Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Crashing Randomly, Blue Screen of Death. [RESOLVED]

Started by myles7897 , Apr 26 2008 02:17 AM

  • This topic is locked This topic is locked

#1
myles7897
Posted 26 April 2008 - 02:17 AM

myles7897

    Member

  • Member
  • PipPip
  • 10 posts
I have a computer that crashes randomly and sometimes shows a blue screen of death.

At first the error report sent to Microsoft said something about temp files, so I earsed all of them using ATF Cleaner. Then I was finally able to do a Malwarebytes Anti-malware scan and remove some problem files.

Here is the log:

Malwarebytes' Anti-Malware 1.11
Database version: 679

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 100444
Time elapsed: 46 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\iehlprobj.iehlprobj.1 (Worm.OnlineG) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ce7c3cf0-4b15-11d1-abed-709549c10000} (Worm.OnlineG) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce7c3cf0-4b15-11d1-abed-709549c10000} (Worm.OnlineG) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\IEHlprObj.IEHlprObj (Worm.OnlineG) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\lotus\organize\iehelper.dll (Worm.OnlineG) -> Quarantined and deleted successfully.


Then I ran it again and it turned up clean. A day later is crashed again.

Here is the Blue Screen Information:

DRIVER_irql_NOT_LESS_OR_EQUAL
w22n51.sys - Address F805EA98 base at F7FEB000, DateStampe 3ff54d71
STOP:0x000000D1 (0x82400000, 0x00000002, 0x00000000, 0xF805EA98


Then I ran ComboFix, here is the log.

ComboFix 08-04-22.5 - LarryC 2008-04-26 0:50:07.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.133 [GMT -7:00]
Running from: C:\Documents and Settings\LarryC\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\LarryC\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2008-03-26 to 2008-04-26 )))))))))))))))))))))))))))))))
.

2008-04-24 15:07 . 2008-04-24 15:07 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-24 15:07 . 2008-04-24 15:07 <DIR> d-------- C:\Documents and Settings\LarryC\Application Data\Malwarebytes
2008-04-24 15:07 . 2008-04-24 15:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-21 20:00 . 2008-04-21 20:00 <DIR> d-------- C:\Program Files\Citrix
2008-04-21 20:00 . 2008-04-21 20:13 <DIR> d-------- C:\Documents and Settings\LarryC\Application Data\ICAClient
2008-04-21 20:00 . 2008-04-21 20:00 48 --a------ C:\WINDOWS\webica.ini
2008-04-07 22:49 . 2008-03-01 06:06 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-07 22:49 . 2007-06-30 20:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-07 22:49 . 2007-06-30 20:36 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-07 22:49 . 2008-03-01 06:06 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-07 22:49 . 2008-03-01 06:06 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-04-07 22:49 . 2008-03-01 06:06 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-07 22:49 . 2008-03-01 06:06 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-07 22:49 . 2008-03-01 06:06 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-07 22:49 . 2008-02-22 03:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-07 22:29 . 2008-04-07 22:32 <DIR> d-------- C:\Program Files\Bonjour
2008-04-07 15:10 . 2008-04-07 15:10 50,072 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-04-07 14:53 . 2008-04-07 14:53 <DIR> d-------- C:\Program Files\Safari
2008-04-07 14:50 . 2008-04-07 14:50 <DIR> d-------- C:\Program Files\iPod
2008-04-07 09:49 . 2008-04-26 00:44 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-07 09:49 . 2008-04-07 09:49 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-03 08:41 . 2008-04-08 20:38 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-04-03 08:41 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-03-30 01:55 . 2004-08-04 01:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-03-30 01:55 . 2004-08-03 23:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-03-30 01:55 . 2004-08-03 23:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-03-30 01:55 . 2001-08-17 23:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 07:44 --------- d-----w C:\Program Files\Symantec AntiVirus
2008-04-25 02:54 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-04-24 21:57 --------- d-----w C:\Documents and Settings\LarryC\Application Data\AdobeUM
2008-04-07 21:57 --------- d-----w C:\Documents and Settings\LarryC\Application Data\Apple Computer
2008-04-07 21:51 --------- d-----w C:\Program Files\iTunes
2008-04-07 21:48 --------- d-----w C:\Program Files\QuickTime
2008-04-03 15:39 --------- d-----w C:\Program Files\Openfire
2008-03-25 01:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-20 04:33 --------- d-----w C:\Documents and Settings\LarryC\Application Data\CyberLink
2008-03-19 21:26 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 3
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-18 22:59 --------- d-----w C:\Program Files\AOL 9.1
2008-03-17 18:42 --------- d-----w C:\Program Files\Global Devtech
2008-03-17 18:26 --------- d-----w C:\Documents and Settings\LarryC\Application Data\AOL
2008-03-17 18:25 --------- d-----w C:\Program Files\Common Files\aolshare
2008-03-17 18:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-03-17 18:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-03-17 18:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-03-12 22:07 --------- d-----w C:\Documents and Settings\LarryC\Application Data\Talkback
2008-03-11 23:45 --------- d-----w C:\Program Files\Spark
2008-03-09 20:10 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-03-09 01:01 --------- d-----w C:\Documents and Settings\LarryC\Application Data\gtk-2.0
2008-03-08 22:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-03-08 22:58 --------- d-----w C:\Program Files\Apple Software Update
2008-03-08 22:57 --------- d-----w C:\Program Files\Common Files\Apple
2008-03-08 22:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-03-08 03:45 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-08 01:10 --------- d-----w C:\Program Files\GIMP-2.0
2008-03-08 00:49 --------- d-----w C:\Documents and Settings\LarryC\Application Data\Thunderbird
2008-03-06 10:12 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-03-06 10:12 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-03-06 04:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-01 03:40 --------- d-----w C:\Program Files\Pure Networks
2008-03-01 03:39 --------- d-----w C:\Program Files\Common Files\Pure Networks Shared
2008-03-01 03:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pure Networks
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-01 11:21 245,408 ----a-w C:\WINDOWS\system32\unicows.dll
2008-01-29 19:02 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 09:24 1694208]
"AOL Fast Start"="C:\Program Files\AOL 9.1\AOL.exe" [2008-03-06 03:12 50528]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 15:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2004-02-29 16:44 66680]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2004-03-12 15:18 124128]
"nmctxth"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-01-08 18:20 451896]
"nmapp"="C:\Program Files\Pure Networks\Network Magic\nmapp.exe" [2008-01-18 11:32 451896]
"HostManager"="C:\Program Files\Common Files\AOL\1205778214\ee\AOLSoftware.exe" [2007-05-25 10:16 42032]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12 483328]

C:\Documents and Settings\LarryC\Start Menu\Programs\Startup\
Network Chat AutoStart.lnk - C:\Program Files\Global Devtech\Network Chat\Network Chat.exe [2004-12-20 20:01:40 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
c:\WINDOWS\System32\LgNotify.dll 2003-12-16 16:49 110592 c:\WINDOWS\system32\LgNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"C:\\Program Files\\AOL 9.1\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\1205778214\\ee\\aolsoftware.exe"=
"C:\\Program Files\\Global Devtech\\Network Chat\\Network Chat.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"67:UDP"= 67:UDP:DHCP Discovery Service

R0 BsStor;B.H.A Storage Helper Driver;C:\WINDOWS\system32\drivers\BsStor.sys [2004-02-04 02:08]
R1 GhPciScan;GhostPciScanner;C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys [2002-08-14 15:11]
S3 pciSd;pciSd;C:\WINDOWS\system32\DRIVERS\tossdpci.sys [2003-02-12 10:03]
S3 tsdhd;TOSHIBA SD Card Host Controller Driver;C:\WINDOWS\system32\DRIVERS\tsdhd.sys [2003-05-14 18:38]

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-04-05 04:52:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-26 00:51:45
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-04-26 0:53:19
ComboFix-quarantined-files.txt 2008-04-26 07:53:00

Pre-Run: 15,444,815,872 bytes free
Post-Run: 15,420,739,584 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /forceresetreg /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

154 --- E O F --- 2008-04-09 03:38:52


And then here is the HijackThis! Log after all that.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:08:06 AM, on 4/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Common Files\AOL\1205778214\ee\AOLSoftware.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AOL 9.1\shellmon.exe
C:\Documents and Settings\LarryC\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1205778214\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Network Chat AutoStart.lnk = C:\Program Files\Global Devtech\Network Chat\Network Chat.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Web Entry - {B4E30F61-16D9-11D3-85D1-005004229569} - c:\lotus\organize\bandobjs.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1006.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0386A406-9E9A-41D9-AFE5-2147A82ACCEA}: NameServer = 4.2.2.2,4.2.2.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{0386A406-9E9A-41D9-AFE5-2147A82ACCEA}: NameServer = 4.2.2.2,4.2.2.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{0386A406-9E9A-41D9-AFE5-2147A82ACCEA}: NameServer = 4.2.2.2,4.2.2.3
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O24 - Desktop Component 0: (no name) - http://www.lacoe.edu...per_indent2.jpg

--
End of file - 10500 bytes



Thank you for your help.
  • 0

Advertisements

#2
greyknight17
Posted 26 April 2008 - 06:58 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
It looks like it's a driver issue with your wireless card. I assume it's a Dell Intel 2200BG....

You should try reinstalling the drivers for the card to see if it helps. Otherwise, post in the Networking board for more assistance.
  • 0

#3
myles7897
Posted 27 April 2008 - 12:59 AM

myles7897

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
ok, will do.

Thank You.
  • 0

#4
greyknight17
Posted 27 April 2008 - 08:06 AM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP