[Essexboy]

Yep they were the right ones. There was the possible detection of a rootkit which I will now investigate further, but the element may have been removed

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

• Doubleclick the drweb-cureit.exe file and Allow to run the express scan
• This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
• Once the short scan has finished, mark the drives that you want to scan.
• Select all drives. A red dot shows which drives have been chosen.
• Click the green arrow at the right, and the scan will start.
• Click 'Yes to all' if it asks if you want to cure/move the file.
• When the scan has finished, in the menu, click file and choose save report list
• Save the report to your desktop. The report will be called DrWeb.csv
• Close Dr.Web Cureit.

[Advertisements]

Dr Web found several viruses when I ran the full scan -- none initially. Of course, I cannot upload the file. Odd stuff it found (in my opinion).

[hsoup]

Dr Web found several viruses when I ran the full scan -- none initially. Of course, I cannot upload the file. Odd stuff it found (in my opinion).

[Essexboy]

Why can't you upload the report ?

[hsoup]

It would not allow me to uplaod. Bottom left corner said: " Upload failed. You are not permitted to upload this type of file." Just tried again and it would not allow me to upload.

[hsoup]

It is an excel spread sheet, but it has a .csv extension.

[Essexboy]

Could you upload it here and then post the link http://www.mediafire.com/

[hsoup]

Upload complete. Look for "DrWeb26Jun08.csv". I also renamed it as an .xls file and tried to upload here, but alack and alas...

[Essexboy]

Do you have the link so I can download it ?
The link will appear at the bottom where it says sharing URL just copy and paste that

[hsoup]

Oh, man...my bad. http://www.mediafire.com/?xiodnldizji Hope this will do it.

[Essexboy]

Ok that just hit the tools we used plus some items in system restore

Could you re-run MBAM and note which file is being scanned prior to shutdown.

As for the shutdown is it a blue screen or automatic re-boot ?

[hsoup]

My eye - brain coordination is not very good. That scan is going about the speed of light and it jumps back and forth between C:\\WINDOWS/System32... and C:\\programs...setup... I ran it three times trying to determine where it stopped, but to no avail. The third time, the last thing I saw was "56F..." looked like a registry thingy. Is there a way to kindly slow the scan down to about 7-10 mph? No longer than it runs before it shuts down, I can probably keep pace with it for that short a time before raising the white flag. Any other suggestions?

BTW, it is not a blue screen when it quits -- it's just like hitting the reset button or when the electricity flickers and you don't have battery backup. Your heart just sinks. In this case it isn't because I've lost data, but because now we have to go thru the whole reboot thing again and wait for the bloomin' thing to...well, I'm off chasing a rabbit, and that doesn't help anything, does it? Oh, well. Any suggestions or some more fancy weapons to pull out of that armory of yours?

Standing by.

[Essexboy]

Curiouser and curiouser. Lets see if we can get a blue screen as it sounds like a driver problem

Right click my computer and select properties
Select the Advanced tab
Select Startup and Recovery Settings
Remove the tick from System Failure, Automatically restart


Re-run Malwarebytes again and this time you should get a blue screen
Please write down everything it says and post back

[hsoup]

Blue screen capture:
Bad_pool_caller
Stop 0x000000CZ (0x00000040, 0x00000000, 0x0000000, 0x00000000

MS Windows error report:
BCCode : c2 BCP1 : 00000040 BCP2 : 00000000 BCP3 : 80000000
BCP4 : 00000000 OSVer : 5_1_2600 SP : 3_0 Product : 768_1

[hsoup]

More info from the error report to Microsoft:
Problem caused by Device Driver

You received this message because a device driver installed on your computer caused Windows to stop unexpectedly. This type of error is referred to as a "stop error." A stop error requires you to restart your computer.

More information

--------------------------------------------------------------------------------



Problem report summary

Problem type
Windows stop error (a message appears on a blue screen with error code information)

Solution available?
No

What does this problem mean?
Windows has encountered a problem it cannot recover from and it needs to be restarted

Cause
Unknown

Computer symptoms
A message appears on a blue screen with error code information (for example: 0x0000001E, KMODE_EXCEPTION_NOT_HANDLED)

Additional steps for you to take
Please continue to send problem reports so analysts at Microsoft can study and try to correct the problem as quickly as possible

[hsoup]

One more bit of info from MS:

Technical Information
How to Troubleshoot Hardware and Software Driver Problems in Windows XP (Q322205)
Information about hardware device drivers for Windows XP