User Tag List

Unexpected reboots

This is a discussion on Unexpected reboots within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. My computer has unexpected reboots. I cannot tell when or why these will happen. However, if I try to run


 
 
Thread Tools Search this Thread
Old 03-21-2007, 02:20 PM   #1
Guest
 
Join Date: Mar 2007
Posts: 9
OS:



My computer has unexpected reboots. I cannot tell when or why these will happen. However, if I try to run SFC, or repair console or even defrag, the machine reboots on me. I have unchecked the box on the "reboot system" thing but I still dont't get an error or blue screen it just reboots




Deckard's System Scanner v20070318.32
Run by Krista on 2007-03-21 at 15:08:30
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 4 Restore Point(s) --
4: 2007-03-21 21:08:40 UTC - RP4 - Deckard's System Scanner Restore Point
3: 2007-03-20 21:19:09 UTC - RP3 - Removed J2SE Development Kit 5.0 Update 9
2: 2007-03-20 21:18:23 UTC - RP2 - Removed J2SE Runtime Environment 5.0 Update 9
1: 2007-03-20 20:48:41 UTC - RP1 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Krista.exe) ----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 3:09:48 PM, on 3/21/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\System32\WFXSVC.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WinFax\WFXSWTCH.exe
C:\Program Files\WinFax\WFXMOD32.exe
C:\WINDOWS\System32\WFXSNT40.exe
C:\Program Files\WinFax\WFXCTL32.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Krista\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\Krista.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\SYSTEM\Userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: https://staplescanada.webprint.com
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - https://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - https://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - https://v5.windowsupdate.microsoft.co...?1114631715186
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - https://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
O16 - DPF: {F2A84794-EE6D-447B-8C21-3BA1DC77C5B4} (SDKInstall Class) - https://activex.microsoft.com/activex...te/sdkinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B052FC3F-3475-467F-A390-07608BC23ED6}: Domain = escape.ca
O17 - HKLM\System\CCS\Services\Tcpip\..\{B052FC3F-3475-467F-A390-07608BC23ED6}: NameServer = 142.161.130.155,142.161.2.155
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\System32\WFXSVC.EXE


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 avgntmgr - c:\windows\system32\drivers\avgntmgr.sys
R0 IdeBusDr - c:\windows\system32\drivers\idebusdr.sys
R0 IdeChnDr (Intel(R) Ultra ATA Controller) - c:\windows\system32\drivers\idechndr.sys
R1 avgntdd - c:\windows\system32\drivers\avgntdd.sys
R1 NetworkX - c:\windows\system32\ckldrv.sys
R2 tmcomm - c:\windows\system32\drivers\tmcomm.sys
R3 ac97intc (Intel(r) 82801DB/DBM Audio Driver Service (WDM)) - c:\windows\system32\drivers\ac97ich4.sys
R3 ialm - c:\windows\system32\drivers\ialmnt5.sys

S3 HCF_MSFT - c:\windows\system32\drivers\hcf_msft.sys
S3 MODEMCSA (Unimodem Streaming Filter Device) - c:\windows\system32\drivers\modemcsa.sys
S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - c:\program files\antivir personaledition classic\sched.exe
R2 Crypkey License - crypserv.exe
R2 wfxsvc (WinFax PRO) - c:\windows\system32\wfxsvc.exe
R2 WmdmPmSp (Portable Media Serial Number) - c:\windows\system32\svchost.exe -k netsvcs


-- Scheduled Tasks -------------------------------------------------------------

2007-03-07 23:00:00 502 --a------ C:\WINDOWS\Tasks\Tune-up Application Start.job<TUNE-U~1.JOB>


-- Files created between 2007-02-21 and 2007-03-21 -----------------------------

2007-03-20 17:57:55 0 d-------- C:\WINDOWS\LastGood
2007-03-20 15:51:10 44875 --a------ C:\WINDOWS\System32\IPrtCnst.dll
2007-03-20 15:51:10 101431 --a------ C:\WINDOWS\System32\drivers\IdeChnDr.sys
2007-03-20 15:51:10 13891 --a------ C:\WINDOWS\System32\drivers\IdeBusDr.sys
2007-03-20 15:51:10 0 d-------- C:\Program Files\Intel
2007-03-20 15:49:21 163840 --a------ C:\WINDOWS\System32\igfxres.dll
2007-03-20 15:47:49 0 d-------- C:\WINDOWS\System32\ReinstallBackups<REINST~1>
2007-03-20 14:47:37 0 d-------- C:\WINDOWS\Prefetch
2007-03-20 14:46:21 4096 --a------ C:\WINDOWS\System32\ksuser.dll
2007-03-20 14:46:21 42752 --a------ C:\WINDOWS\System32\drivers\stream.sys
2007-03-20 14:46:21 135040 --a------ C:\WINDOWS\System32\drivers\portcls.sys
2007-03-20 14:46:21 134144 --a------ C:\WINDOWS\System32\drivers\ks.sys
2007-03-20 14:46:20 57344 --a------ C:\WINDOWS\System32\drivers\drmk.sys
2007-03-20 14:42:27 5632 --a------ C:\WINDOWS\System32\drivers\splitter.sys
2007-03-20 14:41:01 17408 --a------ C:\WINDOWS\System32\qmgrprxy.dll
2007-03-20 14:41:01 179200 --a------ C:\WINDOWS\System32\qmgr.dll
2007-03-20 14:40:57 155136 --a------ C:\WINDOWS\System32\srsvc.dll
2007-03-20 14:40:57 218112 --a------ C:\WINDOWS\System32\srrstr.dll
2007-03-20 14:40:56 61952 --a------ C:\WINDOWS\System32\srclient.dll
2007-03-20 14:40:56 24576 --a------ C:\WINDOWS\System32\nmmkcert.dll
2007-03-20 14:40:56 65536 --a------ C:\WINDOWS\System32\msconf.dll
2007-03-20 14:40:56 32384 --a------ C:\WINDOWS\System32\mnmdd.dll
2007-03-20 14:40:56 73728 --a------ C:\WINDOWS\System32\ils.dll
2007-03-20 14:40:56 70400 --a------ C:\WINDOWS\System32\drivers\sr.sys
2007-03-20 14:40:54 90624 --a------ C:\WINDOWS\System32\msoert2.dll
2007-03-20 14:40:53 228864 --a------ C:\WINDOWS\System32\msoeacct.dll
2007-03-20 14:40:52 593920 --a------ C:\WINDOWS\System32\inetcomm.dll
2007-03-20 14:40:51 158720 --a------ C:\WINDOWS\System32\schedsvc.dll
2007-03-20 14:40:51 9728 --a------ C:\WINDOWS\System32\mstinit.exe
2007-03-20 14:40:51 249856 --a------ C:\WINDOWS\System32\mstask.dll
2007-03-20 14:39:23 339968 --a------ C:\WINDOWS\System32\mspaint.exe
2007-03-20 14:39:23 116736 --a------ C:\WINDOWS\System32\mplay32.exe
2007-03-20 14:39:23 489984 --a------ C:\WINDOWS\System32\hypertrm.dll
2007-03-20 14:39:22 4096 --a------ C:\WINDOWS\System32\wuauserv.dll
2007-03-20 14:39:22 95744 --a------ C:\WINDOWS\System32\wuaueng.dll
2007-03-20 14:39:22 112128 --a------ C:\WINDOWS\System32\wuauclt.exe
2007-03-20 14:39:22 534016 --a------ C:\WINDOWS\System32\spider.exe
2007-03-20 14:39:22 107912 --a------ C:\WINDOWS\System32\drivers\rdpwd.sys
2007-03-20 14:39:22 98816 --a------ C:\WINDOWS\System32\clipbrd.exe
2007-03-20 14:39:21 40448 --a------ C:\WINDOWS\System32\tscupgrd.exe
2007-03-20 14:39:21 88576 --a------ C:\WINDOWS\System32\tscfgwmi.dll
2007-03-20 14:39:21 197632 --a------ C:\WINDOWS\System32\termsrv.dll
2007-03-20 14:39:21 130048 --a------ C:\WINDOWS\System32\sessmgr.exe
2007-03-20 14:39:21 56320 --a------ C:\WINDOWS\System32\remotepg.dll
2007-03-20 14:39:21 12288 --a------ C:\WINDOWS\System32\rdsaddin.exe
2007-03-20 14:39:21 134656 --a------ C:\WINDOWS\System32\rdchost.dll
2007-03-20 14:39:21 503296 --a------ C:\WINDOWS\System32\mstscax.dll
2007-03-20 14:39:21 385536 --a------ C:\WINDOWS\System32\mstsc.exe
2007-03-20 14:39:20 73864 --a------ C:\WINDOWS\System32\rdpwsx.dll
2007-03-20 14:39:20 14848 --a------ C:\WINDOWS\System32\rdpsnd.dll
2007-03-20 14:39:20 41984 --a------ C:\WINDOWS\System32\rdpclip.exe
2007-03-20 14:39:20 83968 --a------ C:\WINDOWS\System32\mtxoci.dll
2007-03-20 14:39:20 151040 --a------ C:\WINDOWS\System32\msdtcuiu.dll
2007-03-20 14:39:20 869376 --a------ C:\WINDOWS\System32\msdtctm.dll
2007-03-20 14:39:20 360960 --a------ C:\WINDOWS\System32\msdtcprx.dll
2007-03-20 14:39:20 8704 --a------ C:\WINDOWS\System32\icaapi.dll
2007-03-20 14:39:20 32768 --a------ C:\WINDOWS\System32\cfgbkend.dll
2007-03-20 14:39:19 9728 --a------ C:\WINDOWS\System32\xolehlp.dll
2007-03-20 14:39:19 1139200 --a------ C:\WINDOWS\System32\comsvcs.dll
2007-03-20 14:39:19 583168 --a------ C:\WINDOWS\System32\catsrvut.dll
2007-03-20 14:39:16 57344 --a------ C:\WINDOWS\System32\licwmi.dll
2007-03-20 14:38:34 55808 --a------ C:\WINDOWS\System32\drivers\redbook.sys
2007-03-20 14:38:25 23070 --a------ C:\WINDOWS\System32\drivers\RTL8139.sys
2007-03-20 14:37:14 37896 --a------ C:\WINDOWS\System32\drivers\termdd.sys
2007-03-20 14:37:14 181632 --a------ C:\WINDOWS\System32\drivers\rdpdr.sys
2007-03-20 14:36:08 70656 --a------ C:\WINDOWS\System32\storprop.dll
2007-03-20 14:36:08 24661 --a------ C:\WINDOWS\System32\spxcoins.dll
2007-03-20 14:36:08 13312 --a------ C:\WINDOWS\System32\irclass.dll
2007-03-20 14:29:50 0 d-------- C:\WINDOWS\msapps
2007-03-20 14:26:07 107776 --a------ C:\WINDOWS\System32\drivers\ac97ich4.sys
2007-03-18 16:14:52 76560 --a------ C:\WINDOWS\System32\drivers\tmcomm.sys
2007-03-18 16:13:42 0 d-------- C:\Documents and Settings\Krista\.housecall6.6<HOUSEC~1.6>
2007-03-18 15:54:59 0 d-------- C:\Documents and Settings\Krista\Application Data\Registry Cleaner<REGIST~1>
2007-03-18 15:23:53 23600 --a------ C:\WINDOWS\System32\drivers\TVICHW32.SYS
2007-03-18 14:19:52 0 d-------- C:\WINDOWS\System32\NtmsData
2007-03-12 17:01:24 0 d-------- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic<ANTIVI~1>
2007-03-02 14:19:31 0 d-------- C:\mame
2007-03-02 14:15:00 0 d-------- C:\RAINE
2007-03-02 14:08:40 0 d-------- C:\mame dl<MAMEDL~1>


-- Find3M Report ---------------------------------------------------------------

2007-03-20 14:39:52 22720 --a------ C:\WINDOWS\System32\emptyregdb.dat<EMPTYR~1.DAT>
2007-01-24 15:40:54 331 -----n--- C:\Documents and Settings\Krista\Application Data\iPodMusicLiberatorPrefsV4<IPODMU~1>
2007-01-24 15:08:06 0 d-------- C:\Program Files\Audacity
2007-01-24 14:43:56 0 d-------- C:\Program Files\illiminable<ILLIMI~1>
2007-01-24 13:21:46 52 -----n--- C:\Documents and Settings\Krista\Application Data\iml_system_file<IML_SY~1>
2007-01-24 13:21:42 0 d-------- C:\Program Files\iPod Music Liberator<IPODMU~1>
2007-01-19 12:53:04 51056 --a------ C:\WINDOWS\System32\sirenacm.dll


-- Registry Dump ---------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Yahoo! Pager"="C:\\PROGRA~1\\YAHOO!\\MESSEN~1\\ypager.exe -quiet"
"msnmsgr"="\"C:\\PROGRAM FILES\\MSN MESSENGER\\MSNMSGR.EXE\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LoadPowerProfile"="Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"
"IgfxTray"="C:\\WINDOWS\\SYSTEM32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\SYSTEM32\\hkcmd.exe"
"LoadQM"="loadqm.exe"
"Tweak UI"="RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"LoadQM"="loadqm.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"LoadPowerProfile"="Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Controller.LNK]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Controller.LNK"
"backup"="C:\\WINDOWS\\pss\\Controller.LNKCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\WinFax\\WFXCTL32.EXE -StartupGroup"
"item"="Controller"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~1\\Office\\OSA9.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Krista^Start Menu^Programs^Startup^Azureus Ultra Accelerator.lnk]
"location"="Startup"
"command"="C:\\PROGRA~1\\AZUREU~1\\AZUREU~1.EXE "
"item"="Azureus Ultra Accelerator"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="avgnt"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hkcmd"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\System32\\hkcmd.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="igfxtray"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\System32\\igfxtray.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ISUSPM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\ISUSPM.exe\" -startup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="issch"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Cleaner]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Regclean"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Registry Cleaner Trial\\Regclean.exe\" -startminimize"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TeaTimer"
"hkey"="HKCU"
"command"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"inimapping"="0"
"command"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleToolbarNotifier"
"hkey"="HKCU"
"command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SysTray"
"hkey"="HKLM"
"command"="SysTray.Exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeUpdateManager"
"hkey"="HKCU"
"command"="C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WFXSwtch]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WFXSWTCH"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\WinFax\\WFXSWTCH.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFaxAppPortStarter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="wfxsnt40"
"hkey"="HKLM"
"command"="wfxsnt40.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="YahooMessenger"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZortamMp3MediaStudio]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="zmmspro"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Zortam Mp3 Media Studio\\zmmspro.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=dword:00000002
"AVWUpSrv"=dword:00000002
"AntiVirService"=dword:00000002


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{A213B520-C6C2-11d0-AF9D-008029E1027E}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoToolbarCustomize"=dword:00000000
"NoBandCustomize"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoToolbarCustomize"=dword:00000000
"NoBandCustomize"=dword:00000000

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoToolbarCustomize"=dword:00000000
"NoBandCustomize"=dword:00000000

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoToolbarCustomize"=dword:00000000
"NoBandCustomize"=dword:00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_ATAPI
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_PCIIDE


-- End of Deckard's System Scanner: finished at 2007-03-21 at 15:10:21 ---------
Attached Files
File Type: txt extra.txt (7.9 KB, 13 views)
whizzkid3 is offline  
Sponsored Links
Advertisement
 
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Unexpected Reboots[moved from xp]
If I try to run SFC, or reinstall XP pro or run trends online virus scanner lately my comp just reboots on me. I am suspecting some form of virus....any thouhgts? Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 4:19:49 PM, on 3/18/2007 Platform: Windows XP SP1 (WinNT 5.01.2600)...
whizzkid3 Inactive Malware Help Topics 13 03-24-2007 02:31 AM
Unexpected Reboots
I am running XP pro and lately have been getting some unexpected reboots. Here is my HJT log....any suggestions? Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 4:19:49 PM, on 3/18/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) Boot mode: Normal Running processes:...
whizzkid3 Inactive Malware Help Topics 1 03-21-2007 10:01 AM
Compaq desktop spontaneous reboots
Not sure if this a hardware or malware issue: Everything was working PERFECTLY on my friend's 2-year-old Compaq desktop, running Win2k. We installed Google Desktop and started having spontaneous reboots. We uninstalled Google Desktop, but now have new problems: • All printers disappeared from...
kmsilver Motherboards, Bios & CPU 2 02-21-2006 10:59 AM
Losing internet connection on network
We our having problems with our internet connection quitting out on us every hour or so. It seems that the more computers and Xboxes we have on the more often we lose our connection. We only lose the connection for a second but that’s long enough so that we get kicked out of games and of MSN. ...
ChokingClown Networking Support 3 08-26-2005 06:48 PM
Win2k Pro Random Reboots
Hey, Ok, basically I have a win2k box that reboots all the f'in time and it's driving me mad. The machine was stable for about 6 months, literally no problems, then from nowhere it started rebooting. There were no driver changes, no new hardware, nothing had changed in the machine at all. ...
justdave Windows Servers 2 12-27-2004 11:07 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 02:24 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts