Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

physical memory dump


  • This topic is locked This topic is locked
24 replies to this topic

#1 ronfiveo

ronfiveo

  • Members
  • 147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:McAllen, Texas
  • Local time:08:17 AM

Posted 15 June 2011 - 04:11 PM

I am new here to Bleeping computer, so here goes.
a while back my puter was giving me a blue screen telling me that it had to be shutdown to save from damage...at the bottom of the screen it was
showing that it was doing a physical memory dump by a fast count up to 100.
It then restarted. I had to choose the start normally option when the black screen came up. (like shutting it off by using the power switch).
When it came on it then said that it could not boot properly and to insert the install (boot) disk. I only had the "restore disk" I made when I first got the computer 3yrs ago.
It would not "restore" using this disk. It appeared that there was no Vista 32 at all on the hard drive.
This computer is an HP m8000n with an AMD 64x2 Dual Core Processor 6000+ 3.0 gigahertz , a 1Tb hard drive, with 3G of RAM. If any more system information is needed I can supply that as well. It's running Vista 32 Home Premium.

I took it to CompUsa to have a diagnostic done on it and they told me the hard drive (the original one a 500g) was bad. So, I had them put in a new 1Tb drive.
They reinstalled the Vista 32 system and every thing was fine ...for a while.
Now it's back to trying to do the same thing again. So far it has not lost the OS and given me the can't boot black screen...yet.
I now just leave it running with out turning it off or restarting.....

Here's the Hijackthis analysis log.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:28:17 PM, on 6/15/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\V0410Mon.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Picture It! Premium 10\imprtwiz.exe
C:\Program Files\POP Peeper\POPPeeper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\user\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://co118w.col118.mail.live.com/default.aspx?wa=wsignin1.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [V0410Mon.exe] C:\Windows\V0410Mon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab
O16 - DPF: {F91AB7B8-EE67-42AF-A5AA-8E232C396A04} (HTMLPRint Control) - https://creditcommander.microbilt.com/cabs/htmlprint.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Creative Camera VF0410 APO service application (AEV0410) - Creative Technology Ltd. - C:\Windows\system32\V0410Aps.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\Wireless G WDA-1320\JSWUtilVst\jswpsapi.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 7653 bytes



Any help you guys can give me will be greatly appreciated.
Thanks, Ron

Edited by SweetTech, 15 June 2011 - 04:55 PM.
reduced size of font.--ST


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,424 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:17 PM

Posted 23 June 2011 - 10:33 AM

Hello ,
And :welcome: to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new DDS log (don't forget attach.txt)

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#3 ronfiveo

ronfiveo
  • Topic Starter

  • Members
  • 147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:McAllen, Texas
  • Local time:08:17 AM

Posted 23 June 2011 - 12:11 PM

Hi Elise025!
Thanks for all you are doing for me.
Ok, here is the system information:


OS Version: Microsoft® Windows Vista™ Home Premium , Service Pack 2, 32 bit
Processor: AMD Athlon™ 64 X2 Dual Core Processor 6000+, x64 Family 15 Model 67 Stepping 3
Processor Count: 2
RAM: 3005 Mb
Graphics Card: NVIDIA GeForce 6150SE nForce 430 , 64 Mb
Hard Drives: C: Total - 953866 MB, Free - 799429 MB;
Motherboard: ECS , Nettle2, 1.0 ,


Now , here is the DDS log created by the scan.



.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Run by user at 12:01:31 on 2011-06-23
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3006.1165 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\V0410Mon.exe
C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\POP Peeper\POPPeeper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\V0410Aps.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Picture It! Premium 10\pi.exe
C:\Windows\System32\notepad.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://co118w.col118.mail.live.com/default.aspx?wa=wsignin1.0
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [POP Peeper] "c:\program files\pop peeper\POPPeeper.exe" -min
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [<NO NAME>]
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [V0410Mon.exe] c:\windows\V0410Mon.exe
mRun: [Trend Micro RUBotted V2.0 Beta] c:\program files\trend micro\rubotted\RUBottedGUI.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15117/CTPID.cab
DPF: {F91AB7B8-EE67-42AF-A5AA-8E232C396A04} - hxxps://creditcommander.microbilt.com/cabs/htmlprint.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{9FB54019-9115-4EBA-B011-CE9278D5C237} : DhcpNameServer = 192.168.0.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\1cblzz6s.default\
FF - prefs.js: browser.startup.homepage - hxxp://co118w.col118.mail.live.com/default.aspx?wa=wsignin1.0
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npRLCT4Player.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\user\appdata\roaming\mozilla\firefox\profiles\1cblzz6s.default\extensions\devicedetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: c:\users\user\appdata\roaming\mozilla\firefox\profiles\1cblzz6s.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-5-27 64512]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-6-17 16184]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-13 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-5-13 307928]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2011-5-13 20352]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 AEV0410;Creative Camera VF0410 APO service application;c:\windows\system32\V0410Aps.exe [2011-6-7 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-5-13 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-5-13 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-5-13 42184]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-5-25 2151128]
R2 PdiService;Portrait Displays SDK Service;c:\program files\common files\portrait displays\drivers\pdisrvc.exe [2011-5-14 109168]
R2 RUBotSrv;Trend Micro RUBotted Service;c:\program files\trend micro\rubotted\RUBotSrv.exe [2011-6-15 439632]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 28624]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-7-14 1443584]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-5-25 15232]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\drivers\livecamv.sys [2011-6-7 31616]
R3 V0410Dev;Creative Camera VF0410 Driver;c:\windows\system32\drivers\V0410Dev.sys [2011-6-7 244704]
R3 V0410Vfx;Creative Camera VF0410 Video VFX Driver;c:\windows\system32\drivers\V0410Vfx.sys [2011-6-7 7168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3ABv.sys [2011-5-13 738304]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-6-5 1025352]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\d-link\wireless g wda-1320\jswutilvst\jswpsapi.exe [2011-5-13 942080]
S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2008-1-20 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2008-1-20 251904]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-06-23 12:29:42 -------- d-----w- c:\users\user\appdata\local\{34A317AA-A18D-4CB4-BB06-D4584CDE348C}
2011-06-22 16:50:30 -------- d-----w- c:\users\user\appdata\roaming\CLiPW
2011-06-22 16:49:49 -------- d-----w- c:\programdata\Xpress Software
2011-06-22 16:49:46 -------- d-----w- c:\program files\Xpress Software
2011-06-22 16:22:53 -------- d-----w- c:\users\user\appdata\local\FileMaker
2011-06-22 15:43:29 -------- d-----w- c:\users\user\appdata\local\{79882A20-8678-4D96-A8D0-858BAAE141A6}
2011-06-21 11:20:16 -------- d-----w- c:\users\user\appdata\roaming\Qlock
2011-06-21 11:20:16 -------- d-----w- c:\program files\Qlock
2011-06-20 18:07:39 -------- d-----w- c:\users\user\appdata\local\{4E56FAAD-B37A-4E3B-AE26-21DB98757FF8}
2011-06-17 15:51:55 29520 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-06-17 15:51:55 -------- d-----w- c:\users\user\appdata\roaming\IObit
2011-06-17 15:51:54 16184 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-06-17 15:51:53 -------- d-----w- c:\program files\IObit
2011-06-16 21:15:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-16 21:15:24 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-16 21:15:24 141104 ----a-w- c:\program files\internet explorer\sqmapi.dll
2011-06-16 20:43:58 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-16 20:43:57 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-16 20:43:57 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-16 20:43:57 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-16 20:43:04 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-16 20:42:59 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 20:42:58 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 20:42:58 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 20:42:58 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-16 20:42:57 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-06-16 13:22:56 -------- d-----w- c:\users\user\appdata\local\{ED6C811A-06A0-4B06-B827-020DA636E6C1}
2011-06-15 20:38:04 -------- d-----w- c:\programdata\Trend Micro
2011-06-15 20:34:35 -------- d-----w- c:\program files\WinPcap
2011-06-15 20:24:42 388096 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-06-15 20:24:42 -------- d-----w- c:\program files\Trend Micro
2011-06-15 15:37:15 -------- d-----w- c:\program files\NirSoft
2011-06-15 12:46:41 -------- d-----w- c:\users\user\appdata\roaming\TweakNow PowerPack 2011
2011-06-15 12:46:41 -------- d-----w- c:\program files\TweakNow PowerPack 2011
2011-06-15 12:42:19 -------- d-----w- c:\users\user\appdata\roaming\TweakNow RegCleaner 2011
2011-06-15 12:42:19 -------- d-----w- c:\program files\TweakNow RegCleaner 2011
2011-06-15 12:12:34 -------- d-----w- c:\users\user\appdata\local\{83C3CC9F-8743-41CD-9DAD-5ACDDBA31EA8}
2011-06-14 12:18:20 -------- d-----w- c:\users\user\appdata\local\{2F6CC7AA-84A1-425B-A2EB-9222997D3A5F}
2011-06-13 12:22:49 -------- d-----w- c:\users\user\appdata\local\{CEDC1B46-DC62-4EE0-AEB3-31EF7D14222E}
2011-06-12 15:21:24 -------- d-----w- c:\users\user\appdata\local\{B2DC3C76-0167-4386-8C12-5FE893E612A3}
2011-06-10 12:52:14 -------- d-----w- c:\programdata\Uniblue
2011-06-09 12:54:22 -------- d-----w- c:\users\user\appdata\local\{D397D004-77DA-4D82-BA84-80B5A847B7DB}
2011-06-07 16:56:23 -------- d-----w- C:\Live! Cam
2011-06-07 16:44:51 7062 ----a-w- c:\windows\system32\audiopid.vxd
2011-06-07 16:43:24 647872 ------w- c:\windows\system32\Mscomct2.ocx
2011-06-07 16:43:23 53248 ------w- c:\windows\Ctregrun.exe
2011-06-07 16:41:02 73728 ----a-w- c:\windows\system32\V0410Aps.exe
2011-06-07 16:39:52 36864 ----a-w- c:\windows\system32\CtCamMgr.dll
2011-06-07 16:38:27 -------- d-----w- c:\program files\SightSpeed
2011-06-07 16:36:16 80 --sh--r- c:\windows\CT4CET.bin
2011-06-07 16:36:14 77824 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2011-06-07 16:36:14 69632 ----a-w- c:\program files\mozilla firefox\plugins\npRLCT4Player.dll
2011-06-07 16:36:14 426081 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2011-06-07 16:36:14 139264 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2011-06-07 16:36:13 233472 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2011-06-07 16:36:13 204895 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2011-06-07 16:35:51 212992 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2011-06-07 16:35:51 167936 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2011-06-07 16:35:49 204800 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2011-06-07 16:35:49 106496 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2011-06-07 16:35:47 458752 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2011-06-07 16:35:41 -------- d-----w- c:\program files\common files\Reallusion
2011-06-07 16:33:02 5627904 ----a-w- c:\windows\system32\LiveCamVirtual.ocx
2011-06-07 16:33:02 31616 ----a-w- c:\windows\system32\drivers\livecamv.sys
2011-06-07 16:33:00 -------- d-----w- c:\program files\common files\Creative
2011-06-07 16:25:10 1060864 ------w- c:\windows\system32\MFC71.DLL
2011-06-07 16:25:10 1047552 ------w- c:\windows\system32\MFC71u.dll
2011-06-07 16:21:58 -------- d-----w- c:\program files\Creative
2011-06-07 16:21:30 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2011-06-07 16:21:30 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2011-06-07 16:21:30 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2011-06-07 16:21:30 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-06-07 16:21:30 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2011-06-07 16:21:30 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2011-06-07 16:21:29 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2011-06-07 16:21:28 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2011-06-07 12:10:25 -------- d-----w- c:\users\user\appdata\local\{7B5BD2B2-78E3-4F67-B2C1-40793DEA26C7}
2011-06-06 17:55:30 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-06-05 12:51:00 -------- d-----w- c:\users\user\appdata\local\AVG Security Toolbar
2011-06-05 12:39:44 -------- d-----w- c:\users\user\appdata\local\Yahoo
2011-06-05 12:26:01 -------- d-----w- c:\program files\Yahoo!
2011-06-05 12:21:22 -------- d-----w- c:\programdata\AVG Security Toolbar
2011-06-03 12:39:02 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
2011-06-03 12:38:56 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-03 12:38:56 -------- d-----w- c:\programdata\Malwarebytes
2011-06-03 12:38:53 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-03 12:38:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-31 14:56:42 -------- d-----w- c:\program files\Garmin GPS Plugin
2011-05-31 14:55:45 -------- d-----w- c:\users\user\{7359d5a2-04e1-4b1f-a48a-256135347bc3}
2011-05-31 14:55:44 -------- d-----w- c:\program files\Garmin
2011-05-31 14:26:00 53248 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{3ee9bcae-e9a9-45e5-9b1c-83a4d357e05c}\ARPPRODUCTICON.exe
2011-05-31 13:30:02 -------- d-----w- c:\users\user\appdata\local\{D67C5901-5FF1-4110-831E-828DA9E83241}
2011-05-27 12:27:51 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-05-27 12:11:40 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-05-27 12:11:29 -------- d-----w- c:\program files\Lavasoft
2011-05-26 03:04:45 -------- d-----w- c:\users\user\appdata\local\{7033EED8-DFC5-4303-A4A1-77281F879C65}
2011-05-25 15:04:32 -------- d-----w- c:\users\user\appdata\local\{DDE1AF84-C8EC-44D0-AC5D-84CE1DBBA439}
2011-05-25 03:04:07 -------- d-----w- c:\users\user\appdata\local\{A05A515D-B537-4BC4-95B7-2AA73592DF69}
.
==================== Find3M ====================
.
2011-06-20 10:50:02 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-31 14:25:37 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 11:59:44 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-04-27 18:11:48 4061464 ----a-w- c:\program files\CuteWriter.exe
2011-04-15 02:28:18 134480 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-04-05 05:59:56 297168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
============= FINISH: 12:02:17.43 ===============



If you need any more information just ask and I'll see what I can do.



#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,424 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:17 PM

Posted 23 June 2011 - 12:50 PM

Please post me the contents of attach.txt as well.

What makes you think this is a malware problem?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#5 ronfiveo

ronfiveo
  • Topic Starter

  • Members
  • 147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:McAllen, Texas
  • Local time:08:17 AM

Posted 23 June 2011 - 01:12 PM

Here is the attached text .

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/9/2011 10:44:07 PM
System Uptime: 6/22/2011 3:05:20 PM (21 hours ago)
.
Motherboard: ECS | | Nettle2
Processor: AMD Athlon™ 64 X2 Dual Core Processor 6000+ | Socket AM2 | 2800/201mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 932 GiB total, 774.071 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP78: 5/24/2011 4:41:04 PM - Scheduled Checkpoint
RP79: 5/25/2011 12:32:07 PM - Scheduled Checkpoint
RP80: 5/26/2011 9:44:48 AM - Scheduled Checkpoint
RP81: 5/26/2011 5:47:48 PM - Restore Operation
RP82: 5/27/2011 7:09:35 AM - Installed Ad-Aware
RP83: 5/27/2011 7:10:28 AM - Installed Ad-Aware
RP85: 5/27/2011 1:34:52 PM - Revo Uninstaller's restore point - The Weather Channel Desktop 6
RP86: 5/28/2011 8:47:12 AM - Scheduled Checkpoint
RP87: 5/29/2011 8:23:11 AM - Scheduled Checkpoint
RP88: 5/30/2011 10:12:34 AM - Scheduled Checkpoint
RP89: 5/31/2011 6:26:03 AM - Restore Operation
RP90: 5/31/2011 7:04:57 AM - Windows Update
RP91: 5/31/2011 7:28:26 AM - Device Driver Package Install: CXT Modems
RP93: 5/31/2011 7:30:13 AM - HP Installation Restore Point
RP94: 5/31/2011 7:47:40 AM - Restore Operation
RP96: 5/31/2011 8:48:20 AM - Revo Uninstaller's restore point - Logitech SetPoint 6.22
RP97: 5/31/2011 8:53:14 AM - SetPoint 4.80
RP98: 5/31/2011 9:55:45 AM - Device Driver Package Install: Garmin
RP99: 6/1/2011 6:06:04 AM - Restore Operation
RP100: 6/1/2011 6:26:42 AM - Windows Update
RP101: 6/2/2011 7:46:04 AM - Scheduled Checkpoint
RP102: 6/3/2011 1:01:27 PM - Scheduled Checkpoint
RP103: 6/4/2011 7:56:24 AM - Scheduled Checkpoint
RP104: 6/5/2011 12:17:11 PM - Scheduled Checkpoint
RP105: 6/6/2011 12:24:37 PM - Scheduled Checkpoint
RP106: 6/6/2011 3:58:46 PM - Device Driver Package Install: Garmin
RP108: 6/7/2011 11:22:04 AM - Installed Creative Live! Cam Center
RP110: 6/7/2011 11:23:33 AM - Installed Creative Live! Cam Manager
RP112: 6/7/2011 11:24:29 AM - Installed Creative Live! Cam Doodling
RP114: 6/7/2011 11:25:30 AM - Installed Creative Live! Cam FX Creator
RP116: 6/7/2011 11:26:25 AM - Installed Advanced Video FX Engine
RP118: 6/7/2011 11:27:22 AM - Installed Advanced Audio FX Engine
RP120: 6/7/2011 11:28:13 AM - Installed Creative Photo Manager
RP122: 6/7/2011 11:29:21 AM - Installed Creative Photo Calendar
RP124: 6/7/2011 11:31:24 AM - Installed Creative Live! Cam User's Guide
RP126: 6/7/2011 11:32:27 AM - Installed Live! Cam Avatar
RP127: 6/7/2011 11:33:10 AM - Device Driver Package Install: Creative Inc. Sound, video and game controllers
RP129: 6/7/2011 11:35:16 AM - Installed Live! Cam Avatar Creator
RP131: 6/7/2011 11:36:33 AM - Installed Creative System Information
RP133: 6/7/2011 11:37:44 AM - Installed Creative Live! Cam Video IM Pro(VF0410)
RP135: 6/7/2011 11:39:12 AM - Installed Creative WebCam
RP136: 6/7/2011 11:39:53 AM - Device Driver Package Install: Creative Technology Ltd. Imaging devices
RP137: 6/7/2011 11:41:02 AM - Device Driver Package Install: Creative Technology Ltd. Sound, video and game controllers
RP139: 6/7/2011 11:43:58 AM - Installed Creative Software AutoUpdate
RP140: 6/7/2011 11:57:12 AM - Device Driver Package Install: Creative Technology Ltd. Imaging devices
RP141: 6/7/2011 11:57:58 AM - Device Driver Package Install: Creative Technology Ltd. Sound, video and game controllers
RP143: 6/7/2011 11:59:54 AM - Installed Advanced Video FX Engine
RP144: 6/8/2011 4:52:58 PM - Scheduled Checkpoint
RP145: 6/9/2011 10:07:43 AM - Scheduled Checkpoint
RP147: 6/10/2011 8:16:44 AM - Revo Uninstaller's restore point - Uniblue DriverScanner
RP148: 6/11/2011 12:00:02 AM - Scheduled Checkpoint
RP149: 6/12/2011 1:28:17 PM - Scheduled Checkpoint
RP150: 6/15/2011 3:24:05 PM - Installed HiJackThis
RP151: 6/16/2011 4:13:32 PM - Windows Update
RP152: 6/18/2011 12:00:02 AM - Scheduled Checkpoint
RP153: 6/18/2011 7:41:44 AM - Windows Update
RP154: 6/19/2011 12:00:05 AM - Scheduled Checkpoint
RP155: 6/20/2011 10:55:20 AM - Scheduled Checkpoint
RP156: 6/21/2011 12:00:02 AM - Scheduled Checkpoint
RP157: 6/22/2011 12:00:08 AM - Scheduled Checkpoint
RP159: 6/22/2011 8:31:30 AM - Revo Uninstaller's restore point - NirSoft BlueScreenView
RP161: 6/22/2011 11:09:03 AM - Installed SimplyID
RP163: 6/22/2011 11:32:24 AM - Revo Uninstaller's restore point - SimpleIDs 1.0
RP164: 6/23/2011 12:00:02 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acer eDisplay Management
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.0)
Advanced Audio FX Engine
Advanced ID Creator
Advanced Video FX Engine
AIO_Scan
ANIWZCS2 Service
ArcSoft PhotoImpression 6
Ashampoo Burning Studio 6 FREE v.6.80
Ask Toolbar
avast! Free Antivirus
AVG 2011
BufferChm
C5200
C5200_doccd
c5200_Help
Copy
Creative Live! Cam Center
Creative Live! Cam Doodling
Creative Live! Cam FX Creator
Creative Live! Cam Manager
Creative Live! Cam User's Guide
Creative Live! Cam Video IM Pro (VF0410) (1.01.01.00)
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
CustomerResearchQFolder
CutePDF Writer 2.8
D3DX10
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocProc
DocProcQFolder
eReg
erLT
eSupportQFolder
Fax
Garmin Communicator Plugin
Garmin USB Drivers
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Advisor
HP Customer Participation Program 9.0
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Product Assistant
HP Product Detection
HP Solution Center 9.0
HP Update
HPProductAssistant
HPSSupply
Java Auto Updater
Java™ 6 Update 24
Junk Mail filter update
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Logitech SetPoint 6.22
Malwarebytes' Anti-Malware version 1.51.0.1200
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Digital Image Library 9 - Blocker
Microsoft Picture It! Library 10
Microsoft Picture It! Premium 10
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Word 2002
Microsoft Works
Microsoft Works 2005 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Mozilla Firefox 4.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NirSoft BlueScreenView
NVIDIA Drivers
OpenOffice.org 3.3
PanoStandAlone
Pivot Pro Plugin
POP Peeper
PS_AIO_02_ProductContext
PS_AIO_02_Software
PS_AIO_02_Software_min
PSSWCORE
Qlock Pro
Realtek High Definition Audio Driver
Revo Uninstaller 1.92
Scan
SDK
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Segoe UI
SightSpeed (remove only)
Smart Defrag 2
Soft Data Fax Modem with SmartCP
SolutionCenter
Status
Toolbox
TrayApp
Trend Micro RUBotted 2.0 Beta
TweakNow PowerPack 2011 SP2
TweakNow RegCleaner 2011
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoToolkit01
WebReg
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.1
Wireless G WDA-1320
Wisdom-soft Set up ScreenHunter 5.1 Free
Works Upgrade
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
6/22/2011 3:06:43 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
6/20/2011 5:58:23 AM, Error: EventLog [6008] - The previous system shutdown at 5:56:14 AM on 6/20/2011 was unexpected.
6/17/2011 6:14:15 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetbiosSmb because another computer on the network has the same name. The server could not start.
.
==== End Of File ===========================



I did not think this was a malware problem, but it is puzzling how it occurs.
Since I had not added any new hardware or any new programs I could not figure out what was doing this or what was causing the problem.
I ran all the malware scans I could think of and that were advised to run, and it still persist.
I had to shut down the computer yesterday because of a thunderstorm and it started up ok, and ran fine so far.
But because it does happen with the blue screen and and then sometimes a black " shut down unexpectedly" black screen upon auto start up after the blue "dumping files " screen or other blue screens it is still problematic.
I have found that just because it doesn't one time don't mean that it won't in the near future at any given time again.
I have "blue screen view" if you would like to see some or all of the ones that program found for me recently.

Thanks,
Ron

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,424 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:17 PM

Posted 23 June 2011 - 01:15 PM

Download BlueScreenView
No installation required.
Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit>Select All.
Go File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#7 ronfiveo

ronfiveo
  • Topic Starter

  • Members
  • 147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:McAllen, Texas
  • Local time:08:17 AM

Posted 23 June 2011 - 01:54 PM

Here is the 'Blue Screen View "



==================================================
Dump File : Mini062011-01.dmp
Crash Time : 6/20/2011 5:58:29 AM
Bug Check String : PFN_LIST_CORRUPT
Bug Check Code : 0x0000004e
Parameter 1 : 0x00000002
Parameter 2 : 0x00052a0f
Parameter 3 : 0x000bbedf
Parameter 4 : 0x00000010
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+cdb3f
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18327 (vistasp2_gdr.101014-0432)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+cdb3f
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\Mini062011-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 156,520
==================================================

==================================================
Dump File : Mini061011-01.dmp
Crash Time : 6/10/2011 6:55:52 AM
Bug Check String : DRIVER_CORRUPTED_EXPOOL
Bug Check Code : 0x000000c5
Parameter 1 : 0x19400000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x8232382a
Caused By Driver : ecache.sys
Caused By Address : ecache.sys+17540
File Description : Special Memory Device Cache
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+4dfd9
Stack Address 1 : ntkrnlpa.exe+ee82a
Stack Address 2 : ntkrnlpa.exe+ed858
Stack Address 3 : ecache.sys+c89e
Computer Name :
Full Path : C:\Windows\Minidump\Mini061011-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================

==================================================
Dump File : Mini060511-02.dmp
Crash Time : 6/5/2011 7:07:03 AM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x974f88ef
Parameter 3 : 0x9ac5ec1c
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+c88ef
File Description : Multi-User Win32 Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6000.16386 (vista_rtm.061101-2205)
Processor : 32-bit
Crash Address : win32k.sys+c88ef
Stack Address 1 : win32k.sys+c86a1
Stack Address 2 : win32k.sys+c9247
Stack Address 3 : ntkrnlpa.exe+4ac7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini060511-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 156,520
==================================================

==================================================
Dump File : Mini060511-01.dmp
Crash Time : 6/5/2011 7:01:53 AM
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 0x00041284
Parameter 2 : 0x119fa001
Parameter 3 : 0x0000f27c
Parameter 4 : 0xc0802000
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+cdb3f
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18327 (vistasp2_gdr.101014-0432)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+cdb3f
Stack Address 1 : ntkrnlpa.exe+63746
Stack Address 2 : ntkrnlpa.exe+63994
Stack Address 3 : ntkrnlpa.exe+b624c
Computer Name :
Full Path : C:\Windows\Minidump\Mini060511-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 156,520
==================================================

==================================================
Dump File : Mini060411-03.dmp
Crash Time : 6/4/2011 3:01:49 PM
Bug Check String : DRIVER_CORRUPTED_EXPOOL
Bug Check Code : 0x000000c5
Parameter 1 : 0x000000d0
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x8230682a
Caused By Driver : hal.dll
Caused By Address : hal.dll+997f
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+4dfd9
Stack Address 1 : ntkrnlpa.exe+ee82a
Stack Address 2 : ntkrnlpa.exe+ed858
Stack Address 3 : aswSP.SYS+26fef
Computer Name :
Full Path : C:\Windows\Minidump\Mini060411-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 156,520
==================================================

==================================================
Dump File : Mini060411-02.dmp
Crash Time : 6/4/2011 6:33:08 AM
Bug Check String : BUGCODE_USB_DRIVER
Bug Check Code : 0x000000fe
Parameter 1 : 0x00000005
Parameter 2 : 0x8763e0e0
Parameter 3 : 0x10de03f1
Parameter 4 : 0x88ab83a4
Caused By Driver : USBPORT.SYS
Caused By Address : USBPORT.SYS+29706
File Description : USB 1.1 & 2.0 Port Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+cdb3f
Stack Address 1 : USBPORT.SYS+29706
Stack Address 2 : USBPORT.SYS+4267
Stack Address 3 : usbohci.sys+2742
Computer Name :
Full Path : C:\Windows\Minidump\Mini060411-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 200,112
==================================================

==================================================
Dump File : Mini060411-01.dmp
Crash Time : 6/4/2011 6:19:09 AM
Bug Check String : APC_INDEX_MISMATCH
Bug Check Code : 0x00000001
Parameter 1 : 0x8241d626
Parameter 2 : 0x00000000
Parameter 3 : 0x0000fffe
Parameter 4 : 0x00000000
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+4afe7
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18327 (vistasp2_gdr.101014-0432)
Processor : 32-bit
Crash Address : ntkrnlpa.exe+4afe7
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\Mini060411-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 156,520
==================================================



Thanks
Ron

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,424 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:17 PM

Posted 23 June 2011 - 02:11 PM

Hi Ron, these look pretty random. I recommend you to run a RAM test

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#9 ronfiveo

ronfiveo
  • Topic Starter

  • Members
  • 147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:McAllen, Texas
  • Local time:08:17 AM

Posted 23 June 2011 - 03:05 PM

Hi Elise,
I downloaded Memtest86 and burned it to a disk.
I can't get the machine to boot from the disk.
I went into the boot menu, and chose "boot from disk" option as first priority boot option.
It still will not boot from the disk in order to run the Memtest86 program.

?

#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,424 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:17 PM

Posted 23 June 2011 - 03:38 PM

Can you try and see if the CD works on another computer. Note that you shouldn't just burn the downloaded file to a CD, instead you need to burn the .iso to a CD, which is a different thing.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#11 ronfiveo

ronfiveo
  • Topic Starter

  • Members
  • 147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:McAllen, Texas
  • Local time:08:17 AM

Posted 23 June 2011 - 05:01 PM

I burned another one and this one worked.
The memtest86 showed no errors after 1 pass I have a pic of the screen before restart if
you need to see it.

Ron

#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,424 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:17 PM

Posted 24 June 2011 - 05:08 AM

Can you leave it running for 3 passes?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#13 ronfiveo

ronfiveo
  • Topic Starter

  • Members
  • 147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:McAllen, Texas
  • Local time:08:17 AM

Posted 24 June 2011 - 06:45 AM

I could do that tonight.

Would it be a good idea to let it continue over night?

Ron

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,424 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:17 PM

Posted 24 June 2011 - 06:51 AM

Hi Ron, yes, you can do that, it will just continue testing the RAM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#15 ronfiveo

ronfiveo
  • Topic Starter

  • Members
  • 147 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:McAllen, Texas
  • Local time:08:17 AM

Posted 24 June 2011 - 07:06 AM

Just now, the machine froze ...
I had to turn it off and boot up again ...
It froze at the first "manufacturer" screen then I turned it off again
then it froze at the 'did not shut down properly " screen and would not boot after hitting the "enter" key to choose normal
then it froze with a flashing cursor bar in the upper left corner it would not continue just sat there flashing.
turned it off again
finally it booted up after the "choose normal" screen so I can reply to you
No blue screen,

this is getting strange


any ideas?

If it continues to run, I will run the ram test over night.

Edited by ronfiveo, 24 June 2011 - 07:08 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users