Hi,
I tried the scan with the WinXP cd, the 2 reg files, and the and the
startuptracker but nothinng helped. A lot of applications start blocking and
when I click START - Turn off computer, the mouse shows in a 'working form'
and the computer freezes, but I can still run ctrl+alt+del and hit restart
or shutdown from there.
I also include you a log of the startup tracker:
4/28/2004 8:19:36 AM
-- Registry --
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
No Items Found
-- Registry --
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
CnxDslTaskBar "C:\Program Files\ZyXEL\ADSL USB
Modem\CnxDslTb.exe"
QT4HPOT C:\PROGRA~1\ONE-TO~1\OneTouch.EXE
VC5Player C:\Program Files\HHVcdV5Sys\VC5Play.exe
-- Registry --
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
No Items Found
-- Registry --
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Bandwidth Monitor Pro "C:\Program Files\Bandwidth Monitor
Pro\Bandwidth Monitor Pro.exe" /minimized
ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
-- Registry --
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce
No Items Found
-- Registry --
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run
CTFMON.EXE C:\WINDOWS\System32\CTFMON.EXE
-- Start Menu - Current User --
No Items Found
-- Start Menu - All Users --
Norton System Doctor.lnk
-- Disabled Items --
No Items Found
-- Registry - Shell Value - HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon --
Explorer.exe
-- Running Processes --
System Idle Process
System
smss.exe \SystemRoot\System32\smss.exe
csrss.exe
winlogon.exe winlogon.exe
services.exe C:\WINDOWS\system32\services.exe
lsass.exe C:\WINDOWS\system32\lsass.exe
svchost.exe C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
spoolsv.exe C:\WINDOWS\system32\spoolsv.exe
DFW.exe "C:\Program Files\8Signs Firewall\DFW.exe" NT_SERVICE
NPROTECT.EXE "C:\Program Files\Norton Utilities\NPROTECT.EXE"
NOPDB.EXE "C:\Program Files\Speed Disk\nopdb.exe"
VC5SecS.exe "C:\Program Files\HHVcdV5Sys\VC5SecS.exe"
alg.exe
userinit.exe C:\WINDOWS\system32\userinit.exe
explorer.exe C:\WINDOWS\Explorer.EXE
CnxDslTb.exe "C:\Program Files\ZyXEL\ADSL USB Modem\CnxDslTb.exe"
ONETOUCH.EXE "C:\PROGRA~1\ONE-TO~1\OneTouch.EXE"
VC5Play.exe "C:\Program Files\HHVcdV5Sys\VC5Play.exe"
Bandwidth Monitor Pr"C:\Program Files\Bandwidth Monitor Pro\Bandwidth
Monitor Pro.exe" /minimized
ctfmon.exe "C:\WINDOWS\system32\ctfmon.exe"
SYSDOC32.EXE "C:\Program Files\Norton Utilities\SYSDOC32.EXE"
/STARTUP
VC5Tray.exe "C:\Program Files\Virtual CD\System\VC5Tray.exe"
StartupTracker3.exe "C:\Documents and
Settings\M\Desktop\StartupTracker3\StartupTracker3.exe"
wmiprvse.exe
-- Running Services --
Name: 8SignsFirewall
Description: Controls access to your network.
Startup Mode: Auto
Run from: C:\Program Files\8Signs Firewall\DFW.exe NT_SERVICE
Name: ALG
Description: Provides support for 3rd party protocol plug-ins for Internet
Connection Sharing and the Internet Connection Firewall
Startup Mode: Manual
Run from: C:\WINDOWS\System32\alg.exe
Name: AudioSrv
Description: Manages audio devices for Windows-based programs. If this
service is stopped, audio devices and effects will not function properly. If
this service is disabled, any services that explicitly depend on it will
fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: Browser
Description: Maintains an updated list of computers on the network and
supplies this list to computers designated as browsers. If this service is
stopped, this list will not be updated or maintained. If this service is
disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: CryptSvc
Description: Provides three management services: Catalog Database Service,
which confirms the signatures of Windows files; Protected Root Service,
which adds and removes Trusted Root Certification Authority certificates
from this computer; and Key Service, which helps enroll this computer for
certificates. If this service is stopped, these management services will not
function properly. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs
Name: DcomLaunch
Description: Provides launch functionality for DCOM services.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost -k DcomLaunch
Name: Dhcp
Description: Manages network configuration by registering and updating IP
addresses and DNS names.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: dmserver
Description: Detects and monitors new hard disk drives and sends disk volume
information to Logical Disk Manager Administrative Service for
configuration. If this service is stopped, dynamic disk status and
configuration information may become out of date. If this service is
disabled, any services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: Dnscache
Description: Resolves and caches Domain Name System (DNS) names for this
computer. If this service is stopped, this computer will not be able to
resolve DNS names and locate Active Directory domain controllers. If this
service is disabled, any services that explicitly depend on it will fail to
start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k NetworkService
Name: ERSvc
Description: Allows error reporting for services and applictions running in
non-standard environments.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: Eventlog
Description: Enables event log messages issued by Windows-based programs and
components to be viewed in Event Viewer. This service cannot be stopped.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\services.exe
Name: helpsvc
Description: Enables Help and Support Center to run on this computer. If
this service is stopped, Help and Support Center will be unavailable. If
this service is disabled, any services that explicitly depend on it will
fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: lanmanserver
Description: Supports file, print, and named-pipe sharing over the network
for this computer. If this service is stopped, these functions will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: lanmanworkstation
Description: Creates and maintains client network connections to remote
servers. If this service is stopped, these connections will be unavailable.
If this service is disabled, any services that explicitly depend on it will
fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: LmHosts
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and
NetBIOS name resolution.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k LocalService
Name: Netman
Description: Manages objects in the Network and Dial-Up Connections folder,
in which you can view both local area network and remote connections.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: Nla
Description: Collects and stores network configuration and location
information, and notifies applications when this information changes.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: NProtectService
Description:
Startup Mode: Auto
Run from: C:\Program Files\Norton Utilities\NPROTECT.EXE
Name: PlugPlay
Description: Enables a computer to recognize and adapt to hardware changes
with little or no user input. Stopping or disabling this service will result
in system instability.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\services.exe
Name: PolicyAgent
Description: Manages IP security policy and starts the ISAKMP/Oakley (IKE)
and the IP security driver.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\lsass.exe
Name: ProtectedStorage
Description: Provides protected storage for sensitive data, such as private
keys, to prevent access by unauthorized services, processes, or users.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\lsass.exe
Name: RasMan
Description: Creates a network connection.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: RemoteRegistry
Description: Enables remote users to modify registry settings on this
computer. If this service is stopped, the registry can be modified only by
users on this computer. If this service is disabled, any services that
explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k LocalService
Name: RpcSs
Description: Provides the endpoint mapper and other miscellaneous RPC
services.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost -k rpcss
Name: SamSs
Description: Stores security information for local user accounts.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\lsass.exe
Name: Schedule
Description: Enables a user to configure and schedule automated tasks on
this computer. If this service is stopped, these tasks will not be run at
their scheduled times. If this service is disabled, any services that
explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: seclogon
Description: Enables starting processes under alternate credentials. If this
service is stopped, this type of logon access will be unavailable. If this
service is disabled, any services that explicitly depend on it will fail to
start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: SharedAccess
Description: Provides network address translation, addressing, name
resolution and/or intrusion prevention services for a home or small office
network.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: ShellHWDetection
Description:
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: Speed Disk service
Description:
Startup Mode: Auto
Run from: C:\Program Files\Speed Disk\nopdb.exe
Name: Spooler
Description: Loads files to memory for later printing.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\spoolsv.exe
Name: SSDPSRV
Description: Enables discovery of UPnP devices on your home network.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k LocalService
Name: TapiSrv
Description: Provides Telephony API (TAPI) support for programs that control
telephony devices and IP based voice connections on the local computer and,
through the LAN, on servers that are also running the service.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: TermService
Description: Allows multiple users to be connected interactively to a
machine as well as the display of desktops and applications to remote
computers. The underpinning of Remote Desktop (including RD for
Administrators), Fast User Switching, Remote Assistance, and Terminal
Server.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost -k DComLaunch
Name: Themes
Description: Provides user experience theme management.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: TrkWks
Description: Maintains links between NTFS files within a computer or across
computers in a network domain.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs
Name: VC5SecS
Description: Provides support for using virtual CD Drives
Startup Mode: Auto
Run from: C:\Program Files\HHVcdV5Sys\VC5SecS.exe
Name: W32Time
Description: Maintains date and time synchronization on all clients and
servers in the network. If this service is stopped, date and time
synchronization will be unavailable. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: WebClient
Description: Enables Windows-based programs to create, access, and modify
Internet-based files. If this service is stopped, these functions will not
be available. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k LocalService
Name: winmgmt
Description: Provides a common interface and object model to access
management information about operating system, devices, applications and
services. If this service is stopped, most Windows-based software will not
function properly. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs
Name: WmdmPmSN
Description: Retrieves the serial number of any portable media player
connected to this computer. If this service is stopped, protected content
might not be down loaded to the device.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: wscsvc
Description: Monitors system security settings and configurations.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Name: wuauserv
Description: Enables the download and installation of critical Windows
updates. If the service is disabled, the operating system can be manually
updated at the Windows Update Web site.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs
Name: WZCSVC
Description: Provides automatic configuration for the 802.11 adapters
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
Do you think it's a virus or something? What can be this caused by? Anyway,
what's that heave blunt object?? hehe, a Hammer?
)