| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 96536 | 2009-01-13 23:19:00 | BSOD | NZHawk (4093) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 738425 | 2009-01-13 23:19:00 | Can a virus / malware cause a BSOD? Computer can boot to safe mode. When booting to normal mode gets BSOD Diagnostics of hard drive & ram: ok unplugged all extra appliances: cd drive, extra usb /card ports.... Computer has no visual anti-virus program installed What are the standard procedures for the BSOD? |
NZHawk (4093) | ||
| 738426 | 2009-01-13 23:26:00 | Yup malware, or viruses / trojans can cause a BSOD Tell us what the BSOD says and if it shows the name of a file / driver what is it? |
Speedy Gonzales (78) | ||
| 738427 | 2009-01-13 23:32:00 | Ok technical information: STOP: 0x0000007E (0xC0000005, 0XEE85B750, 0XF7A1B42C, 0XF7A1B128) THANK YOU |
NZHawk (4093) | ||
| 738428 | 2009-01-13 23:35:00 | Ok. since it can boot into safe mode / select safe mode / network (if its on a network), get HJT and post a log And copy and paste it here Or put the hdd in a working system. And scan it |
Speedy Gonzales (78) | ||
| 738429 | 2009-01-13 23:45:00 | Okie dokie. I am going to take a short lunch break and I will back with you in 30-40min. Thank you |
NZHawk (4093) | ||
| 738430 | 2009-01-14 00:20:00 | I'm back! Here is the requested HJT Log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:17:45 p.m., on 14/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system\svchost.exe C:\WINDOWS\Explorer.EXE D:\2 Cleaning Tools\Hijack This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: UserInit=userinit.exe,C:\WINDOWS\system\svchost.ex e O2 - BHO: (no name) - {0A87E45F-537A-40B4-B812-E2544C21A09F} - (no file) O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file) O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.24.0\gears.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: (no name) - {052b12f7-86fa-4921-8482-26c42316b522} - (no file) O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Spinach AntiSpyware.lnk = C:\Program Files\Spinach AntiSpyware\AntiSpyware.exe O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - www.update.microsoft.com O18 - Protocol: bw+0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {46455EE4-0C6B-4473-BC7B-149B29ADA3A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: {03413bf7-e34c-445b-bfc0-a2b127255871} - incestuously - (no file) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.ex e O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Update Service (gupdate1c8f20b656d89fe) (gupdate1c8f20b656d89fe) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- End of file - 18012 bytes |
NZHawk (4093) | ||
| 738431 | 2009-01-14 00:32:00 | Disable system restore Uninstall Nvidia firewall for starters. its crap It'll be called NVIDIA ForceWare Network Access Manager Uninstall Symantec's as well Tick these then tick fix checked Close browsers This is probably malware / a trojan C:\WINDOWS\system\svchost.exe F2 - REG:system.ini: UserInit=userinit.exe,C:\WINDOWS\system\svchost.ex e O2 - BHO: (no name) - {0A87E45F-537A-40B4-B812-E2544C21A09F} - (no file) O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file) O3 - Toolbar: (no name) - {052b12f7-86fa-4921-8482-26c42316b522} - (no file) O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent Uninstall this O4 - Startup: Spinach AntiSpyware.lnk = C:\Program Files\Spinach AntiSpyware\AntiSpyware.exe O22 - SharedTaskScheduler: {03413bf7-e34c-445b-bfc0-a2b127255871} - incestuously - (no file) Uninstall all versions of Java, its out of date, then update it. Then reboot, get trojan remover and malwarebytes. Update both then scan |
Speedy Gonzales (78) | ||
| 738432 | 2009-01-14 00:41:00 | Doesn't look to bad -a few missing files and this here appears to be in the wrong place C:\WINDOWS\system\svchost.exe (should be in System32 - could be the nasty) You can remove : O2 - BHO: (no name) - {0A87E45F-537A-40B4-B812-E2544C21A09F} - (no file) O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file) O3 - Toolbar: (no name) - {052b12f7-86fa-4921-8482-26c42316b522} - (no file) O22 - SharedTaskScheduler: {03413bf7-e34c-445b-bfc0-a2b127255871} - incestuously - (no file) Note: could also be the problem) Go into Add/remove programs, dump out the Spinach antispyware - its as useless as a paper bag in a storm. Try using malware bytes in safe mode as well - if it doesn't locate anything or its still BSOD - then start in safe mode with command prompt - when it gets the CMD box type in chkdsk /r - let it run through. |
wainuitech (129) | ||
| 738433 | 2009-01-14 01:32:00 | I have made the adjustments & uninstallations. and am running the trojan remover and malwarebytes programs but, it is a nearly full 250Gb hard drive - so the scans will take some time. I figure I will report back much later today or tomorrow on the progress. Thank you for your help. |
NZHawk (4093) | ||
| 738434 | 2009-01-14 01:36:00 | Just scan with malwarebytes and TR. NOT the whole hdd They only scan certain areas of the registry etc It wont take so long. And select all options under utilities in TR as well |
Speedy Gonzales (78) | ||
| 1 2 | |||||