ethernet PCI NIC Driver --> C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x0009 -removeonly
Registry Clean Expert --> "C:\Program Files\Registry Clean Expert\unins000.exe"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Security Update for Publisher 2007 (KB936646) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A32E4BAF-6477-45FA-B8AB-E743FA8D63FF}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
SopCast 1.1.2 --> C:\Program Files\SopCast\uninst.exe
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
SQLiteManager 2.6.2 --> "C:\Program Files\SQLabs\SQLiteManager2\unins000.exe"
System Update --> MsiExec.exe /X{8675339C-128C-44DD-83BF-0A5D6ABD8297}
ThinkPad Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}\SETUP.EXE" -l0x9 UNINSTALLFROMSYS
TVAnts 1.0 --> C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
TVUPlayer 2.3.5.4 --> C:\Program Files\TVUPlayer\uninst.exe
UltimateBet --> C:\PROGRA~1\ULTIMA~1\UNWISE.EXE C:\PROGRA~1\ULTIMA~1\INSTALL.LOG
Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB934393) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
Update for Outlook 2007 Junk Email Filter (kb947945) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E397056B-7AE5-4FF1-8B13-276BF8201847}
Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6b --> C:\Program Files\VideoLAN\VLC\uninstall.exe
William Hill Poker --> C:\WINDOWS\system32\UnPoker.exe WilliamHillPokerXP
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Desktop Search 3.01 --> "C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe"
Windows Doctor 1.5 --> "C:\Program Files\Windows Doctor\1.5\unins000.exe"
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
XP Repair Pro 2007 --> MsiExec.exe /X{7D5EDF94-4A58-4C53-A07A-1E4B535307D5}
ZoneAlarm Pro --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
-- Application Event Log
Event Record #/Type11458 / Warning
Event Submitted/Written: 04/07/2008 04:57:39 PM
Event ID/Source: 4660 / Kaspersky Anti-Virus
Event Description:
Running process C:\WINDOWS\system32\searchindexer.exe: detected modification of riskware 'Invader'.
Event Record #/Type11457 / Warning
Event Submitted/Written: 04/07/2008 04:55:08 PM
Event ID/Source: 4660 / Kaspersky Anti-Virus
Event Description:
Running process C:\WINDOWS\system32\svchost.exe: detected modification of riskware 'Invader'.
Event Record #/Type11453 / Warning
Event Submitted/Written: 04/07/2008 04:37:01 PM
Event ID/Source: 4660 / Kaspersky Anti-Virus
Event Description:
Running process C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe: detected modification of riskware 'Invader'.
Event Record #/Type11452 / Warning
Event Submitted/Written: 04/07/2008 04:36:55 PM
Event ID/Source: 4660 / Kaspersky Anti-Virus
Event Description:
Running process C:\WINDOWS\system32\services.exe: detected modification of riskware 'Invader'.
Event Record #/Type11451 / Warning
Event Submitted/Written: 04/07/2008 04:16:48 PM
Event ID/Source: 4660 / Kaspersky Anti-Virus
Event Description:
Running process C:\WINDOWS\system32\svchost.exe: detected modification of riskware 'Invader'.
-- Security Event Log
No Errors/Warnings found.
-- System Event Log
Event Record #/Type15146 / Error
Event Submitted/Written: 04/07/2008 04:55:39 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.
Event Record #/Type15142 / Warning
Event Submitted/Written: 04/07/2008 04:33:51 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type15141 / Error
Event Submitted/Written: 04/07/2008 04:17:19 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.
Event Record #/Type15140 / Error
Event Submitted/Written: 04/07/2008 04:05:00 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.
Event Record #/Type15139 / Error
Event Submitted/Written: 04/07/2008 04:04:27 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.
-- End of Deckard's System Scanner: finished at 2008-04-07 17:24:19
0 -
Advertisement