Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Restarting After Logging In At User Startup


  • Please log in to reply
1 reply to this topic

#1 genthore

genthore

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Local time:12:29 AM

Posted 11 July 2007 - 11:34 AM

Sometimes my computer restarts after I enter my password on the user screen. Im using WindowsXP SP2. I ran a Deckard scan and Im posting the logs , if somebody could look at them Id be very grateful.

Deckard's System Scanner v20070708.52
Run by Christopher on 2007-07-12 at 12:22:23
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
42: 2007-07-12 16:22:25 UTC - RP42 - Deckard's System Scanner Restore Point
41: 2007-07-12 12:00:46 UTC - RP41 - Software Distribution Service 3.0
40: 2007-07-12 00:25:00 UTC - RP40 - Removed Microsoft Plus! for Windows XP
39: 2007-07-11 20:29:11 UTC - RP39 - System Checkpoint
38: 2007-07-10 16:22:40 UTC - RP38 - System Checkpoint


-- First Restore Point --
1: 2007-07-04 01:39:00 UTC - RP1 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Christopher.exe) -----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23:54 PM, on 7/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe
C:\Documents and Settings\Christopher\Local Settings\Application Data\Trend Micro\HCMS\FLock\en-US\FLMain.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Christopher\My Documents\recieved files\dss.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Christopher.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPSON Stylus Photo R220 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIA.EXE /P30 "EPSON Stylus Photo R220 Series" /O6 "USB001" /M "Stylus Photo R220"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [TrendSecure Remote File Lock] C:\Documents and Settings\Christopher\Local Settings\Application Data\Trend Micro\HCMS\FLock\en-US\FLMain.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/contr...vex/TmHcmsX.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1183514897156
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

--
End of file - 6178 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 tmtdi (Trend Micro TDI Driver) - c:\windows\system32\drivers\tmtdi.sys <Not Verified; Trend Micro Inc.; Trend Micro Network Security Components 3.0>
R2 tmmbd (Trend Micro MBD Driver) - c:\windows\system32\drivers\tm_mbd_c.sys <Not Verified; Trend Micro Inc.; Trend Micro Network Security Components 3.0>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ForceWare Intelligent Application Manager (IAM) - c:\program files\nvidia corporation\networkaccessmanager\bin\nsvcappflt.exe <Not Verified; ; app_filter Module>
R2 ForcewareWebInterface (Forceware Web Interface) - "c:\program files\nvidia corporation\networkaccessmanager\apache group\apache2\bin\apache.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server>
R2 nSvcLog (ForceWare user log service) - c:\program files\nvidia corporation\networkaccessmanager\bin\nsvclog.exe <Not Verified; NVIDIA; NVIDIA nSvcLog>
R2 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>

S2 PcCtlCom (Trend Micro Central Control Component) - c:\progra~1\trendm~1\intern~1\pcctlcom.exe <Not Verified; Trend Micro Inc.; Trend Micro Internet Security>
S2 Tmntsrv (Trend Micro Real-time Service) - c:\progra~1\trendm~1\intern~1\tmntsrv.exe <Not Verified; Trend Micro Inc.; Trend Micro Internet Security>
S2 TmPfw (Trend Micro Personal Firewall) - c:\progra~1\trendm~1\intern~1\tmpfw.exe <Not Verified; Trend Micro Inc.; Trend Micro Network Security Components 3.0>
S2 tmproxy (Trend Micro Proxy Service) - c:\progra~1\trendm~1\intern~1\tmproxy.exe <Not Verified; Trend Micro Inc.; Trend Micro Network Security Components 3.0>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 PcScnSrv (Trend Micro Protection Against Spyware ) - "c:\progra~1\trendm~1\intern~1\pcscnsrv.exe" <Not Verified; Trend Micro Inc.; Trend Micro Internet Security>


-- Scheduled Tasks -------------------------------------------------------------

2007-07-05 19:11:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-06-12 and 2007-07-12 -----------------------------

2007-07-11 20:07:42 1536000 --a------ C:\WINDOWS\system32\MAEncore.scr
2007-07-11 20:07:42 0 d-------- C:\Program Files\SereneScreen
2007-07-11 20:07:31 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-07-11 17:32:30 0 d-------- C:\Documents and Settings\Denise\Application Data\Identities
2007-07-11 17:32:20 0 d--h----- C:\Documents and Settings\Denise\Templates
2007-07-11 17:32:20 0 dr------- C:\Documents and Settings\Denise\Start Menu
2007-07-11 17:32:20 0 dr-h----- C:\Documents and Settings\Denise\SendTo
2007-07-11 17:32:20 0 dr-h----- C:\Documents and Settings\Denise\Recent
2007-07-11 17:32:20 0 d--h----- C:\Documents and Settings\Denise\PrintHood
2007-07-11 17:32:20 786432 --ah----- C:\Documents and Settings\Denise\NTUSER.DAT
2007-07-11 17:32:20 0 d--h----- C:\Documents and Settings\Denise\NetHood
2007-07-11 17:32:20 0 dr------- C:\Documents and Settings\Denise\My Documents
2007-07-11 17:32:20 0 d--h----- C:\Documents and Settings\Denise\Local Settings
2007-07-11 17:32:20 0 dr------- C:\Documents and Settings\Denise\Favorites
2007-07-11 17:32:20 0 d-------- C:\Documents and Settings\Denise\Desktop
2007-07-11 17:32:20 0 d--hs---- C:\Documents and Settings\Denise\Cookies
2007-07-11 17:32:20 0 dr-h----- C:\Documents and Settings\Denise\Application Data
2007-07-11 17:32:20 0 d---s---- C:\Documents and Settings\Denise\Application Data\Microsoft
2007-07-11 16:09:27 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-07-08 11:14:16 0 d-------- C:\Documents and Settings\Christopher\Application Data\WinRAR
2007-07-06 21:08:20 0 d-------- C:\WINDOWS\system32\appmgmt
2007-07-06 13:47:43 1755 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
2007-07-06 13:10:29 0 d-------- C:\Documents and Settings\Christopher\Application Data\Ahead
2007-07-06 13:10:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2007-07-06 13:09:44 0 d-------- C:\Program Files\Nero
2007-07-06 13:09:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-07-06 10:01:55 0 d-------- C:\Program Files\Trend Micro
2007-07-06 10:01:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Trend Micro
2007-07-05 19:20:57 0 d-------- C:\Documents and Settings\Christopher\Application Data\Apple Computer
2007-07-05 19:11:01 0 d-------- C:\Program Files\Apple Software Update
2007-07-05 19:10:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-07-05 16:09:07 0 d-------- C:\Documents and Settings\Christopher\Application Data\Lavasoft
2007-07-05 16:08:54 0 d-------- C:\Program Files\Lavasoft
2007-07-04 23:52:30 0 d-------- C:\Program Files\Guild Wars
2007-07-04 23:37:13 0 dr-h----- C:\Documents and Settings\Christopher\Recent
2007-07-04 23:36:30 0 d-------- C:\Program Files\CCleaner
2007-07-04 23:16:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Panasonic
2007-07-03 22:40:48 0 d-------- C:\WINDOWS\pss
2007-07-03 22:29:54 0 d-------- C:\EPSONREG
2007-07-03 22:29:08 0 d-------- C:\Program Files\EPSON Print CD
2007-07-03 22:28:51 483328 --a------ C:\WINDOWS\system32\PICSDK.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2007-07-03 22:28:51 45056 --a------ C:\WINDOWS\system32\EpPicPrt.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2007-07-03 22:28:51 60565 --a------ C:\WINDOWS\system32\EPPICPrinterDB.dat
2007-07-03 22:28:51 1140 --a------ C:\WINDOWS\system32\EPPICPresetData_PT.dat
2007-07-03 22:28:51 1130 --a------ C:\WINDOWS\system32\EPPICPresetData_FR.dat
2007-07-03 22:28:51 1137 --a------ C:\WINDOWS\system32\EPPICPresetData_ES.dat
2007-07-03 22:28:51 1104 --a------ C:\WINDOWS\system32\EPPICPresetData_EN.dat
2007-07-03 22:28:51 1130 --a------ C:\WINDOWS\system32\EPPICPresetData_CF.dat
2007-07-03 22:28:51 1140 --a------ C:\WINDOWS\system32\EPPICPresetData_BP.dat
2007-07-03 22:28:51 4943 --a------ C:\WINDOWS\system32\EPPICPattern6.dat
2007-07-03 22:28:51 15670 --a------ C:\WINDOWS\system32\EPPICPattern5.dat
2007-07-03 22:28:51 10673 --a------ C:\WINDOWS\system32\EPPICPattern4.dat
2007-07-03 22:28:51 21021 --a------ C:\WINDOWS\system32\EPPICPattern3.dat
2007-07-03 22:28:51 13280 --a------ C:\WINDOWS\system32\EPPICPattern2.dat
2007-07-03 22:28:51 29114 --a------ C:\WINDOWS\system32\EPPICPattern1.dat
2007-07-03 22:28:51 45056 --a------ C:\WINDOWS\system32\EpPicMgr.dll <Not Verified; SEIKO EPSON CORPORATION; EPSON PIC SDK>
2007-07-03 22:28:26 0 d-------- C:\Program Files\EPSON
2007-07-03 22:26:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-07-03 22:17:06 0 d-------- C:\WINDOWS\system32\LogFiles
2007-07-03 22:07:35 0 d--hs---- C:\Documents and Settings\Christopher\UserData
2007-07-03 22:03:49 0 d-------- C:\WINDOWS\system32\PreInstall
2007-07-03 21:59:40 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-07-03 21:53:47 0 d-------- C:\WINDOWS\nview
2007-07-03 21:53:39 540672 --a------ C:\WINDOWS\system32\nvhwvid.dll
2007-07-03 21:53:33 0 d-------- C:\WINDOWS\system32\WinFast
2007-07-03 21:52:58 0 d-------- C:\WINDOWS\system32\WinFox
2007-07-03 21:52:58 9469 --a------ C:\WINDOWS\system32\drivers\WINFOXIO.sys <Not Verified; Leadtek Research Inc.; WinFox I/O Device (Windows 2000/XP)>
2007-07-03 21:50:08 0 d-------- C:\JM
2007-07-03 21:50:07 139264 -r------- C:\WINDOWS\system32\JMRaidAPI.dll <Not Verified; JMicron Technology Corp.; JMB36X RAID API Dynamic Link Library>
2007-07-03 21:50:06 1953792 -r------- C:\WINDOWS\system32\JMRaidSetup.exe <Not Verified; JMicron Technology Corp.; JMicron JMB36X RAID Configurer>
2007-07-03 21:50:02 0 d-------- C:\WINDOWS\JM
2007-07-03 21:49:58 0 d-------- C:\WINDOWS\system32\Lang
2007-07-03 21:49:04 49152 -r------- C:\WINDOWS\system32\ChCfg.exe
2007-07-03 21:48:51 0 d-------- C:\WINDOWS\system32\RTCOM
2007-07-03 21:47:57 0 d-------- C:\Program Files\Realtek
2007-07-03 21:47:52 499712 -r------- C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2007-07-03 21:45:00 0 d-------- C:\WINDOWS\ASUSInstAll
2007-07-03 21:43:08 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-07-03 21:42:50 22 --a------ C:\WINDOWS\FileName
2007-07-03 21:42:41 0 d-------- C:\Program Files\NVIDIA Corporation
2007-07-03 21:42:30 495616 -ra------ C:\WINDOWS\system32\AsusSetup.exe <Not Verified; ASUS; AsusSetup>
2007-07-03 21:41:14 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-07-03 21:41:08 0 d-------- C:\WINDOWS\NV12041980.TMP
2007-07-03 21:41:02 0 d-------- C:\Program Files\Common Files\InstallShield
2007-07-03 21:38:49 0 d-------- C:\Documents and Settings\Christopher\Application Data\Identities
2007-07-03 21:38:41 0 dr-h----- C:\Documents and Settings\Christopher\SendTo
2007-07-03 21:38:41 0 d--h----- C:\Documents and Settings\Christopher\PrintHood
2007-07-03 21:38:41 0 d--h----- C:\Documents and Settings\Christopher\NetHood
2007-07-03 21:38:41 0 dr------- C:\Documents and Settings\Christopher\My Documents
2007-07-03 21:38:41 0 d--h----- C:\Documents and Settings\Christopher\Local Settings
2007-07-03 21:38:41 0 dr------- C:\Documents and Settings\Christopher\Favorites
2007-07-03 21:38:41 0 d-------- C:\Documents and Settings\Christopher\Desktop
2007-07-03 21:38:41 0 d--hs---- C:\Documents and Settings\Christopher\Cookies
2007-07-03 21:38:41 0 dr-h----- C:\Documents and Settings\Christopher\Application Data
2007-07-03 21:38:40 0 d--h----- C:\Documents and Settings\Christopher\Templates
2007-07-03 21:38:40 0 dr------- C:\Documents and Settings\Christopher\Start Menu
2007-07-03 21:38:40 2359296 --ah----- C:\Documents and Settings\Christopher\NTUSER.DAT
2007-07-03 21:37:54 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-07-03 21:37:53 0 d-------- C:\WINDOWS\Prefetch
2007-07-03 21:37:52 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-07-03 21:37:52 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-07-03 21:37:52 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-07-03 21:37:52 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2007-07-03 21:37:52 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-07-03 21:37:52 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-07-03 21:37:35 225280 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-07-03 21:37:35 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-07-03 21:37:35 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2007-07-03 21:37:35 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-07-03 21:37:35 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-07-03 21:35:17 0 d-------- C:\WINDOWS\system32\xircom
2007-07-03 21:35:17 0 d-------- C:\Program Files\microsoft frontpage
2007-07-03 21:35:07 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-07-03 21:35:04 0 d--h----- C:\WINDOWS\$hf_mig$
2007-07-03 21:34:54 0 -rahs---- C:\MSDOS.SYS
2007-07-03 21:34:54 0 -rahs---- C:\IO.SYS
2007-07-03 21:34:54 0 --a------ C:\CONFIG.SYS
2007-07-03 21:34:54 0 --a------ C:\AUTOEXEC.BAT
2007-07-03 21:34:12 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-07-03 21:34:05 0 dr------- C:\WINDOWS\Offline Web Pages
2007-07-03 21:34:05 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-07-03 21:33:55 0 d--h----- C:\Program Files\WindowsUpdate
2007-07-03 21:33:41 0 d-------- C:\WINDOWS\system32\DirectX
2007-07-03 21:33:14 0 d---s---- C:\WINDOWS\Tasks
2007-07-03 21:33:13 0 d-------- C:\Program Files\Common Files\MSSoap
2007-07-03 21:33:11 0 d-------- C:\WINDOWS\srchasst
2007-07-03 21:33:10 0 d-------- C:\WINDOWS\system32\Macromed
2007-07-03 21:33:04 0 d-------- C:\Program Files\Movie Maker
2007-07-03 21:32:58 0 d-------- C:\WINDOWS\system32\Restore
2007-07-03 21:32:27 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-07-03 21:32:16 0 d-------- C:\WINDOWS\Registration
2007-07-03 21:32:11 0 d-------- C:\Program Files\Online Services
2007-07-03 21:32:07 0 d-------- C:\Program Files\Messenger
2007-07-03 21:32:03 0 d-------- C:\Program Files\MSN Gaming Zone
2007-07-03 21:31:32 0 d-------- C:\Program Files\Windows NT
2007-07-03 21:31:29 0 d-------- C:\WINDOWS\system32\MsDtc
2007-07-03 21:31:28 0 d-------- C:\WINDOWS\system32\Com
2007-07-03 21:28:19 88 -r-hs---- C:\WINDOWS\system32\98A6891D07.sys
2007-07-03 21:28:17 0 d-------- C:\Documents and Settings\Christopher\Application Data\Corel
2007-07-03 21:28:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Corel
2007-07-03 21:27:43 0 d-------- C:\Program Files\Corel
2007-07-03 21:27:43 0 d-------- C:\Program Files\Common Files\Corel
2007-07-03 21:25:34 2672 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-07-03 21:11:08 0 d-------- C:\Documents and Settings\Christopher\Application Data\Macromedia
2007-07-03 20:47:03 0 d-------- C:\Program Files\MSXML 6.0
2007-07-03 20:46:40 0 d-------- C:\Program Files\MSBuild
2007-07-03 20:44:12 0 d-------- C:\WINDOWS\system32\XPSViewer
2007-07-03 20:43:58 0 d-------- C:\Program Files\Reference Assemblies
2007-07-03 20:43:32 0 d-------- C:\60c5e4cc529d7c84ba
2007-07-03 20:43:13 0 d-------- C:\Program Files\Windows Media Connect 2
2007-07-03 20:42:31 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-07-03 20:38:45 0 d-------- C:\WINDOWS\system32\URTTemp
2007-07-03 20:29:41 0 d-------- C:\WINDOWS\network diagnostic
2007-07-03 20:29:01 0 d-------- C:\Program Files\MSXML 4.0
2007-07-03 19:40:54 0 d-------- C:\Program Files\Common Files\Ahead
2007-07-03 19:40:40 0 d-------- C:\WINDOWS\RegisteredPackages
2007-07-03 19:34:40 65536 --a------ C:\WINDOWS\system32\PDvAvi3.dll <Not Verified; Matsubleepa Electric Ind.Co.,LTD.; Panasonic DV AVI File Read and Write Module>
2007-07-03 19:34:40 65536 --a------ C:\WINDOWS\system32\PDvAvi2.dll <Not Verified; Matsubleepa Electric Ind.Co.,LTD.; Panasonic DV AVI File Read and Write Module>
2007-07-03 19:34:40 77824 --a------ C:\WINDOWS\system32\PAvFilt.dll <Not Verified; Matsubleepa Electric Ind.Co.,LTD.; Panasonic AV Filter library>
2007-07-03 19:34:40 36864 --a------ C:\WINDOWS\system32\DvWrite.dll <Not Verified; Matsubleepa Electric Ind.Co.,LTD.; Panasonic DV Data Write Filter>
2007-07-03 19:34:40 36864 --a------ C:\WINDOWS\system32\DvRead.dll <Not Verified; Matsubleepa Electric Ind.Co.,LTD.; Panasonic DV Read Filter>
2007-07-03 19:34:40 0 d-------- C:\Program Files\Common Files\CNC
2007-07-03 19:34:36 253952 --a------ C:\WINDOWS\system32\PCodec.dll <Not Verified; Matsubleepa Electric Ind.Co.,LTD.; Panasonic DV Codec library>
2007-07-03 19:34:35 0 d-------- C:\Program Files\Panasonic
2007-07-03 19:34:35 0 d-------- C:\Program Files\Common Files\Panasonic
2007-07-03 14:25:33 0 d--hs---- C:\WINDOWS\Installer
2007-07-03 14:25:32 0 d-------- C:\Program Files\Common Files\ODBC
2007-07-03 14:25:29 0 dr------- C:\Program Files
2007-07-03 14:25:29 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-07-03 14:25:09 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-07-03 14:25:09 0 dr------- C:\Documents and Settings\Default User\Start Menu
2007-07-03 14:25:09 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-07-03 14:25:09 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-07-03 14:25:09 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-07-03 14:25:09 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-07-03 14:25:09 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-07-03 14:25:09 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-07-03 14:25:09 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-07-03 14:25:09 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-07-03 14:25:09 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-07-03 14:25:09 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-07-03 14:25:09 0 dr------- C:\Documents and Settings\All Users\Start Menu
2007-07-03 14:25:09 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-07-03 14:25:09 0 dr------- C:\Documents and Settings\All Users\Documents
2007-07-03 14:25:09 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-07-03 14:24:57 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-07-03 14:24:57 0 d-------- C:\WINDOWS\system32\CatRoot
2007-07-03 14:24:52 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-07-03 14:24:52 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-07-03 14:24:51 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-07-03 14:24:51 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-07-03 14:24:33 0 d--hs---- C:\System Volume Information
2007-07-03 14:24:33 0 d-------- C:\Documents and Settings
2007-07-03 14:18:20 0 d-------- C:\WINDOWS
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\WinSxS
2007-07-03 14:18:20 0 dr------- C:\WINDOWS\Web
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\twain_32
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\wins
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\wbem
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\usmt
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\spool
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\ShellExt
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\Setup
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\ras
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\oobe
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\npp
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\mui
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\inetsrv
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\IME
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\icsxml
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\ias
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\export
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\drivers
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-07-03 14:18:20 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\dhcp
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\config
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\3076
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\2052
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\1054
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\1042
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\1041
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\1037
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\1033
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\1031
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\1028
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system32\1025
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\system
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\security
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\Resources
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\repair
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\Provisioning
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\PeerNet
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\pchealth
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\mui
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\msapps
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\msagent
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\Media
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\java
2007-07-03 14:18:20 0 d--h----- C:\WINDOWS\inf
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\ime
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\Help
2007-07-03 14:18:20 0 dr--s---- C:\WINDOWS\Fonts
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\ehome
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\Driver Cache
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\Debug
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\Cursors
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\Connection Wizard
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\Config
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\AppPatch
2007-07-03 14:18:20 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2007-07-03 14:25:09 62 --ahs---- C:\Documents and Settings\Christopher\Application Data\desktop.ini
2007-04-13 03:21:14 271360 --a------ C:\WINDOWS\system32\mscoree.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"RTHDCPL"="RTHDCPL.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"EPSON Stylus Photo R220 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIAIA.EXE /P30 \"EPSON Stylus Photo R220 Series\" /O6 \"USB001\" /M \"Stylus Photo R220\""
"pccguide.exe"="\"C:\\Program Files\\Trend Micro\\Internet Security 2007\\pccguide.exe\""
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"OE"="\"C:\\Program Files\\Trend Micro\\Internet Security 2007\\TMAS_OE\\TMAS_OEMon.exe\""
"TrendSecure Remote File Lock"="C:\\Documents and Settings\\Christopher\\Local Settings\\Application Data\\Trend Micro\\HCMS\\FLock\\en-US\\FLMain.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ALCMTR"
"hkey"="HKLM"
"command"="ALCMTR.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Corel Photo Downloader"
"hkey"="HKLM"
"command"="C:\\Program Files\\Corel\\Corel Snapfire Plus\\Corel Photo Downloader.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X Configure]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="JMRaidSetup"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\JMRaidSetup.exe boot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="JMInsIDE"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\JM\\JMInsIDE.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nTrayFw]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nTrayFw"
"hkey"="HKLM"
"command"="C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\bin\\nTrayFw.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SkyTel"
"hkey"="HKLM"
"command"="SkyTel.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



-- End of Deckard's System Scanner: finished at 2007-07-12 at 12:24:44 ---------


USERPROFILE=C:\Documents and Settings\Christopher
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Christopher (admin)
Denise (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> MsiExec.exe /I{95D9B4D8-B091-4fab-80EA-313EB4B82FD6}
--> MsiExec.exe /I{EB997E90-5EB0-4eb5-90D0-90B1D2F0CA03}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
EPSON ESPR220 Reference Guide --> C:\Program Files\epson\guide\spr220_e\uninstall.exe
EPSON Print CD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\setup.exe" -l0x9 -SYSTEM
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Guild Wars --> "C:\Program Files\Guild Wars\Gw.exe" -uninstall
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
JMB36X Raid Configurer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x9 -removeonly
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
MotionDV STUDIO 5.6E LE for DV --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E07C71A6-1576-4F7F-8856-B1C439E669AC}\Setup.exe" -l0x9 UNINSTALL
MSXML 6.0 Parser --> MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
Nero 7 Ultra Edition --> MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA ForceWare Network Access Manager --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033
Panasonic DVC USB Driver --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{D1014B9B-5704-4B27-B581-1C19B72528D1} /l1033
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
SereneScreen Marine Aquarium --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\SereneScreen\Marine Aquarium\Uninst.isu"
Trend Micro PC-cillin Internet Security 2007 --> msiexec.exe /i {BB4B6355-D38A-492C-873B-A1B2CF6C3832}
Trend Micro PC-cillin Internet Security 2007 --> MsiExec.exe /X{BB4B6355-D38A-492C-873B-A1B2CF6C3832}
TrendSecure - Remote File Lock --> C:\Documents and Settings\Christopher\Local Settings\Application Data\Trend Micro\HCMS\FLock\en-US\FileLockSetup.exe /uninst
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinFast® Display Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F69FD33C-8815-46BF-9134-A643DE68F3C0}\setup.exe" -l0x9 -removeonly
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Pack 1.0 -->


-- End of Deckard's System Scanner: finished at 2007-07-12 at 12:24:44 ---------

Edited by rigel, 11 July 2007 - 08:20 PM.
Topic moved to the HJT forum ~rigel


BC AdBot (Login to Remove)

 


#2 Falu

Falu

  • Security Colleague
  • 3,001 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:11:29 PM

Posted 22 July 2007 - 09:18 AM

Hi genthore, :flowers:

If you still need help please post a fresh HijackThis log and I'll be happy to look at it for you.

Thanks for your patience. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users