Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer locks up and requires hard reboot after random moments of use


  • Please log in to reply
7 replies to this topic

#1 DarkPoisons

DarkPoisons

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Columbus, OH
  • Local time:07:59 AM

Posted 30 May 2012 - 11:04 AM

I'm unsure if this is a virus or some sort of problem with parts of my computer. My pc is locking up at random intervals and requires a hard reboot. I have ran a recent scan on mbam and it found a pup crossfire virus. I'm hoping the issue can be resolved easily instead of having to buy a new pc or new parts.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:59 AM

Posted 30 May 2012 - 12:15 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 DarkPoisons

DarkPoisons
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Columbus, OH
  • Local time:07:59 AM

Posted 31 May 2012 - 08:35 PM

FSS report
------------
Farbar Service Scanner Version: 27-05-2012
Ran by Michelle (administrator) on 31-05-2012 at 21:32:17
Running from "C:\Documents and Settings\Michelle\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit


**** End of log ****
----------------------------------------
Mini Toolbox report
-------------------

MiniToolBox by Farbar Version: 14-01-2012
Ran by Michelle (administrator) on 31-05-2012 at 21:33:33
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/100+ Management Adapter = Local Area Connection 2 (Disconnected)
Realtek RTL8139 Family PCI Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : poison

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-E0-4C-CC-5E-4B

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.64

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 192.168.1.254

Lease Obtained. . . . . . . . . . : Thursday, May 31, 2012 9:27:11 PM

Lease Expires . . . . . . . . . . : Friday, June 01, 2012 9:27:11 PM

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.225.110, 74.125.225.96, 74.125.225.97, 74.125.225.98
74.125.225.99, 74.125.225.100, 74.125.225.101, 74.125.225.102, 74.125.225.103
74.125.225.104, 74.125.225.105



Pinging google.com [74.125.225.134] with 32 bytes of data:



Reply from 74.125.225.134: bytes=32 time=19ms TTL=55

Reply from 74.125.225.134: bytes=32 time=19ms TTL=55



Ping statistics for 74.125.225.134:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 19ms, Maximum = 19ms, Average = 19ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=71ms TTL=52

Reply from 72.30.38.140: bytes=32 time=86ms TTL=52



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 71ms, Maximum = 86ms, Average = 78ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 e0 4c cc 5e 4b ...... Realtek RTL8139 Family PCI Fast Ethernet NIC
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.64 192.168.1.64 20
192.168.1.64 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.64 192.168.1.64 20
224.0.0.0 240.0.0.0 192.168.1.64 192.168.1.64 20
255.255.255.255 255.255.255.255 192.168.1.64 192.168.1.64 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/20/2012 10:18:14 PM) (Source: Chrome) (User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=19.0.1084.46;is_machine=1;minidump=C:\Program Files\Google\CrashReports\0496827a-bdcb-4013-b165-0128905a8591.dmp

Error: (04/17/2012 04:42:19 AM) (Source: Chrome) (User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=18.0.1025.152;is_machine=1;minidump=C:\Program Files\Google\CrashReports\8d99541c-8231-477d-935a-cd65984950ce.dmp

Error: (03/25/2012 10:24:50 AM) (Source: Chrome) (User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.83;is_machine=1;minidump=C:\Program Files\Google\CrashReports\db7fe4ec-39af-4280-8bb2-0de8a9a8f1ae.dmp

Error: (03/25/2012 10:24:31 AM) (Source: Chrome) (User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.83;is_machine=1;minidump=C:\Program Files\Google\CrashReports\c380e895-3c8d-4241-95a5-8985ccd4cd7d.dmp

Error: (03/25/2012 10:24:10 AM) (Source: Chrome) (User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.83;is_machine=1;minidump=C:\Program Files\Google\CrashReports\e6cdaca9-602c-46be-9002-222d8779c0db.dmp

Error: (03/18/2012 02:33:49 AM) (Source: Chrome) (User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.79;is_machine=1;minidump=C:\Program Files\Google\CrashReports\1bd68e26-015b-4ef6-873f-241056ce716c.dmp

Error: (03/18/2012 02:33:43 AM) (Source: Chrome) (User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.79;is_machine=1;minidump=C:\Program Files\Google\CrashReports\043347c4-3efd-4a4b-968d-85507040b87a.dmp

Error: (03/18/2012 02:33:38 AM) (Source: Chrome) (User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.79;is_machine=1;minidump=C:\Program Files\Google\CrashReports\72f95de3-8ae9-4f72-a712-09c0d6457b4f.dmp

Error: (03/18/2012 02:33:32 AM) (Source: Chrome) (User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.79;is_machine=1;minidump=C:\Program Files\Google\CrashReports\521806fb-ca2b-4be2-9aed-e09d9942757f.dmp

Error: (03/18/2012 02:33:28 AM) (Source: Chrome) (User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.79;is_machine=1;minidump=C:\Program Files\Google\CrashReports\9d5438a7-22c0-48be-9a4a-c3a7d57dad49.dmp


System errors:
=============
Error: (05/30/2012 11:38:00 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (05/30/2012 10:46:33 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
viamraid
videX32

Error: (05/29/2012 08:38:00 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (05/29/2012 07:44:52 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.64 on the
Network Card with network address 00E04CCC5E4B.

Error: (05/27/2012 09:38:00 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (05/27/2012 09:32:09 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.64 on the
Network Card with network address 00E04CCC5E4B.

Error: (05/26/2012 08:43:48 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.64 on the
Network Card with network address 00E04CCC5E4B.

Error: (05/25/2012 01:44:16 AM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.64 on the
Network Card with network address 00E04CCC5E4B.

Error: (05/21/2012 05:38:00 PM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (05/20/2012 10:13:41 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (05/20/2012 10:18:14 PM) (Source: Chrome)(User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=19.0.1084.46;is_machine=1;minidump=C:\Program Files\Google\CrashReports\0496827a-bdcb-4013-b165-0128905a8591.dmp

Error: (04/17/2012 04:42:19 AM) (Source: Chrome)(User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=18.0.1025.152;is_machine=1;minidump=C:\Program Files\Google\CrashReports\8d99541c-8231-477d-935a-cd65984950ce.dmp

Error: (03/25/2012 10:24:50 AM) (Source: Chrome)(User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.83;is_machine=1;minidump=C:\Program Files\Google\CrashReports\db7fe4ec-39af-4280-8bb2-0de8a9a8f1ae.dmp

Error: (03/25/2012 10:24:31 AM) (Source: Chrome)(User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.83;is_machine=1;minidump=C:\Program Files\Google\CrashReports\c380e895-3c8d-4241-95a5-8985ccd4cd7d.dmp

Error: (03/25/2012 10:24:10 AM) (Source: Chrome)(User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.83;is_machine=1;minidump=C:\Program Files\Google\CrashReports\e6cdaca9-602c-46be-9002-222d8779c0db.dmp

Error: (03/18/2012 02:33:49 AM) (Source: Chrome)(User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.79;is_machine=1;minidump=C:\Program Files\Google\CrashReports\1bd68e26-015b-4ef6-873f-241056ce716c.dmp

Error: (03/18/2012 02:33:43 AM) (Source: Chrome)(User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.79;is_machine=1;minidump=C:\Program Files\Google\CrashReports\043347c4-3efd-4a4b-968d-85507040b87a.dmp

Error: (03/18/2012 02:33:38 AM) (Source: Chrome)(User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.79;is_machine=1;minidump=C:\Program Files\Google\CrashReports\72f95de3-8ae9-4f72-a712-09c0d6457b4f.dmp

Error: (03/18/2012 02:33:32 AM) (Source: Chrome)(User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.79;is_machine=1;minidump=C:\Program Files\Google\CrashReports\521806fb-ca2b-4be2-9aed-e09d9942757f.dmp

Error: (03/18/2012 02:33:28 AM) (Source: Chrome)(User: SYSTEM)SYSTEM
Description: Chrome has encountered a fatal error.
ver=17.0.963.79;is_machine=1;minidump=C:\Program Files\Google\CrashReports\9d5438a7-22c0-48be-9a4a-c3a7d57dad49.dmp


=========================== Installed Programs ============================

7-Zip 4.65
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.62)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.0.626)
Advanced SystemCare 5 (Version: 5.2.0)
Age of Mythology
Age of Mythology - The Titans Expansion
avast! Free Antivirus (Version: 6.0.1367.0)
BitTorrent (Version: 7.2.0)
C-Media 3D Audio
CCleaner (Version: 3.18)
Cheat Engine 6.1
Codec-V (Version: 1.15.149.149)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Crossrider Web Apps
DAEMON Tools Lite (Version: 4.41.3.0173)
DivX Setup (Version: 2.6.1.5)
Google Chrome (Version: 19.0.1084.52)
Google Update Helper (Version: 1.3.21.111)
Haali Media Splitter
Jasc Animation Shop 3 (Version: 3.11)
Jasc Paint Shop Pro 9 (Version: 9.00.0000)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 20 (Version: 6.0.200)
Java™ 6 Update 31 (Version: 6.0.310)
K-Lite Mega Codec Pack 6.7.0 (Version: 6.7.0)
LG USB Modem Driver (Version: 4.9.7)
LNZ Pro
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Reader
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
mIRC (Version: 6.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
NVIDIA Drivers
OpenAL
OpenOffice.org 3.2 (Version: 3.2.9502)
Pando Media Booster (Version: 2.3.5.2)
Petz 4
PetzA 2.2.5
PetzPlayer
Platform (Version: 1.34)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek AC'97 Audio (Version: 5.36)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.94 (Version: 1.94)
Segoe UI (Version: 14.0.4327.805)
Smart Defrag 2 (Version: Beta 1.21)
Sophos Anti-Rootkit 1.5.4 (Version: 1.5.4)
SUPERAntiSpyware (Version: 5.0.1144)
swMSM (Version: 12.0.0.1)
The Core Media Player 4.0
Unity Web Player (Version: )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vimicro USB2.0 UVC PC Camera (Version: 2010.03.02)
Virtual Families 1.00
VLC media player 1.1.11 (Version: 1.1.11)
WebFldrs XP (Version: 9.50.7523)
WinASO Registry Optimizer 4.7.6
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update

========================= Devices: ================================

Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel® PRO/100+ Management Adapter
Description: Intel® PRO/100+ Management Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: E100B
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 991.48 MB
Available physical RAM: 359.92 MB
Total Pagefile: 1621.59 MB
Available Pagefile: 1068.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.62 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:293.03 GB) (Free:254.2 GB) NTFS
6 Drive g: (PRESARIO) (Fixed) (Total:67.73 GB) (Free:50.92 GB) NTFS
7 Drive h: (PRESARIO_RP) (Fixed) (Total:6.77 GB) (Free:0.33 GB) FAT32

========================= Users: ========================================

User accounts for \\POISON

Administrator Guest HelpAssistant
Michelle SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

01-02-2012 23:13:23 System Checkpoint
04-02-2012 00:28:33 Removed Microsoft Visual C++ 2005 Redistributable
04-02-2012 00:29:27 Installed Microsoft Visual C++ 2005 Redistributable - KB2467175
05-02-2012 03:39:03 System Checkpoint
07-02-2012 08:02:10 System Checkpoint
08-02-2012 08:36:33 System Checkpoint
09-02-2012 09:10:43 System Checkpoint
10-02-2012 09:55:58 System Checkpoint
11-02-2012 10:44:22 System Checkpoint
12-02-2012 19:26:16 System Checkpoint
14-02-2012 15:31:28 System Checkpoint
15-02-2012 16:13:45 System Checkpoint
17-02-2012 01:14:32 Installed Catz & Dogz
17-02-2012 10:06:26 Revo Uninstaller's restore point - Catz & Dogz
17-02-2012 10:12:02 Revo Uninstaller's restore point - The Lord of the Rings Online™ v03.02.05.8032
17-02-2012 10:14:26 Revo Uninstaller's restore point - Glary Utilities 2.42.0.1389
17-02-2012 10:14:52 Revo Uninstaller's restore point - Glary Utilities 2.42.0.1389
17-02-2012 10:15:04 Revo Uninstaller's restore point - Glary Utilities 2.42.0.1389
22-02-2012 09:05:47 Revo Uninstaller's restore point - Virtual DJ - Atomix Productions
23-02-2012 13:17:06 Revo Uninstaller's restore point - Skype™ 5.5
23-02-2012 13:17:35 Removed Skype™ 5.5
24-02-2012 06:19:26 Software Distribution Service 3.0
24-02-2012 10:29:56 Revo Uninstaller's restore point - The Sims 2
24-02-2012 10:31:26 Revo Uninstaller's restore point - The Sims 2 Family Fun Stuff
24-02-2012 10:32:27 Revo Uninstaller's restore point - The Sims™ 2 IKEA® Home Stuff
24-02-2012 10:33:28 Revo Uninstaller's restore point - The Sims™ 2 Mansion and Garden Stuff
24-02-2012 10:34:35 Revo Uninstaller's restore point - The Sims™ 2 Teen Style Stuff
24-02-2012 10:36:13 Revo Uninstaller's restore point - The Sims™ 2 Kitchen & Bath Interior Design Stuff
24-02-2012 10:38:23 Revo Uninstaller's restore point - The Sims™ 2 FreeTime
24-02-2012 10:40:33 Revo Uninstaller's restore point - The Sims™ 2 Celebration! Stuff
24-02-2012 10:58:42 Revo Uninstaller's restore point - The Sims 2 Glamour Life Stuff
24-02-2012 11:27:42 Revo Uninstaller's restore point - The Sims™ 2 Apartment Life
24-02-2012 12:03:57 Revo Uninstaller's restore point - The Sims™ 2 Celebration! Stuff
24-02-2012 12:06:00 Revo Uninstaller's restore point - The Sims 2 Nightlife
24-02-2012 12:17:28 Revo Uninstaller's restore point - The Sims 2 Open For Business
24-02-2012 12:19:49 Revo Uninstaller's restore point - The Sims™ 2 H&M® Fashion Stuff
24-02-2012 12:40:54 Revo Uninstaller's restore point - The Sims™ 2 H&M® Fashion Stuff
24-02-2012 12:42:59 Revo Uninstaller's restore point - The Sims 2 University
24-02-2012 12:45:11 Revo Uninstaller's restore point - The Sims 2 Nightlife
24-02-2012 13:39:38 Revo Uninstaller's restore point - The Sims 2 Seasons
24-02-2012 13:40:52 Revo Uninstaller's restore point - The Sims 2 Pets
24-02-2012 13:42:17 Revo Uninstaller's restore point - Jasc Paint Shop Pro 8.10 Update Patch
24-02-2012 13:44:29 Revo Uninstaller's restore point - Jasc Paint Shop Pro 8.10 Update Patch
24-02-2012 13:46:05 Revo Uninstaller's restore point - Jasc Paint Shop Pro 8
24-02-2012 13:46:33 Removed Jasc Paint Shop Pro 8
24-02-2012 13:49:41 Revo Uninstaller's restore point - Yahoo! Toolbar
24-02-2012 21:01:50 Installed Windows XP KB2647516.
24-02-2012 21:02:57 Installed Windows XP KB2660465.
24-02-2012 21:27:52 Revo Uninstaller's restore point - CEP (Color Enable Package) v.9.2 (beta)
24-02-2012 21:29:01 Revo Uninstaller's restore point - Sims2Pack Clean Installer
26-02-2012 06:23:22 Software Distribution Service 3.0
27-02-2012 14:25:53 System Checkpoint
28-02-2012 17:10:50 System Checkpoint
01-03-2012 06:46:20 System Checkpoint
02-03-2012 16:14:52 System Checkpoint
03-03-2012 19:43:41 System Checkpoint
05-03-2012 11:48:29 System Checkpoint
01-01-2004 05:59:29 System Checkpoint
02-03-2012 06:06:22 System Checkpoint
11-03-2012 19:42:59 System Checkpoint
13-03-2012 10:06:50 Revo Uninstaller's restore point - iMesh
14-03-2012 22:22:38 Software Distribution Service 3.0
16-03-2012 20:51:44 System Checkpoint
18-03-2012 02:45:16 System Checkpoint
20-03-2012 12:21:43 System Checkpoint
21-03-2012 23:37:34 System Checkpoint
24-03-2012 00:33:25 System Checkpoint
25-03-2012 00:28:22 Revo Uninstaller's restore point - Microsoft Silverlight
25-03-2012 00:30:02 Removed Microsoft Silverlight
28-03-2012 18:57:23 Software Distribution Service 3.0
01-04-2012 02:08:23 System Checkpoint
04-04-2012 03:35:29 Installed LG USB Modem Driver
04-04-2012 03:42:49 Installed LG USB Modem Driver
06-04-2012 23:26:04 System Checkpoint
09-04-2012 00:28:15 Removed Java™ 6 Update 22
09-04-2012 00:28:37 Installed Java™ 6 Update 31
12-04-2012 21:27:15 Software Distribution Service 3.0
12-04-2012 21:46:40 Software Distribution Service 3.0
18-04-2012 15:23:25 System Checkpoint
21-04-2012 20:20:02 System Checkpoint
24-04-2012 07:06:34 System Checkpoint
28-04-2012 13:35:47 System Checkpoint
30-04-2012 22:36:08 System Checkpoint
14-05-2012 22:07:12 Software Distribution Service 3.0
14-05-2012 22:30:20 Software Distribution Service 3.0
16-05-2012 04:33:29 Software Distribution Service 3.0
01-01-2004 04:09:11 Software Distribution Service 3.0
16-05-2012 22:56:18 Software Distribution Service 3.0
21-05-2012 01:27:59 Revo Uninstaller's restore point - World of Kaneva v4.0
21-05-2012 01:30:08 Revo Uninstaller's restore point - World of Kaneva v4.0
21-05-2012 21:38:59 Software Distribution Service 3.0
22-05-2012 05:03:54 Software Distribution Service 3.0

**** End of log****
--------------------------------------
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-31 21:35:05
-----------------------------
21:35:05.859 OS Version: Windows 5.1.2600 Service Pack 3
21:35:05.859 Number of processors: 2 586 0x401
21:35:05.859 ComputerName: POISON UserName:
21:35:06.968 Initialize success
21:35:07.328 AVAST engine defs: 12022604
21:35:10.281 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
21:35:10.281 Disk 0 Vendor: WDC_WD3200AAJB-00TYA0 00.02C01 Size: 300070MB BusType: 3
21:35:10.281 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
21:35:10.296 Disk 1 Vendor: ST380011A 8.11 Size: 76319MB BusType: 3
21:35:10.312 Disk 0 MBR read successfully
21:35:10.312 Disk 0 MBR scan
21:35:10.328 Disk 0 Windows XP default MBR code
21:35:10.328 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300057 MB offset 63
21:35:10.343 Disk 0 scanning sectors +614518380
21:35:10.406 Disk 0 scanning C:\WINDOWS\system32\drivers
21:35:25.765 Service scanning
21:35:38.531 Modules scanning
21:35:44.828 Disk 0 trace - called modules:
21:35:44.843 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
21:35:44.843 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86b11ab8]
21:35:44.843 3 CLASSPNP.SYS[f774efd7] -> nt!IofCallDriver -> \Device\0000005f[0x86b89510]
21:35:44.843 5 ACPI.sys[f76c5620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86b88d98]
21:35:45.609 AVAST engine scan C:\WINDOWS
21:35:52.296 AVAST engine scan C:\WINDOWS\system32
21:38:34.609 AVAST engine scan C:\WINDOWS\system32\drivers
21:39:14.625 AVAST engine scan C:\Documents and Settings\Michelle
21:39:38.406 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Michelle\Desktop\MBR.dat"
21:39:38.437 The log file has been saved successfully to "C:\Documents and Settings\Michelle\Desktop\aswMBR.txt"
------------------------------
Results of screen317's Security Check version 0.99.41
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SUPERAntiSpyware
Sophos Anti-Rootkit 1.5.4
Malwarebytes Anti-Malware version 1.61.0.1400
CCleaner
Java™ 6 Update 20
Java™ 6 Update 31
Java version out of date!
Adobe Reader X (10.1.3)
Google Chrome 19.0.1084.46
Google Chrome 19.0.1084.52
````````Process Check: objlist.exe by Laurent````````
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 avastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 4%
````````````````````End of Log``````````````````````
---------------------------
Will post the other scans in my next post in case my pc locks up. running the other scans now.

Edited by DarkPoisons, 31 May 2012 - 09:00 PM.


#4 DarkPoisons

DarkPoisons
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Columbus, OH
  • Local time:07:59 AM

Posted 09 June 2012 - 07:51 PM

Sorry it has taken me so long to respond back, and sorry for the double post. I am unable to run Mbam fully. it continues to lock up every time i run the scan. the scan takes a long time for my pc so it never gets to finish before it locks up.

#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:59 AM

Posted 09 June 2012 - 08:10 PM

Download Bootkit Remover to your desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

============================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 DarkPoisons

DarkPoisons
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Columbus, OH
  • Local time:07:59 AM

Posted 10 June 2012 - 09:05 PM

Bootkit Remover
© 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd

Size Device Name MBR Status
--------------------------------------------
293 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...
-----------------------------

Gmer coming next.

#7 DarkPoisons

DarkPoisons
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Columbus, OH
  • Local time:07:59 AM

Posted 23 June 2012 - 08:51 AM

I am unable to run the gmer scan. the computer locks up every try. I've tried multiple times to run it. Any scan that takes longer than a minute or two will not complete.

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:59 AM

Posted 23 June 2012 - 01:48 PM

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users