Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Alarm sounding-Blue screen-various issues! [Closed]


  • This topic is locked This topic is locked

#16
Symmetrix

Symmetrix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
Yes, i think i mentioned even on start-up of the computer. It has been an issue for awhile and has progressively gotten worse. The blue screen error started after the printer stopped working.
  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I am wondering if we actually have a hardware problem here

What is the make and model of your computer ?
  • 0

#18
Symmetrix

Symmetrix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
It was built for me/ Here is the computer info from CPU ID:
----------------------------------------------------------------
CrystalCPUID 4.15.5.452 © 2002-2009 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------

OS : Windows XP Professional SP3 [ 5.1 Build 2600 ]
Date : 2013/03/18 12:14:41

CPU Name : Intel Pentium 4 HT (Prescott)
Vendor String : GenuineIntel
Name String : Intel® Pentium® 4 CPU 3.00GHz
Architecture : x86
Process Rule : 90 nm
Platform : LGA775 [4]
CPU Type : Original OEM processor [0]
Number (Total) : 2
Physical Core : 1
Hyper-Threading : 2
Family : Fh
Model : 4h
Stepping : 1h
APIC : 00h
Microcode ID : 17h
Feature : MMX SSE SSE2 SSE3 HTT XD Intel 64
PowerManagement :

Current Original
Clock : 3060.57 MHz 3000.00 MHz
System Clock : 204.04 MHz 200.00 MHz
System Bus : 816.15 MHz 800.00 MHz
Multiplier : 15.00 15.00
Data Rate : QDR
Over Clock : 2.02 %

L1 T-Cache : 12 KuOps
L1 D-Cache : 16 KB
L2 Cache : 1024 KB [Full:3060.57 MHz]
Memory : 512 MB

CPUID : EAX EBX ECX EDX
----------------------------------------------
00000000 : 00000005 756E6547 6C65746E 49656E69
00000001 : 00000F41 00020800 0000641D BFEBFBFF
00000002 : 605B5001 00000000 00000000 007C7040
00000003 : 00000000 00000000 00000000 00000000
00000004 : 00004121 01C0003F 0000001F 00000000
00000005 : 00000040 00000040 00000000 00000000
80000000 : 80000008 00000000 00000000 00000000
80000001 : 00000000 00000000 00000000 20100000
80000002 : 20202020 20202020 20202020 6E492020
80000003 : 286C6574 50202952 69746E65 52286D75
80000004 : 20342029 20555043 30302E33 007A4847
80000005 : 00000000 00000000 00000000 00000000
80000006 : 00000000 00000000 04006040 00000000
80000007 : 00000000 00000000 00000000 00000000
80000008 : 00003024 00000000 00000000 00000000

MSR : EAX1 EDX1 EAX2 EDX2
: 00000000 00000000 0F12010F 00000000
QPF : 3060.570000 MHz

----------------------------------------------------------------
Chipset Information
----------------------------------------------------------------
Chipset : Intel 865G/PE/P/848P (Springdale-G/PE/P)
North Bridge : [8086:2570.02] Intel 82865G/PE/P/848P
South Bridge : [8086:24D0.02] Intel 82801EB/ER (ICH5/R)
Video Chip : [10DE:0326.A1] NVIDIA GeForce FX 5500

----------------------------------------------------------------
BIOS Information by WMI (Windows Management Interface)
----------------------------------------------------------------
BIOS Vendor : Phoenix Technologies, LTD
BIOS Caption : Phoenix - AwardBIOS v6.00PG
BIOS Version : IntelR - 42302e31
BIOS Date : 01/21/2005
SM BIOS Caption : 6.00 PG
SM BIOS Version : 2.3
Mother Vendor : http://www.abit.com.tw/
Mother Product : AS8 / AS8-V (Intel i865-ICH5)
Mother Version : 1.0
System Vendor : INTELR
System Model : AWRDACPI

----------------------------------------------------------------
System Information by DMI (Desktop Management Interface)
----------------------------------------------------------------
SM BIOS Version : 2.3
BIOS Vendor : Phoenix Technologies, LTD
BIOS Version : 6.00 PG
BIOS Date : 01/21/2005
BIOS ROM Size : 512 KB
Mother Vendor : http://www.abit.com.tw/
Mother Product : AS8 / AS8-V (Intel i865-ICH5)
Mother Version : 1.0
CPU Socket : Socket 775
CPU Vendor : Intel
CPU Version : Intel® Pentium® 4 CPU
Current Clock : 3060 MHz
External Clock : 204 MHz
Max Clock : 4000 MHz

----------------------------------------------------------------
PCI Device Information
----------------------------------------------------------------
No Bus Dev Fnc VendorDeviceRev Class DeviceType
0 0 0 0 8086h:2570h.02h 060000h Host Bridge
1 0 1 0 8086h:2571h.02h 060400h PCI to PCI Bridge
2 0 29 0 8086h:24D2h.02h 0C0300h UHCI USB Controller
3 0 29 1 8086h:24D4h.02h 0C0300h UHCI USB Controller
4 0 29 2 8086h:24D7h.02h 0C0300h UHCI USB Controller
5 0 29 3 8086h:24DEh.02h 0C0300h UHCI USB Controller
6 0 29 7 8086h:24DDh.02h 0C0320h EHCI USB Controller
7 0 30 0 8086h:244Eh.C2h 060400h PCI to PCI Bridge
8 0 31 0 8086h:24D0h.02h 060100h ISA Bridge
9 0 31 1 8086h:24DBh.02h 01018Ah Bus Master IDE controller
10 0 31 2 8086h:24D1h.02h 01018Fh Serial ATA Controller
11 0 31 3 8086h:24D3h.02h 0C0500h SMBus Contoller
12 0 31 5 8086h:24D5h.02h 040100h Audio Device
13 1 0 0 10DEh:0326h.A1h 030000h VGA Compatible Controller
14 2 1 0 104Ch:8024h.00h 0C0010h OHCI IEEE1394 Controller
15 2 2 0 10ECh:8139h.10h 020000h Ethernet Controller
16 2 5 0 1106h:3038h.61h 0C0300h UHCI USB Controller
17 2 5 1 1106h:3038h.61h 0C0300h UHCI USB Controller
18 2 5 2 1106h:3104h.63h 0C0320h EHCI USB Controller

No DeviceName
0 Intel 82865G/PE/P DRAM Controller/Host-Hub Interface
1 Intel 82865G/PE/P AGP Bridge
2 Intel 82801EB/ER (ICH5/ICH5R) USB UHCI Controller #1
3 Intel 82801EB/ER (ICH5/ICH5R) USB UHCI Controller #2
4 Intel 82801EB/ER (ICH5/ICH5R) USB UHCI Controller #3
5 Intel 82801EB/ER (ICH5/ICH5R) USB UHCI Controller #4
6 Intel 82801EB/ER (ICH5/ICH5R) USB2 EHCI Controller
7 Intel 82801 PCI Bridge
8 Intel 82801EB/ER (ICH5/ICH5R) LPC Interface Bridge
9 Intel 82801EB/ER (ICH5/ICH5R) IDE Controller
10 Intel 82801EB (ICH5) SATA Controller
11 Intel 82801EB/ER (ICH5/ICH5R) SMBus Controller
12 Intel 82801EB/ER (ICH5/ICH5R) AC'97 Audio Controller
13 NVIDIA NV34 [GeForce FX 5500]
14 Texas TSB43AB23 IEEE-1394a-2000 Controller (PHY/Link)
15 Realtek RTL-8139/8139C/8139C+
16 VIA VT82xxxxx UHCI USB 1.1 Controller
17 VIA VT82xxxxx UHCI USB 1.1 Controller
18 VIA USB 2.0
  • 0

#19
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets see what these tools reveal

Please download SINO by Artellos.
  • Save SINO to a place you can remember and run SINO.exe. (If you downloaded the ZIP version you will need to extract it first)
  • Then please check the following checkboxes:

    System Info
    Services
    Boot Check
    Tasklist
    Startup Items
    Event Log
    Ipconfig
    Ping
    Netstat
    Hosts file
    Shares
    Routing Table

  • Once checked, hit the Run Scan! button and wait for the program to finish the scan.
  • A notepad window will pop up. Please copy all of the content into your next reply.
Note: If you try to interact with the program once it’s started scanning it might appear to hang. The scan however will continue.

THEN

Download Speedfan and install it. Once it's installed, run the program and post here the information it shows. The information I want you to post is the stuff that is circled in the example picture I have attached.
If you are running on a vista machine, please go to where you installed the program and run the program as administrator.

Posted Image
(this is a screenshot from a vista machine)
  • 0

#20
Symmetrix

Symmetrix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
System Investigator by Olrik
Log Created On: 1001_19-03-2013
SINO Version: 3.1.0.0

Total RAM: 511 MB | Free RAM: 106 MB | Pagefile Size: 1247 MB
A: | None | 3 1/2 Inch Floppy Drive
C: | 1076 MB out of 38154 MB Free | Local Fixed Disk
D: | None | CD-ROM Disc

<<<< System Information >>>>

Computer Name: DRAFT_STATION3
Username: CAD Operator
Language Setting: ENU
Windows Directory: C:\WINDOWS
Windows Version: Windows XP Service Pack 3

<<<< Tasklist >>>>

[System Idle Process] - Process ID: 0
[System] - Process ID: 4
[C:\WINDOWS\System32\smss.exe] - Process ID: 468
[csrss.exe] - Process ID: 532
[C:\WINDOWS\system32\winlogon.exe] - Process ID: 556
[C:\WINDOWS\system32\services.exe] - Process ID: 604
[C:\WINDOWS\system32\lsass.exe] - Process ID: 616
[C:\WINDOWS\system32\svchost.exe] - Process ID: 784
[svchost.exe] - Process ID: 832
[C:\WINDOWS\System32\svchost.exe] - Process ID: 900
[C:\WINDOWS\system32\svchost.exe] - Process ID: 940
[svchost.exe] - Process ID: 988
[svchost.exe] - Process ID: 1072
[C:\WINDOWS\System32\svchost.exe] - Process ID: 1420
[C:\WINDOWS\System32\svchost.exe] - Process ID: 1608
[C:\Program Files\Java\jre6\bin\jqs.exe] - Process ID: 1620
[C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe] - Process ID: 1664
[C:\WINDOWS\system32\svchost.exe] - Process ID: 1784
[C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe] - Process ID: 1848
[wmpnetwk.exe] - Process ID: 884
[alg.exe] - Process ID: 2128
[C:\WINDOWS\Explorer.EXE] - Process ID: 2808
[C:\Program Files\Microsoft IntelliType Pro\type32.exe] - Process ID: 2928
[C:\WINDOWS\SOUNDMAN.EXE] - Process ID: 2988
[C:\Program Files\Common Files\Java\Java Update\jusched.exe] - Process ID: 3220
[C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe] - Process ID: 3236
[C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] - Process ID: 3276
[C:\WINDOWS\system32\ctfmon.exe] - Process ID: 3296
[C:\Documents and Settings\CAD Operator\Application Data\Dropbox\bin\Dropbox.exe] - Process ID: 3356
[C:\Program Files\AVG Secure Search\vprot.exe] - Process ID: 920
[C:\WINDOWS\system32\spoolsv.exe] - Process ID: 1184
[C:\Documents and Settings\CAD Operator\My Documents\Downloads\setup_11.0.0.1245.x01_2013_03_15_20_36.exe] - Process ID: 2432
[C:\DOCUME~1\CADOPE~1\LOCALS~1\Temp\RarSFX0\7735192.exe] - Process ID: 1444
[C:\DOCUME~1\CADOPE~1\LOCALS~1\Temp\5797996\7735192.exe] - Process ID: 3136
[C:\Program Files\Common Files\Java\Java Update\jucheck.exe] - Process ID: 3776
[unsecapp.exe] - Process ID: 3520
[wmiprvse.exe] - Process ID: 2536
[C:\Program Files\Outlook Express\msimn.exe] - Process ID: 1520
[C:\Documents and Settings\CAD Operator\Local Settings\Application Data\Akamai\netsession_win.exe] - Process ID: 2656
[C:\Documents and Settings\CAD Operator\Local Settings\Application Data\Akamai\netsession_win.exe] - Process ID: 3748
[C:\Program Files\Mozilla Firefox\firefox.exe] - Process ID: 2372
[C:\DOCUME~1\CADOPE~1\LOCALS~1\Temp\SINO\SINO.exe] - Process ID: 3512
[wmiprvse.exe] - Process ID: 1576

<<<< Startup Items >>>>

[Dropbox.lnk] - <Startup> - C:\Documents and Settings\CAD Operator\Application Data\Dropbox\bin\Dropbox.exe
[_uninst_65166497.lnk] - <Startup> - C:\Documents and Settings\CAD Operator\Local Settings\temp\_uninst_65166497.bat
[type32] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
[NvCplDaemon] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[nwiz] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - nwiz.exe /install
[NvMediaCenter] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
[SoundMan] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - SOUNDMAN.EXE
[QuickTime Task] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
[Ad-Watch] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
[Adobe Reader Speed Launcher] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[Adobe ARM] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[SunJavaUpdateSched] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
[HTC Sync Loader] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
[vProt] - <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\AVG Secure Search\vprot.exe"
[swg] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[ctfmon.exe] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - C:\WINDOWS\system32\ctfmon.exe
[Akamai NetSession Interface] - <HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run> - "C:\Documents and Settings\CAD Operator\Local Settings\Application Data\Akamai\netsession_win.exe"

<<<< MS Services >>>>

Application Layer Gateway Service (ALG) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\alg.exe
Windows Audio (AudioSrv) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Background Intelligent Transfer Service (BITS) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Computer Browser (Browser) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
CryptSvc (CryptSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
DCOM Server Process Launcher (DcomLaunch) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k DcomLaunch
DHCP Client (Dhcp) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Logical Disk Manager (dmserver) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
DNS Client (Dnscache) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k NetworkService
Error Reporting Service (ERSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Event Log (Eventlog) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\services.exe
COM+ Event System (EventSystem) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Fast User Switching Compatibility (FastUserSwitchingCompatibility) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Help and Support (helpsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
HTTP SSL (HTTPFilter) - Running [Manual | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k HTTPFilter
Server (lanmanserver) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Workstation (lanmanworkstation) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
TCP/IP NetBIOS Helper (LmHosts) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Network Connections (Netman) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Network Location Awareness (NLA) (Nla) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Plug and Play (PlugPlay) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\services.exe
IPSEC Services (PolicyAgent) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Protected Storage (ProtectedStorage) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Remote Access Connection Manager (RasMan) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Remote Registry (RemoteRegistry) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Remote Procedure Call (RPC) (RpcSs) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k rpcss
Security Accounts Manager (SamSs) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Task Scheduler (Schedule) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Secondary Logon (seclogon) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
System Event Notification (SENS) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Shell Hardware Detection (ShellHWDetection) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Print Spooler (Spooler) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\spoolsv.exe
System Restore Service (srservice) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
SSDP Discovery Service (SSDPSRV) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Windows Image Acquisition (WIA) (stisvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k imgsvc
Telephony (TapiSrv) - Running [Manual | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Terminal Services (TermService) - Running [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k DComLaunch
Themes (Themes) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Distributed Link Tracking Client (TrkWks) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Universal Plug and Play Device Host (upnphost) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Windows Management Instrumentation (winmgmt) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Windows Media Player Network Sharing Service (WMPNetworkSvc) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Windows Media Player\WMPNetwk.exe"
Security Center (wscsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Automatic Updates (wuauserv) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
Wireless Zero Configuration (WZCSVC) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Alerter (Alerter) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Application Management (AppMgmt) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
ASP.NET State Service (aspnet_state) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
Indexing Service (CiSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\cisvc.exe
ClipBook (ClipSrv) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\clipsrv.exe
.NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
COM+ System Application (COMSysApp) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Logical Disk Manager Administrative Service (dmadmin) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\dmadmin.exe /com
Wired AutoConfig (Dot3svc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k dot3svc
Extensible Authentication Protocol Service (EapHost) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k eapsvcs
Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
Health Key and Certificate Management Service (hkmsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Windows CardSpace (idsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
IMAPI CD-Burning COM Service (ImapiService) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\imapi.exe
Messenger (Messenger) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
NetMeeting Remote Desktop Sharing (mnmsrvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\mnmsrvc.exe
Distributed Transaction Coordinator (MSDTC) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\msdtc.exe
Windows Installer (MSIServer) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\msiexec.exe /V
Network Access Protection Agent (napagent) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Network DDE (NetDDE) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\netdde.exe
Network DDE DSDM (NetDDEdsdm) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\netdde.exe
Net Logon (Netlogon) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Net.Tcp Port Sharing Service (NetTcpPortSharing) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
NT LM Security Support Provider (NtLmSsp) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Removable Storage (NtmsSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Remote Access Auto Connection Manager (RasAuto) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Remote Desktop Help Session Manager (RDSessMgr) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\sessmgr.exe
Routing and Remote Access (RemoteAccess) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Remote Procedure Call (RPC) Locator (RpcLocator) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\locator.exe
QoS RSVP (RSVP) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\rsvp.exe
Smart Card (SCardSvr) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\SCardSvr.exe
MS Software Shadow Copy Provider (SwPrv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\dllhost.exe /Processid:{861AEBB7-1C9A-4391-BAFF-83D353DE5DD3}
Performance Logs and Alerts (SysmonLog) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\smlogsvc.exe
Telnet (TlntSvr) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\tlntsvr.exe
Uninterruptible Power Supply (UPS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\ups.exe
Volume Shadow Copy (VSS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\vssvc.exe
Windows Time (W32Time) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
WebClient (WebClient) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Portable Media Serial Number Service (WmdmPmSN) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Windows Management Instrumentation Driver Extensions (Wmi) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
WMI Performance Adapter (WmiApSrv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\wbem\wmiapsrv.exe
Network Provisioning Service (xmlprov) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs

<<<< Non-MS Services >>>>

Akamai NetSession Interface (Akamai) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k Akamai
Java Quick Starter (JavaQuickStarterService) - Running [Auto | Stoppable | Pausable] - "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
Internet Pass-Through Service (PassThru Service) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
vToolbarUpdater14.2.0 (vToolbarUpdater14.2.0) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
Google Update Service (gupdate) (gupdate) - Stopped [Auto | Not_Stoppable | Not_Pausable] - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
Google Update Service (gupdatem) (gupdatem) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc
Google Software Updater (gusvc) - Stopped [Auto | Not_Stoppable | Not_Pausable] - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) - Stopped [Auto | Not_Stoppable | Not_Pausable] - "C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe"
Mozilla Maintenance Service (MozillaMaintenance) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
NVIDIA Display Driver Service (NVSvc) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\nvsvc32.exe
Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

<<<< Boot.ini >>>>

[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

<<<< Last 5 Application Errors or Warnings >>>>

Computer Name: DRAFT_STATION3 | ID: 0 | Source: Lavasoft Ad-Aware Service | Type: Error | Date: 16-3-13 13:48:54 | Log: Application
Message: <The description for Event ID ( 0 ) in Source ( u'Lavasoft Ad-Aware Service' ) could not be found. It contains the following insertion string(s):u'Only one instance of service process is allowed.'.>
Computer Name: DRAFT_STATION3 | ID: 4099 | Source: VSS | Type: Error | Date: 14-3-13 13:20:54 | Log: Application
Message: Volume Shadow Copy Service error: Cannot install the component C:\Documents and Settings\CAD Operator\My Documents\Downloads\SWPRV.DLL into the COM+ application 'MS Software Shadow Copy Provider' [0x80110401].


Computer Name: DRAFT_STATION3 | ID: 5603 | Source: WinMgmt | Type: Warning | Date: 14-3-13 13:5:59 | Log: Application
Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.


Computer Name: DRAFT_STATION3 | ID: 5603 | Source: WinMgmt | Type: Warning | Date: 14-3-13 13:5:59 | Log: Application
Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.


Computer Name: DRAFT_STATION3 | ID: 63 | Source: WinMgmt | Type: Warning | Date: 14-3-13 13:5:58 | Log: Application
Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.


<<<< Last 5 System Errors or Warnings >>>>

Computer Name: DRAFT_STATION3 | ID: 9 | Source: atapi | Type: Error | Date: 19-3-13 4:31:10 | Log: System
Message: The device, \Device\Ide\IdePort1, did not respond within the timeout period.


Computer Name: DRAFT_STATION3 | ID: 9 | Source: atapi | Type: Error | Date: 19-3-13 0:17:37 | Log: System
Message: The device, \Device\Ide\IdePort1, did not respond within the timeout period.


Computer Name: DRAFT_STATION3 | ID: 9 | Source: atapi | Type: Error | Date: 18-3-13 11:31:21 | Log: System
Message: The device, \Device\Ide\IdePort1, did not respond within the timeout period.


Computer Name: DRAFT_STATION3 | ID: 9 | Source: atapi | Type: Error | Date: 18-3-13 4:3:46 | Log: System
Message: The device, \Device\Ide\IdePort1, did not respond within the timeout period.


Computer Name: DRAFT_STATION3 | ID: 9 | Source: atapi | Type: Error | Date: 17-3-13 21:58:20 | Log: System
Message: The device, \Device\Ide\IdePort1, did not respond within the timeout period.


<<<< Special Events >>>>

There were no special events found

<<<< Ipconfig >>>>

Windows IP Configuration

Host Name . . . . . . . . . . . . : draft_station3
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-50-8D-D5-16-72
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.15.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.15.1
DHCP Server . . . . . . . . . . . : 192.168.15.1
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
Lease Obtained. . . . . . . . . . : Monday, March 18, 2013 1:26:23 AM
Lease Expires . . . . . . . . . . : Monday, March 25, 2013 1:26:23 AM


<<<< Pinging >>>>

OpenDNS Domain Test
Pinging to www.opendns.com [67.215.92.210]:
Response - 94ms
Response - 78ms
Response - 77ms
Response - 78ms
Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 77ms - Maximum = 94ms

OpenDNS IP Test
Pinging to 208.69.38.150 [208.69.38.150]:
Response - 78ms
Response - 78ms
Response - 77ms
Response - 78ms
Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 77ms - Maximum = 78ms

Kaspersky Domain Test
Pinging to www.kaspersky.com [195.27.252.18]:
Response - 140ms
Response - 141ms
Response - 141ms
Response - 139ms
Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 139ms - Maximum = 141ms

Kaspersky IP Test
Pinging to 195.27.181.10 [195.27.181.10]:
Response - 141ms
Response - 141ms
Response - 155ms
Response - 140ms
Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 140ms - Maximum = 155ms

YouTube Domain Test
Pinging to www.youtube.com [173.194.37.39]:
Response - 30ms
Response - 16ms
Response - 16ms
Response - 15ms
Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 15ms - Maximum = 30ms

YouTube IP Test
Pinging to 66.102.9.136 [66.102.9.136]:
Response - None
Response - None
Response - None
Response - None
Packets: Sent = 4, Received = 0, Lost = 4
Minimum = 0ms - Maximum = 0ms

localhost Test
Pinging to 127.0.0.1 [127.0.0.1]:
Response - 0ms
Response - 0ms
Response - 0ms
Response - 0ms
Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 0ms - Maximum = 0ms


<<<< Netstat >>>>

Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 832
c:\windows\system32\WS2_32.dll
C:\WINDOWS\system32\RPCRT4.dll
c:\windows\system32\rpcss.dll
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ADVAPI32.dll
[svchost.exe]

TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
[System]

TCP 0.0.0.0:17500 0.0.0.0:0 LISTENING 3356
[Dropbox.exe]

TCP 127.0.0.1:1033 0.0.0.0:0 LISTENING 2128
[alg.exe]

TCP 127.0.0.1:1040 0.0.0.0:0 LISTENING 3236
[htcUPCTLoader.exe]

TCP 127.0.0.1:5152 0.0.0.0:0 LISTENING 1620
[jqs.exe]

TCP 127.0.0.1:9421 0.0.0.0:0 LISTENING 3748
[netsession_win.exe]

TCP 127.0.0.1:9422 0.0.0.0:0 LISTENING 3748
[netsession_win.exe]

TCP 127.0.0.1:9423 0.0.0.0:0 LISTENING 3748
[netsession_win.exe]

TCP 127.0.0.1:11000 0.0.0.0:0 LISTENING 3236
[htcUPCTLoader.exe]

TCP 127.0.0.1:12000 0.0.0.0:0 LISTENING 3236
[htcUPCTLoader.exe]

TCP 192.168.15.2:139 0.0.0.0:0 LISTENING 4
[System]

TCP 127.0.0.1:1068 127.0.0.1:19872 ESTABLISHED 3356
[Dropbox.exe]

TCP 127.0.0.1:1241 127.0.0.1:1242 ESTABLISHED 2372
[firefox.exe]

TCP 127.0.0.1:1242 127.0.0.1:1241 ESTABLISHED 2372
[firefox.exe]

TCP 127.0.0.1:19872 127.0.0.1:1068 ESTABLISHED 3356
[Dropbox.exe]

TCP 192.168.15.2:1116 199.47.217.144:80 ESTABLISHED 3356
[Dropbox.exe]

TCP 127.0.0.1:5152 127.0.0.1:4833 CLOSE_WAIT 1620
[jqs.exe]

TCP 192.168.15.2:1061 198.144.112.82:80 CLOSE_WAIT 3236
[htcUPCTLoader.exe]

TCP 192.168.15.2:1082 184.86.55.117:80 CLOSE_WAIT 920
[vprot.exe]

TCP 192.168.15.2:1083 184.51.207.34:80 CLOSE_WAIT 920
[vprot.exe]

TCP 192.168.15.2:1112 184.86.55.117:80 CLOSE_WAIT 1848
[ToolbarUpdater.exe]

TCP 192.168.15.2:1164 173.194.37.78:80 CLOSE_WAIT 3276
[GoogleToolbarNotifier.exe]

TCP 192.168.15.2:1972 23.7.48.60:443 CLOSE_WAIT 3776
[jucheck.exe]

TCP 192.168.15.2:2807 23.7.48.60:443 CLOSE_WAIT 3220
[jusched.exe]

TCP 192.168.15.2:1304 74.125.139.95:80 TIME_WAIT 0
TCP 192.168.15.2:1326 74.125.140.141:80 TIME_WAIT 0
TCP 192.168.15.2:1338 216.137.33.233:80 TIME_WAIT 0
TCP 192.168.15.2:1339 216.137.33.233:80 TIME_WAIT 0
TCP 192.168.15.2:1349 216.137.33.233:80 TIME_WAIT 0
TCP 192.168.15.2:1350 174.133.98.146:80 TIME_WAIT 0
TCP 192.168.15.2:1351 74.54.247.132:80 TIME_WAIT 0
TCP 192.168.15.2:1353 69.163.234.194:80 TIME_WAIT 0
UDP 0.0.0.0:17500 *:* 3356
[Dropbox.exe]

UDP 0.0.0.0:500 *:* 616
[lsass.exe]

UDP 0.0.0.0:4500 *:* 616
[lsass.exe]

UDP 0.0.0.0:445 *:* 4
[System]

UDP 0.0.0.0:1461 *:* 1184
[spoolsv.exe]

UDP 127.0.0.1:3493 *:* 3748
[netsession_win.exe]

UDP 127.0.0.1:3491 *:* 3748
[netsession_win.exe]

UDP 127.0.0.1:1900 *:* 1072
c:\windows\system32\WS2_32.dll
c:\windows\system32\ssdpsrv.dll
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 192.168.15.2:138 *:* 4
[System]

UDP 192.168.15.2:137 *:* 4
[System]

UDP 192.168.15.2:1900 *:* 1072
c:\windows\system32\WS2_32.dll
c:\windows\system32\ssdpsrv.dll
C:\WINDOWS\system32\ADVAPI32.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]


<<<< Routing Table >>>>

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 50 8d d5 16 72 ...... Realtek RTL8139/810x Family Fast Ethernet NIC
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.15.1 192.168.15.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.15.0 255.255.255.0 192.168.15.2 192.168.15.2 20
192.168.15.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.15.255 255.255.255.255 192.168.15.2 192.168.15.2 20
224.0.0.0 240.0.0.0 192.168.15.2 192.168.15.2 20
255.255.255.255 255.255.255.255 192.168.15.2 192.168.15.2 1
Default Gateway: 192.168.15.1
===========================================================================
Persistent Routes:
None

Route Table

<<<< Hosts File >>>>

The HOSTS file is 98 Bytes in size.

There were 0 lines which refer to an external IP address.

<<<< Active Shares >>>>

Share: IPC$ - Path:
Share: print$ - Path: C:\WINDOWS\system32\spool\drivers
Share: SharedDocs - Path: C:\DOCUMENTS AND SETTINGS\ALL USERS\DOCUMENTS
Share: C on Draft_station3 - Path: C:\
Share: Printer7 - Path: Autodesk DWF Writer for 2D,LocalsplOnly
Share: Printer3 - Path: CutePDF Writer,LocalsplOnly
Share: Printer2 - Path: Microsoft XPS Document Writer,LocalsplOnly
Share: ADMIN$ - Path: C:\WINDOWS
Share: KyoceraM - Path: Kyocera Mita KM-2530 KX,LocalsplOnly
Share: C$ - Path: C:\


------ End of File ------

Attached Files


  • 0

#21
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Your CPU temp is a tad high, have you removed all the dust from the air vents on the system. One unusual process caught my eye in that and would like to check it out

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#22
Symmetrix

Symmetrix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
Here is the log. Computer still about the same. Alarm was sounding on n off through the scan.
ComboFix 13-03-19.01 - CAD Operator 03/19/2013 19:42:50.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.124 [GMT -4:00]
Running from: c:\documents and settings\CAD Operator\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\7735192.exe
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\advdis.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\avlib.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\avpgs.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\avpgui.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\avs.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\avspm.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\avzkrnl.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\avzscan.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\base64.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\base64p.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\basegui.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\arkmon.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\avengine.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\avpcure.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\bsshlp2.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\kavbase.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\kavsys.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\kjim.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\klavemu.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\mark.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\pbs.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\qscan.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bases\vlns.kdl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\bl.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\btdisk.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\btimages.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\buffer.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\clldr.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\crpthlpr.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\dbghelp.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\deflate.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\diffs.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\dmap.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\dtreg.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\filemap.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\fsdrvplg.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\fssync.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\hashmd5.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\hashsha1.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\icheck3.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\inflate.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\inifile.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\kldw.exe
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\klsrlsvc.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\mailmsg.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\mdb.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\mdmap.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\memmng.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\memmodsc.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\memscan.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\minizip.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\mkavio.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\msoe.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\msvcm80.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\msvcp80.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\msvcr80.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\ndetect.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\netdtls.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\nfio.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\ntfsstrm.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\ods.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\params.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\passdmap.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\prloader.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\procmon.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\propmap.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\proxydet.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\prremote.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\prseqio.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\prtransp.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\prutil.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\pxstub.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\qb.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\quantum.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\regmap.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\report.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\reportdb.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\resip.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\schedule.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\sfdb.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\stat.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\stdcomp.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\stenum2.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\superio.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\syswatch.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\thpimpl.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\timer.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\tm.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\uniarc.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\updater.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\urlflt.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\ushata.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\volenum.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\wdiskio.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\winreg.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\wmihlpr.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\x64\wmi64.exe
c:\docume~1\CADOPE~1\LOCALS~1\Temp\5797996\xorio.ppl
c:\docume~1\CADOPE~1\LOCALS~1\Temp\sfamcc00001.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\sfamcc00002.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\sfareca00001.dll
c:\docume~1\CADOPE~1\LOCALS~1\Temp\sfareca00002.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\7735192.exe
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\advdis.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\avlib.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\avpgs.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\avpgui.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\avs.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\avspm.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\avzkrnl.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\avzscan.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\base64.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\base64p.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\basegui.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\arkmon.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\avengine.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\avpcure.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\bsshlp2.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\kavbase.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\kavsys.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\kjim.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\klavemu.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\mark.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\pbs.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\qscan.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bases\vlns.kdl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\bl.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\btdisk.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\btimages.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\buffer.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\clldr.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\crpthlpr.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\dbghelp.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\deflate.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\diffs.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\dmap.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\dtreg.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\filemap.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\fsdrvplg.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\fssync.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\hashmd5.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\hashsha1.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\icheck3.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\inflate.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\inifile.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\kldw.exe
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\klsrlsvc.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\mailmsg.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\mdb.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\mdmap.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\memmng.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\memmodsc.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\memscan.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\minizip.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\mkavio.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\msoe.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\msvcm80.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\msvcp80.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\msvcr80.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\ndetect.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\netdtls.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\nfio.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\ntfsstrm.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\ods.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\params.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\passdmap.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\prloader.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\procmon.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\propmap.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\proxydet.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\prremote.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\prseqio.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\prtransp.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\prutil.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\pxstub.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\qb.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\quantum.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\regmap.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\report.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\reportdb.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\resip.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\schedule.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\sfdb.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\stat.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\stdcomp.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\stenum2.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\superio.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\syswatch.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\thpimpl.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\timer.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\tm.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\uniarc.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\updater.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\urlflt.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\ushata.dll
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\volenum.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\wdiskio.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\winreg.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\wmihlpr.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\x64\wmi64.exe
c:\documents and settings\CAD Operator\Local Settings\temp\5797996\xorio.ppl
c:\documents and settings\CAD Operator\Local Settings\temp\sfamcc00001.dll
c:\documents and settings\CAD Operator\Local Settings\temp\sfamcc00002.dll
c:\documents and settings\CAD Operator\Local Settings\temp\sfareca00001.dll
c:\documents and settings\CAD Operator\Local Settings\temp\sfareca00002.dll
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\system32\roboot.exe
c:\windows\system32\WinSys.exe
c:\windows\wt
c:\windows\wt\data.wts
c:\windows\wt\updater\wcmdmgr.exe
c:\windows\wt\updater\wcmdmgrl.exe
c:\windows\wt\updater\wt.ini
c:\windows\wt\webdriver.dll
c:\windows\wt\webdriver\4.1.1\actorobject.dll
c:\windows\wt\webdriver\4.1.1\dx5drv.dll
c:\windows\wt\webdriver\4.1.1\dx7drv.dll
c:\windows\wt\webdriver\4.1.1\objectbundle.dll
c:\windows\wt\webdriver\4.1.1\sound.dll
c:\windows\wt\webdriver\4.1.1\wdcaps.ded
c:\windows\wt\webdriver\4.1.1\wdengine.dll
c:\windows\wt\webdriver\4.1.1\webdriver.dll
c:\windows\wt\webdriver\4.1.1\wthost.exe
c:\windows\wt\webdriver\4.1.1\wthostctl.dll
c:\windows\wt\webdriver\4.1.1\wtmulti.dll
c:\windows\wt\webdriver\4.1.1\wtmulti.jar
c:\windows\wt\webdriver\4.1.1\wtwmplug.ax
c:\windows\wt\webdriver\4.1.1\wtwmplug.ini
c:\windows\wt\webdriver\export.dat
c:\windows\wt\webdriver\jdriver.dll
c:\windows\wt\webdriver\rdriver.dll
c:\windows\wt\webdriver\wildtangent.jar
c:\windows\wt\webdriver\wtdmmp.dll
c:\windows\wt\webdriver\wtdmmpi.jar
c:\windows\wt\webdriver\wtdmmpv.dll
c:\windows\wt\wt3d.dll
c:\windows\wt\wt3d.ini
c:\windows\wt\wtupdates\CDALogger\4.1.0.001\files\CDALogger0401.dll
c:\windows\wt\wtupdates\CDALogger\4.1.0.001\files\GameData.cdaet
c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\controlPanel\index.html
c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\update_info\data.wts
c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmp.dll
c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpi.jar
c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpv.dll
c:\windows\wt\wtupdates\dmmp\3.0.2.000\install\dmmp.cdanfo
c:\windows\wt\wtupdates\dmmp\3.0.2.000\install\DMMP_Uninstall.cdas
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\controlPanel\index.html
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\wt.sto
c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo
c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas
c:\windows\wt\wtupdates\Webd\4.1.1\files\actorobject.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\controlPanel\index.html
c:\windows\wt\wtupdates\Webd\4.1.1\files\dx5drv.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\dx7drv.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\jdriver.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\legacy\data.wts
c:\windows\wt\wtupdates\Webd\4.1.1\files\legacy\webdriver.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\legacy\wt3d.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\npWTHost.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\nsIWTHostPlugin.xpt
c:\windows\wt\wtupdates\Webd\4.1.1\files\ObjectBundle.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\rdriver.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\Sound.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\update_info\data.wts
c:\windows\wt\wtupdates\Webd\4.1.1\files\wdcaps.ded
c:\windows\wt\wtupdates\Webd\4.1.1\files\wdengine.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\Webd331.cdanfo
c:\windows\wt\wtupdates\Webd\4.1.1\files\Webd331_fileList.cdas
c:\windows\wt\wtupdates\Webd\4.1.1\files\Webd331_Uninstall.cdas
c:\windows\wt\wtupdates\Webd\4.1.1\files\webdriver.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\wildtangent.jar
c:\windows\wt\wtupdates\Webd\4.1.1\files\wt3d.ini
c:\windows\wt\wtupdates\Webd\4.1.1\files\WTHost.exe
c:\windows\wt\wtupdates\Webd\4.1.1\files\WTHostCtl.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\wtmulti.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\wtmulti.jar
c:\windows\wt\wtupdates\Webd\4.1.1\files\wtvh.dll
c:\windows\wt\wtupdates\Webd\4.1.1\files\wtwmplug.ax
c:\windows\wt\wtupdates\Webd\4.1.1\files\wtwmplug.ini
c:\windows\wt\wtupdates\Webd\4.1.1\install\Webd4_1_1.cdanfo
c:\windows\wt\wtupdates\Webd\4.1.1\install\Webd4_1_1_Uninstall.cdas
c:\windows\wt\wtupdates\wtdmmp\update_info\data.wts
c:\windows\wt\wtupdates\wtupdater\appinfo.dat
c:\windows\wt\wtupdates\wtwebdriver\update_info\data.wts
c:\windows\wt\wtvh.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-02-20 to 2013-03-20 )))))))))))))))))))))))))))))))
.
.
2013-03-20 00:16 . 2013-03-20 00:16 -------- d-----w- c:\windows\LastGood
2013-03-19 14:05 . 2013-03-19 21:15 -------- d-----w- c:\program files\SpeedFan
2013-03-18 16:07 . 2013-03-18 16:08 -------- d-----w- c:\program files\CrystalDiskInfo
2013-03-18 00:44 . 2013-03-18 00:44 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search
2013-03-14 17:17 . 2013-03-20 00:16 -------- d-----w- c:\windows\system32\CatRoot2
2013-03-14 17:04 . 2013-03-14 17:22 181064 ----a-w- c:\windows\PSEXESVC.EXE
2013-03-14 16:58 . 2013-03-14 16:58 -------- d-----w- C:\RegBackup
2013-03-14 16:07 . 2001-08-18 02:36 86016 -c--a-w- c:\windows\system32\dllcache\dc240usd.dll
2013-03-14 16:07 . 2001-08-17 16:12 63208 -c--a-w- c:\windows\system32\dllcache\dc21x4.sys
2013-03-14 16:07 . 2001-08-18 02:36 80896 -c--a-w- c:\windows\system32\dllcache\dc210usd.dll
2013-03-14 16:07 . 2001-08-18 02:36 25600 -c--a-w- c:\windows\system32\dllcache\dc210_32.dll
2013-03-14 16:07 . 2001-08-17 17:52 14720 -c--a-w- c:\windows\system32\dllcache\dac960nt.sys
2013-03-14 16:07 . 2001-08-17 17:52 179584 -c--a-w- c:\windows\system32\dllcache\dac2w2k.sys
2013-03-14 16:05 . 2001-08-17 17:57 248064 -c--a-w- c:\windows\system32\dllcache\cl546xm.sys
2013-03-14 16:04 . 2001-08-17 17:51 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2013-03-14 16:03 . 2001-08-18 02:36 87552 -c--a-w- c:\windows\system32\dllcache\avmcoxp.dll
2013-03-14 16:02 . 2004-08-04 02:32 231552 -c--a-w- c:\windows\system32\dllcache\ac97ali.sys
2013-03-14 16:02 . 2001-08-17 16:20 96256 -c--a-w- c:\windows\system32\dllcache\ac97intc.sys
2013-03-14 16:02 . 2001-08-17 17:52 23552 -c--a-w- c:\windows\system32\dllcache\abp480n5.sys
2013-03-14 16:02 . 2008-04-13 15:46 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys
2013-03-14 16:02 . 2001-08-17 18:55 38400 -c--a-w- c:\windows\system32\dllcache\8514a.dll
2013-03-14 16:02 . 2008-04-13 15:40 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys
2013-03-14 16:02 . 2001-08-17 16:48 148352 -c--a-w- c:\windows\system32\dllcache\3dfxvsm.sys
2013-03-14 16:02 . 2001-08-17 18:55 689216 -c--a-w- c:\windows\system32\dllcache\3dfxvs.dll
2013-03-14 16:02 . 2001-08-17 17:28 762780 -c--a-w- c:\windows\system32\dllcache\3cwmcru.sys
2013-03-14 16:02 . 2001-08-17 18:06 11264 -c--a-w- c:\windows\system32\dllcache\1394vdbg.sys
2013-03-14 15:48 . 2013-03-14 15:48 -------- d-----w- c:\program files\Tweaking.com
2013-03-14 14:48 . 2013-03-14 14:48 -------- d-----w- C:\_OTL
2013-03-13 22:57 . 2013-03-13 22:57 -------- d-----w- c:\documents and settings\CAD Operator\Local Settings\Application Data\AVG Secure Search
2013-03-13 22:57 . 2013-03-13 22:57 -------- d-----w- c:\documents and settings\CAD Operator\Application Data\AVG Secure Search
2013-03-13 22:57 . 2013-03-13 22:56 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-03-13 22:56 . 2013-03-13 22:57 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2013-03-13 22:56 . 2013-03-13 22:56 -------- d-----w- c:\program files\AVG Secure Search
2013-03-13 22:55 . 2013-03-13 23:02 -------- d-----w- c:\documents and settings\CAD Operator\Application Data\Nico Mak Computing
2013-03-13 20:53 . 2013-03-13 20:53 16486616 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 20:53 . 2012-10-09 15:30 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 20:53 . 2011-06-22 22:54 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-06 00:51 . 2004-08-04 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2013-02-06 00:51 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-02-06 00:51 . 2004-08-04 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-06 00:51 . 2004-08-04 12:00 17408 ------w- c:\windows\system32\corpol.dll
2013-01-26 03:55 . 2004-08-04 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19 . 2004-08-04 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37 . 2004-08-03 22:59 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2004-08-04 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-04 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-04 12:00 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-29 20:59 . 2012-12-29 20:59 24184 ----a-w- c:\windows\system32\speedfan.sys
2009-05-09 17:35 . 2010-02-09 21:22 823296 ----a-w- c:\program files\CrystalCPUID.exe
2007-04-25 04:25 . 2013-03-08 15:43 61475 ----a-w- c:\program files\mozilla firefox\plugins\NCScnet.dll
2007-04-25 04:32 . 2013-03-08 15:43 1384482 ----a-w- c:\program files\mozilla firefox\plugins\NCSEcw.dll
2007-04-25 04:24 . 2013-03-08 15:43 147491 ----a-w- c:\program files\mozilla firefox\plugins\NCSUtil.dll
2013-03-08 15:44 . 2013-03-08 15:42 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-03-13 22:56 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-03-13 1929392]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\documents and settings\CAD Operator\Application Data\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\documents and settings\CAD Operator\Application Data\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\documents and settings\CAD Operator\Application Data\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\documents and settings\CAD Operator\Application Data\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-28 68856]
"Akamai NetSession Interface"="c:\documents and settings\CAD Operator\Local Settings\Application Data\Akamai\netsession_win.exe" [2013-01-26 4480768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-30 4603904]
"nwiz"="nwiz.exe" [2004-09-30 921600]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-09-30 86016]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-29 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-12-12 655360]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-03-13 1151152]
.
c:\documents and settings\CAD Operator\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\CAD Operator\Application Data\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
_uninst_65166497.lnk - c:\documents and settings\CAD Operator\Local Settings\temp\_uninst_65166497.bat [N/A]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Documents and Settings\\CAD Operator\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Documents and Settings\\CAD Operator\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1058:TCP"= 1058:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [4/29/2009 10:36 PM 64288]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [3/13/2013 6:57 PM 33112]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/4/2004 8:00 AM 14336]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [12/7/2012 7:27 PM 167424]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [3/13/2013 6:56 PM 968880]
S3 AC2003;AC2003;c:\windows\system32\drivers\AC2003.sys [11/22/2005 9:15 PM 4224]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [1/25/2013 1:24 PM 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [6/22/2010 6:01 PM 21248]
S3 samhid;samhid;c:\windows\system32\drivers\samhid.sys --> c:\windows\system32\drivers\samhid.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 wdm_au8830;Aureal Vortex 8830 Audio Driver (WDM);c:\windows\system32\drivers\adm8830.sys [12/3/2004 12:06 PM 747392]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - 65166497
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 20:53]
.
2013-03-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-22 09:17]
.
2013-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 21:52]
.
2013-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 21:52]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\CAD Operator\Application Data\Mozilla\Firefox\Profiles\apubkm20.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://msn.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q=
FF - ExtSQL: !HIDDEN! 2009-09-01 21:29; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
------- File Associations -------
.
.scr=AutoCADLTScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-19 20:17
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_ce5ba24.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3372)
c:\windows\system32\WININET.dll
c:\windows\system32\AcSignIcon.dll
c:\documents and settings\CAD Operator\Application Data\Dropbox\bin\DropboxExt.17.dll
c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\SOUNDMAN.EXE
c:\\?\c:\windows\system32\WBEM\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2013-03-19 20:25:30 - machine was rebooted
ComboFix-quarantined-files.txt 2013-03-20 00:25
ComboFix2.txt 2009-05-05 03:23
.
Pre-Run: 1,688,969,216 bytes free
Post-Run: 1,811,292,160 bytes free
.
- - End Of File - - 7D60BFC85D32C2994253BFAD90D86EAE
  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm all that really found was wild tangent.. I am at a loss at the moment as to what is causing the alarm.

Did you remove any dust from the system ?
  • 0

#24
Symmetrix

Symmetrix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
Yes, blew it out real good at do it on a regular basis. Also no printer yet...
  • 0

#25
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I think that in this case a re-install of windows would probably be your best bet.. Do you have the disc
  • 0

Advertisements


#26
Symmetrix

Symmetrix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 76 posts
Yes I do...
  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK there is a tutorial here
Have a read through it first and ask any questions before you start :)
  • 0

#28
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP