DECKARD'S Scan logs
Deckard's System Scanner v20071014.68
Run by STONEDGOAT on 2008-08-08 06:51:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
-- Last 5 Restore Point(s) --
40: 2008-08-08 10:18:52 UTC - RP43 - Deckard's System Scanner Restore Point
39: 2008-08-01 09:06:31 UTC - RP42 - Windows Defender Checkpoint
38: 2008-07-31 11:16:21 UTC - RP41 - Software Distribution Service 3.0
37: 2008-07-31 08:49:03 UTC - RP40 - Installed Adobe Reader 9.
36: 2008-07-31 08:47:54 UTC - RP39 - Removed Adobe Reader 6.0.1
-- First Restore Point --
1: 2008-02-18 00:05:31 UTC - RP4 - Removed Intel(R) PROSet for Wireless
Performed disk cleanup.
-- HijackThis (run as STONEDGOAT.exe) ------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:51:33 AM, on 8/8/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\uWDF.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\STONEDGOAT\desktop\dss.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\STONED~1.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = POWERSLAVE
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\FreeRAM XP Pro1\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: Yahoo! Dominoes -
http://download2.games.yahoo.com/games/clients/y/dot9_x.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -
http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
http://plugin.driveragent.com/files/driveragent.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
--
End of file - 6385 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
S3 FreshIO - c:\program files\freshdevices\freshdiagnose\freshio.sys
S3 NSNDIS5 (NSNDIS5 NDIS Protocol Driver) - c:\windows\system32\nsndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); NetStumbler>
S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 RegSrvc (Intel(R) PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel(R) PROSet/Wireless Registry Service>
S2 SvcOnlineArmor (Online Armor) - "c:\program files\tall emu\online armor\oasrv.exe" <Not Verified; Tall Emu; Online Armor Security Suite>
S3 NMIndexingService -
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 440x 10/100 Integrated Controller
Device ID: PCI\VEN_14E4&DEV_4401&SUBSYS_81271028&REV_01\4&3A321F38&0&00F0
Manufacturer: Broadcom
Name: Broadcom 440x 10/100 Integrated Controller
PNP Device ID: PCI\VEN_14E4&DEV_4401&SUBSYS_81271028&REV_01\4&3A321F38&0&00F0
Service: bcm4sbxp
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\9B970A1374FC000
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\9B970A1374FC000
Service: NIC1394
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: WAN Miniport (IPX)
Device ID: ROOT\MS_NDISWANIPX\0000
Manufacturer: Microsoft
Name: WAN Miniport (IPX)
PNP Device ID: ROOT\MS_NDISWANIPX\0000
Service: NdisWan
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Packet Scheduler Miniport
Device ID: ROOT\MS_PSCHEDMP\0002
Manufacturer: Microsoft
Name: Packet Scheduler Miniport #3
PNP Device ID: ROOT\MS_PSCHEDMP\0002
Service: PSched
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Packet Scheduler Miniport
Device ID: ROOT\MS_PSCHEDMP\0003
Manufacturer: Microsoft
Name: Packet Scheduler Miniport #4
PNP Device ID: ROOT\MS_PSCHEDMP\0003
Service: PSched
-- Process Modules -------------------------------------------------------------
C:\WINDOWS\explorer.exe (pid 1900)
2008-03-04 14:40:12 212992 --a------ C:\WINDOWS\system32\NetProvCredMan.dll <Not Verified; Intel Corporation; NetProvCredMan Dynamic Link Library>
2006-09-07 12:19:01 8704 --a------ C:\Program Files\Unlocker\UnlockerCOM.dll
2000-11-22 09:00:00 24644 --a------ C:\Program Files\WinZip\WZSHLSTB.DLL <Not Verified; WinZip Computing, Inc.; WinZip>
-- Scheduled Tasks -------------------------------------------------------------
2008-08-01 18:09:14 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-04-01 13:41:58 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-07-08 and 2008-08-08 -----------------------------
2008-08-08 05:41:16 0 d-------- C:\WINDOWS\LastGood
2008-08-08 03:38:29 0 d-------- C:\Documents and Settings\STONEDGOAT\Application Data\Camfrog
2008-08-08 03:38:09 0 d-------- C:\Program Files\Camfrog
2008-08-08 03:03:01 0 d-------- C:\Program Files\Skype
2008-08-08 03:02:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-08-01 10:03:00 0 dr-h----- C:\Documents and Settings\STONEDGOAT\Recent
2008-07-31 12:39:13 0 d-------- C:\Program Files\Safer Networking
2008-07-31 09:41:26 0 d-------- C:\Documents and Settings\STONEDGOAT\Application Data\OnlineArmor
2008-07-31 09:41:26 0 d-------- C:\Documents and Settings\All Users\Application Data\OnlineArmor
2008-07-31 09:41:01 0 d-------- C:\Program Files\Tall Emu
2008-07-31 08:13:48 0 d-------- C:\Documents and Settings\STONEDGOAT\Application Data\Malwarebytes
2008-07-31 08:13:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-31 08:13:40 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-31 04:21:18 0 d-------- C:\Program Files\Trend Micro
2008-07-31 03:53:53 0 d-------- C:\Program Files\Common Files\Adobe AIR
2008-07-31 03:50:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-31 03:24:05 105168 --a------ C:\WINDOWS\NSUninst.exe
2008-07-31 03:24:03 0 d-------- C:\Program Files\AOD
2008-07-31 03:23:44 105168 --a------ C:\WINDOWS\GREUninstall.exe
2008-07-31 03:23:34 0 d-------- C:\Program Files\Common Files\mozilla.org
2008-07-31 03:23:06 0 d-------- C:\Program Files\Netscape
2008-07-31 03:14:27 0 d-------- C:\Documents and Settings\All Users\Application Data\NOS
2008-07-31 03:14:26 0 d-------- C:\Program Files\NOS
2008-07-30 07:09:54 0 d-------- C:\Program Files\Virtual Earth 3D
2008-07-30 04:19:20 0 d-------- C:\Program Files\Network Stumbler
2008-07-29 13:32:10 0 d-------- C:\Program Files\MP3 Remix
2008-07-29 13:32:10 0 d-------- C:\Documents and Settings\All Users\Application Data\MP3 Remix
2008-07-29 12:52:58 0 d-------- C:\Documents and Settings\All Users\Application Data\DFX
2008-07-29 12:52:44 0 d-------- C:\Program Files\Common Files\DFX
2008-07-29 05:26:11 0 d-------- C:\Documents and Settings\STONEDGOAT\Application Data\gtk-2.0
2008-07-29 05:15:20 0 d-------- C:\Documents and Settings\STONEDGOAT\avidemux
2008-07-28 18:55:58 0 d-------- C:\Program Files\CinemaForge
2008-07-28 16:50:44 0 d-------- C:\WINDOWS\system32\Dell
2008-07-28 16:50:44 0 d-------- C:\Program Files\Dell
2008-07-28 16:39:03 0 d-------- C:\Program Files\Sun
2008-07-27 11:36:50 364544 -----n--- C:\WINDOWS\system32\TwnLib4.dll <Not Verified; Pegasus Imaging Corp.; TwnLib4>
2008-07-27 11:36:50 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2008-07-27 11:36:42 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2008-07-27 11:36:42 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2008-07-27 11:36:40 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2008-07-27 11:36:39 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Nero AG; Nero AG NeroCheck>
2008-07-27 11:36:23 0 d-------- C:\Program Files\Common Files\Ahead
2008-07-27 11:36:22 0 d-------- C:\Program Files\Ahead
2008-07-27 07:39:43 0 d-------- C:\Documents and Settings\STONEDGOAT\Application Data\Intel
2008-07-27 07:39:43 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Intel
2008-07-27 07:39:43 0 d-------- C:\Documents and Settings\LocalService\Application Data\Intel
2008-07-27 07:39:43 0 d-------- C:\Documents and Settings\Default User\Application Data\Intel
2008-07-27 07:39:42 0 d-------- C:\Documents and Settings\Administrator\Application Data\Intel
2008-07-27 07:38:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Intel
-- Find3M Report ---------------------------------------------------------------
2008-08-08 03:37:10 0 d-------- C:\Documents and Settings\STONEDGOAT\Application Data\AVG7
2008-08-08 02:52:25 0 d-------- C:\Program Files\a-squared Free
2008-07-31 13:10:40 0 d-------- C:\Documents and Settings\STONEDGOAT\Application Data\U3
2008-07-31 03:53:53 0 d-------- C:\Program Files\Common Files
2008-07-31 03:51:48 0 d-------- C:\Program Files\Common Files\Adobe
2008-07-31 03:24:44 0 d-------- C:\Documents and Settings\STONEDGOAT\Application Data\Mozilla
2008-07-31 03:24:05 11234 --a------ C:\WINDOWS\mozver.dat
2008-07-31 03:13:46 0 d-------- C:\Program Files\TrojanHunter 4.7
2008-07-29 13:32:39 0 d-------- C:\Program Files\DivX
2008-07-28 16:38:33 0 d-------- C:\Program Files\Java
2008-07-28 06:37:28 376832 --a------ C:\WINDOWS\system32\AegisI5Installer.exe <Not Verified; ; AegisInstall Application>
2008-07-27 13:51:47 0 d-------- C:\Documents and Settings\STONEDGOAT\Application Data\LimeWire
2008-07-27 07:37:39 0 d-------- C:\Program Files\Intel
2008-06-10 19:07:20 3596288 --a----c- C:\WINDOWS\system32\qt-dx331.dll
2008-06-10 19:03:26 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-06-10 19:03:26 81920 --a----c- C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-06-10 19:03:20 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-06-10 19:03:20 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-06-10 19:03:20 815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX®>
2008-06-10 19:03:20 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-06-10 19:03:18 683520 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-22 17:18:54 12288 --a----c- C:\WINDOWS\system32\DivXWMPExtType.dll
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
06/11/2008 10:33 PM 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" []
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 08:20 PM]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [03/04/2008 02:46 PM]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [03/04/2008 02:41 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [06/12/2008 02:38 AM]
"OnlineArmor GUI"="C:\Program Files\Tall Emu\Online Armor\oaui.exe" [04/17/2008 05:25 AM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FreeRAM XP"="C:\Program Files\FreeRAM XP Pro1\FreeRAM XP Pro.exe" [05/19/2007 02:03 PM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [07/07/2008 09:42 AM]
"Camfrog"="C:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" [09/29/2003 01:22 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [4/6/2008 3:16:43 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"DisableTaskMgr"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Microsoft Works Update Detection"=C:\Program Files\Microsoft Works\WkDetect.exe
"Messenger (Yahoo!)"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
"Startup Guru"="C:\Program Files\StartupGuru\startupguru.exe" /B
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
"NetscapeClient"=
"Microsoft Works Update Detection"=C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
"WorksFUD"=C:\Program Files\Microsoft Works\wkfud.exe
"Microsoft Works Portfolio"=C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
"BCMSMMSG"=BCMSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cee5ea3e-ffc8-11dc-96f6-000f1f288c5f}]
AutoRun\command- E:\LaunchU3.exe -a
-- Hosts -----------------------------------------------------------------------
127.0.0.1 {undo}.baidu.com
127.0.0.1 {undo}.hotlinkfiles.com
127.0.0.1 {undo}.meine-grußkarten.de
127.0.0.1 {undo}.pcsleek.com
127.0.0.1 {undo}.securitylab.ru
127.0.0.1 {undo}/baidu.com
127.0.0.1 {undo}/hotlinkfiles.com
127.0.0.1 {undo}/meine-grußkarten.de
127.0.0.1 {undo}/pcsleek.com
127.0.0.1 {undo}/securitylab.ru
14050 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-08-08 06:53:03 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 3.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of Memory in Use: 68%
Physical Memory (total/avail): 511.21 MiB / 159.24 MiB
Pagefile Memory (total/avail): 2014.55 MiB / 1613.78 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1930.26 MiB
C: is Fixed (NTFS) - 37.25 GiB total, 6.7 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - HTS548040M9AT00 - 37.26 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.25 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\STONEDGOAT\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=POWERSLAVE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\STONEDGOAT
LOGONSERVER=\\POWERSLAVE
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0304
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\STONED~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\STONED~1\LOCALS~1\Temp
USERDOMAIN=POWERSLAVE
USERNAME=STONEDGOAT
USERPROFILE=C:\Documents and Settings\STONEDGOAT
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
STONEDGOAT
(admin)
Administrator
(admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
a-squared Free 3.0 --> "C:\Program Files\a-squared Free\unins000.exe"
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Acrobat.com --> C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com --> MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR --> C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR --> MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class
ISPLAY -clean
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Rootkit Free --> C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
BCM V.92 56K Modem --> C:\WINDOWS\BCMSMU.exe quiet
Broadcom 440x 10/100 Integrated Controller --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{52504CE6-E909-4113-B232-4AFEC6543A61} /l1033
C-Major Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Camfrog Video Chat 5.1 --> "C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CDCheck --> "C:\Program Files\CDCheck\uninst.exe"
CDex extraction audio --> "C:\Program Files\CDex_150\uninstall.exe"
Counter-Strike --> "C:\Program Files\Steam\steam.exe" steam://uninstall/10
Day of Defeat --> "C:\Program Files\Steam\steam.exe" steam://uninstall/30
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
ERUNT 1.1j --> "C:\Program Files\ERUNT\unins000.exe"
EVEREST Home Edition v2.20 --> "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HOTLLAMA Media Player --> C:\PROGRA~1\HOTLLA~1\Player\UNWISE.EXE C:\PROGRA~1\HOTLLA~1\Player\INSTALL.LOG
Intel(R) PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver --> MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mHelp --> MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works 6.0 --> MsiExec.exe /I{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (2.0.0.16) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
MySpaceIM --> C:\Program Files\MySpace\IM\Uninstall.exe
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nero 6 Enterprise Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Netscape (7.2) --> C:\WINDOWS\NSUninst.exe /ua "7.2 (en)"
Network Stumbler 0.4.0 (remove only) --> "C:\Program Files\Network Stumbler\uninst.exe"
Online Armor 2.1 --> "C:\Program Files\Tall Emu\Online Armor\unins000.exe"
OpenOffice.org Installer 1.0 --> MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
PowerDVD 5.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
SigmaTel AC97 Audio Drivers --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7959721D-8268-4565-9E0E-C41A9F4848A9}\setup.exe" -l0x9 -nodialog -uninstall
SimCity 2000® Special Edition --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Maxis\SimCity 2000\DeIsL1.isu"
Skype™ 3.8 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
TagsRevisited --> "C:\Program Files\Safer Networking\TagsRevisited\unins000.exe"
U3Launcher --> MsiExec.exe /I{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}
Unlocker 1.8.5 --> C:\Program Files\Unlocker\uninst.exe
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Virtual Earth 3D (Beta) --> MsiExec.exe /I{39CE3C17-846D-4D9B-8B3E-C01A4B90FB73}
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
-- Application Event Log -------------------------------------------------------
Event Record #/Type2162 / Error
Event Submitted/Written: 08/08/2008 05:18:02 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application teatimer.exe, version 1.6.0.20, faulting module teatimer.exe, version 1.6.0.20, fault address 0x00001c61.
Processing media-specific event for [teatimer.exe!ws!]
Event Record #/Type2153 / Warning
Event Submitted/Written: 08/01/2008 10:03:08 AM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type2152 / Error
Event Submitted/Written: 08/01/2008 03:17:29 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application winamp.exe, version 5.5.3.1938, faulting module ntdll.dll, version 5.1.2600.5512, fault address 0x00010193.
Processing media-specific event for [winamp.exe!ws!]
Event Record #/Type2150 / Error
Event Submitted/Written: 07/31/2008 11:30:22 PM
Event ID/Source: 0 / a2service.exe
Event Description:
The service process could not connect to the service controller
Event Record #/Type2149 / Error
Event Submitted/Written: 07/31/2008 11:30:16 PM
Event ID/Source: 0 / a2service.exe
Event Description:
The service process could not connect to the service controller
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type3560 / Warning
Event Submitted/Written: 08/08/2008 06:51:55 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%POWERSLAVE27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %POWERSLAVE27 can't undo changes that you allow.
For more information please see the following:
%POWERSLAVE275
Scan ID: {C29776EB-DCE1-40BA-969E-F3BE59DB3157}
User: POWERSLAVE\STONEDGOAT
Name: %POWERSLAVE271
ID: %POWERSLAVE272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %POWERSLAVE276
Alert Type: %POWERSLAVE278
Detection Type: 1.1.1593.02
Event Record #/Type3559 / Warning
Event Submitted/Written: 08/08/2008 06:51:55 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%POWERSLAVE27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %POWERSLAVE27 can't undo changes that you allow.
For more information please see the following:
%POWERSLAVE275
Scan ID: {85783235-5EFD-4B82-85C8-A72854DBE666}
User: POWERSLAVE\STONEDGOAT
Name: %POWERSLAVE271
ID: %POWERSLAVE272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %POWERSLAVE276
Alert Type: %POWERSLAVE278
Detection Type: 1.1.1593.02
Event Record #/Type3558 / Warning
Event Submitted/Written: 08/08/2008 06:51:55 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%POWERSLAVE27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %POWERSLAVE27 can't undo changes that you allow.
For more information please see the following:
%POWERSLAVE275
Scan ID: {FEE162D9-2787-475F-A83A-1F261445FFD4}
User: POWERSLAVE\STONEDGOAT
Name: %POWERSLAVE271
ID: %POWERSLAVE272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %POWERSLAVE276
Alert Type: %POWERSLAVE278
Detection Type: 1.1.1593.02
Event Record #/Type3557 / Warning
Event Submitted/Written: 08/08/2008 06:51:52 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%POWERSLAVE27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %POWERSLAVE27 can't undo changes that you allow.
For more information please see the following:
%POWERSLAVE275
Scan ID: {279C8C07-A4EF-4A3B-8892-FC21A6676660}
User: POWERSLAVE\STONEDGOAT
Name: %POWERSLAVE271
ID: %POWERSLAVE272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %POWERSLAVE276
Alert Type: %POWERSLAVE278
Detection Type: 1.1.1593.02
Event Record #/Type3556 / Warning
Event Submitted/Written: 08/08/2008 06:51:52 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%POWERSLAVE27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %POWERSLAVE27 can't undo changes that you allow.
For more information please see the following:
%POWERSLAVE275
Scan ID: {5A3EDBE1-480F-4F9D-96EF-D4B1A89B988F}
User: POWERSLAVE\STONEDGOAT
Name: %POWERSLAVE271
ID: %POWERSLAVE272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %POWERSLAVE276
Alert Type: %POWERSLAVE278
Detection Type: 1.1.1593.02
-- End of Deckard's System Scanner: finished at 2008-08-08 06:53:03 ------------
