Thought I had it licked....

Page 4 of 4 Previous  1, 2, 3, 4

View previous topic View next topic Go down

Thought I had it licked....

Post by Heroes on Thu 23 Jun 2011, 1:18 pm

First topic message reminder :

Each time I think I have this thing licked, it comes back to surprize me. I can only get on now using safe mode with networking. Multiple users are infected. Thank you so much for your help.

Here is the OTL.txt. I couldn't find OL.exe log. aswMBR.txt is below.

OTL logfile created on: 6/22/2011 9:49:09 PM - Run 6
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Danni\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.68 Mb Total Physical Memory | 431.38 Mb Available Physical Memory | 42.56% Memory free
2.23 Gb Paging File | 1.90 Gb Available in Paging File | 84.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.77 Gb Total Space | 90.74 Gb Free Space | 64.46% Space Free | Partition Type: NTFS
Drive D: | 8.28 Gb Total Space | 1.82 Gb Free Space | 22.03% Space Free | Partition Type: NTFS

Computer Name: DANNI-PC | User Name: Danni | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/22 21:45:44 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Danni\Desktop\OTL.com
PRC - [2011/05/16 08:58:36 | 002,151,128 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/05/13 05:11:03 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/02/15 11:00:40 | 000,994,304 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/06/22 21:45:44 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Danni\Desktop\OTL.com
MOD - [2010/08/31 11:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/05/24 22:24:18 | 000,251,216 | ---- | M] (CA, Inc.) [On_Demand | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/24 22:24:18 | 000,206,160 | ---- | M] (Computer Associates International, Inc.) [Auto | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/05/16 08:58:36 | 002,151,128 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/09/24 11:16:18 | 000,740,160 | ---- | M] (CA) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe -- (UmxCfg)
SRV - [2010/09/24 11:16:18 | 000,301,648 | ---- | M] (CA) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe -- (UmxPol)
SRV - [2009/08/04 10:42:18 | 000,887,288 | ---- | M] (CA) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe -- (UmxAgent)
SRV - [2009/07/31 16:30:14 | 000,150,008 | ---- | M] (CA) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe -- (UmxFwHlp)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/12 10:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)


========== Driver Services (SafeList) ==========

DRV - [2010/12/03 05:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/09/24 11:16:24 | 000,150,608 | ---- | M] (CA) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:24 | 000,107,600 | ---- | M] (CA) [Kernel | Boot | Stopped] -- C:\Windows\System32\DRIVERS\kmxfw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:24 | 000,058,448 | ---- | M] (CA) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\KmxFilter.sys -- (KmxFilter)
DRV - [2010/09/24 11:16:18 | 000,244,304 | ---- | M] (CA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/09/24 11:16:18 | 000,079,864 | ---- | M] (CA) [File_System | System | Stopped] -- C:\Windows\System32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2010/09/24 11:16:18 | 000,061,008 | ---- | M] (CA) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | ---- | M] (CA) [File_System | System | Stopped] -- C:\Windows\System32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2007/03/05 17:28:00 | 000,076,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/03/01 08:49:58 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007/02/24 10:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 13:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/01/23 12:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/30 13:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/02 03:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006/10/09 16:47:58 | 000,981,504 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/06/28 12:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2011/05/17 21:33:51 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No CLSID value found.
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKCU..\Run: [Microsoft Location Finder] C:\Program Files\Microsoft Location Finder\LocationFinder.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\System32\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Danni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\Windows\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\Windows\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: C:\Users\Danni\Pictures\picniks\sagamore 13.jpg
O24 - Desktop BackupWallPaper: C:\Users\Danni\Pictures\picniks\sagamore 13.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/14 08:10:42 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: 47116245.sys - Driver
SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: 47116245.sys - Driver
SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/06/16 22:36:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/06/16 22:36:06 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/06/16 22:36:06 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/06/16 22:36:05 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/06/16 22:36:05 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/06/16 22:36:05 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/06/16 22:36:05 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/06/16 22:36:05 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/06/16 22:36:05 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/06/16 22:36:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/06/16 22:36:04 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/06/16 22:36:04 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/06/16 22:36:04 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/06/16 22:36:04 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/06/16 22:36:04 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/06/16 22:36:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/06/16 22:36:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/06/07 07:26:56 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/05 14:28:22 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/06/01 20:48:09 | 004,109,727 | R--- | C] (Swearware) -- C:\Users\Danni\Desktop\commy.exe
[2011/05/28 16:16:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/05/25 08:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/05/25 08:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/05/25 08:13:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/05/25 07:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/05/24 22:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CA
[2011/05/24 22:13:29 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2011/05/24 22:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\CA

========== Files - Modified Within 30 Days ==========

[2011/06/22 21:45:44 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Danni\Desktop\OTL.com
[2011/06/22 21:36:40 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/06/22 21:36:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/22 21:35:55 | 192,542,137 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/22 21:30:26 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/22 21:30:26 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/22 21:01:56 | 001,309,375 | ---- | M] () -- C:\Users\Danni\Desktop\tdsskiller.zip
[2011/06/22 20:23:19 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/06/22 20:23:19 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/06/22 20:14:09 | 000,546,487 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2011/06/22 20:14:09 | 000,123,724 | ---- | M] () -- C:\Windows\System32\drivers\KmxAgent.asc
[2011/06/22 20:14:09 | 000,000,373 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2011/06/22 20:14:09 | 000,000,209 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2011/06/22 20:14:09 | 000,000,209 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2011/06/22 20:14:09 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2011/06/22 20:14:09 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2011/06/22 20:14:09 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2011/06/22 20:14:09 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2011/06/22 20:14:09 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2011/06/22 20:14:09 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2011/06/22 20:14:09 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2011/06/22 20:14:09 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2011/06/22 20:14:09 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2011/06/22 20:14:09 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2011/06/22 20:14:09 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2011/06/22 20:14:09 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2011/06/19 03:12:15 | 000,626,030 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/19 03:12:15 | 000,112,462 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/07 07:26:56 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/05 22:04:26 | 001,431,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Danni\Desktop\tdsskiller.exe
[2011/06/04 17:07:09 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/01 23:22:37 | 000,879,092 | ---- | M] () -- C:\Users\Danni\Desktop\SecurityCheck.exe
[2011/06/01 23:20:21 | 000,000,512 | ---- | M] () -- C:\Users\Danni\Desktop\MBR.dat
[2011/06/01 23:18:10 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Danni\Desktop\aswMBR.exe
[2011/06/01 20:48:14 | 004,109,727 | R--- | M] (Swearware) -- C:\Users\Danni\Desktop\commy.exe
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/28 02:05:27 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/05/28 02:04:56 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/05/28 02:04:56 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/05/28 02:04:30 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/05/28 02:04:22 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/05/28 02:04:17 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/05/28 02:04:03 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/05/28 02:04:03 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/05/28 02:04:03 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/05/28 02:04:02 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/05/28 02:04:02 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/05/28 02:03:58 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/05/28 01:10:26 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/05/28 00:33:03 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/05/28 00:32:15 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/05/28 00:31:44 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/05/25 08:15:49 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

========== Files Created - No Company Name ==========

[2011/06/22 21:36:40 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/06/22 21:01:35 | 001,309,375 | ---- | C] () -- C:\Users\Danni\Desktop\tdsskiller.zip
[2011/05/28 09:43:31 | 000,546,487 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2011/05/28 09:43:31 | 000,000,373 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2011/05/28 09:43:31 | 000,000,085 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2011/05/28 09:43:31 | 000,000,085 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2011/05/28 09:43:31 | 000,000,085 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2011/05/28 09:43:31 | 000,000,085 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2011/05/28 09:43:31 | 000,000,085 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2011/05/28 09:43:31 | 000,000,085 | ---- | C] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2011/05/25 08:15:49 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/05/17 21:11:23 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/17 21:11:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/17 21:11:23 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/17 21:11:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/17 21:11:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/15 23:51:25 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~39706360r
[2011/05/15 23:51:24 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~39706360
[2011/05/15 23:46:14 | 000,000,344 | -H-- | C] () -- C:\ProgramData\39706360
[2011/04/26 20:05:57 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/04/26 20:05:57 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/02/26 13:38:27 | 000,000,149 | ---- | C] () -- C:\Windows\wininit.ini
[2010/12/12 22:52:04 | 000,000,007 | ---- | C] () -- C:\Windows\System32\mkghj.dll
[2010/10/26 22:36:49 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/10/26 22:36:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/10/04 22:39:02 | 000,348,160 | ---- | C] () -- C:\Windows\System32\cdga.dll
[2009/08/29 12:51:57 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2009/08/16 23:53:33 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2009/05/11 00:10:34 | 000,000,680 | ---- | C] () -- C:\Users\Danni\AppData\Local\d3d9caps.dat
[2009/04/18 15:27:14 | 000,002,606 | ---- | C] () -- C:\Users\Danni\AppData\Roaming\wklnhst.dat
[2009/02/22 12:40:05 | 000,077,824 | ---- | C] () -- C:\Windows\System32\HPZIDS01.dll
[2008/12/13 23:08:17 | 000,016,896 | ---- | C] () -- C:\Users\Danni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/02 22:59:35 | 000,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2008/05/01 18:31:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/01/02 20:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/01/02 20:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/01/02 20:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/01/02 20:47:22 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/05/14 08:13:40 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007/05/14 08:13:40 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007/05/14 07:58:55 | 000,103,437 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/05/14 05:33:25 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/05/14 05:33:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2007/02/27 16:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/14 02:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 02:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,446,856 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,626,030 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,112,462 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 20:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/05/07 08:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/06/01 23:18:10 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Danni\Desktop\aswMBR.exe
[2011/05/17 20:19:04 | 004,350,161 | R--- | M] () -- C:\Users\Danni\Desktop\ComboFix.exe
[2011/06/01 20:48:14 | 004,109,727 | R--- | M] (Swearware) -- C:\Users\Danni\Desktop\commy.exe
[2011/05/16 23:10:51 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Danni\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/20 18:04:56 | 000,089,088 | ---- | M] () -- C:\Users\Danni\Desktop\mbr.exe
[2011/05/18 20:45:36 | 000,080,384 | ---- | M] () -- C:\Users\Danni\Desktop\MBRCheck.exe
[2011/06/01 23:22:37 | 000,879,092 | ---- | M] () -- C:\Users\Danni\Desktop\SecurityCheck.exe
[2011/06/05 22:04:26 | 001,431,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Danni\Desktop\tdsskiller.exe
[2009/09/27 11:52:36 | 526,443,824 | ---- | M] (Microsoft Corporation) -- C:\Users\Danni\Desktop\X12-30062.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2007/05/14 07:48:51 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2010/10/23 10:27:41 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/10/04 19:56:57 | 000,000,000 | ---D | M] -- C:\Program Files\AIM Toolbar
[2009/06/15 00:30:46 | 000,000,000 | ---D | M] -- C:\Program Files\AOL
[2008/11/06 00:42:41 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/05/25 07:51:18 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/05/24 22:20:13 | 000,000,000 | ---D | M] -- C:\Program Files\CA
[2011/05/17 21:27:08 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/10/04 22:39:00 | 000,000,000 | ---D | M] -- C:\Program Files\Cucusoft
[2011/02/26 13:40:50 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2007/05/14 08:01:18 | 000,000,000 | ---D | M] -- C:\Program Files\earthlink totalaccess
[2010/12/12 00:38:36 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2007/05/14 08:26:33 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2010/12/21 21:08:01 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2007/05/14 08:16:50 | 000,000,000 | ---D | M] -- C:\Program Files\HPQ
[2011/06/01 07:53:51 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2007/05/14 07:12:09 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/06/22 20:12:54 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/05/25 08:13:34 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/05/25 08:15:44 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/10/23 10:12:47 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/08/29 12:43:51 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2011/06/04 17:07:09 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/18 15:00:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Digital Image 2006
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010/12/17 16:04:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Location Finder
[2009/06/15 00:08:36 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft money 2006
[2010/12/17 16:04:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/06/22 20:22:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/09/27 12:07:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/09/27 12:03:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2011/03/08 08:15:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2009/04/18 14:46:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works Suite 2006
[2010/11/25 11:50:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2007/05/14 06:49:40 | 000,000,000 | ---D | M] -- C:\Program Files\Motorola
[2010/10/26 22:51:03 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2009/09/27 12:07:53 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2007/11/05 00:34:53 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/05/14 08:10:05 | 000,000,000 | ---D | M] -- C:\Program Files\muvee Technologies
[2007/05/14 08:02:28 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2011/01/02 11:59:08 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2007/05/14 08:15:12 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/11/27 11:58:09 | 000,000,000 | ---D | M] -- C:\Program Files\RealArcade
[2007/05/14 08:13:35 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/08/16 23:52:42 | 000,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade
[2010/02/13 19:16:56 | 000,000,000 | ---D | M] -- C:\Program Files\Rhapsody
[2007/05/14 07:31:15 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2010/10/04 20:02:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Sallys Salon
[2008/11/29 14:05:01 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2007/05/14 06:55:48 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2008/05/02 23:00:18 | 000,000,000 | ---D | M] -- C:\Program Files\Tencent
[2009/04/18 22:41:37 | 000,000,000 | ---D | M] -- C:\Program Files\TERMINAL Studio
[2010/12/11 20:48:12 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2006/11/02 09:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2008/03/08 09:54:46 | 000,000,000 | ---D | M] -- C:\Program Files\Vongo
[2010/10/23 09:24:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2010/10/23 09:23:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2010/10/23 09:23:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2010/10/23 09:23:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2011/06/18 13:54:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/26 22:51:05 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/10/23 09:23:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2010/10/23 09:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2007/11/08 00:53:03 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2007/05/14 08:18:44 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys
[2007/05/14 08:18:44 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys
[2007/05/14 08:18:44 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\ERDNT\cache\atapi.sys
[2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/02/15 20:33:19 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/15 20:33:19 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/15 20:33:19 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: DISK.SYS >
[2009/04/11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/19 03:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\drivers\disk.sys
[2008/01/19 03:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/19 03:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 05:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTOR.SYS >
[2007/02/12 10:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007/02/12 10:37:22 | 000,537,368 | -H-- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\SwSetup\Robson\Winall\Driver64\IaStor.sys
[2007/02/12 10:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\iaStor.sys
[2007/02/12 10:36:54 | 000,277,784 | -H-- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\SwSetup\Robson\Winall\Driver\iaStor.sys
[2007/02/12 10:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys
[2007/02/12 10:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\ERDNT\cache\netlogon.dll
[2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-06-23 00:10:51

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/28 02:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/05/28 02:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/28 02:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2011/05/28 02:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)

< >

< End of report >


aswMBR.txt log:

aswMBR version 0.9.7.675 Copyright(c) 2011 AVAST Software
Run date: 2011-06-22 22:10:19
-----------------------------
22:10:19.614 OS Version: Windows 6.0.6001 Service Pack 1
22:10:19.614 Number of processors: 2 586 0xF0D
22:10:19.614 ComputerName: DANNI-PC UserName: Danni
22:10:21.501 Initialize success
22:10:43.357 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:10:43.357 Disk 0 Vendor: FUJITSU_ 891F Size: 152627MB BusType: 3
22:10:43.388 Disk 0 MBR read successfully
22:10:43.388 Disk 0 MBR scan
22:10:43.388 Disk 0 unknown MBR code
22:10:43.404 Disk 0 scanning sectors +312576705
22:10:43.435 Disk 0 scanning C:\Windows\system32\drivers
22:10:50.720 Service scanning
22:10:52.280 Disk 0 trace - called modules:
22:10:52.311 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
22:10:52.311 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85398450]
22:10:52.327 3 CLASSPNP.SYS[865c6745] -> nt!IofCallDriver -> [0x848fe6c8]
22:10:52.342 5 acpi.sys[864a06a0] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84900030]
22:10:52.342 Scan finished successfully
22:11:13.964 Disk 0 MBR has been saved successfully to "C:\Users\Danni\Desktop\MBR.dat"
22:11:13.964 The log file has been saved successfully to "C:\Users\Danni\Desktop\aswMBR.txt"



Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down


Re: Thought I had it licked....

Post by DragonMaster Jay on Wed 31 Aug 2011, 9:24 pm

Upload Dump Files:
Please go to C:\Windows\Minidump and zip up the contents of the folder. Then upload/attach the .zip file with your next post.
Left click on the first minidump file.
Hold down the "Shift" key and left click on the last minidump file.
Right click on the blue highlighted area and select "Send to"
Select "Compressed (zipped) folder" and note where the folder is saved.
Upload that .zip file with your next post.

If you have issues with "Access Denied" errors, try copying the files to your desktop and zipping them up from there. If it still won't let you zip them up, post back for further advice.

If you don't have anything in that folder, please check in C:\Windows for a file named MEMORY.DMP. If you find it, zip it up and upload it to a free file hosting service . I recommend Windows Live SkyDrive - [You must be registered and logged in to see this link.] or another free, file-hosting service. Then post the link to it in your topic so that we can download it.

Then, follow the directions here to set your system for Minidumps (much smaller than the MEMORY.DMP file): [You must be registered and logged in to see this link.]


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Thu 01 Sep 2011, 1:06 pm

okay, I think this should work:

[You must be registered and logged in to see this link.]

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Thu 01 Sep 2011, 1:10 pm

I think this is the same thing but I logged on this time:

[You must be registered and logged in to see this link.]

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by DragonMaster Jay on Sat 03 Sep 2011, 10:40 pm

Please follow this tutorial on using MEMTEST

[You must be registered and logged in to see this link.]

Let me know how it works.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Tue 06 Sep 2011, 12:44 pm

Thanks. I was able to run the memtest86 and let it run 9 passes. It showed no errors and I stopped it. The computer still "blue screened" when it restarted.

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by DragonMaster Jay on Wed 07 Sep 2011, 10:19 pm

Do you remember the bugcheck code?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Wed 07 Sep 2011, 10:55 pm

the only thing I wrote down was "slot 0: 512 MB DDR2-333-Qimonda 64T64020HDL35B" It then repeated it for "slot 1". Not sure if that's what you're referring to.

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by DragonMaster Jay on Thu 08 Sep 2011, 10:35 pm

The code on the blue screen...


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Fri 09 Sep 2011, 10:55 pm

Happens quick before it closes. This is what I was able to pick up: DriverIRQL not less than equal. There was also the code DX000000D1 followed by some others in parentheticals that I wasn't able to catch.

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by DragonMaster Jay on Sat 10 Sep 2011, 11:19 pm

Please run hard drive tests....

[You must be registered and logged in to see this link.]


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Sun 18 Sep 2011, 10:21 am

I've been trying but I just don't think I'm technologically sophisticated enough to complete this....

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by DragonMaster Jay on Mon 19 Sep 2011, 6:17 am

To Run the SFC /SCANNOW Command in Windows 7
1. Open an elevated command prompt.

2. To Scan and Repair System Files
NOTE: Scans the integrity of all protected system files and repairs the system files if needed.
A) In the elevated command prompt, type sfc /scannow and press Enter. (see screenshot below)
NOTE: This may take some time to finish.



B) Go to step 4.

3. To Only Verify if the System Files are Corrupted
NOTE: Scans and only verifies the integrity of all proteced system files only.
A) In the elevated command prompt, type sfc /verifyonly and press Enter.

4. When the scan is complete, hopefully you will see all is ok like the screenshot below.
NOTE: If not, then you can attempt to run a System Restore using a restore point dated before the bad file occured to fix it. You may need to repeat doing a System Restore until you find a older restore point that may work.



5. When done, close the elevated command prompt.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Tue 20 Sep 2011, 10:20 am

Thanks. It found no integrity issues.

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by DragonMaster Jay on Wed 21 Sep 2011, 3:08 am

Download, install, and run Whats Running.
Click on Take snapshot in the left pane.
New pop-up window will open.
Click on Save snapshot, and save the file as snap (.xml extension will be added automatically) to know location.

Zip the file, and attach it to your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Wed 21 Sep 2011, 11:21 am

Hi, I hope this is correct:

[You must be registered and logged in to see this link.]

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by DragonMaster Jay on Sat 24 Sep 2011, 12:40 am

Please download the latest version of Kaspersky GetSystemInfo (GSI) from Kaspersky and save it to your Desktop.

Note: please close all other applications running on your system.

Double click GetSystemInfo.exe to open it. It will display an agreement. Click on I Agree to continue.

Click the Settings button.



Set the slider to Maximum.



IMPORTANT! Then, click Customize - choose Driver / Ports tab and uncheck Scan Ports.




On the General tab, make sure all of the boxes are checked.




On the Misc tab, make sure all the checkboxes are checked.

Then, click OK on the windows that you launched.



Click Create Report to run it.


It will begin scanning.

It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop.

It should automatically upload it to [You must be registered and logged in to see this link.] If it does not, then please submit it manually by going to the site and doing the upload process.

It will redirect to a page, where it will provide a sharing URL for specialists. Copy and paste the url of the GSI Parser report in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Sun 25 Sep 2011, 12:45 am

Great. Here is the link:

[You must be registered and logged in to see this link.]

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by DragonMaster Jay on Tue 27 Sep 2011, 1:07 am

Jotti File Submission:
  • Please go to Jotti's malware scan

  • Copy and paste the following file path into the "File to upload & scan"box on the top of the page:

    • C:\Windows\System32\mkghj.dll


  • Click on the submit button

  • Please post the results (URL) in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Tue 27 Sep 2011, 10:55 am

Don't see a URL - it says 0 of 20 found malware.

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by DragonMaster Jay on Thu 29 Sep 2011, 12:49 am

Okay good...tell me all of the problems currently...


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Heroes on Fri 30 Sep 2011, 10:54 pm

It worked normally this morning but I'm affraid to reboot. I'm a bit sceptical and will check back in in a day or two - I've been fooled into this false sense of satisfaction before... :-). Is there a free virus program that you suggest?

Heroes

Rookie Surfer
Rookie Surfer

Posts : 99
Joined : 2009-10-04
Operating System : XP

View user profile

Back to top Go down

Re: Thought I had it licked....

Post by DragonMaster Jay on Sat 01 Oct 2011, 11:02 am

Antivirus?

Right now, Avast is my friendly free AV: [You must be registered and logged in to see this link.]

If you get commonly infected, it is recommended to get a premium antivirus program...

For the antivirus program I most recommend is Kaspersky Antivirus. It yields the highest results in antivirus testing groups, and is one of the most trusted. Its antivirus product is well worth its cost. If you would like to know more, please click on the Kaspersky logo in my signature and it will take you to the appropriate product choice page so you can understand all of the different products.

While I would rather see you interested in Kaspersky Internet Security, the antivirus program will suffice enough. Both programs are well maintained and well above average for any security program. We're truly lucky Kaspersky exists as one of the best, because it beats most other products by miles.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Thought I had it licked....

Post by Sponsored content Today at 6:10 am


Sponsored content


Back to top Go down

Page 4 of 4 Previous  1, 2, 3, 4

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum