Hi Ried,
Thanks! Obviously I was so eager to post that I missed a step! Sorry!
After working for two days my laptop gave me the UNMOUNTABLE_BOOT_ERROR blue screen again today. I managed to start up in safe mode and restore to yesterdays restore point and it seems fine again now.
I am starting to suspect that this is related to some software I used last night (e.g. Femap and/or solid works, simulation programs I am using for my final project at uni).
Anyway here are the logs you asked for.
Thanks again,
Karmen
Main:
Deckard's System Scanner v20071014.68
Run by Morgan on 2008-05-11 17:55:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
19: 2008-05-11 15:55:07 UTC - RP170 - Deckard's System Scanner Restore Point
18: 2008-05-11 15:29:11 UTC - RP169 - Morgan
17: 2008-05-11 14:40:34 UTC - RP168 - Gjenopprettingsoperasjon
16: 2008-05-09 22:32:07 UTC - RP167 - Removed Windows Live installer
15: 2008-05-09 21:53:49 UTC - RP166 - Kontrollpunkt for system
-- First Restore Point --
1: 2008-04-25 21:05:51 UTC - RP152 - Software Distribution Service 3.0
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Morgan.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:57:38, on 11.05.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programfiler\Norman\Npm\Bin\Elogsvc.exe
C:\Programfiler\Norman\Ngs\bin\NPROSEC.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Programfiler\Norman\Npm\Bin\Zanda.exe
C:\Programfiler\Norman\npm\bin\nvoy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\Norman\npf\bin\npfsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Cisco Systems\VPN Client\cvpnd.exe
C:\Programfiler\Ahead\InCD\InCDsrv.exe
C:\Programfiler\Mil Incorporated\Mil Shield\ShieldService.exe
C:\Programfiler\MPICH\mpd\bin\mpd.exe
C:\Programfiler\Intel\Wireless\Bin\OProtSvc.exe
C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
C:\Programfiler\Norman\npf\bin\npfuser.exe
C:\Programfiler\Norman\Npm\bin\NVCSCHED.EXE
C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Programfiler\Norman\npc\bin\npcsvc32.exe
C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
C:\Programfiler\Norman\npc\bin\nuaa.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programfiler\ltmoh\Ltmoh.exe
C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programfiler\Wistron\AVManager\AVManager.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe
C:\Programfiler\Norman\Npm\bin\ZLH.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Norman\Nvc\BIN\NIP.EXE
C:\Programfiler\Mil Incorporated\Mil Shield\ShieldWorker.exe
C:\Programfiler\Norman\Nvc\bin\cclaw.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Morgan\Skrivebord\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Morgan.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programfiler\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Programfiler\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [AVManager] "C:\Programfiler\Wistron\AVManager\AVManager.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programfiler\Norman\Npm\bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKLM\..\Run: [NPCTray] C:\Programfiler\Norman\npc\bin\npc_tray.exe /LOAD
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MilShieldSlave] "C:\Programfiler\Mil Incorporated\Mil Shield\ShieldWorker.exe" -logon
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\programfiler\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programfiler\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programfiler\norman\npc\bin\nlf.dll
O10 - Unknown file in Winsock LSP: c:\programfiler\norman\npc\bin\nlf.dll
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {358DFA15-D48C-4296-8D16-7405F918333B} (Fronter OES2 release 21) -
https://fronter.com/hia/links/fronter_oes2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/micr...?1193752552109
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programfiler\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programfiler\Fellesfiler\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programfiler\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programfiler\Norman\Npm\Bin\Elogsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Programfiler\Ahead\InCD\InCDsrv.exe
O23 - Service: MilShieldCleaner - Unknown owner - C:\Programfiler\Mil Incorporated\Mil Shield\ShieldService.exe
O23 - Service: MPICH Daemon (C) 2001 Argonne National Lab (mpich_mpd) - Unknown owner - C:\Programfiler\MPICH\mpd\bin\mpd.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Programfiler\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Parental Control (NPC) - Norman ASA - C:\Programfiler\Norman\npc\bin\npcsvc32.exe
O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Programfiler\Norman\npf\bin\npfsvc32.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Programfiler\Norman\Ngs\bin\NPROSEC.EXE
O23 - Service: Norman User Activity Agent (NUAA) - Norman ASA - C:\Programfiler\Norman\npc\bin\nuaa.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Programfiler\Norman\Npm\bin\NVCSCHED.EXE
O23 - Service: Norman's Very Own supplY of resources (NVOY) - Norman ASA - C:\Programfiler\Norman\npm\bin\nvoy.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Programfiler\Fellesfiler\SolidWorks Shared\Service\SolidWorksLicensing.exe
--
End of file - 10226 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
.scr - AutoCADScriptFile - shell\open\command - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 Hotkey - c:\windows\system32\drivers\hotkey.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.1.0.1) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.1.0.1>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
S1 Wbutton - c:\windows\system32\drivers\wbutton.sys (file missing)
S3 MS1000 - c:\windows\system32\drivers\ms1000.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 MilShieldCleaner - c:\programfiler\mil incorporated\mil shield\shieldservice.exe
R2 mpich_mpd (MPICH Daemon (C) 2001 Argonne National Lab) - c:\programfiler\mpich\mpd\bin\mpd.exe
R2 OwnershipProtocol - c:\programfiler\intel\wireless\bin\oprotsvc.exe <Not Verified; Intel Corporation; Intel PROSet/Wireless>
R2 RegSrvc - c:\programfiler\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; RegSrvc Module>
S3 Autodesk Licensing Service - "c:\programfiler\fellesfiler\autodesk shared\service\adskscsrv.exe" <Not Verified; Autodesk; Autodesk Licensing Service>
S3 SolidWorks Licensing Service - "c:\programfiler\fellesfiler\solidworks shared\service\solidworkslicensing.exe" <Not Verified; SolidWorks; SolidWorks Licensing Service>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
-- Files created between 2008-04-11 and 2008-05-11 -----------------------------
2008-05-11 16:47:51 0 d-------- C:\Programfiler\SpywareBlaster
2008-05-11 16:47:46 0 d-------- C:\Programfiler\The Cleaner Free
2008-05-11 16:47:46 0 d-------- C:\Programfiler\MPICH
2008-05-11 16:47:39 0 d-------- C:\Programfiler\ScanSoft
2008-05-11 16:47:38 0 d-------- C:\Programfiler\Google
2008-05-11 16:41:13 0 d-------- C:\Programfiler\CD-adapco
2008-05-11 16:41:13 0 d-------- C:\ie-spyad_zo
2008-05-11 16:41:12 0 d-------- C:\VundoFix Backups
2008-05-10 11:28:51 0 d-------- C:\Programfiler\SpywareBlaster(2)
2008-05-09 23:29:26 0 d-------- C:\Programfiler\Mil Incorporated
2008-05-09 23:00:46 0 d-------- C:\Programfiler\Enigma Software Group
2008-05-09 20:54:37 5376 --a------ C:\WINDOWS\system32\drivers\MS1000.sys
2008-05-09 19:59:37 0 d-------- C:\Programfiler\Exterminate It!
2008-05-08 12:21:18 0 d-------- C:\WINDOWS\Prefetch
2008-05-08 10:44:52 0 d-------- C:\WINDOWS\system32\no
2008-05-08 10:44:52 0 d-------- C:\WINDOWS\l2schemas
2008-05-08 10:44:51 0 d-------- C:\WINDOWS\system32\bits
2008-05-08 10:40:36 0 d-------- C:\WINDOWS\ServicePackFiles
2008-05-07 23:17:03 0 d-------- C:\Programfiler\Panda Security
2008-05-07 22:45:54 0 d-------- C:\Programfiler\Eusing Free Registry Cleaner
2008-05-07 19:20:18 0 d-------- C:\Programfiler\Trend Micro
2008-05-06 23:44:12 0 d-------- C:\Programfiler\Norman
2008-04-26 13:01:42 0 d-------- C:\Programfiler\EngiLab Beam.2D ML
2008-04-26 13:01:12 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-04-25 23:07:04 0 d-------- C:\Programfiler\MSXML 6.0
2008-04-22 12:14:49 0 d-------- C:\Programfiler\AOEMView 2008
2008-04-22 12:14:31 0 d-------- C:\Programfiler\Microsoft WSE
2008-04-22 12:12:32 0 d-------- C:\Programfiler\DWG TrueView 2007
2008-04-22 12:11:59 0 d-------- C:\Programfiler\Fellesfiler\Autodesk Shared
2008-04-22 12:11:59 0 d-------- C:\Programfiler\Autodesk
-- Find3M Report ---------------------------------------------------------------
2008-05-10 23:07:21 0 d-------- C:\Documents and Settings\Morgan\Programdata\SolidWorks
2008-05-10 00:32:41 0 d-------- C:\Documents and Settings\Morgan\Programdata\Macromedia
2008-05-09 23:59:15 405228 --a------ C:\WINDOWS\system32\perfh014.dat
2008-05-09 23:59:15 69306 --a------ C:\WINDOWS\system32\perfc014.dat
2008-05-08 18:47:35 0 d-------- C:\Documents and Settings\Morgan\Programdata\Smart PC Solutions
2008-05-08 18:23:50 0 d-------- C:\Documents and Settings\Morgan\Programdata\Uniblue
2008-05-08 10:45:29 0 d-------- C:\Programfiler\Messenger
2008-05-08 10:44:50 0 d-------- C:\Programfiler\Movie Maker
2008-05-08 10:39:57 0 d-------- C:\Programfiler\Windows NT
2008-05-06 10:53:23 0 d-------- C:\Programfiler\Skype
2008-05-04 21:52:53 0 d-------- C:\Documents and Settings\Morgan\Programdata\Microgaming
2008-05-02 21:14:52 0 d-------- C:\Documents and Settings\Morgan\Programdata\Skype
2008-05-02 20:24:39 0 d-------- C:\Documents and Settings\Morgan\Programdata\skypePM
2008-04-22 13:02:17 0 d-------- C:\Documents and Settings\Morgan\Programdata\Autodesk
2008-04-22 12:11:59 0 d-------- C:\Programfiler\Fellesfiler
2008-04-20 23:35:58 6553 --a------ C:\Documents and Settings\Morgan\Programdata\PrimoPDFSet.xml
2008-04-20 23:01:06 310 --a------ C:\Documents and Settings\Morgan\Programdata\APUSet.xml
2008-04-04 11:57:21 0 d-------- C:\Programfiler\activePDF
2008-04-03 08:20:00 0 d-------- C:\Documents and Settings\Morgan\Programdata\Help
2008-04-03 08:10:28 0 d--h----- C:\Programfiler\InstallShield Installation Information
2008-03-27 16:02:09 0 d-------- C:\Documents and Settings\Morgan\Programdata\uTorrent
2008-03-25 16:35:27 0 d-------- C:\Programfiler\uTorrent
2008-03-24 10:44:57 0 d-------- C:\Documents and Settings\Morgan\Programdata\DassaultSystemes
2008-03-20 21:00:09 0 d-------- C:\Programfiler\Java
2008-03-20 20:56:17 0 d-------- C:\Programfiler\Fellesfiler\Skype
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [13.04.2004 06:49 C:\WINDOWS\AGRSMMSG.exe]
"LtMoh"="C:\Programfiler\ltmoh\Ltmoh.exe" [04.09.2003 18:00]
"SynTPLpr"="C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe" [07.05.2004 04:49]
"SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [07.05.2004 04:49]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [06.08.2004 15:04]
"HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe" [11.11.2004 16:13]
"CtrlVol"="C:\Program Files\Launch Manager\CtrlVol.exe" [16.09.2003 15:28]
"LMgrOSD"="C:\Program Files\Launch Manager\OSD.exe" [26.07.2004 15:52]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [06.09.2004 15:11]
"IntelWireless"="C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" [06.08.2004 17:48]
"AVManager"="C:\Programfiler\Wistron\AVManager\AVManager.exe" [08.06.2004 19:32]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [02.11.2004 03:03]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [02.11.2004 02:59]
"GrooveMonitor"="C:\Programfiler\Microsoft Office\Office12\GrooveMonitor.exe" [24.08.2007 08:00]
"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [22.02.2008 05:25]
"Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.01.2008 23:16]
"Norman ZANDA"="C:\Programfiler\Norman\Npm\bin\ZLH.exe" [17.12.2007 14:37]
"NPCTray"="C:\Programfiler\Norman\npc\bin\npc_tray.exe" [17.09.2007 14:29]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [14.04.2008 18:22]
"MilShieldSlave"="C:\Programfiler\Mil Incorporated\Mil Shield\ShieldWorker.exe" [09.05.2008 23:29]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll 06.08.2004 17:48 110592 C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
-- End of Deckard's System Scanner: finished at 2008-05-11 18:00:42 ------------