Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows blue screen crash

Started by ErikaP , Aug 06 2010 11:33 AM

  • Please log in to reply

#16
emeraldnzl
Posted 09 August 2010 - 03:39 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Okay, we will take a different approach.

Please run MBRCheck.exe again

1. Wait until program writes this line "Enter 'Y' and hit ENTER for more options, or 'N' to exit:"
2. Please enter y key and press Enter
3. When program ask you "Enter your choice:" enter 1 and press Enter key
4. Now the program will ask you "Enter the physical disk number to dump (0-99, -1 to cancel):"
5. Enter 0 and press Enter key
6. Now the program will ask you where to dump MBR. Enter
      C:\mbrdump.dmp

and press Enter

Please atach C:\mbrdump.dmp here for me.

To attach a file, do the following:

* Click Add Reply
* Under the reply panel is the Attachments Panel
* Browse for the attachment file you want to upload, then click the button to Attach This File button
  • 0

Advertisements

#17
ErikaP
Posted 09 August 2010 - 04:18 PM

ErikaP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
This site says, "Error You aren't permitted to upload this kind of file". Otherwise, that worked just fine.
  • 0

#18
emeraldnzl
Posted 09 August 2010 - 05:09 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
See if you can upload to Mediafire and post the sharing link.

I would like to ask a technical expert have a look at it to see what he can find. :)
  • 0

#19
ErikaP
Posted 09 August 2010 - 05:21 PM

ErikaP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Here's the link: http://www.mediafire...9i516yf3pul1vub
  • 0

#20
emeraldnzl
Posted 09 August 2010 - 07:37 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello ErikaP,

I will get back to you once I find out more. :)
  • 0

#21
emeraldnzl
Posted 09 August 2010 - 08:54 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again ErikaP,

That MBR dump checked out as legitimate so we will move on from there.

Now
  • Double click on the OTL icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • Under the Custom Scan box paste this in:




    /md5start
    nvlddmkm.sys
    ntdll.dll
    USER32.dll
    SHELL32.dll
    ole32.dll
    /md5stop

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open a notepad window, OTL.txt. This is saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of the file and paste it into your reply.
  • 0

#22
ErikaP
Posted 09 August 2010 - 09:37 PM

ErikaP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
OTL logfile created on: 8/9/2010 8:32:40 PM - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Rose\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 76.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.57 Gb Total Space | 230.89 Gb Free Space | 80.01% Space Free | Partition Type: NTFS
Drive D: | 9.51 Gb Total Space | 1.29 Gb Free Space | 13.56% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 297.98 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
Drive F: | 552.56 Mb Total Space | 491.37 Mb Free Space | 88.93% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ROSE-PC
Current User Name: Rose
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/09 20:32:00 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Rose\Downloads\OTL.exe
PRC - [2010/06/10 13:22:44 | 000,554,328 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2010/06/09 19:14:30 | 001,156,440 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/26 19:14:45 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/01/19 00:33:27 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
PRC - [2008/01/15 09:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/04/18 08:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/02/15 04:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe


========== Modules (SafeList) ==========

MOD - [2010/08/09 20:32:00 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Rose\Downloads\OTL.exe
MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/19 00:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2010/06/09 19:14:30 | 001,156,440 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - [2008/10/07 13:33:00 | 007,380,896 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:04:16 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/01/15 17:19:04 | 002,047,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/10/26 11:51:24 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/01 02:21:08 | 001,129,344 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2007/09/10 13:17:40 | 001,035,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2006/11/02 02:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 02:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 02:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 02:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 02:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 02:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 02:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 02:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 02:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 02:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 02:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 02:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 02:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 02:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 02:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 02:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 02:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 02:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/09/02 23:53:54 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/09/02 23:53:38 | 000,053,248 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2005/12/12 10:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...lion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mail.yahoo.com/"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/07 19:26:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/08 08:01:02 | 000,000,000 | ---D | M]

[2010/08/07 19:26:17 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Mozilla\Extensions
[2010/08/08 08:08:49 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\tmx52lwb.default\extensions
[2010/08/07 19:30:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\tmx52lwb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/07 19:26:01 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/08/08 17:57:09 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKCU\..Trusted Domains: ([]msn in Computer)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg...l_v1-0-24-0.cab (EPUImageControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Rose\Pictures\Hoppity.jpg
O24 - Desktop BackupWallPaper: C:\Users\Rose\Pictures\Hoppity.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/11/09 22:46:12 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/08 19:58:05 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/08 18:00:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/08/08 17:57:08 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/08/08 17:57:08 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\temp
[2010/08/08 16:49:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/08/08 16:49:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/08/08 16:49:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/08/08 16:48:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/08 08:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/08/07 19:30:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/08/07 19:30:17 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\NOS
[2010/08/07 19:30:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/08/07 19:26:07 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\Mozilla
[2010/08/07 19:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/08/07 19:13:45 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\ElevatedDiagnostics
[2010/08/07 18:55:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2010/08/07 18:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS
[2010/08/07 09:42:58 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\CrashDumps
[2010/08/06 19:01:01 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Easy
[2010/08/06 18:41:28 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\RegistryTool
[2010/08/06 18:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\RegistryTool
[2010/08/06 16:50:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/06 11:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/08/06 09:14:27 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\gmer
[2010/08/06 09:04:58 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/06 09:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/07/29 07:03:14 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\Symantec
[2010/07/28 13:04:36 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
[4 C:\Users\Rose\Documents\*.tmp files -> C:\Users\Rose\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/09 20:32:10 | 003,145,728 | -HS- | M] () -- C:\Users\Rose\NTUSER.DAT
[2010/08/09 19:06:10 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/09 19:06:10 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/09 19:06:08 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/09 19:06:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/09 19:06:03 | 3085,406,208 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/09 19:05:59 | 228,077,019 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/09 18:25:09 | 000,000,452 | ---- | M] () -- C:\Windows\tasks\RegistryTool Scan.job
[2010/08/09 15:15:48 | 000,000,512 | ---- | M] () -- C:\mbrdump.dmp
[2010/08/09 09:07:22 | 000,524,288 | -HS- | M] () -- C:\Users\Rose\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/08/09 09:07:22 | 000,065,536 | -HS- | M] () -- C:\Users\Rose\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/08/09 09:07:17 | 002,029,931 | -H-- | M] () -- C:\Users\Rose\AppData\Local\IconCache.db
[2010/08/08 17:57:15 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/08/08 17:57:09 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/08/08 12:30:25 | 001,120,493 | ---- | M] () -- C:\Users\Rose\Desktop\GUIDE 2 Home Can.pdf
[2010/08/08 08:43:52 | 001,120,493 | ---- | M] () -- C:\Users\Rose\Documents\Fruit Canning.pdf
[2010/08/08 08:00:51 | 000,007,944 | ---- | M] () -- C:\Users\Rose\AppData\Local\d3d9caps.dat
[2010/08/07 19:26:02 | 000,001,750 | ---- | M] () -- C:\Users\Rose\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/07 19:26:02 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/07 18:54:27 | 003,801,088 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2010/08/07 18:54:27 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2010/08/07 18:54:27 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2010/08/07 09:27:13 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/07 09:27:13 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/07 09:27:12 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/07 09:26:11 | 000,000,867 | ---- | M] () -- C:\Users\Rose\Desktop\Norton Installation Files.lnk
[2010/08/07 09:12:23 | 000,002,607 | ---- | M] () -- C:\Users\Rose\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel.lnk
[2010/08/06 18:49:26 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/08/06 18:41:15 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\RegistryTool.lnk
[2010/08/06 09:04:46 | 000,000,915 | ---- | M] () -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/08/02 09:18:22 | 000,002,609 | ---- | M] () -- C:\Users\Rose\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2010/07/31 14:58:05 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/07/27 12:28:50 | 000,405,056 | ---- | M] () -- C:\Users\Rose\Desktop\lightsaber prototype.jpg
[2010/07/24 22:44:24 | 005,547,190 | ---- | M] () -- C:\Users\Rose\Documents\knitsabers pattern.pdf
[2010/07/24 22:03:34 | 000,467,451 | ---- | M] () -- C:\Users\Rose\Documents\Luke 12 inch saber pattern.pdf
[2010/07/24 17:30:30 | 000,150,621 | ---- | M] () -- C:\Users\Rose\Documents\overthemoonwrap.pdf
[2010/07/24 17:26:42 | 000,229,728 | ---- | M] () -- C:\Users\Rose\Documents\PlainWoolWrap.pdf
[2010/07/24 17:16:28 | 000,974,979 | ---- | M] () -- C:\Users\Rose\Documents\Felted_Baby_Yoda_Hat2.pdf
[2010/07/24 12:32:13 | 000,266,618 | ---- | M] () -- C:\Users\Rose\Desktop\inserts.jpg
[4 C:\Users\Rose\Documents\*.tmp files -> C:\Users\Rose\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/09 15:15:48 | 000,000,512 | ---- | C] () -- C:\mbrdump.dmp
[2010/08/09 00:04:00 | 3085,406,208 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/08 16:49:18 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/08/08 16:49:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/08/08 16:49:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/08/08 16:49:18 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/08/08 16:49:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/08 12:30:23 | 001,120,493 | ---- | C] () -- C:\Users\Rose\Desktop\GUIDE 2 Home Can.pdf
[2010/08/08 08:43:52 | 001,120,493 | ---- | C] () -- C:\Users\Rose\Documents\Fruit Canning.pdf
[2010/08/07 19:26:02 | 000,001,750 | ---- | C] () -- C:\Users\Rose\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/07 19:26:02 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/08/07 18:54:05 | 003,801,088 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2010/08/07 18:54:05 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2010/08/07 18:54:05 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2010/08/07 09:08:15 | 000,000,867 | ---- | C] () -- C:\Users\Rose\Desktop\Norton Installation Files.lnk
[2010/08/06 18:41:34 | 000,000,452 | ---- | C] () -- C:\Windows\tasks\RegistryTool Scan.job
[2010/08/06 18:41:15 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\RegistryTool.lnk
[2010/08/06 09:04:46 | 000,000,915 | ---- | C] () -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/07/31 14:58:05 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/07/27 12:28:48 | 000,405,056 | ---- | C] () -- C:\Users\Rose\Desktop\lightsaber prototype.jpg
[2010/07/24 22:44:19 | 005,547,190 | ---- | C] () -- C:\Users\Rose\Documents\knitsabers pattern.pdf
[2010/07/24 22:03:34 | 000,467,451 | ---- | C] () -- C:\Users\Rose\Documents\Luke 12 inch saber pattern.pdf
[2010/07/24 17:30:30 | 000,150,621 | ---- | C] () -- C:\Users\Rose\Documents\overthemoonwrap.pdf
[2010/07/24 17:26:42 | 000,229,728 | ---- | C] () -- C:\Users\Rose\Documents\PlainWoolWrap.pdf
[2010/07/24 17:16:24 | 000,974,979 | ---- | C] () -- C:\Users\Rose\Documents\Felted_Baby_Yoda_Hat2.pdf
[2010/07/24 12:32:12 | 000,266,618 | ---- | C] () -- C:\Users\Rose\Desktop\inserts.jpg
[2009/09/23 15:51:48 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/06/20 07:39:07 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009/06/20 07:39:07 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009/06/20 07:39:07 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009/05/23 18:13:27 | 000,001,729 | ---- | C] () -- C:\Windows\System32\GamParse.INI
[2009/04/19 08:20:25 | 000,000,024 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008/02/28 07:07:44 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/02/28 07:07:44 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/02/28 06:23:26 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/11/09 22:36:32 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2007/11/09 22:25:23 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007/11/09 22:25:23 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1997/06/13 17:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

========== Custom Scans ==========



< MD5 for: NTDLL.DLL >
[2006/11/02 02:47:26 | 001,162,656 | ---- | M] (Microsoft Corporation) MD5=04E4C2069D7254E3FBB90D5B519AB53C -- C:\Windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6000.16386_none_56a01c45ff429b42\ntdll.dll
[2008/01/19 00:38:14 | 001,203,792 | ---- | M] (Microsoft Corporation) MD5=172E1B9EB61167AD232291A6761501BF -- C:\Windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6001.18000_none_58d6de41fc2dac16\ntdll.dll
[2009/04/10 23:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ntdll.dll
[2009/04/10 23:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.18005_none_5ac2574df94f7762\ntdll.dll

< MD5 for: NVLDDMKM.SYS >
[2008/10/07 13:33:00 | 007,380,896 | ---- | M] (NVIDIA Corporation) MD5=9A87BBA2307B0F16FAB141A2EE664E4D -- C:\Windows\System32\drivers\nvlddmkm.sys
[2008/10/07 13:33:00 | 007,380,896 | ---- | M] (NVIDIA Corporation) MD5=9A87BBA2307B0F16FAB141A2EE664E4D -- C:\Windows\System32\DriverStore\FileRepository\nv_disp.inf_7463ae4b\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_am.inf_bee4b0bd\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_aw.inf_fde61cc7\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_bl.inf_9d21b4fb\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_cp.inf_9adf6f3e\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_dm.inf_d2e8f77a\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_gw.inf_25eeaa41\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_io.inf_efce3eb7\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_lh.inf_3e1e536d\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_lh.inf_a61c4c6e\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_mo.inf_b52947b3\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_qa.inf_ef1beca1\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_sm.inf_36fe592b\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\System32\DriverStore\FileRepository\nv_sz.inf_ef4cff38\nvlddmkm.sys
[2006/10/13 20:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) MD5=CFDDEDC1151839DD71F78472645214A5 -- C:\Windows\winsxs\x86_nv_lh.inf_31bf3856ad364e35_6.0.6001.18000_none_ee678bd1cad54a84\nvlddmkm.sys
[2007/07/06 18:45:00 | 007,568,832 | ---- | M] (NVIDIA Corporation) MD5=E633E4E0E6A65FEA569DC2773F1C6D58 -- C:\Windows\System32\DriverStore\FileRepository\nvht.inf_f2f05f6e\nvlddmkm.sys
[2008/05/22 14:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) MD5=FBBA09782F2FAC5A57619DF378BA9372 -- C:\Windows\System32\DriverStore\FileRepository\nvht.inf_8662cf34\nvlddmkm.sys

< MD5 for: OLE32.DLL >
[2008/01/19 00:36:01 | 001,315,328 | ---- | M] (Microsoft Corporation) MD5=3B634E4BE373D6D987EBF906B43FAAB3 -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
[2009/04/10 23:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) MD5=C50A0AB19094BC362FBA69E105EBCCFD -- C:\Windows\ERDNT\cache\ole32.dll
[2006/11/02 02:46:12 | 001,314,816 | ---- | M] (Microsoft Corporation) MD5=CCE6FB960F8985BF500CE9CB0B2EF4CF -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6000.16386_none_a9e6e55ff5664fb0\ole32.dll
[2009/04/10 23:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ole32.dll
[2009/04/10 23:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll

< MD5 for: SHELL32.DLL >
[2006/11/02 02:46:13 | 011,314,688 | ---- | M] (Microsoft Corporation) MD5=0A8317FF6D77DA369C34F88693373A6C -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.16386_none_69f268e21510dceb\shell32.dll
[2008/01/19 00:36:10 | 011,580,416 | ---- | M] (Microsoft Corporation) MD5=33E9CE9110597F1A47BA18B96EAFA6FA -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.18000_none_6c292ade11fbedbf\shell32.dll
[2008/04/23 21:40:28 | 011,319,808 | ---- | M] (Microsoft Corporation) MD5=3D58E32AA9A5C7F408D97675C81C9AED -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.20822_none_6ab8eba52e01644f\shell32.dll
[2009/04/10 23:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation) MD5=43466A7FF452883B68F52B963023949C -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6002.18005_none_6e14a3ea0f1db90b\shell32.dll
[2008/11/06 05:59:27 | 011,582,976 | ---- | M] (Microsoft Corporation) MD5=4A21B11997C1F14D8707C8C501CA59A7 -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.22303_none_6cb5cc532b16d3dc\shell32.dll
[2008/11/06 05:59:14 | 011,320,832 | ---- | M] (Microsoft Corporation) MD5=4F72C8F593AAB1B83FB5D62CBFBB51F9 -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.20951_none_6a977d7d2e1a9bf2\shell32.dll
[2008/11/06 06:14:25 | 011,580,928 | ---- | M] (Microsoft Corporation) MD5=5D62692EEB77E32F67A966F1BDEB551B -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.18167_none_6bef4f42122643ed\shell32.dll
[2008/04/23 21:58:20 | 011,580,416 | ---- | M] (Microsoft Corporation) MD5=61509AF47F663A6EA941492ED181D60C -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.18062_none_6bea4bea122ac813\shell32.dll
[2007/11/09 22:10:40 | 011,315,200 | ---- | M] (Microsoft Corporation) MD5=7BA541CD1EAFB4D38DBA594FCF611A62 -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.20628_none_6abee9952dfc020b\shell32.dll
[2008/04/23 21:45:45 | 011,581,440 | ---- | M] (Microsoft Corporation) MD5=82A0A2AB2C637C11F28C1E37F76A284E -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.22166_none_6c77e9dd2b44cd39\shell32.dll
[2010/07/26 11:04:15 | 011,587,072 | ---- | M] (Microsoft Corporation) MD5=895F23DE1778E6AADE0DEEBCC2E6AC0A -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6002.22454_none_6e6736812864c2a8\shell32.dll
[2007/11/09 22:10:39 | 011,315,200 | ---- | M] (Microsoft Corporation) MD5=AF54933386F459CEC04AC91C49423B25 -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.16513_none_6a3b1b4414dac79d\shell32.dll
[2010/07/26 09:56:52 | 011,586,560 | ---- | M] (Microsoft Corporation) MD5=CDE0D181CF5E5DD7E7C032A15365799C -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.22735_none_6c9764bb2b2d4ef9\shell32.dll
[2008/11/06 05:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation) MD5=CF1D75E7B4A7CC6D2A21FE64C9E50A12 -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.16774_none_69fb3fd2150a82e8\shell32.dll
[2010/07/26 09:55:26 | 011,581,440 | ---- | M] (Microsoft Corporation) MD5=DD2F953D9DCAAF080F724803A8121CE6 -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6001.18505_none_6c2e35ce11f75e35\shell32.dll
[2008/04/23 21:51:39 | 011,315,712 | ---- | M] (Microsoft Corporation) MD5=FF37AF2D5DCAFC00BC46AF07B53699B0 -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6000.16680_none_69ec6cd815163c56\shell32.dll
[2010/07/26 08:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\shell32.dll
[2010/07/26 08:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-shell32_31bf3856ad364e35_6.0.6002.18287_none_6dc028ea0f5cc58f\shell32.dll

< MD5 for: USER32.DLL >
[2007/11/09 22:03:12 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2009/04/10 23:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll
[2007/11/09 22:03:12 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008/01/19 00:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006/11/02 02:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009/04/10 23:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009/04/10 23:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< End of report >
  • 0

#23
emeraldnzl
Posted 09 August 2010 - 10:17 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello ErikaP,

  • C:\Windows\System32\ntdll.dll
  • Click on the Upload button
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.
also for these ones
C:\Windows\System32\ole32.dll
C:\Windows\System32\shell32.dll
C:\Windows\System32\user32.dll
  • 0

#24
ErikaP
Posted 10 August 2010 - 09:42 AM

ErikaP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
VirSCAN.org Scanned Report :
Scanned time : 2010/08/10 08:42:13 (MST)
Scanner results: Scanners did not find malware!
File Name : ntdll.dll
File Size : 1202168 byte
File Type : PE32 executable for MS Windows (DLL) (console) Intel 80386 3
MD5 : 40db2eba3cd1433d1c90bd262ece1543
SHA1 : 8618f3b335cc467574cc13cab11a798f0b46eb23
Online report : http://virscan.org/r...8cda2a4294.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.0.0.18 20100810060458 2010-08-10 0.30 -
AhnLab V3 2010.08.07.00 2010.08.07 2010-08-07 1.30 -
AntiVir 8.2.4.34 7.10.10.143 2010-08-10 0.30 -
Antiy 2.0.18 20100810.4923669 2010-08-10 0.02 -
Arcavir 2009 201006281601 2010-06-28 0.01 -
Authentium 5.1.1 201008101319 2010-08-10 1.34 -
AVAST! 4.7.4 100810-0 2010-08-10 0.07 -
AVG 8.5.793 271.1.1/3062 2010-08-10 0.27 -
BitDefender 7.90123.6154321 7.33285 2010-08-10 4.38 -
ClamAV 0.96.1 11524 2010-08-10 0.23 -
Comodo 4.0 5702 2010-08-10 1.11 -
CP Secure 1.3.0.5 2010.08.10 2010-08-10 0.45 -
Dr.Web 5.0.2.3300 2010.08.10 2010-08-10 8.91 -
F-Prot 4.4.4.56 20100810 2010-08-10 1.28 -
F-Secure 7.02.73807 2010.08.10.03 2010-08-10 0.14 -
Fortinet 4.1.143 12.231 2010-08-09 0.17 -
GData 21.648/21.245 20100809 2010-08-09 7.41 -
ViRobot 20100809 2010.08.09 2010-08-09 0.38 -
Ikarus T3. 2010.08.10.76460 2010-08-10 4.83 -
JiangMin 13.0.900 2010.08.10 2010-08-10 1.32 -
Kaspersky 5.5.10 2010.08.10 2010-08-10 0.08 -
KingSoft 2009.2.5.15 2010.8.10.18 2010-08-10 0.65 -
McAfee 5400.1158 6069 2010-08-09 17.69 -
Microsoft 1.6004 2010.08.09 2010-08-09 6.77 -
Norman 6.05.11 6.05.00 2010-08-09 6.01 -
Panda 9.05.01 2010.08.08 2010-08-08 2.11 -
Trend Micro 9.120-1004 7.374.06 2010-08-10 0.03 -
Quick Heal 11.00 2010.08.10 2010-08-10 2.61 -
Rising 20.0 22.60.01.01 2010-08-10 1.45 -
Sophos 3.10.0 4.56 2010-08-10 3.86 -
Sunbelt 3.9.2432.2 6710 2010-08-09 10.53 -
Symantec 1.3.0.24 20100809.002 2010-08-09 0.08 -
nProtect 20100808.01 8813262 2010-08-08 9.04 -
The Hacker 6.5.2.1 v00341 2010-08-09 0.43 -
VBA32 3.12.14.0 20100810.0802 2010-08-10 3.50 -
VirusBuster 4.5.11.10 10.127.50/2027477 2010-08-10 3.07 -


VirSCAN.org Scanned Report :
Scanned time : 2010/08/10 08:26:18 (MST)
Scanner results: Scanners did not find malware!
File Name : ole32.dll
File Size : 1316864 byte
File Type : PE32 executable for MS Windows (DLL) (console) Intel 80386 3
MD5 : c50a0ab19094bc362fba69e105ebccfd
SHA1 : 3ae31b6b6fdf84feb41ef379d6843a52bdfab34b
Online report : http://virscan.org/r...3f7eefd6ac.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.0.0.18 20100810060458 2010-08-10 40.09 -
AhnLab V3 2010.08.07.00 2010.08.07 2010-08-07 40.09 -
AntiVir 8.2.4.34 7.10.10.143 2010-08-10 0.27 -
Antiy 2.0.18 20100810.4923669 2010-08-10 0.02 -
Arcavir 2009 201006281601 2010-06-28 0.01 -
Authentium 5.1.1 201008101319 2010-08-10 5.18 -
AVAST! 4.7.4 100810-0 2010-08-10 0.09 -
AVG 8.5.793 271.1.1/3062 2010-08-10 0.27 -
BitDefender 7.90123.6154321 7.33285 2010-08-10 4.47 -
ClamAV 0.96.1 11524 2010-08-10 0.27 -
Comodo 4.0 5702 2010-08-10 40.09 -
CP Secure 1.3.0.5 2010.08.10 2010-08-10 0.47 -
Dr.Web 5.0.2.3300 2010.08.10 2010-08-10 8.90 -
F-Prot 4.4.4.56 20100810 2010-08-10 4.88 -
F-Secure 7.02.73807 2010.08.10.03 2010-08-10 0.09 -
Fortinet 4.1.143 12.231 2010-08-09 0.57 -
GData 21.648/21.245 20100809 2010-08-09 40.09 -
ViRobot 20100809 2010.08.09 2010-08-09 0.43 -
Ikarus T3. 2010.08.10.76460 2010-08-10 5.30 -
JiangMin 13.0.900 2010.08.10 2010-08-10 2.42 -
Kaspersky 5.5.10 2010.08.10 2010-08-10 0.08 -
KingSoft 2009.2.5.15 2010.8.10.18 2010-08-10 12.38 -
McAfee 5400.1158 6069 2010-08-09 17.92 -
Microsoft 1.6004 2010.08.09 2010-08-09 7.90 -
Norman 6.05.11 6.05.00 2010-08-09 8.01 -
Panda 9.05.01 2010.08.08 2010-08-08 10.82 -
Trend Micro 9.120-1004 7.374.06 2010-08-10 0.03 -
Quick Heal 11.00 2010.08.10 2010-08-10 6.38 -
Rising 20.0 22.60.01.01 2010-08-10 1.91 -
Sophos 3.10.0 4.56 2010-08-10 4.37 -
Sunbelt 3.9.2432.2 6710 2010-08-09 25.08 -
Symantec 1.3.0.24 20100809.002 2010-08-09 0.51 -
nProtect 20100808.01 8813262 2010-08-08 17.29 -
The Hacker 6.5.2.1 v00341 2010-08-09 0.89 -
VBA32 3.12.14.0 20100810.0802 2010-08-10 3.54 -
VirusBuster 4.5.11.10 10.127.50/2027477 2010-08-10 3.48 -


VirSCAN.org Scanned Report :
Scanned time : 2010/08/10 08:36:12 (MST)
Scanner results: Scanners did not find malware!
File Name : shell32.dll
File Size : 11584512 byte
File Type : PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bi
MD5 : 91640c342ad09936d0e4b7ebddb12091
SHA1 : 9a65a384e3b3edc477d4c77e61a7fdeec4c36871
Online report : http://virscan.org/r...9f9385f05e.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.0.0.18 20100810060458 2010-08-10 3.15 -
AhnLab V3 2010.08.07.00 2010.08.07 2010-08-07 2.64 -
AntiVir 8.2.4.34 7.10.10.143 2010-08-10 0.30 -
Antiy 2.0.18 20100810.4923669 2010-08-10 0.02 -
Arcavir 2009 201006281601 2010-06-28 0.00 -
Authentium 5.1.1 201008101319 2010-08-10 3.00 -
AVAST! 4.7.4 100810-0 2010-08-10 0.59 -
AVG 8.5.793 271.1.1/3062 2010-08-10 0.30 -
BitDefender 7.90123.6154321 7.33285 2010-08-10 7.95 -
ClamAV 0.96.1 11524 2010-08-10 2.84 -
Comodo 4.0 5702 2010-08-10 1.21 -
CP Secure 1.3.0.5 2010.08.10 2010-08-10 1.01 -
Dr.Web 5.0.2.3300 2010.08.10 2010-08-10 9.03 -
F-Prot 4.4.4.56 20100810 2010-08-10 2.89 -
F-Secure 7.02.73807 2010.08.10.03 2010-08-10 0.32 -
Fortinet 4.1.143 12.231 2010-08-09 0.37 -
GData 21.648/21.245 20100809 2010-08-09 7.50 -
ViRobot 20100809 2010.08.09 2010-08-09 0.40 -
Ikarus T3. 2010.08.10.76460 2010-08-10 5.35 -
JiangMin 13.0.900 2010.08.10 2010-08-10 1.80 -
Kaspersky 5.5.10 2010.08.10 2010-08-10 0.12 -
KingSoft 2009.2.5.15 2010.8.10.18 2010-08-10 0.83 -
McAfee 5400.1158 6069 2010-08-09 17.83 -
Microsoft 1.6004 2010.08.09 2010-08-09 7.16 -
Norman 6.05.11 6.05.00 2010-08-09 8.01 -
Panda 9.05.01 2010.08.08 2010-08-08 7.11 -
Trend Micro 9.120-1004 7.374.06 2010-08-10 0.04 -
Quick Heal 11.00 2010.08.10 2010-08-10 6.63 -
Rising 20.0 22.60.01.01 2010-08-10 1.85 -
Sophos 3.10.0 4.56 2010-08-10 4.02 -
Sunbelt 3.9.2432.2 6710 2010-08-09 10.56 -
Symantec 1.3.0.24 20100809.002 2010-08-09 0.42 -
nProtect 20100808.01 8813262 2010-08-08 8.82 -
The Hacker 6.5.2.1 v00341 2010-08-09 0.41 -
VBA32 3.12.14.0 20100810.0802 2010-08-10 6.63 -
VirusBuster 4.5.11.10 10.127.50/2027477 2010-08-10 8.15 -

VirSCAN.org Scanned Report :
Scanned time : 2010/08/10 08:45:01 (MST)
Scanner results: Scanners did not find malware!
File Name : user32.dll
File Size : 627712 byte
File Type : PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bi
MD5 : 75510147b94598407666f4802797c75a
SHA1 : 4c3a421fb6c890a81366fc8b0ba33630bb1ce896
Online report : http://virscan.org/r...1528f40753.html

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.0.0.18 20100810060458 2010-08-10 0.35 -
AhnLab V3 2010.08.07.00 2010.08.07 2010-08-07 1.25 -
AntiVir 8.2.4.34 7.10.10.143 2010-08-10 0.28 -
Antiy 2.0.18 20100810.4923669 2010-08-10 0.02 -
Arcavir 2009 201006281601 2010-06-28 0.00 -
Authentium 5.1.1 201008101319 2010-08-10 2.43 -
AVAST! 4.7.4 100810-0 2010-08-10 0.04 -
AVG 8.5.793 271.1.1/3062 2010-08-10 0.26 -
BitDefender 7.90123.6154321 7.33285 2010-08-10 4.38 -
ClamAV 0.96.1 11524 2010-08-10 0.15 -
Comodo 4.0 5702 2010-08-10 1.08 -
CP Secure 1.3.0.5 2010.08.10 2010-08-10 0.11 -
Dr.Web 5.0.2.3300 2010.08.10 2010-08-10 9.15 -
F-Prot 4.4.4.56 20100810 2010-08-10 2.34 -
F-Secure 7.02.73807 2010.08.10.03 2010-08-10 0.08 -
Fortinet 4.1.143 12.231 2010-08-09 0.18 -
GData 21.648/21.245 20100809 2010-08-09 7.22 -
ViRobot 20100809 2010.08.09 2010-08-09 0.38 -
Ikarus T3. 2010.08.10.76460 2010-08-10 4.84 -
JiangMin 13.0.900 2010.08.10 2010-08-10 1.27 -
Kaspersky 5.5.10 2010.08.10 2010-08-10 0.09 -
KingSoft 2009.2.5.15 2010.8.10.18 2010-08-10 0.66 -
McAfee 5400.1158 6069 2010-08-09 17.64 -
Microsoft 1.6004 2010.08.09 2010-08-09 5.97 -
Norman 6.05.11 6.05.00 2010-08-09 6.01 -
Panda 9.05.01 2010.08.08 2010-08-08 2.86 -
Trend Micro 9.120-1004 7.374.06 2010-08-10 0.03 -
Quick Heal 11.00 2010.08.10 2010-08-10 2.42 -
Rising 20.0 22.60.01.01 2010-08-10 1.48 -
Sophos 3.10.0 4.56 2010-08-10 3.89 -
Sunbelt 3.9.2432.2 6710 2010-08-09 9.54 -
Symantec 1.3.0.24 20100809.002 2010-08-09 0.06 -
nProtect 20100808.01 8813262 2010-08-08 8.74 -
The Hacker 6.5.2.1 v00341 2010-08-09 0.39 -
VBA32 3.12.14.0 20100810.0802 2010-08-10 3.18 -
VirusBuster 4.5.11.10 10.127.50/2027477 2010-08-10 2.75 -

Edited by ErikaP, 10 August 2010 - 09:47 AM.

  • 0

#25
emeraldnzl
Posted 10 August 2010 - 02:26 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello ErikaP,

They all came back clean. We are not finding anything to worry about so far.

Let's do this:

It is a pretty big download but is very useful at detecting\cleaning rootkits or whatever it finds.

Please click here to download VRT Tool by Kaspersky.
  • Save it to your desktop
  • Double click the setup file to run it
  • Accept the agreement
  • A pop up window will appear.
  • On the Autoscan panel check all items
  • Click on Start Scan
  • When finished (this can take some time... just be patient and let it do its job) click the Report button
  • Click the + button left top to expand the critical events
  • Highlight Ctrl A and copy Ctrl C
  • Save to Notepad Ctrl V
Copy and past the report back here.

Click exit to uninstall Kaspersky VRT. Click yes to the prompts to complete the process.

Note: This tool will self uninstall when you click Exit so please save the log before closing it.
  • 0

Advertisements

#26
ErikaP
Posted 10 August 2010 - 04:39 PM

ErikaP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Got another blue screen crash and I can't get it to start up again.
  • 0

#27
emeraldnzl
Posted 10 August 2010 - 11:41 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Do you mean you can't get into Windows or that you can't get any reaction out of your machine at all?

Please describe exactly what you do get. :)

For example, does your machine attempt to boot up but doesn't get past a certain stage?
  • 0

#28
ErikaP
Posted 11 August 2010 - 09:10 AM

ErikaP

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
My machine is still starting (most of the time), but crashes to blue screen when I try to run the Kaspersky.
  • 0

#29
emeraldnzl
Posted 11 August 2010 - 06:02 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello ErikaP,

We will leave Kaspersky then. It would be nice to get a full virus scan of your machine but that and ESET seem to have a problem.

Let's see if we can do it another way.

Before we start I am assuming you haven't re-installed Symantec because running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.

Download and install Avira, this version is free for personal use:


The pop up adverts everytime it updates it's definitions are a little annoying but our main objective here is to use it to scan your machine. If you want to keep it afterwards then that's OK but equally you can uninstall it if you don't.

Download all updates for the antivirus and then run a full scan of your computer. Save the results of the scan and then - if it hasn't already done so - let the program fix all problems it finds. Post results of the scan back here.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP