Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Blue screen (Bios)

Started by mrRogers , Jan 22 2011 02:25 PM

  • Please log in to reply

#1
mrRogers
Posted 22 January 2011 - 02:25 PM

mrRogers

    New Member

  • Member
  • Pip
  • 3 posts
Last night I was talking with some friends on the book of faces when I got a random bluescreen error. It went away quickly but it said that there was a BIOS error. I have been having friends tell me that I keep on logging out when talking with them. I believe there is something up with my pc. I have ran malware bytes and all I got was a registry error on regedit
HKEY_CLASSES_ROOT\regfile\shell\open\command\

It seems like there is more going on than this but I am not sure what the issue is.

Here is my otl log.

OTL logfile created on: 1/22/2011 2:19:52 PM - Run 1
OTL by OldTimer - Version 3.2.20.4 Folder = C:\Users\ryan\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 43.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 30.93 Gb Free Space | 20.75% Space Free | Partition Type: NTFS

Computer Name: RYAN-PC | User Name: ryan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/22 14:04:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryan\Desktop\OTL.exe
PRC - [2011/01/22 02:13:50 | 000,110,352 | ---- | M] (www.motioninjoy.com) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/10/02 16:48:26 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
PRC - [2009/10/02 16:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
PRC - [2009/04/11 00:27:45 | 001,792,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/05/09 16:01:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe


========== Modules (SafeList) ==========

MOD - [2011/01/22 14:04:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryan\Desktop\OTL.exe
MOD - [2010/08/31 09:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009/10/02 16:48:44 | 000,226,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\ThinkPad\Bluetooth Software\BtMmHook.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/02 16:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/09/24 19:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/20 20:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/01/22 11:17:55 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7D8EFD74-B40B-4FBA-B6B9-E1A3B696B921}\MpKsl4c797c70.sys -- (MpKsl4c797c70)
DRV - [2010/06/30 20:49:30 | 000,051,712 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV - [2010/03/25 20:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/12/02 12:11:04 | 000,018,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2009/12/02 12:11:02 | 000,108,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2009/12/02 12:11:02 | 000,086,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2009/12/02 12:11:02 | 000,029,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2009/11/24 15:29:16 | 000,061,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2008/11/05 22:20:24 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/10/11 14:56:00 | 000,045,056 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/07/29 14:41:36 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/06/03 05:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/01/20 20:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 20:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 20:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 20:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 20:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 20:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 20:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 20:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 20:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 20:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 20:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 20:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 20:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 20:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 20:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 20:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 20:32:48 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2008/01/20 20:32:48 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2008/01/20 20:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 20:32:48 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/20 20:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 20:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 20:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 20:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 20:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 20:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 20:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 20:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/10 16:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/03/05 09:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 01:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/11/02 01:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 15 94 4D 96 D9 B9 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ryan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\ryan\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3706d03b-928f-11df-946a-00197edd2ce5}\Shell - "" = AutoRun
O33 - MountPoints2\{3706d03b-928f-11df-946a-00197edd2ce5}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/22 14:04:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ryan\Desktop\OTL.exe
[2011/01/22 03:02:08 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/01/22 01:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
[2011/01/22 01:52:47 | 000,051,712 | ---- | C] (MotioninJoy) -- C:\Windows\System32\drivers\MijXfilt.sys
[2011/01/22 01:52:47 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Roaming\MotioninJoy
[2011/01/22 01:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy
[2011/01/22 00:48:51 | 000,000,000 | ---D | C] -- C:\Users\ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices

========== Files - Modified Within 30 Days ==========

[2011/01/22 14:04:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ryan\Desktop\OTL.exe
[2011/01/22 13:17:41 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/22 13:17:41 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/22 11:22:30 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/22 11:22:30 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/22 11:17:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/22 11:17:35 | 2009,247,744 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/22 11:16:43 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/01/22 03:01:35 | 215,629,249 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/01/22 01:54:59 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011/01/22 01:54:59 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2011/01/22 01:54:48 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/01/22 01:52:48 | 000,000,935 | ---- | M] () -- C:\Users\ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk
[2011/01/22 01:52:48 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2011/01/22 00:48:51 | 000,001,111 | ---- | M] () -- C:\Users\ryan\Desktop\LG HBS-200.lnk
[2011/01/19 17:11:52 | 000,000,680 | ---- | M] () -- C:\Users\ryan\AppData\Local\d3d9caps.dat
[2011/01/10 17:58:38 | 000,017,450 | ---- | M] () -- C:\Users\ryan\Desktop\old man yells at cloud.jpg

========== Files Created - No Company Name ==========

[2011/01/22 03:01:35 | 215,629,249 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/01/22 01:54:59 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011/01/22 01:54:59 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2011/01/22 01:54:48 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/01/22 01:54:06 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011/01/22 01:52:48 | 000,000,935 | ---- | C] () -- C:\Users\ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk
[2011/01/22 01:52:48 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2011/01/19 23:17:42 | 000,001,111 | ---- | C] () -- C:\Users\ryan\Desktop\LG HBS-200.lnk
[2011/01/10 15:03:59 | 000,017,450 | ---- | C] () -- C:\Users\ryan\Desktop\old man yells at cloud.jpg
[2010/08/12 17:10:29 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2010/06/18 18:20:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/06/15 00:03:47 | 000,011,776 | ---- | C] () -- C:\Users\ryan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/09 08:08:41 | 000,000,680 | ---- | C] () -- C:\Users\ryan\AppData\Local\d3d9caps.dat
[2009/12/20 19:42:18 | 000,000,314 | ---- | C] () -- C:\Windows\primopdf.ini
[2008/06/03 02:35:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/06/20 16:26:00 | 000,000,000 | ---D | M] -- C:\Users\ryan\AppData\Roaming\Ableton
[2010/08/26 23:37:47 | 000,000,000 | ---D | M] -- C:\Users\ryan\AppData\Roaming\InfraRecorder
[2011/01/22 01:52:47 | 000,000,000 | ---D | M] -- C:\Users\ryan\AppData\Roaming\MotioninJoy
[2010/08/12 17:16:24 | 000,000,000 | ---D | M] -- C:\Users\ryan\AppData\Roaming\PrimoPDF
[2010/08/28 02:16:19 | 000,000,000 | ---D | M] -- C:\Users\ryan\AppData\Roaming\TightVNC
[2011/01/22 11:16:48 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
emeraldnzl
Posted 23 January 2011 - 02:36 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello mrRogers,

Welcome to Geekstogo.

In this post we will use a couple of diagnostic tools to see what they turn up.

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

After that

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:


Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

So when you return please post
  • checkup.txt
  • MBRCheck.txt
  • 0

#3
mrRogers
Posted 26 January 2011 - 08:33 PM

mrRogers

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Don't see anything in these reports. But I'm not the expert.

Results of Securitycheck.exe
Results of screen317's Security Check version 0.99.8
Windows Vista Service Pack 2 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java DB 10.5.3.0
Java™ 6 Update 22
Java™ SE Development Kit 6 Update 20
Out of date Java installed!
Adobe Flash Player
Adobe Reader 9.4.1
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
``````````End of Log````````````

Results of MBRCheck

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows Vista Home Basic Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 1521
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 149):
0x82239000 \SystemRoot\system32\ntkrnlpa.exe
0x82206000 \SystemRoot\system32\hal.dll
0x8040D000 \SystemRoot\system32\kdcom.dll
0x80414000 \SystemRoot\system32\PSHED.dll
0x80425000 \SystemRoot\system32\BOOTVID.dll
0x8042D000 \SystemRoot\system32\CLFS.SYS
0x8046E000 \SystemRoot\system32\CI.dll
0x8054E000 \SystemRoot\system32\drivers\Wdf01000.sys
0x805BF000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80605000 \SystemRoot\system32\drivers\acpi.sys
0x8064B000 \SystemRoot\system32\drivers\WMILIB.SYS
0x80654000 \SystemRoot\system32\drivers\msisadrv.sys
0x8065C000 \SystemRoot\system32\drivers\pci.sys
0x80683000 \SystemRoot\System32\drivers\partmgr.sys
0x80692000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80695000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8069F000 \SystemRoot\system32\drivers\volmgr.sys
0x806AE000 \SystemRoot\System32\drivers\volmgrx.sys
0x806F8000 \SystemRoot\system32\drivers\pciide.sys
0x806FF000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8070D000 \SystemRoot\System32\drivers\mountmgr.sys
0x8071D000 \SystemRoot\system32\drivers\atapi.sys
0x80725000 \SystemRoot\system32\drivers\ataport.SYS
0x80743000 \SystemRoot\system32\drivers\fltmgr.sys
0x80775000 \SystemRoot\system32\drivers\fileinfo.sys
0x80785000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8760D000 \SystemRoot\system32\drivers\ndis.sys
0x87718000 \SystemRoot\system32\drivers\msrpc.sys
0x87743000 \SystemRoot\system32\drivers\NETIO.SYS
0x8780C000 \SystemRoot\System32\drivers\tcpip.sys
0x878F9000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x87A0B000 \SystemRoot\System32\Drivers\Ntfs.sys
0x87B1B000 \SystemRoot\system32\drivers\volsnap.sys
0x87B54000 \SystemRoot\System32\Drivers\spldr.sys
0x87B5C000 \SystemRoot\System32\Drivers\mup.sys
0x87B6B000 \SystemRoot\System32\drivers\ecache.sys
0x87B92000 \SystemRoot\system32\drivers\disk.sys
0x87BA3000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x87BC4000 \SystemRoot\system32\drivers\crcdisk.sys
0x87BED000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x87914000 \SystemRoot\system32\DRIVERS\amdk8.sys
0x8B008000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x8B51B000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8B5BC000 \SystemRoot\System32\drivers\watchdog.sys
0x87924000 \SystemRoot\system32\DRIVERS\bcmwl6.sys
0x8B5C8000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x87999000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8B5D2000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8B5E1000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8B80F000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8B89C000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8B8AF000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8B8BA000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8B8C5000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0x8B8D6000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8B8E6000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8B8F4000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x8B90E000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x8B91F000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x8B933000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x8B985000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8B989000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8B992000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8777E000 \SystemRoot\system32\DRIVERS\storport.sys
0x8B9C1000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8B9CC000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8B9E3000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x879D7000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8B9EE000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x877BF000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x877D3000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x877E8000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8B9FD000 \SystemRoot\system32\DRIVERS\swenum.sys
0x805CD000 \SystemRoot\system32\DRIVERS\ks.sys
0x8B800000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x87600000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8BC0E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8BC43000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8BC54000 \SystemRoot\system32\drivers\HdAudio.sys
0x8BC93000 \SystemRoot\system32\drivers\portcls.sys
0x8BCC0000 \SystemRoot\system32\drivers\drmk.sys
0x8BCE5000 \SystemRoot\system32\DRIVERS\VSTAZL3.SYS
0x8C005000 \SystemRoot\system32\DRIVERS\VSTDPV3.SYS
0x8C109000 \SystemRoot\system32\DRIVERS\VSTCNXT3.SYS
0x8C1BC000 \SystemRoot\system32\drivers\modem.sys
0x8C1C9000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x8C1F0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8C1F9000 \SystemRoot\System32\Drivers\Null.SYS
0x8BD21000 \SystemRoot\System32\Drivers\Beep.SYS
0x8BD31000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8BD38000 \SystemRoot\System32\drivers\vga.sys
0x8BD44000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8BD65000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8BD6D000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8C000000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8BD84000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8BD8C000 \SystemRoot\system32\DRIVERS\OEM02Dev.sys
0x8BDC6000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8C002000 \SystemRoot\system32\DRIVERS\OEM02Vfx.sys
0x8BDD1000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8BDDF000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8BDE8000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8C202000 \SystemRoot\system32\DRIVERS\smb.sys
0x8C216000 \SystemRoot\system32\drivers\afd.sys
0x8C25E000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8C290000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8C2A6000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8C2B4000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8C2C7000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8C303000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8C30D000 \SystemRoot\System32\Drivers\dfsc.sys
0x8C324000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8C331000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x8C33C000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x928C0000 \SystemRoot\System32\win32k.sys
0x8C344000 \SystemRoot\System32\drivers\Dxapi.sys
0x8C34E000 \SystemRoot\system32\DRIVERS\MijXfilt.sys
0x8C35E000 \SystemRoot\system32\DRIVERS\xusb21.sys
0x8C36B000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8C374000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8C384000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8C38C000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x8C395000 \SystemRoot\system32\DRIVERS\monitor.sys
0x92AE0000 \SystemRoot\System32\TSDDD.dll
0x92B00000 \SystemRoot\System32\cdd.dll
0x8C3A4000 \SystemRoot\system32\drivers\luafv.sys
0x94E02000 \SystemRoot\system32\drivers\spsys.sys
0x94EB2000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x94EC2000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x94EEC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x94EF6000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x94F09000 \SystemRoot\system32\drivers\HTTP.sys
0x94F76000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x94F93000 \SystemRoot\system32\DRIVERS\bowser.sys
0x94FAC000 \SystemRoot\System32\drivers\mpsdrv.sys
0x94FC1000 \SystemRoot\system32\drivers\mrxdav.sys
0x8C3BF000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x96804000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9683D000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x96855000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9687D000 \SystemRoot\System32\DRIVERS\srv.sys
0x968E3000 \SystemRoot\system32\drivers\peauth.sys
0x969C1000 \SystemRoot\System32\Drivers\secdrv.SYS
0x969CB000 \SystemRoot\System32\drivers\tcpipreg.sys
0x969D7000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x969ED000 \SystemRoot\system32\DRIVERS\MpNWMon.sys
0x968CB000 \SystemRoot\system32\DRIVERS\NisDrvWFP.sys
0x968D7000 \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8D14E3F0-2DC9-4D7E-875F-2FFCE9A200DC}\MpKsl13a8183c.sys
0x76EF0000 \Windows\System32\ntdll.dll

Processes (total 50):
0 System Idle Process
4 System
416 C:\Windows\System32\smss.exe
548 csrss.exe
608 C:\Windows\System32\wininit.exe
624 csrss.exe
656 C:\Windows\System32\services.exe
672 C:\Windows\System32\lsass.exe
680 C:\Windows\System32\lsm.exe
720 C:\Windows\System32\winlogon.exe
852 C:\Windows\System32\svchost.exe
916 C:\Windows\System32\svchost.exe
980 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
1096 C:\Windows\System32\Ati2evxx.exe
1128 C:\Windows\System32\svchost.exe
1164 C:\Windows\System32\svchost.exe
1220 C:\Windows\System32\svchost.exe
1276 C:\Windows\System32\audiodg.exe
1300 C:\Windows\System32\svchost.exe
1324 C:\Windows\System32\SLsvc.exe
1364 C:\Windows\System32\svchost.exe
1488 C:\Windows\System32\Ati2evxx.exe
1604 C:\Windows\System32\svchost.exe
1824 C:\Windows\System32\spoolsv.exe
1864 C:\Windows\System32\svchost.exe
248 C:\Windows\System32\svchost.exe
344 C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
520 C:\Windows\System32\svchost.exe
1596 C:\Windows\System32\svchost.exe
204 C:\Windows\System32\svchost.exe
1968 C:\Windows\System32\SearchIndexer.exe
2128 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
2524 C:\Windows\System32\taskeng.exe
2572 C:\Windows\System32\dwm.exe
2644 C:\Windows\explorer.exe
2852 C:\Windows\System32\taskeng.exe
2920 C:\Windows\OEM02Mon.exe
2960 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3036 C:\Program Files\Microsoft Security Client\msseces.exe
3072 C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
3084 C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
3392 C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
3864 C:\Program Files\Internet Explorer\iexplore.exe
3948 C:\Program Files\Internet Explorer\iexplore.exe
1060 C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
3220 C:\Program Files\Internet Explorer\iexplore.exe
3516 C:\Windows\System32\notepad.exe
816 C:\Windows\System32\SearchProtocolHost.exe
2204 C:\Windows\System32\SearchFilterHost.exe
4032 C:\Users\ryan\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)

PhysicalDrive0 Model Number: WDCWD1600BEVT-11ZCT0, Rev: 11.01A11

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!
  • 0

#4
emeraldnzl
Posted 26 January 2011 - 08:44 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
No nothing of great import there.

Let's try the Malwarebytes one again, maybe it will show what it found:

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
  • 0

#5
mrRogers
Posted 04 February 2011 - 09:54 PM

mrRogers

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Sorry I ran this a couple of days ago. Been kinda busy here.
Everything looks fine. I guess I should double check my drivers, and definately replace my dead battery. Or just buy a new laptop :D

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5643

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

1/30/2011 9:14:32 PM
mbam-log-2011-01-30 (21-14-32).txt

Scan type: Quick scan
Objects scanned: 134036
Time elapsed: 5 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Thanks for your help.
  • 0

#6
emeraldnzl
Posted 04 February 2011 - 10:46 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello mrRogers,

Download BlueScreenView
No installation required.
Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit > Select All.
Go File > Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

Next

Kaspersky on line scanner is very thorough. It can take a long time and for periods may seem not to be working. Just be patient and let it do its job.

Kaspersky works with Internet Explorer and Firefox 3. It uses Java Runtime Environment (JRE) .

Go to Kaspersky website and perform an online antivirus scan.

Note: you will need to turn off your security programs to allow Kaspersky to do its job.
Note2: If during the running of Kaspersky it stops because of a script running just agree to continue.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Copy and paste that information in your next post.

When you return please post
  • BSOD.txt
  • Kaspersky scan results
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP