Reply Part Two:
Here is main.txt:
Deckard's System Scanner v20071014.68
Run by Kevin on 2008-02-16 19:22:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
24: 2008-02-16 19:22:49 UTC - RP604 - Deckard's System Scanner Restore Point
23: 2008-02-16 19:01:38 UTC - RP603 - ComboFix created restore point
22: 2008-02-15 17:45:31 UTC - RP602 - System Checkpoint
21: 2008-02-14 17:30:46 UTC - RP601 - System Checkpoint
20: 2008-02-13 10:01:14 UTC - RP600 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-01-12 13:24:12 UTC - RP581 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Kevin.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:24:26, on 16/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\BT Home Hub\Help\SmartBridge\BTHelpNotifier.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MailWasher\MailWasher.exe
C:\Program Files\Qlock\qlock.exe
C:\Documents and Settings\Kevin\Desktop\mobmeter.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\Y8XSUJT2\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kevin.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bloomberg.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.club-vaio.sony-europe.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://uk.red.client...fo/bt_side.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bloomberg.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\SpyCatcher\SCActiveBlock.dll (file missing)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - (no file)
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\BT Home Hub\Help\SmartBridge\BTHelpNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MailWasherPro.lnk = C:\Program Files\MailWasher\MailWasher.exe
O4 - Startup: qlock.lnk = C:\Program Files\Qlock\qlock.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com/
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) -
http://zone.msn.com/...UI.cab55579.cabO16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) -
http://zone.msn.com/...dy.cab55579.cabO16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} -
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -
http://zone.msn.com/...at.cab55579.cabO16 - DPF: {62FA83F7-20EC-4D62-AC86-BAB705EE1CCD} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6B78B13A-6E99-4588-8EAB-C2399B202022} (iVocalize Web Conference 4 Setup) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn...ro.cab56649.cabO16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} (Java Plug-in 1.4.2_01) -
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) -
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) -
http://zone.msn.com/...xy.cab55579.cabO16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} -
http://download.abac...ent1.7.20.5.cabO16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (ZPA_Backgammon Object) -
http://zone.msn.com/...on.cab55579.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\sony\vaio media music server\SSSvr.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPcservice.exe
--
End of file - 9514 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 NDISRD - c:\windows\system32\drivers\ndisrd.sys
R1 OADevice (OADriver) - c:\windows\system32\drivers\oadriver.sys
R1 OAmon - c:\windows\system32\drivers\oamon.sys
R3 hexmagic - c:\windows\system32\drivers\hexmagic.sys (file missing)
S3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\progra~1\common~1\motive\mrendis5.sys (file missing)
S3 PAC7311 (Phenix-Q8) - c:\windows\system32\drivers\pa707ucm.sys <Not Verified; PixArt Imaging Inc.; PixArt Imaging Inc. PA707UCM>
S3 PPDrv (Protector Plus Driver (UnRegistered)) - c:\protector plus\ppdrv.sys (file missing)
S3 PPEMSCAN (Protector Plus Email Scan Driver) - c:\protector plus\ppemscan.sys (file missing)
S3 SDTHOOK - c:\windows\system32\drivers\sdthook.sys <Not Verified; Panda Software; Panda Antivirus>
S3 SE27bus (Sony Ericsson Device 039 Driver driver (WDM)) - c:\windows\system32\drivers\se27bus.sys <Not Verified; MCCI; Sony Ericsson Device 039 Driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 STI Simulator - c:\windows\system32\pastisvc.exe
R2 SvcOnlineArmor (Online Armor) - "c:\program files\tall emu\online armor\oasrv.exe" <Not Verified; Tall Emu; Online Armor Security Suite>
S3 AresChatServer (Ares Chatroom server) - c:\program files\ares\chatserver.exe (file missing)
S3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
S3 YPCService - c:\windows\system32\ypcservice.exe <Not Verified; Yahoo! Inc.; YPCService Module>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\19990C88004603
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\19990C88004603
Service: NIC1394
-- Files created between 2008-01-16 and 2008-02-16 -----------------------------
2008-02-16 19:00:48 68096 --a------ C:\WINDOWS\system32\zip.exe
2008-02-16 19:00:48 98816 --a------ C:\WINDOWS\system32\sed.exe
2008-02-16 19:00:48 80412 --a------ C:\WINDOWS\system32\grep.exe
2008-02-16 19:00:48 73728 --a------ C:\WINDOWS\system32\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-02-16 17:05:51 0 d-------- C:\Program Files\Trend Micro
2008-02-16 16:19:23 691545 --a------ C:\WINDOWS\unins000.exe
2008-02-16 16:19:23 3446 --a------ C:\WINDOWS\unins000.dat
2008-02-16 13:35:03 44928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda Antivirus>
2008-02-16 13:18:15 0 d-------- C:\WINDOWS\system32\ActiveScan
2008-02-16 11:44:11 0 dr-h----- C:\Documents and Settings\Kevin\Recent
2008-02-16 09:13:14 0 d-------- C:\Documents and Settings\Kevin\Application Data\Grisoft
2008-02-10 22:57:19 0 d-------- C:\Documents and Settings\Kevin\Application Data\AVG7
2008-02-10 22:56:59 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-02-10 22:56:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-10 22:56:13 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-02-09 20:45:15 0 d-------- C:\Documents and Settings\Kevin\Application Data\Tenebril
2008-02-09 20:36:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Tenebril
2008-02-09 20:32:18 0 d-------- C:\WINDOWS\system32\tenarchlib
2008-02-09 20:32:18 180224 --a-s---- C:\WINDOWS\system32\archlib.dll <Not Verified; Tenebril Incorporated; Tenebril architecture technology>
2008-02-09 19:25:14 0 d-------- C:\Program Files\Agnitum
2008-02-09 19:25:14 0 d-------- C:\Documents and Settings\Kevin\Application Data\Ringjacker
2008-01-28 23:00:15 7602176 --a------ C:\Documents and Settings\Kevin\ntuser.dat
2008-01-19 21:57:53 0 d-------- C:\Program Files\Google
-- Find3M Report ---------------------------------------------------------------
2008-02-16 18:42:11 0 d-------- C:\Program Files\Lx_cats
2008-02-16 16:58:09 0 d-------- C:\Documents and Settings\Kevin\Application Data\MailWasherPro
2008-02-16 16:57:49 0 d-------- C:\Documents and Settings\Kevin\Application Data\OnlineArmor
2008-02-16 14:19:22 0 d-------- C:\Program Files\Qlock
2008-02-16 14:12:29 0 d-------- C:\Program Files\MailWasher
2008-02-16 14:12:12 0 d-------- C:\Program Files\Lexmark 5400 Series
2008-02-15 07:46:25 0 d-------- C:\Program Files\eSignal
2008-02-14 22:57:16 0 d-------- C:\Documents and Settings\Kevin\Application Data\Skype
2008-02-14 18:57:29 0 d-------- C:\Documents and Settings\Kevin\Application Data\skypePM
2008-02-10 16:41:41 0 d-------- C:\Program Files\Satellite TV for PC
2008-01-10 23:54:08 921632 --a------ C:\PA7311.DAT
2008-01-09 23:37:05 0 d-------- C:\Program Files\MySpeed PC2
2007-12-27 20:04:53 0 d-------- C:\Program Files\Tall Emu
2007-12-27 19:57:01 0 d-------- C:\Program Files\YesTrader
2007-12-27 19:57:01 0 d-------- C:\Program Files\Windows NT
2007-12-27 19:57:01 0 d-------- C:\Program Files\Windows Media Connect 2
2007-12-27 19:57:01 0 d-------- C:\Program Files\VisualRoute
2007-12-27 19:57:01 0 d-------- C:\Program Files\TVUPlayer
2007-12-27 19:57:01 0 d-------- C:\Program Files\TVAnts
2007-12-27 19:57:00 0 d-------- C:\Program Files\QuickTime
2007-12-27 19:57:00 0 d-------- C:\Program Files\Phenix-Q8
2007-12-27 19:57:00 0 d-------- C:\Program Files\PC Connectivity Solution
2007-12-27 19:57:00 0 d-------- C:\Program Files\MySpeed PC
2007-12-27 19:57:00 0 d-------- C:\Program Files\MSN Messenger
2007-12-27 19:57:00 0 d-------- C:\Program Files\Movie Maker
2007-12-27 19:57:00 0 d-------- C:\Program Files\MoodLogic
2007-12-27 19:57:00 0 d-------- C:\Program Files\Microsoft Works
2007-12-27 19:57:00 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-12-27 19:56:59 0 d-------- C:\Program Files\iVocalize Web Conference 4
2007-12-27 19:56:58 0 d-------- C:\Program Files\eMini-Master.com
2007-12-27 19:56:58 0 d-------- C:\Program Files\Common Files\Skype
2007-12-27 19:56:58 0 d-------- C:\Program Files\Common Files\PCCamera
2007-12-27 19:56:57 0 d-------- C:\Program Files\Common Files\InstallerA
2007-12-27 19:56:57 0 d-------- C:\Program Files\CCleaner
2007-12-27 19:56:57 0 d-------- C:\Program Files\BTopenworld
2007-12-27 19:56:57 0 d-------- C:\Program Files\BT Home Hub
2007-12-27 19:56:56 0 d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2007-12-27 19:56:54 0 d-------- C:\Documents and Settings\Kevin\Application Data\Media Player Classic
2007-12-24 15:56:59 0 d-------- C:\Program Files\Common Files\Agnitum Shared
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"="Ati2mdxx.exe" [04/09/2001 15:24 C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [19/12/2003 21:00]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [20/11/2003 15:19]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [20/11/2003 15:18]
"Mouse Suite 98 Daemon"="ICO.EXE" [14/03/2002 16:46 C:\WINDOWS\system32\ico.exe]
"HKSERV.EXE"="C:\Program Files\Sony\HotKey Utility\HKserv.exe" [02/12/2003 00:36]
"SonyPowerCfg"="C:\Program Files\sony\vaio power management\SPMgr.exe" [24/10/2003 17:21]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [21/06/2006 19:27]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 00:11]
"Motive SmartBridge"="C:\PROGRA~1\BT Home Hub\Help\SmartBridge\BTHelpNotifier.exe" [06/02/2006 18:52]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 18:51]
"LXCTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [21/11/2006 12:27]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [10/02/2008 22:56]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 09:25]
"OnlineArmor GUI"="C:\Program Files\Tall Emu\Online Armor\oaui.exe" [16/11/2007 07:51]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 07:56]
C:\Documents and Settings\Kevin\Start Menu\Programs\Startup\
MailWasherPro.lnk - C:\Program Files\MailWasher\MailWasher.exe [20/12/2007 09:23:27]
qlock.lnk - C:\Program Files\Qlock\qlock.exe [20/03/2006 09:04:32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [16/11/2007 07:50 633344]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\btbb_wcm_McciTrayApp]
C:\Program Files\btbb_wcm\McciTrayApp.exe
*Newly Created Service* - HEXMAGIC
-- End of Deckard's System Scanner: finished at 2008-02-16 19:26:54 ------------
and here is extra.txt
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Mobile Intel® Pentium® 4 CPU 2.80GHz
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 958.98 MiB / 529.12 MiB
Pagefile Memory (total/avail): 1932.79 MiB / 1572.66 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1930.77 MiB
C: is Fixed (NTFS) - 18.63 GiB total, 3.47 GiB free.
D: is Fixed (NTFS) - 18.62 GiB total, 14.83 GiB free.
E: is Removable (No Media)
F: is CDROM (No Media)
\\.\PHYSICALDRIVE1 - MemoryStick or MemoryStickPro Device
\\.\PHYSICALDRIVE0 - HITACHI_DK23FA-40 - 37.26 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 18.63 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 18.62 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
AntiVirusDisableNotify is set.
FW: Online Armor Firewall v2.1.0.31 (Tall Emu)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: AVG 7.5.516 v7.5.516 (Grisoft)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
Disabled[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Kevin\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=KEVINFORD
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Kevin
LOGONSERVER=\\KEVINFORD
NpmLib=C:\Program Files\Norman\Npm\Bin
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\PC Connectivity Solution\;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Norman\Npm\Bin;;C:\PROGRA~1\YESTRA~1;C:\PROGRA~1\YesTrader
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Kevin\LOCALS~1\Temp
TMP=C:\DOCUME~1\Kevin\LOCALS~1\Temp
USERDOMAIN=KEVINFORD
USERNAME=Kevin
USERPROFILE=C:\Documents and Settings\Kevin
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Kevin
(admin)Administrator
(admin)Guest
(new local, guest)-- Add/Remove Programs ---------------------------------------------------------
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
--> C:\PROGRA~1\BT Home Hub\Help\Uninstall.exe btbb
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Photoshop Album 2.0 Starter Edition --> MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}
Adobe Photoshop Elements 2.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.dll"
Adobe Premiere 6 LE --> C:\Program Files\Adobe\Premiere 6 LE\UNINST.EXE -f"C:\Program Files\Adobe\Premiere 6 LE\DeIsL1.isu" -c"C:\Program Files\Adobe\Premiere 6 LE\Uninst.dll"
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
BT Home Hub --> C:\Program Files\BT Home Hub\Uninstall.exe
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CT Conference --> MsiExec.exe /X{794C3B22-5112-42B0-AF61-62BEAAD65964}
DVgate Plus --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{685BCC47-B8EC-45EC-BBCE-77DF2451502C}\setup.exe"
eSignal --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03EA3D6E-D92B-11D0-892B-00A0C91827B3}\setup.exe" -uninst
GoToMeeting/GoToWebinar 3.0.0.190 --> C:\Program Files\Citrix\GoToMeeting\190\G2MUninstall.exe /uninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HotKey Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BB311F54-39D6-4A03-8E18-053D1B2833D7}\Setup.exe" -l0x9
InterVideo WinDVD 5 for VAIO --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iVocalize Web Conference 4 --> rundll32 C:\WINDOWS\system32\iv4.dll,uninstall
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java 2 Runtime Environment, SE v1.4.2_01 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142010}
Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
K-Lite Codec Pack 3.5.7 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
LAN-Express AS IEEE 802.11 Wireless LAN --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}\Setup.exe" -l0x9
Lexmark 5400 Series --> C:\Program Files\Lexmark 5400 Series\Install\x86\Uninst.exe
MailWasher Free --> "C:\Program Files\MailWasher\unins000.exe"
Memory Stick Formatter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27337663-2619-11D4-99DC-0000F49094C7}\Setup.exe" -l0x9 /UNINSTALL
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works 7.0 --> MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
MJH3 dba eMini-Master.com PRO Toolset 2.90f --> C:\WINDOWS\UnDeploy.exe "C:\Program Files\Deploy4.log"
MoodLogic --> C:\WINDOWS\ml-uninstall-v10.exe
Music Visualizer Library 1.4.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}\Setup.exe" -l0x9
Online Armor 2.0 --> "C:\Program Files\Tall Emu\Online Armor\unins000.exe"
OpenMG Secure Module 3.3.01 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FA1C51C-6E35-42C1-B2EC-DC9FA1E20694}\setup.exe" -l0x9 UNINSTALL
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PC Connectivity Solution --> MsiExec.exe /I{C9BBA7C4-39F2-45B9-876F-26A6783833E7}
Phenix-Q8 -->
Phenix-Q8 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{80C55DE8-60DD-4030-9E5A-FA6D56F0DB6F} /l1033
PictureGear Studio 2.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88DA0A52-3372-4803-971A-ADFB961707E8}\Setup.exe"
Qlock Lite --> "C:\Program Files\Qlock\uninstall.exe"
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\System32\QuickTime\Uninstall.log
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
SimInfinityAT --> C:\Program Files\InstallShield Installation Information\{E989FC1C-0643-4F54-A04E-828CC1D5BD73}\Setup.exe
Skype 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SoftV92 Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_10B9&DEV_5457&SUBSYS_8175104D\HXFSETUP.EXE -U -IVEN_10B9&DEV_5457&SUBSYS_8175104D
SonicStage 1.6.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}\setup.exe" -l0x9 UNINSTALL
Sony Notebook Setup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{936FADC9-C609-471A-B6F2-A33E2E660D1A}\Setup.exe" -l0x9
Sony USB Mouse --> Pmuninst.exe MouseSuite98
Sony Utilities DLL --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\Setup.exe" -l0x9
Sony Video Shared Library --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6990A2BF-D1D2-11D3-81BC-00609789C908}\setup.exe"
Spybot - Search & Destroy 1.5.2.20 --> "C:\WINDOWS\unins000.exe"
StationRipper 2.35 --> C:\Program Files\Ratajik Software\StationRipper\uninstall-StationRipper.exe
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TTM --> C:\WINDOWS\TTM Uninstaller.exe
TVAnts 1.0 --> C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
TVUPlayer 2.3.3.2 --> C:\Program Files\TVUPlayer\uninst.exe
VAIO BrightColor Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D1D6640-CD43-4AD9-A52F-E48265DB28E0}\Setup.exe" -l0x9
VAIO Clock Screen Saver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1D057E97-A116-4BF9-B307-83C3FBD86515}\Setup.exe" -l0x9
VAIO DeepSea Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3147661C-2807-49EC-B971-3B0F23D95018}\Setup.exe" -l0x9
VAIO Media 2.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EB317D8-8945-4FD6-B37F-DF470317C6AB}\Setup.exe" -l0x9 UNINSTALL
VAIO Media Music Server 2.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF733005-0F40-11D6-9254-0000F460E7A9}\Setup.exe" -l0x9 UNINSTALL
VAIO Media Photo Server 2.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6587A1E-A87D-4CF9-9BA6-CE2CEB58950E}\Setup.exe" -l0x9
VAIO Media Platform 2.5 -->
VAIO Media Redistribution 2.5 -->
VAIO Nature Screen Saver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8F4BB224-F0EB-433C-BF93-62AAB092D414}\Setup.exe" -l0x9
VAIO Power Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{545DB151-1514-4FFC-BF2F-FE8FBBD06987}\Setup.exe" -l0x9
WebFldrs XP -->
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type490 / Success
Event Submitted/Written: 02/16/2008 05:12:20 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type488 / Error
Event Submitted/Written: 02/16/2008 05:02:29 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.3156, faulting module explorer.exe, version 6.0.2900.3156, fault address 0x000118b8.
Processing media-specific event for [explorer.exe!ws!]
Event Record #/Type483 / Error
Event Submitted/Written: 02/16/2008 11:47:06 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application explorer.exe, version 6.0.2900.3156, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type482 / Error
Event Submitted/Written: 02/16/2008 11:46:31 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.3156, faulting module explorer.exe, version 6.0.2900.3156, fault address 0x000118b8.
Processing media-specific event for [explorer.exe!ws!]
Event Record #/Type480 / Error
Event Submitted/Written: 02/16/2008 11:37:07 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application explorer.exe, version 6.0.2900.3156, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type42446 / Error
Event Submitted/Written: 02/16/2008 11:35:00 AM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The Computer Browser service terminated with the following error:
%%1460
Event Record #/Type42430 / Error
Event Submitted/Written: 02/16/2008 11:29:53 AM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error:
%%6
Event Record #/Type42425 / Error
Event Submitted/Written: 02/16/2008 11:25:12 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Record #/Type42424 / Error
Event Submitted/Written: 02/16/2008 11:24:55 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Event Record #/Type42423 / Error
Event Submitted/Written: 02/16/2008 09:26:24 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AFD
AVG Anti-Spyware Driver
Avg7Core
Avg7RsW
Avg7RsXP
DMICall
Fips
intelppm
IPSec
MRxSmb
NDISRD
NetBIOS
NetBT
OADevice
OAmon
RasAcd
Rdbss
Tcpip
-- End of Deckard's System Scanner: finished at 2008-02-16 19:26:54 ------------