/--------------------------------------------------------------\
| Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
| http://www.trendmicro.com |
\--------------------------------------------------------------/
2005-07-18, 09:21:34, Auto-clean mode specified.
2005-07-18, 09:21:34, Running scanner "C:\Documents and Settings\Administrator\Desktop\Sysclean\TSC.BIN"...
2005-07-18, 09:21:55, Scanner "C:\Documents and Settings\Administrator\Desktop\Sysclean\TSC.BIN" has finished running.
2005-07-18, 09:21:55, TSC Log:
Damage Cleanup Engine (DCE) 3.9(Build 1020)
Windows 2000(Build 2195: Service Pack 4)
Start time : Mon Jul 18 2005 09:21:35
Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Administrator\Desktop\Sysclean\tsc.ptn" (version 627) [success]
Complete time : Mon Jul 18 2005 09:21:55
Execute pattern count(4102), Virus found count(0), Virus clean count(0), Clean failed count(0)
2005-07-18, 09:22:03, An error occurred while scanning file "C:\Documents and Settings\Administrator\NTUSER.DAT": Access is denied.
2005-07-18, 09:22:03, An error occurred while scanning file "C:\Documents and Settings\Administrator\ntuser.dat.LOG": Access is denied.
2005-07-18, 09:36:43, An error occurred while scanning file "C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat": Access is denied.
2005-07-18, 09:36:43, An error occurred while scanning file "C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG": Access is denied.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\NetHood\EVADISK on Evans pc\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc (10)\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc (11)\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc (2)\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc (3)\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc (4)\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc (5)\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc (6)\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc (7)\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc (8)\*.*": The system cannot find the path specified.
2005-07-18, 09:43:08, An error was detected on "C:\Documents and Settings\Administrator\Recent\EVADISK on Evans pc (9)\*.*": The system cannot find the path specified.
2005-07-18, 10:00:35, Could not set file for reading on "C:\RECYCLER\NPROTECT\NPROTECT.LOG": Access is denied.
2005-07-18, 10:00:36, An error was detected on "C:\System Volume Information\*.*": Access is denied.
2005-07-18, 10:05:49, An error occurred while scanning file "C:\WINNT\system32\config\default": Access is denied.
2005-07-18, 10:05:49, An error occurred while scanning file "C:\WINNT\system32\config\default.LOG": Access is denied.
2005-07-18, 10:05:49, An error occurred while scanning file "C:\WINNT\system32\config\SAM": Access is denied.
2005-07-18, 10:05:49, An error occurred while scanning file "C:\WINNT\system32\config\SAM.LOG": Access is denied.
2005-07-18, 10:05:49, An error occurred while scanning file "C:\WINNT\system32\config\SECURITY": Access is denied.
2005-07-18, 10:05:49, An error occurred while scanning file "C:\WINNT\system32\config\SECURITY.LOG": Access is denied.
2005-07-18, 10:05:49, An error occurred while scanning file "C:\WINNT\system32\config\software": Access is denied.
2005-07-18, 10:05:49, An error occurred while scanning file "C:\WINNT\system32\config\software.LOG": Access is denied.
2005-07-18, 10:05:49, An error occurred while scanning file "C:\WINNT\system32\config\system": Access is denied.
2005-07-18, 10:05:49, An error occurred while scanning file "C:\WINNT\system32\config\SYSTEM.ALT": Access is denied.
2005-07-18, 10:07:41, Running scanner "C:\Documents and Settings\Administrator\Desktop\Sysclean\VSCANTM.BIN"...
2005-07-18, 10:35:01, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/18/2005 10:07:42
VSAPI Engine Version : 7.510-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 731 (104621 Patterns) (2005/07/14) (273100)
Command Line: C:\Documents and Settings\Administrator\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Administrator\Desktop\Sysclean
36517 files have been read.
36517 files have been checked.
29057 files have been scanned.
56228 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/18/2005 10:35:01
---------*---------*---------*---------*---------*---------*---------*---------*
2005-07-18, 10:35:01, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/18/2005 10:07:42
VSAPI Engine Version : 7.510-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 731 (104621 Patterns) (2005/07/14) (273100)
Command Line: C:\Documents and Settings\Administrator\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Administrator\Desktop\Sysclean
36517 files have been read.
36517 files have been checked.
29057 files have been scanned.
56228 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/18/2005 10:35:01 27 minutes 14 seconds (1633.94 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-07-18, 10:35:01, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/18/2005 10:07:42
VSAPI Engine Version : 7.510-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 731 (104621 Patterns) (2005/07/14) (273100)
Command Line: C:\Documents and Settings\Administrator\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Administrator\Desktop\Sysclean
36517 files have been read.
36517 files have been checked.
29057 files have been scanned.
56228 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/18/2005 10:35:01 27 minutes 14 seconds (1633.94 seconds) has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-07-18, 10:35:01, Scanner "C:\Documents and Settings\Administrator\Desktop\Sysclean\VSCANTM.BIN" has finished running.
2005-07-18, 10:35:01, Could not set file for reading on "E:\RECYCLER\NPROTECT\NPROTECT.LOG": Access is denied.
2005-07-18, 10:35:01, An error was detected on "E:\System Volume Information\*.*": Access is denied.
2005-07-18, 10:35:01, Running scanner "C:\Documents and Settings\Administrator\Desktop\Sysclean\VSCANTM.BIN"...
2005-07-18, 10:35:07, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/18/2005 10:35:02
VSAPI Engine Version : 7.510-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 731 (104621 Patterns) (2005/07/14) (273100)
Command Line: C:\Documents and Settings\Administrator\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=C:\Documents and Settings\Administrator\Desktop\Sysclean
4 files have been read.
4 files have been checked.
2 files have been scanned.
2 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/18/2005 10:35:07
---------*---------*---------*---------*---------*---------*---------*---------*
2005-07-18, 10:35:07, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/18/2005 10:35:02
VSAPI Engine Version : 7.510-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 731 (104621 Patterns) (2005/07/14) (273100)
Command Line: C:\Documents and Settings\Administrator\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=C:\Documents and Settings\Administrator\Desktop\Sysclean
4 files have been read.
4 files have been checked.
2 files have been scanned.
2 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/18/2005 10:35:07 0.09 seconds has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-07-18, 10:35:07, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 7/18/2005 10:35:02
VSAPI Engine Version : 7.510-1002
VSCANTM Version : 1.1-1001
Virus Pattern Version : 731 (104621 Patterns) (2005/07/14) (273100)
Command Line: C:\Documents and Settings\Administrator\Desktop\Sysclean\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C /ACTIVEACTION=5 E:\*.* /P=C:\Documents and Settings\Administrator\Desktop\Sysclean
4 files have been read.
4 files have been checked.
2 files have been scanned.
2 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 7/18/2005 10:35:07 0.09 seconds has elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2005-07-18, 10:35:07, Scanner "C:\Documents and Settings\Administrator\Desktop\Sysclean\VSCANTM.BIN" has finished running.
Logfile of HijackThis v1.99.1
Scan saved at 10:36:28 AM, on 7/18/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?.home=ytie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?.home=ytie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Shortcut to Microsoft Outlook.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/abarth/us/win/QuickTimeInstaller.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{FBDACE83-556A-4DF0-96CD-8DC40D475DED}: NameServer = 201.225.225.225,201.225.225.226,201.224.73.162
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Promise RAID message agent (RAIDmAgt) - Promise Technology, Inc. - C:\Program Files\Promise\Utility\MsgAgt.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
