Blue screen of death.. slow

View previous topic View next topic Go down

Blue screen of death.. slow

Post by XenoFire on Mon Nov 30, 2009 3:15 am

Hey guys, my computer has been running a little slow and i cant figure out why. Everytime i turn it on i get the blue screen of death.. takes 4 - 5 reboots to get it to start up. Start up is really slow.

This is the hijackthis log :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:12:14 PM, on 11/29/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\ModPS2Key.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Spare Backup\SpareBackup.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Opera\Opera.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [ModPS2] ModPS2Key.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Spare Backup] "C:\Program Files\Spare Backup\SpareBackup.exe" /silent
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - [You must be registered and logged in to see this link.]
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7591 bytes


Hope you can help, thank you.

Sincerely,

XenoFire
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-02-21
OS OS : Windows Vista Home Premium - 32 bit -
Points Points : 28493
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue screen of death.. slow

Post by Dr Jay on Mon Nov 30, 2009 6:48 am

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302059
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue screen of death.. slow

Post by XenoFire on Mon Nov 30, 2009 8:08 pm

ComboFix 09-11-30.01 - Gui 11/30/2009 13:55.1.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1952 [GMT -5:00]
Running from: c:\users\Gui\Desktop\commy.exe
Command switches used :: /stepdel
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-709709059-3222979289-793487201-500
c:\$recycle.bin\S-1-5-21-709709059-3222979289-793487201-500\desktop.ini
c:\windows\system32\gatherWirelessInfo.vbs

.
((((((((((((((((((((((((( Files Created from 2009-10-28 to 2009-11-30 )))))))))))))))))))))))))))))))
.

2009-11-30 19:42 . 2009-11-30 20:00 4096 d-----w- c:\users\Gui\AppData\Local\temp
2009-11-30 19:42 . 2009-11-30 19:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-30 03:54 . 2008-01-19 07:36 448512 ----a-w- c:\windows\system32\termsrv.dll
2009-11-30 03:53 . 2008-01-19 07:42 94776 ----a-w- c:\windows\system32\MigAutoPlay.exe
2009-11-30 03:51 . 2008-01-19 07:34 246784 ----a-w- c:\windows\system32\drvstore.dll
2009-11-30 03:51 . 2008-01-19 07:35 35328 ----a-w- c:\windows\system32\mspatcha.dll
2009-11-30 03:51 . 2008-01-19 07:34 258560 ----a-w- c:\windows\system32\dpx.dll
2009-11-30 03:51 . 2008-01-19 07:34 305152 ----a-w- c:\windows\system32\msdelta.dll
2009-11-30 03:11 . 2009-11-30 03:11 -------- d-----w- c:\program files\Trend Micro
2009-11-25 17:36 . 2009-10-29 09:41 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-24 20:16 . 2009-08-10 11:01 1399296 ----a-w- c:\windows\system32\msxml6.dll
2009-11-24 20:16 . 2009-08-10 11:00 1257472 ----a-w- c:\windows\system32\msxml3.dll
2009-11-20 05:56 . 2009-11-20 05:56 -------- d-----w- c:\users\Gui\AppData\Local\Microsoft Help
2009-11-20 05:44 . 2009-11-20 06:00 4096 d-----w- c:\users\Gui\AppData\Roaming\GetRightToGo
2009-11-17 07:04 . 2009-11-17 07:04 -------- d-----w- C:\PerfLogs
2009-11-16 20:26 . 2009-11-16 20:26 397328 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\oeas.dll
2009-11-16 20:26 . 2009-11-16 20:26 17936 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\kloehk.dll
2009-11-16 20:26 . 2009-11-16 20:26 109072 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mzvkbd3.dll
2009-11-16 20:26 . 2009-11-16 20:26 311312 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\sys\i386\6.0\klif.sys
2009-11-16 05:56 . 2009-11-27 03:26 1 ----a-w- c:\users\Gui\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-11-16 05:56 . 2009-11-16 05:56 -------- d-----w- c:\users\Gui\AppData\Roaming\OpenOffice.org
2009-11-14 03:44 . 2008-07-08 16:45 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin
2009-11-14 03:38 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-11-14 03:38 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-11-13 06:19 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-11-13 06:19 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-11-13 06:19 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-11-13 06:19 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-11-13 06:19 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-11-13 06:19 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-11-13 06:19 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-11-13 06:19 . 2009-08-07 03:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-11-13 06:19 . 2009-08-07 02:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-11-12 19:58 . 2009-11-12 20:00 -------- d-----w- c:\users\Gui\AppData\Local\Adobe
2009-11-12 06:24 . 2009-08-14 13:53 2035712 ----a-w- c:\windows\system32\win32k.sys
2009-11-12 06:24 . 2009-08-10 13:05 351232 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-11 21:38 . 2009-11-11 21:44 -------- d-----w- C:\Westwood
2009-11-10 02:24 . 2009-11-10 02:31 -------- d-----w- c:\users\Gui\AppData\Roaming\HP
2009-11-10 02:24 . 2009-11-10 02:24 -------- d-----w- c:\users\Gui\AppData\Local\HP
2009-11-09 18:40 . 2009-11-09 18:40 -------- d-----w- c:\programdata\HP Product Assistant
2009-11-09 18:37 . 2009-11-09 18:37 -------- d-----w- c:\program files\Common Files\HP
2009-11-09 18:37 . 2009-11-09 18:37 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-11-09 18:37 . 2009-11-09 18:37 -------- d-----w- c:\program files\Hewlett-Packard
2009-11-09 18:36 . 2009-11-09 18:36 -------- d-----w- c:\programdata\Hewlett-Packard
2009-11-09 18:34 . 2007-11-07 02:10 271704 ----a-w- c:\windows\system32\hpzids01.dll
2009-11-09 18:34 . 2007-11-06 03:07 118272 ----a-w- c:\windows\system32\hpz3l5mu.dll
2009-11-09 18:34 . 2007-10-31 10:35 729088 ----a-w- c:\windows\system32\hpwwiax4.dll
2009-11-09 18:34 . 2007-10-31 10:35 593920 ----a-w- c:\windows\system32\hpwtscl3.dll
2009-11-09 18:34 . 2007-01-17 16:37 364544 ----a-w- c:\windows\system32\hppldcoi.dll
2009-11-09 18:34 . 2007-01-17 16:37 309760 ----a-w- c:\windows\system32\difxapi.dll
2009-11-09 18:34 . 2007-01-17 16:31 294912 ----a-w- c:\windows\system32\hpovst11.dll
2009-11-09 18:34 . 2008-01-07 14:10 10563 ----a-r- c:\windows\hpwscr19.dat
2009-11-09 18:34 . 2007-11-07 02:15 1140056 ----a-r- c:\windows\hpzmsi01.exe
2009-11-09 18:34 . 2007-11-07 02:04 1373528 ----a-r- c:\windows\hpzshl01.exe
2009-11-09 18:34 . 2009-11-09 18:34 -------- d-----w- c:\windows\yellowtail
2009-11-09 18:33 . 2009-11-09 18:40 -------- d-----w- c:\program files\HP
2009-11-09 18:31 . 2009-11-10 02:25 176622 ----a-w- c:\windows\hpwins19.dat
2009-11-09 18:31 . 2008-01-07 14:08 997 ----a-r- c:\windows\hpwmdl19.dat
2009-11-09 18:31 . 2009-11-09 18:40 -------- d-----w- c:\programdata\HP
2009-11-09 18:17 . 2009-11-09 18:17 269312 ----a-w- c:\windows\system32\es.dll
2009-11-09 05:19 . 2009-11-09 05:52 -------- d-----w- c:\users\Gui\AppData\Local\Microsoft Games
2009-11-09 02:48 . 2009-11-09 02:48 -------- d-----w- c:\users\Gui\AppData\Roaming\acccore
2009-11-09 02:48 . 2009-11-10 05:37 -------- d-----w- c:\users\Gui\AppData\Local\AIM
2009-11-09 02:48 . 2009-11-09 02:48 -------- d-----w- c:\users\Gui\AppData\Local\AOL
2009-11-09 02:48 . 2009-11-09 02:48 -------- d-----w- c:\programdata\AIM
2009-11-09 02:48 . 2009-11-09 02:48 8192 d-----w- c:\program files\AIM
2009-11-09 02:47 . 2009-11-09 02:47 -------- d-----w- c:\program files\Common Files\Software Update Utility
2009-11-09 02:47 . 2009-11-09 02:47 -------- d-----w- c:\program files\Common Files\AOL
2009-11-09 00:13 . 2009-11-09 00:13 -------- d-----w- c:\program files\JRE
2009-11-09 00:12 . 2009-11-09 00:13 4096 d-----w- c:\program files\OpenOffice.org 3
2009-11-09 00:11 . 2009-11-09 00:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-08 23:49 . 2009-11-08 23:49 105731 ----a-w- c:\users\Gui\AppData\Roaming\NoNameScript\nnuninstall.exe
2009-11-08 23:49 . 2009-11-24 06:52 4096 d-----w- c:\users\Gui\AppData\Roaming\NoNameScript
2009-11-08 23:49 . 2009-11-10 06:48 4096 d-----w- c:\program files\mIRC
2009-11-08 23:49 . 2009-11-08 23:49 -------- d-----w- c:\users\Gui\AppData\Roaming\mIRC
2009-11-08 14:48 . 2009-11-08 14:48 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-11-08 14:48 . 2009-11-08 14:48 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-11-08 14:48 . 2009-11-08 14:48 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-11-08 14:48 . 2009-11-08 14:48 443392 ----a-w- c:\windows\system32\win32spl.dll
2009-11-08 14:48 . 2009-11-08 14:48 37888 ----a-w- c:\windows\system32\printcom.dll
2009-11-08 14:48 . 2009-11-08 14:48 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-11-08 14:48 . 2009-11-08 14:48 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-11-08 14:47 . 2009-11-08 14:47 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-11-08 09:54 . 2009-11-08 09:54 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-11-08 09:54 . 2009-11-08 09:54 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-11-08 09:54 . 2009-11-08 09:54 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-11-08 09:54 . 2009-11-08 09:54 272896 ----a-w- c:\windows\system32\polstore.dll
2009-11-08 09:53 . 2009-11-08 09:53 94720 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-11-08 09:53 . 2009-11-08 09:53 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-11-08 09:53 . 2009-11-08 09:53 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-11-08 09:52 . 2009-11-08 09:52 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-08 09:52 . 2009-11-08 09:52 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-08 09:52 . 2009-11-08 09:52 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-08 09:52 . 2009-11-08 09:52 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-08 09:52 . 2009-11-08 09:52 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-08 09:52 . 2009-11-08 09:52 17920 ----a-w- c:\windows\system32\netevent.dll
2009-11-08 09:52 . 2009-11-08 09:52 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-08 09:52 . 2009-11-08 09:52 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-08 09:52 . 2009-11-08 09:52 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-08 09:52 . 2009-11-08 09:52 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-11-08 09:49 . 2009-11-08 09:49 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-08 09:49 . 2009-11-08 09:49 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-08 09:49 . 2009-11-08 09:49 64512 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-08 09:49 . 2009-11-08 09:49 513024 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-08 09:49 . 2009-11-08 09:49 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-11-08 09:49 . 2009-11-08 09:49 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-08 09:47 . 2009-11-08 09:47 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-11-08 09:47 . 2009-11-08 09:47 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-11-08 09:47 . 2009-11-08 09:47 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-11-08 09:47 . 2009-11-08 09:47 23552 ----a-w- c:\windows\system32\lpk.dll
2009-11-08 09:47 . 2009-11-08 09:47 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-11-08 09:47 . 2009-11-08 09:47 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-11-08 09:46 . 2009-11-08 09:46 9728 ----a-w- c:\windows\system32\lsass.exe
2009-11-08 09:46 . 2009-11-08 09:46 72704 ----a-w- c:\windows\system32\secur32.dll
2009-11-08 09:46 . 2009-11-08 09:46 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-11-08 09:46 . 2009-11-08 09:46 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-08 09:46 . 2009-11-08 09:46 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-11-08 09:46 . 2009-11-08 09:46 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-11-08 09:45 . 2009-11-08 09:45 98816 ----a-w- c:\windows\system32\mfps.dll
2009-11-08 09:45 . 2009-11-08 09:45 2868224 ----a-w- c:\windows\system32\mf.dll
2009-11-08 09:45 . 2009-11-08 09:45 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-11-08 09:45 . 2009-11-08 09:45 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-11-08 09:45 . 2009-11-08 09:45 2048 ----a-w- c:\windows\system32\mferror.dll
2009-11-08 09:44 . 2009-11-08 09:44 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-11-08 09:41 . 2009-11-08 09:41 71680 ----a-w- c:\windows\system32\atl.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-30 19:58 . 2009-11-08 07:15 34705 ----a-w- c:\programdata\nvModes.dat
2009-11-30 06:10 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-11-30 06:10 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-11-30 06:10 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration
2009-11-30 06:10 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-11-30 06:10 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery
2009-11-30 06:10 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal
2009-11-30 06:10 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-11-30 05:32 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-30 04:30 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-11-30 04:30 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-11-30 04:07 . 2009-11-08 08:20 8192 d-----w- c:\users\Gui\AppData\Roaming\LimeWire
2009-11-20 06:00 . 2007-01-17 09:16 8192 d-----w- c:\programdata\Microsoft Help
2009-11-14 03:39 . 2007-01-17 09:04 -------- d-----w- c:\program files\CONEXANT
2009-11-09 00:11 . 2007-01-17 09:20 4096 d-----w- c:\program files\Java
2009-11-08 09:23 . 2009-11-08 09:23 2599936 ----a-w- c:\windows\system32\NlsData0001.dll
2009-11-08 09:17 . 2009-11-08 09:17 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2009-11-08 08:06 . 2007-01-17 09:05 12288 d-----w- c:\program files\Common Files\Symantec Shared
2009-11-08 07:43 . 2007-01-17 09:05 4096 d-----w- c:\programdata\Symantec
2009-11-08 07:39 . 2007-01-17 09:28 -------- d-----w- c:\programdata\Napster
2009-11-08 07:39 . 2007-01-17 09:09 4096 d--h--w- c:\program files\InstallShield Installation Information
2009-11-08 07:12 . 2009-11-08 02:19 680 ----a-w- c:\users\Gui\AppData\Local\d3d9caps.dat
2009-11-08 02:19 . 2009-11-08 02:19 -------- d-----w- c:\users\Gui\AppData\Roaming\SampleView
2009-11-08 02:17 . 2009-11-08 02:17 -------- d-sh--we c:\programdata\Templates
2009-11-08 02:17 . 2009-11-08 02:17 -------- d-sh--we c:\programdata\Start Menu
2009-11-08 02:17 . 2009-11-08 02:17 -------- d-sh--we c:\programdata\Favorites
2009-11-08 02:17 . 2009-11-08 02:17 -------- d-sh--we c:\programdata\Documents
2009-11-08 02:17 . 2009-11-08 02:17 -------- d-sh--we c:\programdata\Desktop
2009-10-29 04:58 . 2009-10-29 04:58 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-21 04:34 . 2009-10-21 04:34 219664 ----a-w- c:\windows\system32\klogon.dll
2009-10-20 16:54 . 2009-10-20 16:54 59992 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe
2009-10-15 05:18 . 2009-10-15 05:18 36880 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-10-03 03:39 . 2009-10-03 03:39 19472 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2009-09-28 01:47 . 2009-09-28 01:47 2173544 ----a-w- c:\windows\system32\nvcplui.exe
2009-09-28 01:47 . 2009-09-28 01:47 92776 ----a-w- c:\windows\system32\nvmctray.dll
2009-09-28 01:47 . 2009-09-28 01:47 805480 ----a-w- c:\windows\system32\nvsvc.dll
2009-09-28 01:47 . 2009-09-28 01:47 4033128 ----a-w- c:\windows\system32\nvvitvs.dll
2009-09-28 01:47 . 2009-09-28 01:47 3553896 ----a-w- c:\windows\system32\nvgames.dll
2009-09-28 01:47 . 2009-09-28 01:47 3172968 ----a-w- c:\windows\system32\nvwss.dll
2009-09-28 01:47 . 2009-09-28 01:47 215656 ----a-w- c:\windows\system32\nvvsvc.exe
2009-09-28 01:47 . 2009-09-28 01:47 195176 ----a-w- c:\windows\system32\nvmccss.dll
2009-09-28 01:47 . 2009-09-28 01:47 150120 ----a-w- c:\windows\system32\nvshext.dll
2009-09-28 01:47 . 2009-09-28 01:47 1309288 ----a-w- c:\windows\system32\nvsvs.dll
2009-09-28 01:47 . 2009-09-28 01:47 1292904 ----a-w- c:\windows\system32\nvmobls.dll
2009-09-28 01:46 . 2009-09-28 01:46 4942440 ----a-w- c:\windows\system32\nvdisps.dll
2009-09-28 01:46 . 2009-09-28 01:46 13949544 ----a-w- c:\windows\system32\nvcpl.dll
2009-09-28 00:12 . 2009-09-28 00:12 9509832 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2009-09-28 00:12 . 2009-09-28 00:12 795104 ----a-w- c:\windows\system32\dpinst.exe
2009-09-28 00:12 . 2009-09-28 00:12 7614056 ----a-w- c:\windows\system32\nvd3dum.dll
2009-09-28 00:12 . 2009-09-28 00:12 490088 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-28 00:12 . 2009-09-28 00:12 3310184 ----a-w- c:\windows\system32\nvwgf2um.dll
2009-09-28 00:12 . 2009-09-28 00:12 2169448 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-28 00:12 . 2009-09-28 00:12 1997416 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-28 00:12 . 2009-09-28 00:12 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-28 00:12 . 2009-09-28 00:12 170600 ----a-w- c:\windows\system32\nvcod167.dll
2009-09-28 00:12 . 2009-09-28 00:12 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-28 00:12 . 2009-09-28 00:12 11197032 ----a-w- c:\windows\system32\nvoglv32.dll
2009-09-28 00:12 . 2009-09-28 00:12 1074280 ----a-w- c:\windows\system32\nvapi.dll
2009-09-14 22:46 . 2009-09-14 22:46 21520 ----a-w- c:\windows\system32\drivers\klim6.sys
2009-09-10 03:01 . 2009-09-10 03:01 27675 ----a-w- c:\windows\system32\drivers\klopp.dat
2009-09-01 23:29 . 2009-09-01 23:29 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"Spare Backup"="c:\program files\Spare Backup\SpareBackup.exe" [2007-09-14 5252936]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-21 340456]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-09 149280]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-23 80896]
"CHotkey"="zHotkey.exe" - c:\windows\zHotkey.exe [2006-11-07 547840]
"ShowWnd"="ShowWnd.exe" - c:\windows\ShowWnd.exe [2005-01-27 36864]
"ModPS2"="ModPS2Key.exe" - c:\windows\ModPS2Key.exe [2006-11-07 53248]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-10-31 4702208]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-10-11 1826816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-07-13 40072]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BigFix.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BigFix.lnk
backup=c:\windows\pss\BigFix.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Gui^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\Gui\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Gui^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
path=c:\users\Gui\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [10/15/2009 12:18 AM 36880]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [9/14/2009 5:46 PM 21520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [9/27/2009 7:48 PM 240232]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [10/2/2009 10:39 PM 19472]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\System32\drivers\NETw2v32.sys [11/2/2006 5:25 AM 2589184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - [You must be registered and logged in to see this link.]
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Activation Assistant for the 2007 Microsoft Office suites - c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe REMOVE=TRUE MODIFY=FALSE
AddRemove-mIRC - c:\program files\mIRC\uninstall.exe _?=c:\program files\mIRC
AddRemove-NVIDIA Drivers - c:\windows\system32\nvuninst.exe UninstallGUI



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-11-30 14:58
Windows 6.0.6001 Service Pack 1 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...


c:\windows\TEMP\TMP000000404FB0CA5F1783BF06 524288 bytes

scan completed successfully
hȋdden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(2292)
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\system32\DllHost.exe
c:\windows\System32\wsqmcons.exe
.
**************************************************************************
.
Completion time: 2009-11-30 15:06 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-30 20:06

Pre-Run: 453,054,963,712 bytes free
Post-Run: 453,572,698,112 bytes free

- - End Of File - - 09E470C640D0A9E340D7A2A197F84094

Sincerely,

XenoFire
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-02-21
OS OS : Windows Vista Home Premium - 32 bit -
Points Points : 28493
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue screen of death.. slow

Post by Dr Jay on Mon Nov 30, 2009 8:30 pm

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302059
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue screen of death.. slow

Post by XenoFire on Tue Dec 01, 2009 4:05 am

Malwarebytes' Anti-Malware 1.41
Database version: 3263
Windows 6.0.6001 Service Pack 1

11/30/2009 11:05:21 PM
mbam-log-2009-11-30 (23-05-21).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 241863
Time elapsed: 1 hour(s), 6 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Sincerely,

XenoFire
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-02-21
OS OS : Windows Vista Home Premium - 32 bit -
Points Points : 28493
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue screen of death.. slow

Post by Dr Jay on Tue Dec 01, 2009 10:46 am

Please do a scan with [You must be registered and logged in to see this link.]

Click on the Accept button and install any components it needs.

  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302059
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue screen of death.. slow

Post by XenoFire on Tue Dec 01, 2009 7:52 pm

It doesn't let me do the scan. I get an error message telling me to go to the kaspersky website and do it from there, but i cant find it there. Though i have Kaspersky Internet Security 2010 installed on my computer and scans don't pick up on anything.

Sincerely,

XenoFire
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-02-21
OS OS : Windows Vista Home Premium - 32 bit -
Points Points : 28493
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue screen of death.. slow

Post by Dr Jay on Tue Dec 01, 2009 9:07 pm

Even full scan?

Just a side note, I love KIS 2010.

Try another full scan, and post a log report.

==

Open Kaspersky Internet Security 9

  • Select the tab Scan My Computer and click Start Full Scan.
  • When finished it will say under Start Full Scan "Completed * minutes ago." (*=wildcard). Click on the blue link "Completed * minutes ago."
  • It will display a small report of objects found, etc. Click on the Detailed Report link at the bottom of that small window.
  • The detailed report will display a more detailed report of objects found. Click the Save button at the top right of the screen. When saving, save to the Desktop, with the filename KIS.txt.

Please post the results contained in the log in to your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302059
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Blue screen of death.. slow

Post by XenoFire on Wed Dec 02, 2009 2:12 am

Full Scan: completed 3 hours ago (events: 385, objects: 597485, time: 00:50:19)
12/1/2009 4:24:26 PM Task started
12/1/2009 4:24:30 PM Packed: PE_Patch.UPX C:\Program Files\Opera\Opera.dll
12/1/2009 4:24:31 PM Packed: UPX C:\Program Files\Opera\Opera.dll/PE_Patch.UPX
12/1/2009 4:25:15 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\ac97intc.sys
12/1/2009 4:25:15 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\adp94xx.sys
12/1/2009 4:25:15 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\adpahci.sys
12/1/2009 4:25:15 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\adpu160m.sys
12/1/2009 4:25:15 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\adpu320.sys
12/1/2009 4:25:15 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\djsvs.sys
12/1/2009 4:25:15 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\arc.sys
12/1/2009 4:25:15 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\arcsas.sys
12/1/2009 4:25:15 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\bcm4sbxp.sys
12/1/2009 4:25:15 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\BrFiltLo.sys
12/1/2009 4:25:16 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\BrFiltUp.sys
12/1/2009 4:25:16 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\BrSerId.sys
12/1/2009 4:25:16 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\BrUsbMdm.sys
12/1/2009 4:25:16 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\BrUsbSer.sys
12/1/2009 4:25:16 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\BrSerWdm.sys
12/1/2009 4:25:16 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\E1G60I32.sys
12/1/2009 4:25:17 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\elxstor.sys
12/1/2009 4:25:17 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\HpCISSs.sys
12/1/2009 4:25:17 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\iaStorV.sys
12/1/2009 4:25:18 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\iirsp.sys
12/1/2009 4:25:18 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\iirsp.sys/PE_Patch
12/1/2009 4:25:18 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\iteatapi.sys
12/1/2009 4:25:18 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\iteraid.sys
12/1/2009 4:25:18 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\lsi_fc.sys
12/1/2009 4:25:18 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\lsi_sas.sys
12/1/2009 4:25:19 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\mdmxsdk.sys
12/1/2009 4:25:19 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\lsi_scsi.sys
12/1/2009 4:25:19 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\megasas.sys
12/1/2009 4:25:19 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\Mraid35x.sys
12/1/2009 4:25:20 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\nfrd960.sys
12/1/2009 4:25:20 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\NETw2v32.sys
12/1/2009 4:25:20 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\ntrigdigi.sys
12/1/2009 4:25:21 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\ql40xx.sys
12/1/2009 4:25:21 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\ql2300.sys
12/1/2009 4:25:21 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\secdrv.sys
12/1/2009 4:25:22 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\sisraid4.sys
12/1/2009 4:25:22 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\sym_hi.sys
12/1/2009 4:25:22 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\sym_u3.sys
12/1/2009 4:25:22 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\symc8xx.sys
12/1/2009 4:25:23 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\uliahci.sys
12/1/2009 4:25:24 PM Packed: PE_Patch C:\WINDOWS\System32\drivers\nvm60x32.sys
12/1/2009 4:25:36 PM Packed: PE_Patch.UPX C:\Program Files\trend micro\hijackthis\hijackthis.exe
12/1/2009 4:25:36 PM Packed: UPX C:\Program Files\trend micro\hijackthis\hijackthis.exe/PE_Patch.UPX
12/1/2009 4:25:53 PM Packed: PE_Patch C:\Documents and Settings\All Users\Apple\Installer Cache\Apple Mobile Device Support 2.6.0.32\AppleMobileDeviceSupport.msi/AppleMobileDeviceSupport.cab/WdfCoInstaller01005.dll/Microsoft Kernel-Mode Driver Framework Install-v1.5-WinXP.exe
12/1/2009 4:25:53 PM Packed: PE_Patch C:\Documents and Settings\All Users\Apple\Installer Cache\Apple Mobile Device Support 2.6.0.32\AppleMobileDeviceSupport.msi/AppleMobileDeviceSupport.cab/WdfCoInstaller01005.dll/Microsoft Kernel-Mode Driver Framework Install-v1.5-Srv2k3.exe
12/1/2009 4:25:53 PM Packed: PE_Patch C:\Documents and Settings\All Users\Apple\Installer Cache\Apple Mobile Device Support 2.6.0.32\AppleMobileDeviceSupport.msi/AppleMobileDeviceSupport.cab/WdfCoInstaller01005.dll/Microsoft Kernel-Mode Driver Framework Install-v1.5-Win2k.exe
12/1/2009 4:27:22 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C1NPU6KF\decemberpromo[1].swf
12/1/2009 4:27:22 PM Packed: Edit C:\Documents and Settings\Gui\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TEYI5ZNO\style[1].css
12/1/2009 4:27:25 PM Packed: JSPack C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020DL/packed
12/1/2009 4:27:25 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020FH
12/1/2009 4:27:25 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020QW
12/1/2009 4:27:25 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020R2
12/1/2009 4:27:25 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020U4
12/1/2009 4:27:25 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020V5
12/1/2009 4:27:25 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020VU
12/1/2009 4:27:25 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020WA
12/1/2009 4:27:25 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020X3
12/1/2009 4:27:25 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020XS
12/1/2009 4:27:26 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020Y9
12/1/2009 4:27:26 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020YE
12/1/2009 4:27:26 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr020YG
12/1/2009 4:27:26 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr0212U
12/1/2009 4:27:27 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr0212X
12/1/2009 4:27:27 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr02124
12/1/2009 4:27:42 PM Packed: Edit C:\Documents and Settings\Gui\AppData\Local\Adobe\Updater5\Install\reader8rdr-en_US\AdbeRdr813_en_US.msi/Data1.cab/brt0401.lex
12/1/2009 4:27:42 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr021H7
12/1/2009 4:27:43 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr021HY
12/1/2009 4:27:43 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr021I9
12/1/2009 4:27:43 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr021IY
12/1/2009 4:27:43 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr021KR
12/1/2009 4:27:43 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr021LB
12/1/2009 4:27:43 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr021LK
12/1/2009 4:27:47 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr021VR
12/1/2009 4:27:48 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr0225U
12/1/2009 4:27:49 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr0229K
12/1/2009 4:27:49 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr0229F
12/1/2009 4:27:50 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr022B4
12/1/2009 4:27:50 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr022GY
12/1/2009 4:27:51 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr022IX
12/1/2009 4:27:51 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr022JK
12/1/2009 4:27:53 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr022YC
12/1/2009 4:27:53 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr022YD
12/1/2009 4:27:53 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr022YN
12/1/2009 4:27:53 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr022YB
12/1/2009 4:27:56 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr0237T
12/1/2009 4:27:56 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr0238T
12/1/2009 4:27:56 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr0238U
12/1/2009 4:27:56 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr02392
12/1/2009 4:27:57 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023HK
12/1/2009 4:27:57 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023IK
12/1/2009 4:27:57 PM Packed: Edit C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023IR
12/1/2009 4:27:57 PM Packed: JSPack C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023LG/packed
12/1/2009 4:28:01 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023NQ
12/1/2009 4:28:01 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023QT
12/1/2009 4:28:01 PM Packed: JSPack C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023RY
12/1/2009 4:28:01 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023S7
12/1/2009 4:28:02 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023XQ
12/1/2009 4:28:02 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023XU
12/1/2009 4:28:02 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023Y1
12/1/2009 4:28:02 PM Packed: Swf2Swc C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\cache\opr023YF
12/1/2009 4:28:07 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe
12/1/2009 4:28:07 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX
12/1/2009 4:28:07 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\HJTInstall.exe
12/1/2009 4:28:08 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\HJTInstall.exe/PE_Patch.UPX
12/1/2009 4:28:10 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\iexplore.exe
12/1/2009 4:28:10 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\iexplore.exe/PE_Patch.UPX
12/1/2009 4:28:10 PM Packed: PE_Patch.PECompact C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\License\iexplore.exe
12/1/2009 4:28:10 PM Packed: PecBundle C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\License\iexplore.exe/PE_Patch.PECompact
12/1/2009 4:28:10 PM Packed: PECompact C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\License\iexplore.exe/PE_Patch.PECompact/PecBundle
12/1/2009 4:28:10 PM Packed: PE_Patch.PECompact C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\pev.exe
12/1/2009 4:28:10 PM Packed: PecBundle C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\pev.exe/PE_Patch.PECompact
12/1/2009 4:28:10 PM Packed: PECompact C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\pev.exe/PE_Patch.PECompact/PecBundle
12/1/2009 4:28:10 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\swreg.exe
12/1/2009 4:28:11 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\catchme.cfxxe
12/1/2009 4:28:11 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\catchme.cfxxe/PE_Patch.UPX
12/1/2009 4:28:11 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\ComboFix-Download.cfxxe
12/1/2009 4:28:11 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\ERUNT.cfxxe
12/1/2009 4:28:11 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\FileKill.cfxxe
12/1/2009 4:28:11 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\FileKill.cfxxe/PE_Patch.UPX
12/1/2009 4:28:11 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\handle.cfxxe
12/1/2009 4:28:11 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\handle.cfxxe/PE_Patch.UPX
12/1/2009 4:28:11 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\mbr.cfxxe
12/1/2009 4:28:11 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\mbr.cfxxe/PE_Patch.UPX
12/1/2009 4:28:11 PM Packed: PE_Patch C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\mbr.cfxxe/PE_Patch.UPX/UPX
12/1/2009 4:28:11 PM Packed: PE_Patch C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\mbr.cfxxe/#
12/1/2009 4:28:12 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\NirCmd.cfxxe
12/1/2009 4:28:12 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\NirCmd.cfxxe/PE_Patch.UPX
12/1/2009 4:28:12 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\NirCmdC.cfxxe
12/1/2009 4:28:12 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\NirCmdC.cfxxe/PE_Patch.UPX
12/1/2009 4:28:12 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\setpath.cfxxe
12/1/2009 4:28:12 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\setpath.cfxxe/PE_Patch.UPX
12/1/2009 4:28:12 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\swsc.cfxxe
12/1/2009 4:28:13 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\ERDNT.e_e
12/1/2009 4:28:13 PM Packed: PE_Patch.UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\n.pif
12/1/2009 4:28:13 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe/PE_Patch.UPX/32788R22FWJFW\n.pif/PE_Patch.UPX
12/1/2009 4:28:22 PM Packed: Edit C:\Documents and Settings\Gui\AppData\Local\Temporary Internet Files\Low\Content.IE5\TEYI5ZNO\style[1].css
12/1/2009 4:29:37 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Roaming\NoNameScript\scripts\dlls\domxml.dll
12/1/2009 4:29:38 PM Packed: UPX C:\Documents and Settings\Gui\AppData\Roaming\NoNameScript\scripts\dlls\dcx.dll
12/1/2009 4:29:57 PM Packed: PE_Patch C:\Documents and Settings\Gui\Desktop\OpenOffice.org 3.1 (en-US) Installation Files\redist\vcredist_x86.exe
12/1/2009 4:31:07 PM Packed: Swf2Swc C:\Documents and Settings\Gui\Local Settings\Opera\Opera\cache\opr020XS
12/1/2009 4:31:07 PM Packed: Swf2Swc C:\Documents and Settings\Gui\Local Settings\Opera\Opera\cache\opr020Y9
12/1/2009 4:31:07 PM Packed: Swf2Swc C:\Documents and Settings\Gui\Local Settings\Opera\Opera\cache\opr020YE
12/1/2009 4:31:07 PM Packed: Swf2Swc C:\Documents and Settings\Gui\Local Settings\Opera\Opera\cache\opr020YG
12/1/2009 4:31:19 PM Packed: Edit C:\Documents and Settings\Gui\Desktop\OpenOffice.org 3.1 (en-US) Installation Files\openofficeorg1.cab/swriter.jar/text/swriter/02/18030300.xhp
12/1/2009 4:31:29 PM Processing error C:\Documents and Settings\Gui\Desktop\Downloads\X12-30247.exe/PubRWW.cab/MSPUB.EXE Read error
12/1/2009 4:31:53 PM Packed: Swf2Swc C:\Documents and Settings\Gui\Local Settings\Opera\Opera\cache\opr0243A
12/1/2009 4:31:54 PM Packed: PE_Patch.PECompact C:\NVIDIA\DisplayDriver\191.07\WinVista_Win7\English\ISSetup.dll
12/1/2009 4:31:54 PM Packed: PecBundle C:\NVIDIA\DisplayDriver\191.07\WinVista_Win7\English\ISSetup.dll/PE_Patch.PECompact
12/1/2009 4:31:54 PM Packed: PECompact C:\NVIDIA\DisplayDriver\191.07\WinVista_Win7\English\ISSetup.dll/PE_Patch.PECompact/PecBundle
12/1/2009 4:32:06 PM Packed: Edit C:\Program Files\Adobe\Reader 8.0\Resource\Linguistics\Providers\Proximity\brt0401.lex
12/1/2009 4:32:16 PM Packed: Swf2Swc C:\Program Files\AIM\services\imApp\ver7_0_13_4\content\im\Emoticals_bitmap.swf
12/1/2009 4:32:19 PM Packed: UPX C:\Program Files\AOL 9.0\AOL90\COMP02.000/WISE0062.BIN
12/1/2009 4:32:22 PM Packed: Swf2Swc C:\Program Files\AOL 9.0\AOL90\MEDIA\ENDING.SWF
12/1/2009 4:32:22 PM Packed: Swf2Swc C:\Program Files\AOL 9.0\AOL90\MEDIA\INIT.SWF
12/1/2009 4:32:22 PM Packed: Swf2Swc C:\Program Files\AOL 9.0\AOL90\MEDIA\SCANNING.SWF
12/1/2009 4:32:22 PM Packed: Swf2Swc C:\Program Files\AOL 9.0\AOL90\MEDIA\UPGRADE.SWF
12/1/2009 4:32:23 PM Packed: PE_Patch C:\Program Files\ATI\CIM\Bin\atidcmxx.sys
12/1/2009 4:33:09 PM Packed: PE_Patch C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll
12/1/2009 4:33:25 PM Packed: Edit C:\Program Files\Gateway Games\Bejeweled 2 Deluxe\edata\gem_points.txt
12/1/2009 4:33:31 PM Packed: UPX C:\Program Files\Gateway Games\Blasterball 3\fmod.dll
12/1/2009 4:33:33 PM Packed: Edit C:\Program Files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A80000000002}\Data1.cab/brt0401.lex
12/1/2009 4:33:58 PM Packed: UPX C:\Program Files\Gateway Games\FATE\fmod.dll
12/1/2009 4:35:45 PM Packed: UPX C:\Program Files\Gateway Games\Penguins!\fmod.dll
12/1/2009 4:37:11 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\bin\SCMain.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\howdoi.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\home.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\hpStretch.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\HowToShop.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\J4500_clean_ADF.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\J4500_load_ADF.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\J4500_jams.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\J4500_load_envelopes.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\J4500_load_small.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\J4500_load_glass.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\J4500_load_standard.swf
12/1/2009 4:37:27 PM Packed: Swf2Exe C:\Program Files\HP\Digital Imaging\Help\player\FlashPla.exe
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\J4500_replace_printcartridge.swf
12/1/2009 4:37:27 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Help\flash\J4500_transfer_scanner.swf
12/1/2009 4:37:35 PM Packed: Swf2Swc C:\Program Files\HP\Digital Imaging\Smart Web Printing\Help\hpswp_clipbookdemo.swf
12/1/2009 4:39:18 PM Packed: UPX C:\Program Files\Microsoft Works\lnchtour.exe
12/1/2009 4:39:48 PM Packed: UPX C:\Program Files\NetZero\NetZeroHSSetup.exe
12/1/2009 4:40:54 PM Packed: PE_Patch.UPX C:\Program Files\Opera\OUniAnsi.dll
12/1/2009 4:40:54 PM Packed: UPX C:\Program Files\Opera\OUniAnsi.dll/PE_Patch.UPX
12/1/2009 4:40:55 PM Packed: PE_Patch.UPX C:\Program Files\Opera\Opera.dll
12/1/2009 4:40:56 PM Packed: UPX C:\Program Files\Opera\Opera.dll/PE_Patch.UPX
12/1/2009 4:41:09 PM Packed: NeoLite C:\Program Files\SIFXINST\VISTAMHDC4.5.EXE
12/1/2009 4:43:29 PM Packed: Swf2Swc C:\Users\Gui\AppData\Local\Opera\Opera\cache\opr0249L
12/1/2009 4:45:03 PM Packed: PE_Patch.UPX C:\WINDOWS\MBR.exe
12/1/2009 4:45:03 PM Packed: PE_Patch.UPX C:\WINDOWS\NIRCMD.exe
12/1/2009 4:45:03 PM Packed: UPX C:\WINDOWS\MBR.exe/PE_Patch.UPX
12/1/2009 4:45:03 PM Packed: UPX C:\WINDOWS\NIRCMD.exe/PE_Patch.UPX
12/1/2009 4:45:03 PM Packed: PE_Patch C:\WINDOWS\MBR.exe/#
12/1/2009 4:45:03 PM Packed: UPX C:\WINDOWS\SWSC.exe
12/1/2009 4:46:18 PM Packed: UPX C:\WINDOWS\ERDNT\Hiv-backup\ERDNT.EXE
12/1/2009 4:46:38 PM Packed: PE_Patch C:\WINDOWS\i386\drv\MOD\HSXHWBS2.sys
12/1/2009 4:46:38 PM Packed: PE_Patch C:\WINDOWS\i386\drv\MOD\HSX_CNXT.sys
12/1/2009 4:46:38 PM Packed: PE_Patch C:\WINDOWS\i386\drv\MOD\HSX_DPV.sys
12/1/2009 4:46:38 PM Packed: PE_Patch C:\WINDOWS\i386\drv\MOD\MDMXSDK.sys
12/1/2009 4:46:38 PM Packed: PE_Patch C:\WINDOWS\i386\drv\MOD\xaudio.sys
12/1/2009 4:47:02 PM Packed: PE_Patch.PECompact C:\WINDOWS\Installer\157fc.msi/ISSetup.dll
12/1/2009 4:47:02 PM Packed: PecBundle C:\WINDOWS\Installer\157fc.msi/ISSetup.dll/PE_Patch.PECompact
12/1/2009 4:47:02 PM Packed: PECompact C:\WINDOWS\Installer\157fc.msi/ISSetup.dll/PE_Patch.PECompact/PecBundle
12/1/2009 4:47:55 PM Packed: PE_Patch C:\WINDOWS\SMINST\virtdisk.sys
12/1/2009 4:47:55 PM Packed: PE_Patch C:\WINDOWS\SoftwareDistribution\Download\152a2e0e891aa2db95409a263635bf85160e6bee
12/1/2009 4:47:55 PM Packed: PE_Patch C:\WINDOWS\SoftwareDistribution\Download\2e85649f259ec770e7f40b35df1f39f9518d56fa
12/1/2009 4:47:55 PM Packed: PE_Patch C:\WINDOWS\SoftwareDistribution\Download\4dd549a27ec9c7df15debb0780f6888e0590e896
12/1/2009 4:47:55 PM Packed: PE_Patch C:\WINDOWS\SoftwareDistribution\Download\5b28269c02fde44b47c34a015ab7be6cb21dbdc3
12/1/2009 4:47:59 PM Packed: PE_Patch C:\WINDOWS\SoftwareDistribution\Download\ccbcf042ade27866fd6c9b72767f9bc67ea54eb4
12/1/2009 4:51:11 PM Packed: ExePack C:\WINDOWS\System32\debug.exe
12/1/2009 4:51:12 PM Packed: ExePack C:\WINDOWS\System32\edit.com
12/1/2009 4:51:12 PM Packed: ExePack C:\WINDOWS\System32\edlin.exe
12/1/2009 4:51:12 PM Packed: ExePack C:\WINDOWS\System32\exe2bin.exe
12/1/2009 4:51:12 PM Packed: ExePack C:\WINDOWS\System32\fastopen.exe
12/1/2009 4:51:12 PM Packed: Com2Exe C:\WINDOWS\System32\fastopen.exe/ExePack
12/1/2009 4:51:21 PM Packed: ExePack C:\WINDOWS\System32\mem.exe
12/1/2009 4:51:27 PM Packed: ExePack C:\WINDOWS\System32\nlsfunc.exe
12/1/2009 4:51:38 PM Packed: ExePack C:\WINDOWS\System32\share.exe
12/1/2009 4:51:38 PM Packed: Com2Exe C:\WINDOWS\System32\share.exe/ExePack
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\adpahci.inf_77e04e6f\adpahci.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\af2vcap.inf_d0c55b81\AF2VCap.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\angel.inf_a57d4f99\Angel.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\angel2.inf_5abf2109\Angel2.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\angelusb.inf_22a0c7db\AngelUsb.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\arcsas.inf_88bda0c9\arcsas.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\atiilhag.inf_31a3846f\atikmdag.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\atiixpag.inf_6b9aff66\ati2mtag.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\atiriolh.inf_d98c2d76\atinavrr.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\avmisdnc.inf_7202c3cf\avmcowan.sys
12/1/2009 4:52:29 PM Packed: MIME.Broken C:\WINDOWS\System32\DriverStore\FileRepository\atiriolh.inf_d98c2d76\CTRL.s3
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\avmisdnc.inf_7202c3cf\b1cbase.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\avmisdnc.inf_7202c3cf\fpcmbase.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\avmisdnc.inf_7202c3cf\fpcibase.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\avmisdnc.inf_7202c3cf\fus2base.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\avmisdnc.inf_7202c3cf\fxusbase.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\brmfcmdm.inf_723411b4\BrSerId.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\brmfcmf.inf_5140410b\BrFilt.sys
12/1/2009 4:52:29 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\brmfcmf.inf_5140410b\BrParwdm.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\brmfcwia.inf_05a8fbed\BrParImg.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\brmfcwia.inf_05a8fbed\BrUsbScn.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\cx88enc_ibv32.inf_bb3e3c3a\cx88enc_IBV32.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\cx88tune_ibv32.inf_7ed72ae2\cx88tune_IBV32.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\cx88vid_ibv32.inf_8a7ee211\cx88vid_IBV32.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\cxavsaud_ibv32.inf_6521c81c\cxavsaud_IBV32.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\cxavxbar_ibv32.inf_f3b63d7a\cxavxbar_IBV32.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\cxfalcon_ibv32.inf_1d365f1b\cxfalcon_IBV32.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\cxraptor_fm1216mk5_ibv32.inf_1d562e2b\cxraptor_IBV32.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\cxraptor_philipstuv1236d_ibv32.inf_bd8980bd\cxraphd_IBV32.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\dc21x4vm.inf_7d8c6569\dc21x4vm.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\divacx86.inf_df803c5b\dicapi.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\divacx86.inf_df803c5b\dimaint.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\divacx86.inf_df803c5b\dicowan.sys
12/1/2009 4:52:42 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\divasx86.inf_a8c72aef\dicowans.sys
12/1/2009 4:52:44 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\hcwpp2.inf_b20be22e\hcwPP2.sys
12/1/2009 4:52:59 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\iteatapi.inf_431397fb\iteatapi.sys
12/1/2009 4:52:59 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\lsi_scsi.inf_bb68e5dc\lsi_scsi.sys
12/1/2009 4:52:59 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmagrm.inf_aef104a9\ltmdmnt.sys
12/1/2009 4:52:59 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmagrs.inf_a18b78af\AGRSM.sys
12/1/2009 4:52:59 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmcxav3.inf_035708cb\VSTALI3.SYS
12/1/2009 4:53:00 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmcxav3.inf_035708cb\VSTATI3.SYS
12/1/2009 4:53:00 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmcxav3.inf_035708cb\VSTCNXT3.SYS
12/1/2009 4:53:00 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmcxav3.inf_035708cb\VSTDPV3.SYS
12/1/2009 4:53:00 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmcxav3.inf_035708cb\VSTICH3.SYS
12/1/2009 4:53:00 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmcxav3.inf_035708cb\VSTSIS3.SYS
12/1/2009 4:53:00 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmcxav3.inf_035708cb\VSTVIA3.SYS
12/1/2009 4:53:00 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmcxhv3.inf_c669ba1a\VSTAZL3.SYS
12/1/2009 4:53:00 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmcxpv3.inf_0116417f\VSTBS23.SYS
12/1/2009 4:53:00 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\mdmmotsm.inf_91bbdacd\smserial.sys
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\net8185.inf_62bf512b\RTL85n86.sys
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netathr.inf_e7715b92\athr.sys
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netb57vx.inf_f53680c1\b57nd60x.sys
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netbc6.inf_816e1530\BCMWL6.SYS
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\nete1e32.inf_258de813\e1e6032.sys
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\nete1e32.inf_258de813\e1e6032.sys/PE_Patch
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netefe32.inf_043be0c5\e100b325.sys
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netefe32.inf_38d0f1be\e100b325.sys
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netmw13b.inf_a9926a71\MRVW13B.sys
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netmyk01.inf_16948a3b\yk60x86.sys
12/1/2009 4:53:15 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netrtl32.inf_216a0fc4\Rtnicxp.sys
12/1/2009 4:53:16 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netrtx32.inf_f093b1d0\Rtlh86.sys
12/1/2009 4:53:16 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netsis.inf_6386ce58\sisnic.sys
12/1/2009 4:53:16 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netuli6x.inf_5431e32f\ULILAN32.SYS
12/1/2009 4:53:16 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netvgx86.inf_3b667560\getnd6.sys
12/1/2009 4:53:16 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netvt86.inf_c5f85a31\fetnd5.sys
12/1/2009 4:53:16 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netw3.inf_a2c729d1\NETw3v32.sys
12/1/2009 4:53:16 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\netw2.inf_cfad6bd0\NETw2v32.sys
12/1/2009 4:53:22 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\pdbrycmzk.inf_458f0a82\HSXHWBS2.sys
12/1/2009 4:53:22 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc0.inf_14c7725b\Ph3xIB32.sys
12/1/2009 4:53:22 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc1.inf_e7e1305c\Ph3xIB32.sys
12/1/2009 4:53:22 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc10.inf_ebe2f504\Ph3xIB32.sys
12/1/2009 4:53:22 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc11.inf_befcb305\Ph3xIB32.sys
12/1/2009 4:53:22 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc12.inf_92167106\Ph3xIB32.sys
12/1/2009 4:53:35 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc2.inf_bafaee5d\Ph3xIB32.sys
12/1/2009 4:53:35 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc3.inf_8e14ac5e\Ph3xIB32.sys
12/1/2009 4:53:35 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc4.inf_612e6a5f\Ph3xIB32.sys
12/1/2009 4:53:35 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc5.inf_34482860\Ph3xIB32.sys
12/1/2009 4:53:35 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc6.inf_0761e661\Ph3xIB32.sys
12/1/2009 4:53:35 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc7.inf_da7ba462\Ph3xIB32.sys
12/1/2009 4:53:35 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc8.inf_ad956263\Ph3xIB32.sys
12/1/2009 4:53:35 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph3xibc9.inf_80af2064\Ph3xIB32.sys
12/1/2009 4:53:35 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph6xib32c0.inf_1437c1d7\Ph6xIB32.sys
12/1/2009 4:53:35 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\ph6xib32c1.inf_e7517fd8\Ph6xIB32.sys
12/1/2009 4:55:22 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\s3glhx.inf_0ba08724\S3GKModeDX32.sys
12/1/2009 4:55:23 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\smscirda.inf_6e82c444\smscirda.sys
12/1/2009 4:55:23 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\smscirda.inf_a07d9072\smscirda.sys
12/1/2009 4:55:23 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\stusb2ir.inf_15b8accb\stusb2ir.sys
12/1/2009 4:55:23 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\stusb2ir.inf_c356ffa7\stusb2ir.sys
12/1/2009 4:55:36 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\wdma_via.inf_42fdb9e8\ac97via.sys
12/1/2009 4:55:37 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\xcbda.inf_b11aacac\xcbda.sys
12/1/2009 4:55:37 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\xcbda.inf_b11aacac\xcfe.sys
12/1/2009 4:55:37 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\xcbda.inf_b11aacac\xchal.sys
12/1/2009 4:55:37 PM Packed: PE_Patch C:\WINDOWS\System32\DriverStore\FileRepository\xcbda.inf_b11aacac\xcmem.sys
12/1/2009 4:56:57 PM Packed: ExePack C:\WINDOWS\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.nȯne.exe_bdafe3af
12/1/2009 4:56:57 PM Packed: ExePack C:\WINDOWS\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.nȯne.com_fc89ce91
12/1/2009 4:56:57 PM Packed: ExePack C:\WINDOWS\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.nȯne.exe_420aa87c
12/1/2009 4:56:57 PM Packed: ExePack C:\WINDOWS\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.nȯne.exe_584b170f
12/1/2009 4:56:57 PM Packed: ExePack C:\WINDOWS\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.nȯne.exe_34b8aa0e
12/1/2009 4:56:57 PM Packed: Com2Exe C:\WINDOWS\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.nȯne.exe_34b8aa0e/ExePack
12/1/2009 4:56:57 PM Packed: ExePack C:\WINDOWS\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.nȯne.exe_e5748c01
12/1/2009 4:56:57 PM Packed: ExePack C:\WINDOWS\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.nȯne.exe_68d576d3
12/1/2009 4:56:58 PM Packed: ExePack C:\WINDOWS\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.nȯne.exe_bbb4488d
12/1/2009 4:56:58 PM Packed: Com2Exe C:\WINDOWS\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.nȯne.exe_bbb4488d/ExePack
12/1/2009 5:07:39 PM Packed: PE_Patch.Stolen C:\WINDOWS\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\wlanapi.dll
12/1/2009 5:07:40 PM Packed: PE_Patch.Stolen C:\WINDOWS\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\wlanapi.dll
12/1/2009 5:09:56 PM Packed: PE_Patch D:\i386\Apps\App001497\Data1.cab/_E3D2B21AED644879BF1F137B7C649CCE
12/1/2009 5:11:23 PM Packed: PE_Patch D:\i386\Apps\App001646\msxml4-KB936181-chs.exe
12/1/2009 5:11:23 PM Packed: PE_Patch D:\i386\Apps\App001646\msxml4-KB936181-cht.exe
12/1/2009 5:11:23 PM Packed: PE_Patch D:\i386\Apps\App001646\msxml4-KB936181-deu.exe
12/1/2009 5:11:23 PM Packed: PE_Patch D:\i386\Apps\App001646\msxml4-KB936181-enu.exe
12/1/2009 5:11:23 PM Packed: PE_Patch D:\i386\Apps\App001646\msxml4-KB936181-esn.exe
12/1/2009 5:11:23 PM Packed: PE_Patch D:\i386\Apps\App001646\msxml4-KB936181-fra.exe
12/1/2009 5:11:23 PM Packed: PE_Patch D:\i386\Apps\App001646\msxml4-KB936181-ita.exe
12/1/2009 5:11:23 PM Packed: PE_Patch D:\i386\Apps\App001646\msxml4-KB936181-jpn.exe
12/1/2009 5:11:23 PM Packed: PE_Patch D:\i386\Apps\App001646\msxml4-KB936181-kor.exe
12/1/2009 5:12:22 PM Packed: PE_Patch D:\i386\Apps\App001788\Packages\Drivers\Display\LH_INF\B_52075\atikmdag.sy_/atikmdag.sys
12/1/2009 5:12:42 PM Packed: PE_Patch D:\i386\Apps\App001849\CHS\NDP1.0sp3-KB930494-X86-Ocm-Chs.exe
12/1/2009 5:12:42 PM Packed: PE_Patch D:\i386\Apps\App001849\CHT\NDP1.0sp3-KB930494-X86-Ocm-Cht.exe
12/1/2009 5:12:42 PM Packed: PE_Patch D:\i386\Apps\App001849\DEU\NDP1.0sp3-KB930494-X86-Ocm-Deu.exe
12/1/2009 5:12:42 PM Packed: PE_Patch D:\i386\Apps\App001849\ENU\NDP1.0sp3-KB930494-X86-Ocm-Enu.exe
12/1/2009 5:12:42 PM Packed: PE_Patch D:\i386\Apps\App001849\ESN\NDP1.0sp3-KB930494-X86-Ocm-Esn.exe
12/1/2009 5:12:43 PM Packed: PE_Patch D:\i386\Apps\App001849\FRA\NDP1.0sp3-KB930494-X86-Ocm-Fra.exe
12/1/2009 5:12:43 PM Packed: PE_Patch D:\i386\Apps\App001849\ITA\NDP1.0sp3-KB930494-X86-Ocm-Ita.exe
12/1/2009 5:12:43 PM Packed: PE_Patch D:\i386\Apps\App001849\JPN\NDP1.0sp3-KB930494-X86-Ocm-Jpn.exe
12/1/2009 5:12:43 PM Packed: PE_Patch D:\i386\Apps\App001849\KOR\NDP1.0sp3-KB930494-X86-Ocm-Kor.exe
12/1/2009 5:12:43 PM Packed: PE_Patch D:\i386\Apps\App001849\NLD\NDP1.0sp3-KB930494-X86-Ocm-Nld.exe
12/1/2009 5:12:43 PM Packed: PE_Patch.PECompact D:\i386\Apps\App001867\GoogleDesktopSetup_en_release.exe
12/1/2009 5:12:43 PM Packed: PecBundle D:\i386\Apps\App001867\GoogleDesktopSetup_en_release.exe/PE_Patch.PECompact
12/1/2009 5:12:44 PM Packed: PECompact D:\i386\Apps\App001867\GoogleDesktopSetup_en_release.exe/PE_Patch.PECompact/PecBundle
12/1/2009 5:12:45 PM Packed: UPX D:\i386\Apps\App001898\NetZeroHSSetup.exe
12/1/2009 5:13:03 PM Packed: PE_Patch D:\i386\Apps\App001901\CHS\msxml4-KB941833-chs.exe
12/1/2009 5:13:03 PM Packed: PE_Patch D:\i386\Apps\App001901\CHT\msxml4-KB941833-cht.exe
12/1/2009 5:13:03 PM Packed: PE_Patch D:\i386\Apps\App001901\DEU\msxml4-KB941833-deu.exe
12/1/2009 5:13:03 PM Packed: PE_Patch D:\i386\Apps\App001901\ENU\msxml4-KB941833-enu.exe
12/1/2009 5:13:03 PM Packed: PE_Patch D:\i386\Apps\App001901\ESN\msxml4-KB941833-esn.exe
12/1/2009 5:13:03 PM Packed: PE_Patch D:\i386\Apps\App001901\FRA\msxml4-KB941833-fra.exe
12/1/2009 5:13:03 PM Packed: PE_Patch D:\i386\Apps\App001901\ITA\msxml4-KB941833-ita.exe
12/1/2009 5:13:03 PM Packed: PE_Patch D:\i386\Apps\App001901\JPN\msxml4-KB941833-jpn.exe
12/1/2009 5:13:03 PM Packed: PE_Patch D:\i386\Apps\App001901\KOR\msxml4-KB941833-kor.exe
12/1/2009 5:13:08 PM Packed: Swf2Swc D:\i386\Apps\App001926\AOL90\MEDIA\ENDING.SWF
12/1/2009 5:13:08 PM Packed: Swf2Swc D:\i386\Apps\App001926\AOL90\MEDIA\INIT.SWF
12/1/2009 5:13:08 PM Packed: Swf2Swc D:\i386\Apps\App001926\AOL90\MEDIA\SCANNING.SWF
12/1/2009 5:13:08 PM Packed: Swf2Swc D:\i386\Apps\App001926\AOL90\MEDIA\UPGRADE.SWF
12/1/2009 5:13:08 PM Packed: UPX D:\i386\Apps\App001926\AOL90\COMP02.000/WISE0062.BIN
12/1/2009 5:13:10 PM Packed: PE_Patch D:\i386\Apps\App001964\MSHDQFE\Win2K3\us\kb888111srvrtm.exe
12/1/2009 5:13:10 PM Packed: PE_Patch D:\i386\Apps\App001964\MSHDQFE\Win2K_XP\us\kb888111w2ksp4.exe
12/1/2009 5:13:10 PM Packed: PE_Patch D:\i386\Apps\App001964\MSHDQFE\Win2K_XP\us\kb888111xpsp1.exe
12/1/2009 5:13:10 PM Packed: PE_Patch D:\i386\Apps\App001964\MSHDQFE\Win2K_XP\us\kb888111xpsp2.exe
12/1/2009 5:13:12 PM Packed: PE_Patch D:\i386\Apps\App001964\WDM\RTKHDAUD.sys
12/1/2009 5:13:13 PM Packed: PE_Patch D:\i386\Apps\App001966\Setup\Setup.msi/SymLCSVC.9E3C0E2F_0873_4AD9_995B_D9DAAF9B9E76
12/1/2009 5:13:13 PM Packed: PE_Patch D:\i386\Apps\App001966\Setup\Setup.msi/SymLCSVC.9E3C0E2F_0873_4AD9_995B_D9DAAF9B9E76
12/1/2009 5:13:14 PM Packed: PE_Patch D:\i386\Apps\App001966\NAV\External\NORTON\APP\NAVLUCBK.dll
12/1/2009 5:13:14 PM Packed: PE_Patch D:\i386\Apps\App001966\NAV\External\System32\COH32\COH_Mon.sys
12/1/2009 5:13:16 PM Packed: PE_Patch D:\i386\Apps\App001966\Setup\Setup\App\CLTVault.dll
12/1/2009 5:13:17 PM Packed: PE_Patch D:\i386\Apps\App001966\Setup\Setup\App\ISBTPlgS.dll
12/1/2009 5:13:17 PM Packed: PE_Patch D:\i386\Apps\App001966\Setup\Setup\Dist\CLTVault.dll
12/1/2009 5:13:17 PM Packed: PE_Patch D:\i386\Apps\App001966\Setup\Setup\OPC\cltBTPgS.dll
12/1/2009 5:13:27 PM Packed: PE_Patch D:\i386\Apps\App001966\Support\MSI\wiupdate.exe
12/1/2009 5:13:34 PM Packed: PE_Patch D:\i386\Apps\App001978\INSTWI31.EXE
12/1/2009 5:13:42 PM Packed: UPX D:\i386\Apps\App001978\PFiles\MSWorks\lnchtour.exe
12/1/2009 5:14:43 PM Packed: PE_Patch D:\i386\DRV\MOD\MUL\MOD000002\HSXHWBS2.sys
12/1/2009 5:14:44 PM Packed: UPX D:\UPDGOI\Options\DrvInst.exe
12/1/2009 5:14:44 PM Packed: UPX D:\UPDGOI\Temp\AsExec.exe
12/1/2009 5:14:45 PM Task completed

Sincerely,

XenoFire
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-02-21
OS OS : Windows Vista Home Premium - 32 bit -
Points Points : 28493
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Blue screen of death.. slow

Post by Dr Jay on Wed Dec 02, 2009 4:02 am

Please download the Kaspersky AVP Tool from [You must be registered and logged in to see this link.].
  • Save it to your desktop.
  • Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).
  • Double click the setup file to run it.
  • Click Next to continue.
  • It will by default install it to your desktop folder.Click Next.
  • Hit ok at the prompt for scanning in Safe Mode.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked:

    • System Memory
    • Startup Objects
    • Disk Boot Sectors.
    • My Computer.
    • Also any other drives (Removable that you may have)

After that click on Security level then choose Customize then click on the tab that says Heuristic Analyzer then choose Enable Deep rootkit search then choose ok.
Then choose OK again then you are back to the main screen.

  • Then click on Scan at the to right hand Corner.
  • It will automatically Neutralize any objects found.
  • If some objects are left un-neutralized then click the button that says Neutralize all
  • If it says it cannot be Neutralized then chooose The delete option when prompted.
  • After that is done click on the reports button at the bottom and save it to file name it Kas.
  • Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.
Note: This tool will self uninstall when you close it so please save the log before closing it.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13713
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302059
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum