Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

BSOD on startup. Combofix may have messed me up?


  • Please log in to reply

#1
Lyrical Menace

Lyrical Menace

    Member

  • Member
  • PipPip
  • 10 posts
OK so yesterday I noticed I had a punnet.exe file running in processes. I ran AVG, Adaware, and Spybot as usual to help get rid of whatever I had. After that I did some research on how to remove the virus and I saw some people talking about Combofix. So I downloaded it and ran it, it rebooted my computer. Now everytime I try to login to windows it gives me BSOD about 5-10 seconds after I put in my password.

I can get into safemode just fine (I am posting from safemode right now) but when I try to get into regular windows it just BSOD me. Since then I have ran Spybot again, Malwarebytes, and even Combofix again to make sure everything was clean.

Now the weird thing is I can't make out what the BSOD is saying because windows automatically reboots right after the error. I have gone into windows settings and made sure the "automatically restart" button is unchecked but it STILL reboots right at the BSOD. So what I did I took my iphone and took a picture of it and I could only make out a little bit but the top says: "PAGE_FAULT_IN_NONFAULT_AREA"

From what I read online this is a memory error of some sort. I am not sure if any of the cleanup programs I used caused this or if I actually have a problem, but I am assuming some sort of system files could have got deleted with all the stuff I have been running but I am not sure.

Think that is about all of the info I can give, I will post my hijack log for you all to see, and please ask me if you need me to do anything else, or post any other logs!

Thanks in advance, and I hope we can get this fixed =/

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:03:38 PM, on 2/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\WINDOWS.0\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS.0\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS.0\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS.0\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS.0\system32\msjava.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS.0\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Symantec pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe

--
End of file - 5496 bytes
  • 0

Advertisements


#2
Lyrical Menace

Lyrical Menace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
UPDATE:

I have been doing all sorts of stuff all day long trying to fix this problem and I finally got it.

I uninstalled AVG 8.0 virus protection and then restarted. BAM did the trick.

Don't ask me why, but I guess my system does not agree with this program. I believe I am also spyware/malware/virus free.


UPDATE 2: This did NOT fix my problem. Now I can successfully log into windows, but within 2-10 minutes I get the BSOD again! First time it took 10 minutes, 2nd time it just did it was within 2 minutes.

Thought I had the problem fixed, but apparently not =(

Edited by Lyrical Menace, 05 February 2009 - 07:18 PM.

  • 0

#3
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello Welcome to G2Go. :)
=====================
Combofix is not a tool that you can just play around with.
It targets specific infections and needs to be run under supervision.

Please download DDS and save it to your desktop.
  • Disable any script blocking protection
  • Double click dds.scr to run the tool.
  • When done, DDS.txt will open.
  • Click Yes at the next prompt for Optional Scan.
  • Save both reports to your desktop.
---------------------------------------------------

Please include the contents of the following in your next reply:

DDS.txt
Attach.txt.
================

Also go to Start > Run then Paste this in the Run box then hit ok.
C:\Windows \Minidump then upload the last couple of files that you see to this location > Here
  • 0

#4
Lyrical Menace

Lyrical Menace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Here is DDS.txt:


DDS (Ver_09-02-01.01) - NTFSx86 NETWORK
Run by Admin at 16:56:20.81 on Wed 02/18/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1742 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS.0\system32\savedump.exe
C:\WINDOWS.0\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS.0\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\WINDOWS.0\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS.0\Explorer.EXE
C:\Documents and Settings\Admin\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
uRun: [ctfmon.exe] c:\windows.0\system32\ctfmon.exe
uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTProAgent.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows.0\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows.0\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime alternative\QTTask.exe" -atboottime
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
StartupFolder: c:\docume~1\alluse~1.0\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe
uPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
uPolicies-explorer: StartMenuLogOff = 30
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
dPolicies-explorer: StartMenuLogoff = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\windows.0\system32\msjava.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file://c:\windows.0\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-150-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: PCANotify - PCANotify.dll
AppInit_DLLs: wbsys.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admin\applic~1\mozilla\firefox\profiles\pxx0feej.default\
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJPI150_11.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll

============= SERVICES / DRIVERS ===============

R0 SBHR;SBHR;c:\windows.0\system32\drivers\sbhr.sys [2008-5-12 15544]
S0 hkijirgt;hkijirgt;c:\windows.0\system32\drivers\xhyfrcnd.sys --> c:\windows.0\system32\drivers\xhyfrcnd.sys [?]
S0 isrdwvsv;isrdwvsv;c:\windows.0\system32\drivers\lnbiupux.sys --> c:\windows.0\system32\drivers\lnbiupux.sys [?]
S0 nvnahddt;nvnahddt;c:\windows.0\system32\drivers\xygonkln.sys --> c:\windows.0\system32\drivers\xygonkln.sys [?]
S0 sogrdere;sogrdere;c:\windows.0\system32\drivers\ejstwefn.sys []
S1 AW_HOST;AW_HOST;c:\windows.0\system32\drivers\AW_HOST5.sys [2007-3-30 18232]
S1 awlegacy;awlegacy;c:\windows.0\system32\drivers\AWLEGACY.sys [2007-3-30 17848]
S2 awhost32;Symantec pcAnywhere Host Service;c:\program files\symantec\pcanywhere\awhost32.exe [2007-5-11 132728]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;c:\windows.0\system32\drivers\NSDriver.sys [2007-6-4 9344]
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner;c:\windows.0\system32\drivers\AWRTPD.sys [2007-6-4 6272]
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter;c:\windows.0\system32\drivers\AWRTRD.sys [2007-6-4 8320]
S3 arpfmopb;arpfmopb;c:\documents and settings\admin\desktop\person family photos drew\arpfmopb.sys [2009-2-17 31232]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows.0\system32\drivers\wg111v3.sys [2007-4-23 224896]
S3 SBAPIFS;SBAPIFS;\??\c:\windows.0\system32\drivers\sbapifs.sys --> c:\windows.0\system32\drivers\sbapifs.sys [?]
S4 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2007-6-5 561152]

=============== Created Last 30 ================

2009-02-05 17:03 <DIR> --d----- c:\program files\Trend Micro
2009-02-05 16:06 <DIR> --d----- c:\docume~1\admin\applic~1\Malwarebytes
2009-02-05 15:51 15,504 a------- c:\windows.0\system32\drivers\mbam.sys
2009-02-05 15:51 38,496 a------- c:\windows.0\system32\drivers\mbamswissarmy.sys
2009-02-05 15:51 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-02-05 15:51 <DIR> --d----- c:\docume~1\alluse~1.0\applic~1\Malwarebytes
2009-02-05 14:54 <DIR> --d----- C:\ComboFix
2009-02-05 01:55 <DIR> a-dshr-- C:\cmdcons
2009-02-05 01:38 <DIR> --d----- c:\windows.0\system32\xircom
2009-02-05 01:23 161,792 a------- c:\windows.0\SWREG.exe
2009-02-05 01:23 98,816 a------- c:\windows.0\sed.exe
2009-02-05 01:02 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-02-04 22:58 <DIR> --d----- c:\program files\AVG
2009-02-04 22:38 1,236 a------- c:\windows.0\system32\ealregsnapshot1.reg
2009-02-04 19:55 4,384 a------- c:\windows.0\sogrdere
2009-02-03 21:26 <DIR> --d----- c:\program files\KRU
2009-02-03 17:47 <DIR> --d----- c:\docume~1\admin\applic~1\Tibia
2009-02-03 17:47 <DIR> --d----- c:\program files\Tibia

==================== Find3M ====================

2008-12-12 12:27 3,067,392 a------- c:\windows.0\system32\dllcache\mshtml.dll
2008-12-11 05:24 333,184 a------- c:\windows.0\system32\dllcache\srv.sys
2008-04-13 18:19 22,328 a------- c:\docume~1\admin\applic~1\PnkBstrK.sys
2007-04-23 14:21 269,824 a------- c:\windows.0\inf\wg111v3\vista64\wg111v3.sys
2007-04-23 14:11 224,896 a------- c:\windows.0\inf\wg111v3\wg111v3.sys
2006-12-15 11:30 315,392 a------- c:\windows.0\inf\wg111v3\InstallDriver.exe
2006-12-15 11:30 212,992 a------- c:\windows.0\inf\wg111v3\CopyWHQLDriver.exe
2006-12-15 11:30 98,304 a------- c:\windows.0\inf\wg111v3\UScanM.exe
2006-12-15 11:30 66,048 a------- c:\windows.0\inf\wg111v3\EAPPkt.sys
2006-12-15 11:30 28,672 a------- c:\windows.0\inf\wg111v3\SetDrv.exe
2006-12-15 11:30 20,480 a------- c:\windows.0\inf\wg111v3\RTWUPath.exe
2006-12-15 11:30 19,968 a------- c:\windows.0\inf\wg111v3\RTWREFU.EXE

============= FINISH: 16:56:32.51 ===============




Here is attach.txt:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2/28/2007 12:52:09 AM
System Uptime: 2/18/2009 4:52:59 PM (0 hours ago)

Motherboard: Dell Inc. | | 0WG855
Processor: Intel® Core™2 CPU 6400 @ 2.13GHz | Microprocessor | 2128/1066mhz
Processor: Intel® Core™2 CPU 6400 @ 2.13GHz | Microprocessor | 2128/1066mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 146 GiB total, 61.093 GiB free.
E: is CDROM ()
F: is CDROM (UDF)
I: is FIXED (NTFS) - 466 GiB total, 2.325 GiB free.
J: is FIXED (NTFS) - 466 GiB total, 0.365 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP617: 2/5/2009 3:11:06 PM - Software Distribution Service 3.0
RP618: 2/5/2009 3:11:06 PM - Software Distribution Service 3.0
RP619: 2/5/2009 3:11:06 PM - System Checkpoint
RP620: 2/5/2009 3:11:06 PM - System Checkpoint
RP621: 2/5/2009 3:11:06 PM - Software Distribution Service 3.0
RP622: 2/5/2009 3:11:06 PM - System Checkpoint
RP623: 2/5/2009 3:11:06 PM - System Checkpoint
RP624: 2/5/2009 3:11:06 PM - System Checkpoint
RP625: 2/5/2009 3:11:06 PM - System Checkpoint
RP626: 2/5/2009 3:11:06 PM - System Checkpoint
RP627: 2/5/2009 3:11:06 PM - System Checkpoint
RP628: 2/5/2009 3:11:06 PM - System Checkpoint
RP629: 2/5/2009 3:11:06 PM - System Checkpoint
RP630: 2/5/2009 3:11:06 PM - System Checkpoint
RP631: 2/5/2009 3:11:06 PM - System Checkpoint
RP632: 2/5/2009 3:11:06 PM - System Checkpoint
RP633: 2/5/2009 3:11:06 PM - Software Distribution Service 3.0
RP634: 2/5/2009 3:11:07 PM - System Checkpoint
RP635: 2/5/2009 3:11:07 PM - System Checkpoint
RP636: 2/5/2009 3:11:07 PM - System Checkpoint
RP637: 2/5/2009 3:11:07 PM - System Checkpoint
RP638: 2/5/2009 3:11:10 PM - Last known good configuration
RP639: 2/6/2009 8:46:48 PM - System Checkpoint
RP640: 2/8/2009 12:14:30 AM - System Checkpoint
RP641: 2/9/2009 12:35:43 AM - System Checkpoint
RP642: 2/11/2009 1:53:16 AM - System Checkpoint
RP643: 2/14/2009 9:35:01 PM - System Checkpoint
RP644: 2/15/2009 10:27:29 PM - System Checkpoint
RP645: 2/16/2009 11:38:47 PM - System Checkpoint
RP646: 2/17/2009 3:14:23 AM - Software Distribution Service 3.0
RP647: 2/17/2009 4:00:16 PM - Software Distribution Service 3.0

==== Installed Programs ======================


2007 Microsoft Office Suite Service Pack 1 (SP1)
7-Zip 4.31
AC Tool
Ad-Aware 2007
Ad-Aware SE Professional
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 7.0.8
Adobe Shockwave Player
AGEIA PhysX v7.07.24
AIM Ad Hack
Andrea VoiceCenter
AOL Instant Messenger
Apple Mobile Device Support
Apple Software Update
AutoUpdate
BitLord 1.1
Bonjour
BSPlayer
Call of Duty® 4 - Modern Warfare™ 1.4 Patch
Call of Duty® 4 - Modern Warfare™ 1.5 Multiplayer Patch
Call of Duty® 4 - Modern Warfare™ 1.6 Patch
Creative Audio Pack
Creative MediaSource 5
Dell Resource CD
DH Driver Cleaner Platinum Edition
DivX Codec
DivX Converter
DivX Web Player
DVD Decrypter (Remove Only)
DVD Identifier
DVD2one 1.5.1
EQ2MAP Updater 1.0.16
EverQuest II: Rise of Kunark
FlashFXP v3.4.0.1140 Final
GameSpy Arcade
GSC
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
ImgBurn
Intel® PRO Network Connections Drivers
ISXEQ2 20080605.0001
iTunes
J2SE Runtime Environment 5.0 Update 11
Java 2 Runtime Environment, SE v1.4.2_03
K-Lite Codec Pack 2.80 Full
LiveReg (Symantec Corporation)
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Macromedia Shockwave Player
Magic ISO Maker v5.0 (build 0166)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
mIRC
Mozilla Firefox (2.0.0.20)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
Nero 7 Premium
NETGEAR WG111v3 wireless USB 2.0 adapter
NexusTK
Norton AntiVirus (Symantec Corporation)
NVIDIA Drivers
O&O Defrag Professional Edition
PowerISO
QuickBooks Pro 2006
QuickTime
QuickTime Alternative 1.70
Real Alternative 1.49
Registry Mechanic 6.0
SecondLife (remove only)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Visio 2007 (KB947590)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
SFV Checker
SigmaTel Audio
Snood for Windows version 3.52-W
Software Update for Web Folders
Sound Blaster ADVANCED MB Drivers
Sound Blaster Audigy ADVANCED MB
Spybot - Search & Destroy
Sunbelt CounterSpy
Symantec pcAnywhere
Tibia
TortoiseSVN 1.5.2.13595 (32 bit)
UltraISO Premium V8.6
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb959634)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
UVU Media Player
Virtual Pool 3
Warhammer Online - Age of Reckoning
Winamp
Winamp Remote
Windows Genuine Advantage Notifications (KB905474)
Windows Media Format Runtime
Windows Sidebar
WinDVD
WinRAR archiver
WinRAR Themes Addon
WinZip 10 Pro
World of Warcraft
XTreme-G 175.63 XP 32 bit

==== Event Viewer Messages From Past Week ========

2/18/2009 4:54:50 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/18/2009 4:56:10 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

==== End Of File ===========================



I had to run DDS in safe mode because my computer won't stay booted up for more than a few seconds now before it BSODs. Also tried taking out the memory and trying different combos in different slots and still got the BSOD.

Also I have zipped the minidump files and posted as requested.

Edited by Lyrical Menace, 18 February 2009 - 04:07 PM.

  • 0

#5
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hi all of your minidumps point to this file:
iastor.sys

that is the Intel Matrix storage manager.

Have you installed any driver updates recently?


Do this to check the date of the driver file.

I will need to you show hidden files\folders so we can delete the leftover file.
To Set:
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Show hidden files and folders.
  • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK

Then navigate to this file C:\Windows\system32\drivers\iastor.sys then right click on the file and choose Properties then tell me when it was last modified.

Also what model number dell system do you have?
  • 0

#6
Lyrical Menace

Lyrical Menace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Created: Thursday, November 09, 2006, 8:00:20 PM
Modified: Thursday, July 06, 2006, 6:59:42 AM
Accessed: Thursday, February 27, 2007, 3:13:13 AM

Also I "believe" my model number is Dell DXP061


I have not installed or updated any drivers recently,
  • 0

#7
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
I mean is it a Dimension?
Look at the top of the tower and tell me what it says on the front.
That will be the Model number that I need plus the name like for
ex: Dimension DXP061.

  • 0

#8
Lyrical Menace

Lyrical Menace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
The plate on the front of the tower is missing where it tells you what kind of computer it is..

It is a computer my brother bought a few years back. I used a piece of software to bring up that model code because I couldn't find it.

EDIT: I checked out http://support.dell....o...&doclang=en

That website told me my computer is the Dimension 9200

Edited by Lyrical Menace, 20 February 2009 - 02:44 PM.

  • 0

#9
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hi click the below link and download that file:
http://support.dell....p;fileid=211963

After that run the installation and follow the prompts reboot into normal mode and see if it changes.
  • 0

#10
Lyrical Menace

Lyrical Menace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Downloaded the file and ran it. It created a new driver folder, and didn't replace any old files just FYI.

Rebooted computer in regular mode and still got my blue screen.
  • 0

Advertisements


#11
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
If it created a folder then go to it.
There will be a file in it called iastor.sys go back to the C:\Windows\system32\drivers folder and rename the one there to iastor.sys.old.
Then place the updated one in that folder to replace it.

Then reboot and try it.
  • 0

#12
Lyrical Menace

Lyrical Menace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Copied the single file as you requested and put it into my drivers folder.

Booted up and ran fine in normal mode for 10 mins or so. Seemed to be working better, but obviously not 100%

Still getting blue screen of death.

Edited by Lyrical Menace, 20 February 2009 - 10:12 PM.

  • 0

#13
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
This did not start happening before Combofix?
Do you have the log Comofix created?
It is located here C:\Combofix.txt.

See if you have that log and post if not we will go another route.
  • 0

#14
Lyrical Menace

Lyrical Menace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Need to buy a new vga cord for my desktop monitor. Will have to post the combofix log tomorrow just wanted to let you know I am still here.
  • 0

#15
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP