TheTechGuide Forum

General Category => Tech Clinic => Topic started by: Mr Bell on December 25, 2006, 09:15:17 AM

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 09:15:17 AM

I ran AVG and it said: BOOT SECTOR OF DISK Reading error C.
ntoskrn.exe C\windows\system32\ntoskrn.exe
? first scan also showed something about shell32 but did not show up after 2nd scan because my computer is rebooting by it self

When I highlighted the items it said they were some virus but at the bottom of AVG scan it said no threats were found so that confusing.

And my drweb-cure isn't working either.

Another problem is that my Steam program isn't downloading the standard maps for my game online I play and I'm really freaking out.

Logfile of HijackThis v1.99.1
Scan saved at 8:49:48 AM, on 12/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Randy\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp_adb.../search/ie.html (http://\"http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sb/*http://www.yahoo.com/search/ie.html\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp_adb...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sp/*http://www.yahoo.com\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eightballclan.branzone.com/admi...ator/index2.php (http://\"http://www.eightballclan.branzone.com/administrator/index2.php\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: *.eightballclan.com
O15 - Trusted Zone: *.tpgleague.org
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 10:37:12 AM

@3TEST RESULTS

[Last Updated:: 12/25/2006 10:06:48 AM]

Memory Test
Optimizing Test Memory Size...
Test Memory Allocated:   1171180 KB   OK
Test Memory Blocks:   18299 blks
Start Address:   10020020h
Initialize Memory Addresses:   577D0020h   PASSED
Verify Memory Addresses:   2534E2EEh   PASSED
Addr = 2534E2EE, Data = D002, Expected = F002
===>Test Failed.
 
Found Error(s).


@3SYSTEM INFORMATION

@3Memory Utilization
Total Physical Memory:   1572332 KB
Free Physical Memory:   1176760 KB
Total Pagefile:   2208784 KB
Free Pagefile:   1968648 KB
Total Virtual Memory Space:   2097024 KB
Free Virtual Memory Space:   2021608 KB

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 11:40:01 AM

SmitFraudFix v2.102

Scan done at 11:30:30.34, Mon 12/25/2006
Run from C:\Documents and Settings\Randy\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Randy


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Randy\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Randy\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
 
 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

Title: something is WRONG Guestolo
Post by: guestolo on December 25, 2006, 11:48:51 AM

Quote

I ran AVG and it said

I don't even see AVG running? Why not, did you disable it or uninstall it?

Quote

ntoskrn.exe C\windows\system32\ntoskrn.exe

Are you sure about the file name? It wasn't ntoskrnl.exe was it?

I don't need to see the Smitfraudfix log, You can delete smitfraudfix.zip and the smitfraudfix folder
Also the file
C:\rapport.txt <-this file
If I need to see the log, I'll make sure we update it first

Quote

And my drweb-cure isn't working either.

It is probably out of date, another tool that needs updating before ran
You can delete Dr.web cureit.exe on the desktop and
C:\Documents and Settings\Randy\DoctorWeb < this folder

IF you have an earlier version of the next tool
Delete it and the C:\sUBs folder

If you haven't downloaded it before
Download this file - Combofix.exe (http://\"http://download.bleepingcomputer.com/sUBs/combofix.exe\") and save it too desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Post the log from combofix

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 02:40:58 PM

Yes I had it diabled. I guess because when I run steam for gaming I want full resourse for it. But I enabled it now and will keep it on. I also remove the other desk top items you told me to delete.

I ran another scan after updating and nothing came up.

Yes this is what came up earlier: ntoskrn.exe C\windows\system32\ntoskrn.exe

I also ran a Check it diagnostic and it failed the memory test.

Here is the log you requested:
Randy - 06-12-25 14:29:27.95    Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Randy\Desktop"
 
((((((((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
 
 
C:\WINDOWS\system32\taskmgr.com
 

(((((((((((((((((((((((((((((((   Files Created from 2006-11-25 to 2006-12-25  ))))))))))))))))))))))))))))))))))
 
 
2006-12-25 11:46 79,360 --a------ C:\WINDOWS\system32\swxcacls.exe
2006-12-25 11:46 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2006-12-25 09:17 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-12-25 09:17 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-12-25 09:17 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-12-25 09:17 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-12-20 05:31 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2006-12-20 05:29 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2006-12-19 21:14 10,920 --a------ C:\aolconnfix.exe
 

((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))
 

2006-12-25 13:31 -------- d-------- C:\Documents and Settings\Randy\Application Data\AVG7
2006-12-24 15:29 -------- d-------- C:\Program Files\mIRC
2006-12-23 15:14 -------- d-------- C:\Program Files\CleanUp!
2006-12-20 05:31 -------- d-------- C:\Program Files\Windows Media Player
2006-12-14 11:00 -------- d-------- C:\Program Files\WinRAR
2006-12-13 23:00 -------- d-------- C:\Program Files\Outlook Express
2006-12-13 23:00 -------- d-------- C:\Program Files\Common Files\System
2006-12-12 10:03 -------- d-------- C:\Program Files\America Online 9.0
2006-11-30 15:56 -------- d-------- C:\Program Files\Common Files\AOL
2006-11-25 21:47 -------- d-------- C:\Program Files\HLSW
2006-11-22 10:52 520192 --------- C:\WINDOWS\system32\ati2sgag.exe
2006-11-21 22:25 2829824 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2006-11-21 22:25 261120 --a------ C:\WINDOWS\system32\ati2dvag.dll
2006-11-21 22:20 118784 --a------ C:\WINDOWS\system32\atipdlxx.dll
2006-11-21 22:20 106496 --a------ C:\WINDOWS\system32\Oemdspif.dll
2006-11-21 22:19 90112 --a------ C:\WINDOWS\system32\ati2evxx.dll
2006-11-21 22:19 42496 --a------ C:\WINDOWS\system32\ati2edxx.dll
2006-11-21 22:19 26112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2006-11-21 22:18 430080 --a------ C:\WINDOWS\system32\ati2evxx.exe
2006-11-21 22:17 53248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
2006-11-21 22:12 2526688 --a------ C:\WINDOWS\system32\ati3duag.dll
2006-11-21 22:11 5279744 --a------ C:\WINDOWS\system32\atioglxx.dll
2006-11-21 22:08 1090016 --a------ C:\WINDOWS\system32\ativvaxx.dll
2006-11-21 21:57 217088 --a------ C:\WINDOWS\system32\atikvmag.dll
2006-11-21 21:56 17408 --a------ C:\WINDOWS\system32\atitvo32.dll
2006-11-21 21:51 294912 --a------ C:\WINDOWS\system32\ati2cqag.dll
2006-11-21 21:50 6684672 --a------ C:\WINDOWS\system32\atioglx1.dll
2006-11-21 21:49 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2006-11-21 21:21 303104 --a------ C:\WINDOWS\system32\ATIDEMGR.dll
2006-11-16 11:44 33592 --a------ C:\WINDOWS\system32\drivers\atwpkt264.sys
2006-11-16 11:44 25136 --a------ C:\WINDOWS\system32\drivers\atwpkt2.sys
2006-11-16 11:44 103984 --a------ C:\WINDOWS\system32\AOLDial.dll
2006-11-13 01:20 -------- d-------- C:\Program Files\Internet Explorer
2006-11-08 00:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-04 16:28 -------- d-------- C:\Program Files\Grisoft
2006-11-04 12:14 -------- d-------- C:\Program Files\Logitech
2006-11-04 09:57 -------- d-------- C:\Program Files\Spybot - Search & Destroy
2006-11-02 12:29 816672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-10-28 22:23 -------- d-------- C:\Program Files\SpywareBlaster
2006-10-27 15:09 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-10-27 15:09 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-10-27 15:09 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-10-27 15:09 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-10-27 15:09 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-10-27 15:09 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-10-27 15:09 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-10-27 02:44 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-10-27 02:44 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-10-27 02:44 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-10-27 02:44 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-10-27 02:44 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-10-27 02:44 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-10-27 02:44 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-10-27 02:44 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-10-27 02:44 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-10-27 02:42 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-10-19 08:56 713216 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll
2006-10-18 21:47 8231936 --a------ C:\WINDOWS\system32\wmploc.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\WMADMOD.dll
2006-10-18 21:47 7168 --a------ C:\WINDOWS\system32\asferror.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47 38400 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-10-18 21:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\WMASF.dll
2006-10-18 21:47 212992 --------- C:\WINDOWS\system32\MFPLAT.dll
2006-10-18 21:47 211456 --a------ C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-10-18 21:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47 133632 --------- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 13:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 13:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 13:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 13:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 13:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 13:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 12:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 12:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 12:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 12:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 12:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 12:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 12:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 07:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll
2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe
2006-09-25 17:58 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe
 
 
((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
*Note* empty entries are not shown
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Steam"="\"c:\\program files\\valve\\steam\\steam.exe\" -silent"
"SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
 
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000004
 
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
 
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoDriveAutoRun"=hex:ff,ff,ff,03
"NoDrives"=dword:00000000
"NoViewOnDrive"=dword:00000000
"NoLogoff"=dword:00000000
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
 
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
 
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
 
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AOL Fast Start"="\"C:\\Program Files\\America Online 9.0\\Email RemovedEXE\" -b"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1"
"Registry Cleaner"="\"C:\\Program Files\\TPT Registry_Cleaner (Trial)\\regclean.exe\""
@=""
"LDM"="\\Program\\"
"LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Norton SystemWorks"="\"C:\\Program Files\\Norton SystemWorks\\cfgwiz.exe\" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"nwiz"="nwiz.exe /install"
"AOL Spyware Protection"="\"C:\\PROGRA~1\\COMMON~1\\AOL\\AOLSPY~1\\AOLSP Scheduler.exe\""
"SoundMan"="SOUNDMAN.EXE"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"NeroCheck"="C:\\WINDOWS\\System32\\\\NeroCheck.exe"
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1126634133\\ee\\AOLSoftware.exe"
"mmtask"="\"C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mmtask.exe\""
"mm_server"="\"C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_server.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"!ewido"="\"C:\\Documents and Settings\\Randy\\Desktop\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\"  -osboot"
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
"MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~2\\mimboot.exe"
"MMTray"="C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"AOLDialer"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"
"IPHSend"="C:\\Program Files\\Common Files\\AOL\\IPHSend\\IPHSend.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
@=""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"Launch LGDCore"="\"C:\\Program Files\\Logitech\\G-series Software\\LGDCore.exe\" /SHOWHIDE"
"Launch LCDMon"="\"C:\\Program Files\\Logitech\\G-series Software\\LCDMon.exe\""
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk.disabled"
"item"="Adobe Reader Speed Launch.lnk"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\America Online 9.0 Tray Icon.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\America Online 9.0 Tray Icon.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\America Online 9.0 Tray Icon.lnk.disabled"
"item"="America Online 9.0 Tray Icon.lnk"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CleanSweep Smart Sweep-Internet Sweep.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\CleanSweep Smart Sweep-Internet Sweep.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\CleanSweep Smart Sweep-Internet Sweep.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\CleanSweep Smart Sweep-Internet Sweep.lnk.disabled"
"item"="CleanSweep Smart Sweep-Internet Sweep.lnk"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Logitech Desktop Messenger.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\Logitech Desktop Messenger.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Logitech Desktop Messenger.lnk.disabled"
"item"="Logitech Desktop Messenger.lnk"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Logitech SetPoint.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\Logitech SetPoint.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Logitech SetPoint.lnk.disabled"
"item"="Logitech SetPoint.lnk"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk.disabled"
"item"="Microsoft Office.lnk"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PKZIP Attachments Status.lnk.disabled]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\PKZIP Attachments Status.lnk.disabled"
"backup"="C:\\WINDOWS\\pss\\PKZIP Attachments Status.lnk.disabledCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\PKZIP Attachments Status.lnk.disabled"
"item"="PKZIP Attachments Status.lnk"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AOLDial"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"
"inimapping"="0"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RealPlay"
"hkey"="HKLM"
"command"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"inimapping"="0"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL TopSpeedMonitor"=dword:00000002
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
 

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Spybot - Search & Destroy -  Scheduled Task.job
 
Completion time: 06-12-25 14:30:18.68
C:\ComboFix.txt ... 06-12-25 14:30

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 02:42:39 PM

My computer keeps rebooting at various time for no known reason.

Title: something is WRONG Guestolo
Post by: guestolo on December 25, 2006, 03:30:11 PM

Wow, you must be the king of disabling startup entries  /wink.gif\' class=\'bbc_emoticon\' alt=\';)\' />
What do you use to disable startup entries, just 'msconfig' alone?

Quote

I also ran a Check it diagnostic and it failed the memory test

What is it that you exactly ran?

Can you do the following
Right click the MyComputer icon>>left click Properties
Advanced tab>>Settings under Startup and Recovery
Uncheck "Automatically Restart" under System Failure
Click OK>>APPLY>>OK

Maybe the next time your system wants to Restart, it will blue screen instead
If it does, can you post a fresh hijackthis log back here please
I mean, can you post back the exact error message on the blue screen

Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 06:35:05 PM

&Smith Micro Home Page | http://www.smithmicro.com (http://\"http://www.smithmicro.com\") |
&CheckIt Home Page | http://www.smithmicro.com/checkit (http://\"http://www.smithmicro.com/checkit\") |
&Technical Support Home Page | http://www.symantec.com/techsupp/ (http://\"http://www.symantec.com/techsupp/\") |
 
It came with the computer. It runs and test memory, video, the hard drive and some other stuff also.
 
And YEAH, I use spybot start up and also msconfig, LOL
 
Here is log you requested:
 
Ad-Aware SE Personal
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.7
Adobe® Photoshop® Album Starter Edition 3.0
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Explorer
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
AOL You\'ve Got Pictures Screensaver
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
AVG Free Edition
Belkin Gigabit Ethernet
CheckIt Diagnostics
CleanUp!
FileZilla (remove only)
HijackThis 1.99.1
HLSW v1.0.0.48
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
J2SE Runtime Environment 5.0 Update 9
Lernout & Hauspie TruVoice American English TTS Engine
Logitech G-series Keyboard Software
Logitech QuickCam
Logitech SetPoint
Logitech® Camera Driver
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Disc 2
Microsoft Office 2000 SR-1 Professional
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
mIRC
QuickTime
RealPlayer
Realtek AC\'97 Audio
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
Steam
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Ventrilo Client
VideoLAN VLC media player 0.8.5
Windows Defender
Windows Defender Signatures
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver


It won\'t let me uncheck auto restart button

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 06:50:07 PM

Ok its unchecked. Don't know why it didn't let me at first.

Could this be a hardware problem instead? Like maybe one of my sticks of ram or maybe my cpu chip? Reason being that when downloading a map for my game I play its not letting me enter afterwards because it says map differs from server. And then I have the recuring reboot problem.

Title: something is WRONG Guestolo
Post by: guestolo on December 25, 2006, 07:11:27 PM

Let's first try and clear some entries from your computer
Can you NOT disable anything else on startup for a bit

Looks like you install and uninstall programs and entries get left behind
Again, I have to have you do the following

First off
Disable your Realtime protections, this includes Windows Defender and Spybot
Window's Defender
Open Windows Defender.
Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.

Open Spybot and click on Mode and check Advanced Mode
Check yes to next window.
Click on Tools in bottom left hand corner.
Click on Resident icon.
Uncheck Teatimer box.
Click Allow Change box if prompted

Stay in Spybot
Under System Startup, recheck EVERYTHING that you disabled previously

Go to START>>RUN>>type in msconfig
Hit OK
Under the SERVICES tab>>Enable ALL>>Apply it
Under the STARTUP   tab>>Enable ALL>>Apply it
Under the GENERAL   tab>>Ensure NORMAL startup is Selected
APPLY it then CLOSE

Reboot your computer

Come back here and post a fresh hijackthis log
You know the routine, keep EVERYTHNG enabled on startup
If you are using any additional tools to disable anything, reenable them too before rebooting

After you post the new hijackthis log
Run Combofix again, post the new log that opens

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 08:06:09 PM

Logfile of HijackThis v1.99.1
Scan saved at 8:05:13 PM, on 12/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Common Files\AOL\1126634133\ee\AOLSoftware.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\program files\valve\steam\steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\ManifestEngine.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\America Online 9.0\wEmail Removedexe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Documents and Settings\Randy\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp_adb.../search/ie.html (http://\"http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sb/*http://www.yahoo.com/search/ie.html\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp_adb...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sp/*http://www.yahoo.com\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eightballclan.branzone.com/admi...ator/index2.php (http://\"http://www.eightballclan.branzone.com/administrator/index2.php\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [!ewido] "C:\Documents and Settings\Randy\Desktop\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1126634133\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [mm_server] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_server.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\TPT Registry_Cleaner (Trial)\regclean.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled
O4 - Global Startup: America Online 9.0 Tray Icon.lnk.disabled
O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk.disabled
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O4 - Global Startup: Logitech SetPoint.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk.disabled
O4 - Global Startup: PKZIP Attachments Status.lnk.disabled
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: *.eightballclan.com
O15 - Trusted Zone: *.tpgleague.org
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 08:10:39 PM

Randy - 06-12-25 20:06:54.31    Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Randy\Desktop"

(((((((((((((((((((((((((((((((   Files Created from 2006-11-25 to 2006-12-25  ))))))))))))))))))))))))))))))))))
 
 
2006-12-25   11:46   79,360   --a------   C:\WINDOWS\system32\swxcacls.exe
2006-12-25   11:46   51,200   --a------   C:\WINDOWS\system32\dumphive.exe
2006-12-25   09:17   53,248   --a------   C:\WINDOWS\system32\Process.exe
2006-12-25   09:17   40,960   --a------   C:\WINDOWS\system32\swsc.exe
2006-12-25   09:17   288,417   --a------   C:\WINDOWS\system32\SrchSTS.exe
2006-12-25   09:17   135,168   --a------   C:\WINDOWS\system32\swreg.exe
2006-12-20   05:31   <DIR>   d--------   C:\Program Files\Windows Media Connect 2
2006-12-20   05:29   <DIR>   d--------   C:\WINDOWS\system32\drivers\UMDF
2006-12-19   21:14   10,920   --a------   C:\aolconnfix.exe


((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-12-25 19:59   --------   d--------   C:\Documents and Settings\Randy\Application Data\AVG7
2006-12-24 15:29   --------   d--------   C:\Program Files\mIRC
2006-12-23 15:14   --------   d--------   C:\Program Files\CleanUp!
2006-12-20 05:31   --------   d--------   C:\Program Files\Windows Media Player
2006-12-14 11:00   --------   d--------   C:\Program Files\WinRAR
2006-12-13 23:00   --------   d--------   C:\Program Files\Outlook Express
2006-12-13 23:00   --------   d--------   C:\Program Files\Common Files\System
2006-12-12 10:03   --------   d--------   C:\Program Files\America Online 9.0
2006-11-30 15:56   --------   d--------   C:\Program Files\Common Files\AOL
2006-11-25 21:47   --------   d--------   C:\Program Files\HLSW
2006-11-22 10:52   520192   ---------   C:\WINDOWS\system32\ati2sgag.exe
2006-11-21 22:25   2829824   --a------   C:\WINDOWS\system32\drivers\ati2mtag.sys
2006-11-21 22:25   261120   --a------   C:\WINDOWS\system32\ati2dvag.dll
2006-11-21 22:20   118784   --a------   C:\WINDOWS\system32\atipdlxx.dll
2006-11-21 22:20   106496   --a------   C:\WINDOWS\system32\Oemdspif.dll
2006-11-21 22:19   90112   --a------   C:\WINDOWS\system32\ati2evxx.dll
2006-11-21 22:19   42496   --a------   C:\WINDOWS\system32\ati2edxx.dll
2006-11-21 22:19   26112   --a------   C:\WINDOWS\system32\Ati2mdxx.exe
2006-11-21 22:18   430080   --a------   C:\WINDOWS\system32\ati2evxx.exe
2006-11-21 22:17   53248   --a------   C:\WINDOWS\system32\ATIDDC.DLL
2006-11-21 22:12   2526688   --a------   C:\WINDOWS\system32\ati3duag.dll
2006-11-21 22:11   5279744   --a------   C:\WINDOWS\system32\atioglxx.dll
2006-11-21 22:08   1090016   --a------   C:\WINDOWS\system32\ativvaxx.dll
2006-11-21 21:57   217088   --a------   C:\WINDOWS\system32\atikvmag.dll
2006-11-21 21:56   17408   --a------   C:\WINDOWS\system32\atitvo32.dll
2006-11-21 21:51   294912   --a------   C:\WINDOWS\system32\ati2cqag.dll
2006-11-21 21:50   6684672   --a------   C:\WINDOWS\system32\atioglx1.dll
2006-11-21 21:49   307200   --a------   C:\WINDOWS\system32\atiiiexx.dll
2006-11-21 21:21   303104   --a------   C:\WINDOWS\system32\ATIDEMGR.dll
2006-11-16 11:44   33592   --a------   C:\WINDOWS\system32\drivers\atwpkt264.sys
2006-11-16 11:44   25136   --a------   C:\WINDOWS\system32\drivers\atwpkt2.sys
2006-11-16 11:44   103984   --a------   C:\WINDOWS\system32\AOLDial.dll
2006-11-13 01:20   --------   d--------   C:\Program Files\Internet Explorer
2006-11-08 00:06   679424   --a------   C:\WINDOWS\system32\inetcomm.dll
2006-11-04 16:28   --------   d--------   C:\Program Files\Grisoft
2006-11-04 12:14   --------   d--------   C:\Program Files\Logitech
2006-11-04 09:57   --------   d--------   C:\Program Files\Spybot - Search & Destroy
2006-11-02 12:29   816672   --a------   C:\WINDOWS\system32\drivers\avg7core.sys
2006-10-28 22:23   --------   d--------   C:\Program Files\SpywareBlaster
2006-10-27 15:09   6049280   ---------   C:\WINDOWS\system32\ieframe.dll
2006-10-27 15:09   50688   ---------   C:\WINDOWS\system32\msfeedsbs.dll
2006-10-27 15:09   458752   ---------   C:\WINDOWS\system32\msfeeds.dll
2006-10-27 15:09   413696   --a------   C:\WINDOWS\system32\vbscript.dll
2006-10-27 15:09   231424   --a------   C:\WINDOWS\system32\webcheck.dll
2006-10-27 15:09   180736   ---------   C:\WINDOWS\system32\ieui.dll
2006-10-27 15:09   156160   --a------   C:\WINDOWS\system32\msls31.dll
2006-10-27 02:44   71680   --a------   C:\WINDOWS\system32\admparse.dll
2006-10-27 02:44   55296   --a------   C:\WINDOWS\system32\iesetup.dll
2006-10-27 02:44   54784   --a------   C:\WINDOWS\system32\ie4uinit.exe
2006-10-27 02:44   43008   --a------   C:\WINDOWS\system32\iernonce.dll
2006-10-27 02:44   382976   --a------   C:\WINDOWS\system32\iedkcs32.dll
2006-10-27 02:44   229376   --a------   C:\WINDOWS\system32\ieaksie.dll
2006-10-27 02:44   152064   --a------   C:\WINDOWS\system32\ieakeng.dll
2006-10-27 02:44   13312   --a------   C:\WINDOWS\system32\ieudinit.exe
2006-10-27 02:44   123904   --a------   C:\WINDOWS\system32\advpack.dll
2006-10-27 02:42   161792   --a------   C:\WINDOWS\system32\ieakui.dll
2006-10-19 08:56   713216   --a------   C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58   8704   --a------   C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:47   99840   --a------   C:\WINDOWS\system32\wmpshell.dll
2006-10-18 21:47   991744   --a------   C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47   937984   --a------   C:\WINDOWS\system32\WMNetMgr.dll
2006-10-18 21:47   8231936   --a------   C:\WINDOWS\system32\wmploc.dll
2006-10-18 21:47   767488   ---------   C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47   757248   --a------   C:\WINDOWS\system32\WMADMOD.dll
2006-10-18 21:47   7168   --a------   C:\WINDOWS\system32\asferror.dll
2006-10-18 21:47   656896   ---------   C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47   63488   --a------   C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47   629760   --a------   C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47   613376   ---------   C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47   603648   --a------   C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47   542720   --a------   C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47   535040   ---------   C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47   429056   --a------   C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47   414208   --a------   C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47   4096   --a------   C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47   38400   ---------   C:\WINDOWS\system32\wpdshextres.dll
2006-10-18 21:47   37376   --a------   C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47   35840   --a------   C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47   356352   --a------   C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47   348672   --a------   C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47   33792   --a------   C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47   321536   --a------   C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47   317440   ---------   C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47   314880   --a------   C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47   295936   ---------   C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47   284160   ---------   C:\WINDOWS\system32\PortableDeviceApi.dll
2006-10-18 21:47   276992   --a------   C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47   27136   --a------   C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47   2603008   ---------   C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47   259072   ---------   C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 21:47   259072   ---------   C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 21:47   2450944   --a------   C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47   242688   --a------   C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47   229376   --a------   C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47   222208   --a------   C:\WINDOWS\system32\WMASF.dll
2006-10-18 21:47   212992   ---------   C:\WINDOWS\system32\MFPLAT.dll
2006-10-18 21:47   211456   --a------   C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47   204288   --a------   C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47   199168   ---------   C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47   179712   --a------   C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47   175616   --a------   C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47   166912   ---------   C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-10-18 21:47   1661440   --a------   C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47   1574912   ---------   C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47   157184   --a------   C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47   154624   --a------   C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47   1543680   ---------   C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 21:47   1382912   ---------   C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47   133632   ---------   C:\WINDOWS\system32\WPDShServiceObj.dll
2006-10-18 21:47   1329152   --a------   C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47   132096   ---------   C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47   130048   ---------   C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47   11264   --a------   C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47   1117696   --a------   C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47   101888   ---------   C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03   100864   --a------   C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00   249856   ---------   C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00   17408   ---------   C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 13:06   78336   --a------   C:\WINDOWS\system32\ieencode.dll
2006-10-17 13:05   40960   --a------   C:\WINDOWS\system32\licmgr10.dll
2006-10-17 13:05   206336   ---------   C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 13:05   105984   --a------   C:\WINDOWS\system32\url.dll
2006-10-17 13:04   101376   --a------   C:\WINDOWS\system32\occache.dll
2006-10-17 13:03   17408   --a------   C:\WINDOWS\system32\corpol.dll
2006-10-17 12:58   61952   ---------   C:\WINDOWS\system32\icardie.dll
2006-10-17 12:58   12288   ---------   C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 12:57   36352   --a------   C:\WINDOWS\system32\imgutil.dll
2006-10-17 12:57   266752   ---------   C:\WINDOWS\system32\iertutil.dll
2006-10-17 12:56   45568   --a------   C:\WINDOWS\system32\mshta.exe
2006-10-17 12:28   48128   --a------   C:\WINDOWS\system32\mshtmler.dll
2006-10-17 12:27   380928   ---------   C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 07:35   142336   --a------   C:\WINDOWS\system32\nwprovau.dll
2006-10-02 15:28   312128   ---------   C:\WINDOWS\system32\msdelta.dll
2006-09-28 20:13   95344   ---------   C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-09-28 18:56   55808   ---------   C:\WINDOWS\system32\WudfSvc.dll
2006-09-28 18:56   316416   ---------   C:\WINDOWS\system32\WUDFx.dll
2006-09-28 18:56   165376   ---------   C:\WINDOWS\system32\WudfPlatform.dll
2006-09-28 18:56   146432   ---------   C:\WINDOWS\system32\WudfHost.exe
2006-09-25 17:58   23856   --a------   C:\WINDOWS\system32\spupdsvc.exe
 
 
((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Steam"="\"c:\\program files\\valve\\steam\\steam.exe\" -silent"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
@=""
"LDM"="\\Program\\"
"LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Norton SystemWorks"="\"C:\\Program Files\\Norton SystemWorks\\cfgwiz.exe\" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz"
"Registry Cleaner"="\"C:\\Program Files\\TPT Registry_Cleaner (Trial)\\regclean.exe\""
"updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
@=""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"!ewido"="\"C:\\Documents and Settings\\Randy\\Desktop\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"AOL Spyware Protection"="\"C:\\PROGRA~1\\COMMON~1\\AOL\\AOLSPY~1\\AOLSP Scheduler.exe\""
"AOLDialer"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1126634133\\ee\\AOLSoftware.exe"
"Launch LCDMon"="\"C:\\Program Files\\Logitech\\G-series Software\\LCDMon.exe\""
"Launch LGDCore"="\"C:\\Program Files\\Logitech\\G-series Software\\LGDCore.exe\" /SHOWHIDE"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~2\\mimboot.exe"
"mm_server"="\"C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_server.exe\""
"mmtask"="\"C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mmtask.exe\""
"MMTray"="C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe"
"NeroCheck"="C:\\WINDOWS\\System32\\\\NeroCheck.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"nwiz"="nwiz.exe /install"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SoundMan"="SOUNDMAN.EXE"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\"  -osboot"
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000004

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoDriveAutoRun"=hex:ff,ff,ff,03
"NoDrives"=dword:00000000
"NoViewOnDrive"=dword:00000000
"NoLogoff"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL TopSpeedMonitor"=dword:00000002

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]   
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

 
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Spybot - Search & Destroy -  Scheduled Task.job

Completion time: 06-12-25 20:09:53.89
C:\ComboFix.txt ... 06-12-25 20:09
C:\ComboFix2.txt ... 06-12-25 14:30

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 08:13:27 PM

LOL my task bar looks like a Christmas tree. Hope this gives you a full look and see:)

After I rebooted a bunch of errors popped up:

error loading C:\window\system32\NvCpl.dll

error C:\windows32\NvMctray.dll

Real player error

And Java wanted to update but it failed.

Wow, guess I screwed up all this time by shutting all that stuff off. I take my online gaming very seriously so I just want full power running my game.

Title: something is WRONG Guestolo
Post by: guestolo on December 25, 2006, 08:33:09 PM

It appears that some entries you had disabled no longer are installed

Can you do the following
Check and see if this folder exists
C:\Program Files\TPT Registry_Cleaner (Trial) <-folder

Also appears you uninstalled everything to do with Symantec's
This includes AV>>System Works>>CleanSweep
Can you verify that please

Also appears you uninstalled Ewido and/or AVG anti-spyware
Can you verify that
Then we'll clean some of those entries from startup
Just let me know the above
Again, at this point DON'T use msconfig or Spybot

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 08:46:27 PM

No TPT Registry_Cleaner in there brother.

Yes removed all Symantec's

AVG anti-spyware was removed because you had me install Spyblaster and the free version of AVG virus detection.

Didn't think I needed Ewido anylonger. LOL do I?

Title: something is WRONG Guestolo
Post by: guestolo on December 25, 2006, 09:16:51 PM

Let's do some clearing and see what we're left with afterwards
Let's get you the latest version of Sun Java
==Download the latest version of  Java Runtime Environment (JRE) 6 (http://\"http://java.sun.com/javase/downloads/index.jsp\")

• Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  
• Click the "Download" button to the right.
  
• Check the box that says: "Accept License Agreement[/i]".
  
• The page will refresh.
• Click on the link to download Windows Offline Installation Multi-language
  

Save the file to your Desktop.
Don't install it yet

Open your Windows control panel and double click to open the Java icon
Under the General tab, Select Delete Files>>Keep all 3 selections checked and hit OK
Exit out of Java afterwards

Access your add/remove programs and remove
J2SE Runtime Environment 5.0 Update 9

Afterwards
Can you do the following
Create a .reg file for me
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as fix.reg

Save this file on the desktop
Ensure to copy from REGEDIT4 and down in the code box

 

Code: [Select]

REGEDIT4

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"LDM"=-
"Norton SystemWorks"=-
"Registry Cleaner"=-
"LogitechSoftwareUpdate"=-
"updateMgr"=-

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"!AVG Anti-Spyware"=-
"!ewido"=-
"ccApp"=-
"MimBoot"=-
"mm_server"=-
"mmtask"=-
"MMTray"=-
"NvCplDaemon"=-
"NvMediaCenter"=-
"nwiz"=-
"QuickTime Task"=-
"Symantec NetDriver Monitor"=-
"TkBellExe"=-
"RealTray"=-

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"=-

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"ALUAlert"=-

Double click on fix.reg and allow to add/merge to the registry at the prompt

Do a "System scan only" with Hijackthis and put a check next to these entries:

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled
O4 - Global Startup: America Online 9.0 Tray Icon.lnk.disabled
O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk.disabled
O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled
O4 - Global Startup: Logitech SetPoint.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk.disabled
O4 - Global Startup: PKZIP Attachments Status.lnk.disabled


After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis


Reboot the computer
Back in Windows

Double click on the JAVA installer and follow the prompts for installation
After it is installed, you can delete the installer from desktop
The updater to Java is not that reliable
Go into your windows control panel and double click to open the Java Icon
Under the Updater tab
Uncheck "Check for Updates Automatically"
Select NEVER when prompting when to check
Apply it and exit out of there
Check for updates manually about every month

Post back a fresh hijackthis log
Let's see what it looks like

Title: something is WRONG Guestolo
Post by: Mr Bell on December 25, 2006, 11:17:32 PM

Can not locate JAVA installer in windows. If its the one on my desk top it wants to know what program to open with.

Also I made a bit of mistake. When I ticked those entries I forgot to close open windows including this one.

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 07:37:44 AM

Bump

Morning Guestolo

Title: something is WRONG Guestolo
Post by: guestolo on December 26, 2006, 12:07:32 PM

Can you verify that the installer for Java on desktop is
jre-6-windows-i586.exe

That exact name please

Also, can you ensure you rebooted the computer and post a fresh hijackthis log

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 12:27:56 PM

This is what is on my desk top as description: 1167101224923-integrated.jnlp

Here is new log:

Logfile of HijackThis v1.99.1
Scan saved at 12:20:54 PM, on 12/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\AOL\1126634133\ee\AOLSoftware.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\program files\valve\steam\steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\America Online 9.0\wEmail Removedexe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Documents and Settings\Randy\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp_adb.../search/ie.html (http://\"http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sb/*http://www.yahoo.com/search/ie.html\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp_adb...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sp/*http://www.yahoo.com\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eightballclan.branzone.com/admi...ator/index2.php (http://\"http://www.eightballclan.branzone.com/administrator/index2.php\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1126634133\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: *.eightballclan.com
O15 - Trusted Zone: *.tpgleague.org
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

I'm some what on the deressed side today. I couldn't get on my game last night for one thing. And I think one of these sticks of ram is bad (not sure though). I removed two of them (256) and left the 512 ones in and started computer and it went blue screen. Course then I just put them all back and here we are. So how do I tell which one is bad when we get to that point if thats the problem?

Title: something is WRONG Guestolo
Post by: guestolo on December 26, 2006, 12:50:27 PM

Quote

This is what is on my desk top as description: 1167101224923-integrated.jnlp

Can you delete that file on desktop
Did you download the Windows OFFLINE installation as I mentioned earlier??

Try these instructions
Download the Windows OFFLINE installer from this link
Java Runtime Environment Version 5.0 Update 10 (http://\"http://www.java.com/en/download/manual.jsp\")

Save it too desktop, when you have it saved to desktop it should have the Exact name of
jre-1_5_0_10-windows-i586-p-s.exe

Double click to install and follow the prompts

Let me know if that works

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 01:45:34 PM

Ok I'll begin that as soon as I give you this new info.

It went Blue screen again. As follows:

A problem has been detected and windows has been shut down to prevent damage to your computer.
IRQL_Not_less_or_equal

If this is the first time you've seen this stop error screen restrat your computer. If this screen appears again follow these steps. Check to make sure any new hardware or software is properly installed. If this is a new installation, ask your hardware or software Manufacterer for any windows update you might need.

If problem continues, diable or remove any newly installed hardwar or software. Disable BIOS memory option such as caching or shadowing. If you need to use safe mode to remove or diable components, restart your computer, pressF8 to select advanced startup options and select safemode.
Technical infomation: *** Stop: 0x0000000A (0x00000020, 0x00000002, 0x00000000, 0x804FB337)

Begining dump of physical memory
Physical memory dump complete.
Contact system administraor or Tech support

Title: something is WRONG Guestolo
Post by: guestolo on December 26, 2006, 03:03:47 PM

Can I just check on something
Navigate to the following folder
C:\Windows\Minidump

Open the Minidump folder
Look for the latest dump file
Should look something like Mini122606-**.dmp

Can you right click on it and zip it up (compress)
So then you have something like Mini122606.zip
Come back here and upload it to a reply

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 04:07:39 PM

That was painful, and no cigar. Lots of logs in there, WOW. Could not find.
I used the search and found a:

WRITEMINIDUMP.exe-OED2E windows\prefetch file  9kb 12/26/06

Writeminidump.exe C:Programs files\Valve\steam  240kb 12/26/06 This is from my game I play and it usually happens (reboot) when starting.

Title: something is WRONG Guestolo
Post by: guestolo on December 26, 2006, 04:30:30 PM

I've got no idea what your talking about  /blink.gif\' class=\'bbc_emoticon\' alt=\':blink:\' />
You don't have a Minidump folder?
I only want to see a log from the Minidump folder, and that's it!

Remember I said

Quote

Should look something like Mini122606-**.dmp

I didn't say it would look Exactly like that, these nos. are the date of the dump
122606

I want one close to that date
Double click to Open MYComputer icon
Open Local Disk C:
Open the Windows folder
Open the Minidump folder

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 05:41:21 PM

Its saying I'm not allowed to upload the file? Please have patience with me on this. I've never zipped a folder and sent one before. I think I found the exact one you need to look at.

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 05:44:52 PM

Ok like I found the file. I sent a copy to desk top. Then I zipped it. Then in the forum I uploaded it and it looked like it was going through but then I got the NOT allowed to send thing back

And its not in a floder. Its MEMORY.DMP with a folded corner on it

Title: something is WRONG Guestolo
Post by: guestolo on December 26, 2006, 06:19:27 PM

Again, I'm not quite sure what your saying

Inside the Minidump folder should be a .dmp file with todays date on it
Copy>>paste that file to desktop

Then zip it up and upload it
Instructions
# Right click the file you want to compress.
# Choose Send To
# Slide Right and choose Compressed (zipped) folder
# Allow the file to compress.
# You should now see an icon with the same name plus a Zip

    * It may even have a zipper on the folder.

# This is the compressed file that you want to upload

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 06:35:28 PM

[attachment=2260:Shortcut...2EAE5.pf.zip]

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 06:39:30 PM

REMOVED, as you attached a Shortcut and not the actual file itself
<guestolo>

Title: something is WRONG Guestolo
Post by: guestolo on December 26, 2006, 06:40:17 PM

Can you just do me a favor
You uploaded a dumpfile from the prefetch folder
I don't want to see that

DO THE FOLLOWING
Before we go any further, and waste our times
I asked you to do this before

Double click to Open MYComputer icon
Open Local Disk C:
Open the Windows folder
Do you see a  Minidump folder?????

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 07:12:56 PM

NO, I do not sir. I saw the one I sent you that ended with .bmp and thought that might be it. I will look again but I fear it is not there.

SORRY

Would it be a good idea at this point to ask you to diagnose my computer from your location?

Title: something is WRONG Guestolo
Post by: guestolo on December 26, 2006, 07:25:18 PM

Right click MyComputer
Left click Properties
Click the ADVANCED tab>>Click SETTINGS under Startup and Recovery
Under system failure
Let me know which items are checked
Also

Under "Write debugging information"
What settings do you have and where is the Small dump directory location at?

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 07:29:48 PM

It says NONE. Guess thats why there is no log. Which one would you like me to set it at. Small or complete. Then after that I can make it dump if I try and go into my game.

Title: something is WRONG Guestolo
Post by: guestolo on December 26, 2006, 07:46:44 PM

Set to Small

Quote

Then after that I can make it dump if I try and go into my game.

Do you only get a Crash on the computer when you try and play the game?

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 08:03:09 PM

Pretty much just when I play the game. But it has dumped on other occations.

I was playing regular Day of defeat. But Day of defeat also has Day of defeat source. This is pretty much when all the problems started when I down loaded the newer version. Graphics are very demanding on the computer. That's one of the reasons I had everything shut off so I could get Max FPS in game.

I'm going to go and dump it now.

And to answer an earlier question you had, yes I installed Java (offline version)

Title: something is WRONG Guestolo
Post by: Mr Bell on December 26, 2006, 10:18:40 PM

I have to call it a day. I need to get up at 4:00am and start a brutel 200 yard comercial swimming pool. Shotcrete is brutal work. This more then likely going to be a two day job.

I am going to try and get on tomorrow when I get home and pick up from there. I might not be worth a dam but I'll give it my best.

Thank you for your patience with me today. And just to let you know before I went into the game I had to re-download it because I had a suspicion that maybe when I down loaded the newer version last week I might have had damged files. Your question about when all this started made me think that. And now it is only down loading at like 30 kb/s. So I need to also call my cable company because I'm paying for 10mg high speed and I should be able to DL at like 400 kb/s shouldn't I??? Anyway have a good day and talk to you tomorrow.

Thanks
Randy

Title: something is WRONG Guestolo
Post by: Mr Bell on December 27, 2006, 05:49:42 PM

Here is the dump folder you need:

[attachment=2278:Shortcut...Minidump.zip]

Title: something is WRONG Guestolo
Post by: guestolo on December 27, 2006, 07:21:03 PM

Nope, don't think you quite got the grasp of it yet
I may not be able to help here, I'll just have to guess that it is outdated video drivers or some driver issue

You do realize what you uploaded to me, don't you?
Shortcut_to_Minidump.zip

All you uploaded was a Shortcut, how come?

Are you reading what I'm posting to you  /tongue.gif\' class=\'bbc_emoticon\' alt=\':P\' />

Let me try this one more time, if it won't work, not sure what we can do here
I just want to do this in steps as it seems to be confusing to you

Open MyComputer>>Local Disk C:>>Windows>>Minidump

Do you see any files in the Minidump folder?
Don't upload nothing, just let me know what you see in there

Title: something is WRONG Guestolo
Post by: Mr Bell on December 27, 2006, 10:21:06 PM

Yes this time I opened the folder. One is called mini 122606-01.dmp the other one is mini 122606 02.dmp-02

It crashed twice when I got home from work. Then I crashed for about two hour from exhaustion from work.

When I zipped the folder I forgot to open it first didn't I. So what do i need to do exactly to make thisd happen right?

Title: something is WRONG Guestolo
Post by: Mr Bell on December 27, 2006, 10:35:40 PM

[attachment=2279:Mini122706_01.zip]Lets see if I do it right this time./smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />

Title: something is WRONG Guestolo
Post by: guestolo on December 27, 2006, 11:27:27 PM

That's better, but this can be a trial and error thing
Have you updated any Video drivers lately or any other drivers?
Did you get them from the Manufacturer or from Windows Update
This is the first route, when was the last time you updated your video drivers???

Memory corruption also indicated
You may want to run a memory test, this can take awhile
Take a look at this link
http://www.memtest.org/ (http://\"http://www.memtest.org/\")

There are different options
If you want to run it from a CD
Select the Download - Pre-Compiled Bootable ISO (.zip)
Unzip the file and burn the ISO image file to CD

Reboot with the CD in the computer
Set bios to boot from CD first
Run the tests......

If your computer continues to crash, can you upload a couple of dump files
Not the one you just uploaded, but 2 different new ones
It's difficult analyzing just one of them

Title: something is WRONG Guestolo
Post by: Mr Bell on December 27, 2006, 11:40:25 PM

My cd burner doesn't work remember. I have an external cd drive. But is there another memory test I can do.

Is there a way you can diagnose my computer from your location. If I have to have it looked at I just as well would trust you more then someone else.

The thing on updating my video driver I thought it wasn't to long ago but I'll try updating it now i guess.

Title: something is WRONG Guestolo
Post by: guestolo on December 28, 2006, 12:11:32 AM

You can run the memtest from a floppy also,
There is a link on that page for floppy format
 but it won't be as quick, and it takes awhile anyways
I would get a friend to burn it for you

I can't do that from my side, you need to reboot and run it before windows loads

But I would look into your Video drivers first
DON'T download them from Windows updates
Get the latest from ATI's website or manuf. of your computer
Have you updated any other drivers before this issue started?

Did the blue screen only happen when you played the game this time
Do you meet system requirements?

I also would like to add one step to ensure it's not a driver issue
Can you also go to START>>RUN
type in verifier.exe
Hit OK

In the Driver Verifier manager
Ensure the following are selected
Create standard settings >click Next
Select Automatically select all drivers installed on this computer>>Click Finish
To activate verifier you now need to Reboot the computer

Back in Windows it will start verifying drivers, and it will/may Blue screen again
If it does, upload the dumpfile

NOTE: If you have trouble booting into Normal Windows and it Blue screens before Windows loads
Take note of the driver name it's having problems with
You can still boot into Safe mode
While in safe mode
You can than go to start>>run>type in
verifier.exe

In Verifier select "Delete Existing Settings">>Click Finish
Reboot the computer to Normal windows
I would like to see a dumpfile with verifier enabled after it blue screens however

Title: something is WRONG Guestolo
Post by: Mr Bell on December 28, 2006, 04:23:08 PM

I did the steps regarding verifier.exe  now i cannot get into windows after rebooting; just to blue screen

Title: something is WRONG Guestolo
Post by: Mr Bell on December 28, 2006, 05:56:07 PM

Hold thr presses. I took out all the sticks of ram leaving one. IT REBOOTED. I am going to send several dump files.

Title: something is WRONG Guestolo
Post by: Mr Bell on December 28, 2006, 05:59:47 PM

Here they are. I am going to send them one at a time if you don't mind.[attachment=2283:Mini122806_03.zip]

Title: something is WRONG Guestolo
Post by: Mr Bell on December 28, 2006, 06:01:02 PM

[attachment=2284:Mini122806_05.zip]

Title: something is WRONG Guestolo
Post by: Mr Bell on December 28, 2006, 06:05:29 PM

[attachment=2285:Mini122806_07.zip]

Title: something is WRONG Guestolo
Post by: Mr Bell on December 28, 2006, 06:22:15 PM

[attachment=2286:Mini122806_11.zip]

Title: something is WRONG Guestolo
Post by: guestolo on December 30, 2006, 12:22:07 PM

There's nothing definitive in those logs
Do you have all your Drivers updated?

By the way, did you read this earlier, or am I typing just for practice  /blink.gif\' class=\'bbc_emoticon\' alt=\':blink:\' />
Because I know from experience you can still get to safe mode

Quote

Back in Windows it will start verifying drivers, and it will/may Blue screen again
If it does, upload the dumpfile

NOTE: If you have trouble booting into Normal Windows and it Blue screens before Windows loads
Take note of the driver name it's having problems with
You can still boot into Safe mode
While in safe mode
You can than go to start>>run>type in
verifier.exe

In Verifier select "Delete Existing Settings">>Click Finish
Reboot the computer to Normal windows
I would like to see a dumpfile with verifier enabled after it blue screens however

Did you happen to get Memtest86 burned to cd and check your Ram?
I can't do that on my end, that's up to you
You can try taking out all Ram, stick one it at a time and boot up the computer
By trial and error, see which is giving you trouble

Mr.Bell, what I would do however, with the problems you keep experiencing, CD drive not working, blue screens,etc..
You may want to backup and files>>Folders and do a Clean install\
How long you have this machine, Have you ever clean installed before?

Title: something is WRONG Guestolo
Post by: Mr Bell on December 31, 2006, 09:53:09 AM

You know from exsperience? You make me always laugh. Seriously I have a lot of fun on this forum. Your replies are always practical and funny. Your a cool dude and I dig that.

You can't reboot into safe mode when you have a couple of bad sticks of ram my brother from another mother. I went out and bought some and it seems to be ok.

I'm getting a new DVD rw draw and I'm installing it on Tuesday. I have never done a new clean install before. However, I do need to back up all my files. This computer is about 3 years old and I have a lot of Pics and music on it that would kill me to lose. What do you reccomend???

Title: something is WRONG Guestolo
Post by: guestolo on January 01, 2007, 06:04:44 PM

Hopefully, your blue screens are just the result of bad sticks of Memory

Yes, always backup, you never know when you will have to install and you can't get access to the files
I don't back up enough either, but I have more than one comp/ and or harddrive I keep duplicates files on
So in a way, I have most important things always backed up

Let me know how it goes with the new DVD please, curious if it was just the old drive that died

Title: something is WRONG Guestolo
Post by: Mr Bell on January 02, 2007, 07:03:56 PM

I certainly will update you on that. It hadn't arrived from FedX yet. I probably need to invest in a external hard drive to back up my entire computer.

Of course I would like to just get a new computer with all the bells and wistles. Its hard to compete in online gaming when people have dual video cards dual proscesors and all the bells and wistles. I'm pissed:)