BSOD madness

**Rodrigo** · 30-07-2011

Having left my desktop at home while I was on the road with my band...i came back to a horrible mess. It's a shared computer so i can only imagine what kind of links family/friends have clicked in my absence...This system is now all around lagging, and an has the annoying tendency of displaying a blue screen when viewing. The following logs are provided as posted in the "read first" sticky!

**Rodrigo** · 30-07-2011

MBAM log:

Malwarebytes' Anti-Malware 1.51.1.1800
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: 7294

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/27/2011 3:06:20 AM
mbam-log-2011-07-27 (03-06-20).txt

Scan type: Full scan (C:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|N:\|O:\|P :\|)
Objects scanned: 238956
Time elapsed: 56 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

**Rodrigo** · 30-07-2011

MBRcheck log:

aswMBR version 0.9.7.777 Copyright(c) 2011 AVAST Software
Run date: 2011-07-26 11:07:40
-----------------------------
11:07:40.508 OS Version: Windows 5.1.2600 Service Pack 3
11:07:40.508 Number of processors: 4 586 0x1707
11:07:40.508 ComputerName: Rawd UserName:
11:07:41.430 Initialize success
11:07:41.477 AVAST engine defs: 11072600
11:07:44.102 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:07:44.102 Disk 0 Vendor: ST3750630AS HP26 Size: 715404MB BusType: 3
11:07:44.133 Disk 0 MBR read successfully
11:07:44.133 Disk 0 MBR scan
11:07:44.149 Disk 0 Windows XP default MBR code
11:07:44.149 Disk 0 scanning sectors +1465144065
11:07:44.258 Disk 0 scanning C:\WINDOWS\system32\drivers
11:08:09.602 Service scanning
11:08:11.571 Disk 0 trace - called modules:
11:08:11.602 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
11:08:11.602 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b483ab8]
11:08:11.617 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\0000006f[0x8b5001d8]
11:08:11.617 5 ACPI.sys[b7e54620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8b49a940]
11:08:12.805 AVAST engine scan C:\WINDOWS
11:10:40.321 AVAST engine scan C:\WINDOWS\system32
11:17:07.242 AVAST engine scan C:\WINDOWS\system32\drivers
11:19:47.883 AVAST engine scan C:\Documents and Settings\Rodrigo
11:50:53.164 AVAST engine scan C:\Documents and Settings\All Users
11:55:02.742 Scan finished successfully
12:05:56.086 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Rodrigo\Desktop\MBR.dat"
12:05:56.102 The log file has been saved successfully to "C:\Documents and Settings\Rodrigo\Desktop\aswMBR.txt"

Both DDS logs:

dds.txt -
DDS (Ver_2011-07-14.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Run by Rodrigo at 1:14:25 on 2011-07-27
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2030 [GMT -4:00]
.
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MultiScreen\MultiScreen.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\EloSrvce.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 52\AxAutoMntSrv.exe" -automount
uRun: [MultiScreen] c:\program files\multiscreen\MultiScreen.exe
uRun: [Google Update] "c:\documents and settings\rodrigo\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10b.ex e
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\sta tus~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: MaxRecentDocs = dword:18
mPolicies-Explorer: NoSMConfigurePrograms = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoRecentDocsNetHood = dword:1
mPolicies-Explorer: MemCheckBoxInRunDlg = dword:1
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{3B55EEA5-2D2D-4CB8-8E07-FD7CE824D02D} : NameServer = 205.152.144.23 205.152.132.23
Handler: ipp - <Clsid value has no data>
Handler: msdaipp - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
IFEO: Your Image File Name Here without a path - ntsd -d
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rodrigo\application data\mozilla\firefox\profiles\o6ttki7f.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\documents and settings\rodrigo\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dl l
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMGWRAP.DLL
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-9-3 64288]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.s ys [2011-7-19 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-7-19 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [2011-7-19 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-7-19 42184]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-6-2 2214504]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 52\starwind\StarWindServiceAE.exe [2009-12-23 370688]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [2009-6-26 14080]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [2009-6-26 36352]
R3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX2000/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [2009-6-28 30560]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [2009-6-26 77056]
S2 gupdate;Google Update Service (gupdate);"c:\program files\google\update\googleupdate.exe" /svc --> c:\program files\google\update\GoogleUpdate.exe [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfil t.sys [2009-6-25 1684736]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\dragon age\bin_ship\daupdatersvc.service.exe [2010-12-3 25832]
S3 elomoufiltr;ELO TouchSystems-SRV2;c:\windows\system32\drivers\EloFiltr.sys [2009-11-5 48640]
S3 EloUsb;ELO TouchSystems-SRV;c:\windows\system32\drivers\EloUsb.Sys [2009-11-5 55680]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-8-12 1355928]
.
=============== File Associations ===============
.
ShellExec: FOXITR~1.EXE: print="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1"
ShellExec: FOXITR~1.EXE: printto="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EX E"/t "%1" "%2" "%3" "%4"
.
=============== Created Last 30 ================
.
2011-07-19 17:01:00 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-19 17:00:45 40112 ----a-w- c:\windows\avastSS.scr
2011-07-19 17:00:37 -------- d-----w- c:\program files\AVAST Software
2011-07-19 17:00:37 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2011-07-16 02

29 -------- d-----w- C:\Rec.2.2009.SPANiSH.DVDRiP.XViD-XPERT + ENG SUBS
2011-07-16 01

01 -------- d-----w- C:\Rec.2007.READNFO.DVDRiP.XViD-iKA.[Hardcoded.English.Subtitles]
2011-06-28 16:30:44 551936 ------w- c:\windows\system32\dllcache\oleaut32.dll
2011-06-28 16:26:44 105472 ------w- c:\windows\system32\dllcache\mup.sys
2011-06-28 16:24:19 758784 ------w- c:\windows\system32\dllcache\vgx.dll
.
==================== Find3M ====================
.
2011-07-06 23:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 23:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-15 01:08:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-02 06:10:57 273344 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-06-02 06:10:57 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-06-02 06:10:54 273344 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-05-02 15:30:48 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:47:42 457856 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
============= FINISH: 1:14:44.14 ===============

attach.txt -

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-07-14.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/25/2009 9:07:47 PM
System Uptime: 7/26/2011 4:30:04 PM (9 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz | CPU 1 | 2333/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 685 GiB total, 393.569 GiB free.
E: is Removable
F: is Removable
G: is Removable
H: is FIXED (NTFS) - 13 GiB total, 12.966 GiB free.
I: is CDROM ()
J: is CDROM ()
K: is CDROM ()
L: is Removable
M: is CDROM ()
N: is CDROM ()
O: is CDROM ()
P: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: USBSTOR\OTHER&VEN_\7&2AFA1648&1&BROA5F838742&0
Manufacturer:
Name:
PNP Device ID: USBSTOR\OTHER&VEN_\7&2AFA1648&1&BROA5F838742&0
Service:
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Device ID: PCI\VEN_168C&DEV_002A&SUBSYS_1000168C&REV_01\4&373 5DC3F&0&00E1
Manufacturer: Atheros
Name: Atheros 802.11 a/b/g/n Dualband Wireless Network Module
PNP Device ID: PCI\VEN_168C&DEV_002A&SUBSYS_1000168C&REV_01\4&373 5DC3F&0&00E1
Service: AR5416
.
==== System Restore Points ===================
.
RP216: 4/28/2011 4:24:50 AM - System Checkpoint
RP217: 4/29/2011 5:50:13 PM - System Checkpoint
RP218: 4/30/2011 6:23:54 PM - System Checkpoint
RP219: 5/1/2011 6:53:44 PM - System Checkpoint
RP220: 5/2/2011 7:53:43 PM - System Checkpoint
RP221: 5/3/2011 8:33:59 PM - System Checkpoint
RP222: 5/4/2011 9:25:32 PM - System Checkpoint
RP223: 5/5/2011 11:28:13 PM - System Checkpoint
RP224: 5/7/2011 12:05:40 AM - System Checkpoint
RP225: 5/8/2011 1:09:02 AM - System Checkpoint
RP226: 5/9/2011 1:09:17 AM - System Checkpoint
RP227: 5/10/2011 1:16:49 AM - System Checkpoint
RP228: 5/10/2011 1:39:54 AM - Installed Steam
RP229: 5/10/2011 3:44:12 AM - Installed Microsoft XNA Framework Redistributable 3.1
RP230: 5/10/2011 3:44:35 AM - Installed DirectX
RP231: 5/10/2011 5:10:40 AM - Software Distribution Service 3.0
RP232: 5/10/2011 10:36:30 PM - Software Distribution Service 3.0
RP233: 5/11/2011 11:00:17 PM - System Checkpoint
RP234: 5/12/2011 11:23:12 PM - System Checkpoint
RP235: 5/13/2011 11:40:44 PM - System Checkpoint
RP236: 5/15/2011 12:18:25 AM - System Checkpoint
RP237: 5/16/2011 3:22:50 AM - System Checkpoint
RP238: 5/17/2011 5:15:34 AM - System Checkpoint
RP239: 5/18/2011 11:20:23 AM - System Checkpoint
RP240: 5/19/2011 3:49:02 PM - System Checkpoint
RP241: 5/20/2011 4:16:43 PM - System Checkpoint
RP242: 5/20/2011 6:38:17 PM - Paint.NET v3.5.8
RP243: 5/21/2011 7:09:26 PM - System Checkpoint
RP244: 5/22/2011 8:04:16 PM - System Checkpoint
RP245: 5/23/2011 10:59:28 PM - System Checkpoint
RP246: 5/24/2011 11:04:14 PM - System Checkpoint
RP247: 5/25/2011 11:34:31 PM - System Checkpoint
RP248: 5/26/2011 11:55:33 PM - System Checkpoint
RP249: 5/28/2011 2:32:59 AM - System Checkpoint
RP250: 5/29/2011 3:08:35 AM - System Checkpoint
RP251: 5/30/2011 3:16:45 AM - System Checkpoint
RP252: 5/31/2011 9:35:28 AM - System Checkpoint
RP253: 6/1/2011 10:09:56 AM - System Checkpoint
RP254: 6/2/2011 10:44:16 AM - System Checkpoint
RP255: 6/3/2011 11:32:14 AM - System Checkpoint
RP256: 6/4/2011 12:32:14 PM - System Checkpoint
RP257: 6/5/2011 12:58:41 PM - System Checkpoint
RP258: 6/6/2011 1:46:39 PM - System Checkpoint
RP259: 6/7/2011 2:50:17 PM - System Checkpoint
RP260: 6/8/2011 3:04:52 PM - System Checkpoint
RP261: 6/10/2011 12:23:15 AM - System Checkpoint
RP262: 6/11/2011 12:35:28 AM - System Checkpoint
RP263: 6/13/2011 3:30:59 AM - Removed Fable - The Lost Chapters
RP264: 6/14/2011 3:36:57 AM - System Checkpoint
RP265: 6/15/2011 6:08:44 AM - System Checkpoint
RP266: 6/16/2011 7:08:08 AM - System Checkpoint
RP267: 6/17/2011 7:36:23 AM - System Checkpoint
RP268: 6/18/2011 7:52:35 AM - System Checkpoint
RP269: 6/19/2011 3:20:44 PM - System Checkpoint
RP270: 6/20/2011 3:39:45 PM - System Checkpoint
RP271: 6/21/2011 8:41:15 PM - System Checkpoint
RP272: 6/23/2011 4:12:36 AM - System Checkpoint
RP273: 6/24/2011 5:00:34 AM - System Checkpoint
RP274: 6/25/2011 2:57:44 PM - System Checkpoint
RP275: 6/26/2011 3:28:28 PM - System Checkpoint
RP276: 6/28/2011 12:32:55 AM - System Checkpoint
RP277: 6/29/2011 1:22:52 AM - System Checkpoint
RP278: 6/30/2011 3:18:27 PM - System Checkpoint
RP279: 7/1/2011 9:53:07 PM - System Checkpoint
RP280: 7/3/2011 5:35:03 AM - System Checkpoint
RP281: 7/4/2011 5:46:32 AM - System Checkpoint
RP282: 7/5/2011 10:48:40 AM - Software Distribution Service 3.0
RP283: 7/6/2011 12:41:48 PM - System Checkpoint
RP284: 7/7/2011 6:18:47 PM - System Checkpoint
RP285: 7/8/2011 9:11:53 PM - System Checkpoint
RP286: 7/10/2011 12:32:31 PM - System Checkpoint
RP287: 7/11/2011 12:43:54 PM - System Checkpoint
RP288: 7/12/2011 1:41:02 PM - System Checkpoint
RP289: 7/13/2011 1:46:41 PM - System Checkpoint
RP290: 7/14/2011 2:24:34 PM - System Checkpoint
RP291: 7/15/2011 4:16:36 PM - System Checkpoint
RP292: 7/16/2011 5:18:29 PM - System Checkpoint
RP293: 7/17/2011 6:40:13 PM - System Checkpoint
RP294: 7/18/2011 7:16:35 PM - System Checkpoint
RP295: 7/19/2011 12:22:57 AM - Removed ESET Smart Security
RP296: 7/19/2011 1:00:37 PM - avast! Free Antivirus Setup
RP297: 7/20/2011 1:13:49 PM - System Checkpoint
RP298: 7/21/2011 6:00:04 PM - System Checkpoint
RP299: 7/22/2011 7:29:12 PM - System Checkpoint
RP300: 7/23/2011 8:15:53 PM - System Checkpoint
RP301: 7/24/2011 8:33:52 PM - System Checkpoint
RP302: 7/25/2011 9:55:30 PM - System Checkpoint
.
==== Installed Programs ======================
.
µTorrent
7-Zip 4.65
AAC Decoder
AC3Filter 1.62b
Ad-Aware
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.5
AIM 7
Alt-Tab Task Switcher Powertoy for Windows XP
Apple Application Support
AutoUpdate
avast! Free Antivirus
Avidemux 2.5
Brother MFL-Pro Suite
CDBurnerXP
Creative ZEN X-Fi Video Converter
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
Dragon Age: Origins
DriverMax 5
Foxit Reader
Free M4a to MP3 Converter 6.1
Google Chrome
Google Update Helper
Guitar Pro 5.2
H.264 Decoder
Heroes of Newerth
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 24
Magicka
Malwarebytes' Anti-Malware version 1.51.1.1800
Meebo Notifier
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft AppLocale
Microsoft Calculator Plus
Microsoft Choice Guard
Microsoft Corporation
Microsoft LifeCam
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Windows Application Compatibility Database
Microsoft XNA Framework Redistributable 3.1
MKV Splitter
Mozilla Firefox 5.0 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
msxml4
MultiScreen
NVIDIA Control Panel 275.33
NVIDIA Graphics Driver 275.33
NVIDIA Install Application
NVIDIA nView 135.85
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Update 1.3.5
NVIDIA Update Components
OpenOffice.org 3.1
Paint.NET v3.5.8
Project64 1.6
QuickTime
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Skype™ 5.0
Steam
TabIt version 2.01
Team Fortress 2
Unlocker 1.8.7
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
User Profile Hive Cleanup Service
VC80CRTRedist - 8.0.50727.762
Ventrilo Client
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.5
Vuze
WebFldrs XP
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Movie Maker 2.0
World of Warcraft
.
==== Event Viewer Messages From Past Week ========
.
7/27/2011 12:32:41 AM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
7/24/2011 7:20:23 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 240 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/24/2011 6:43:39 PM, error: Service Control Manager [7034] - The StarWind AE Service service terminated unexpectedly. It has done this 1 time(s).
7/24/2011 11:20:23 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 480 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/23/2011 4:25:25 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b8458925, parameter3 b257d288, parameter4 00000000.
7/23/2011 4:25:09 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83d8925, parameter3 b249c6e4, parameter4 00000000.
7/22/2011 5:37:07 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/21/2011 8:33:26 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/21/2011 6:19:06 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/21/2011 5:49:06 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
7/21/2011 11:48:11 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b8468925, parameter3 b6a27240, parameter4 00000000.
7/21/2011 11:48:10 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83f0925, parameter3 ae7852e4, parameter4 00000000.
7/21/2011 11:48:10 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83e8925, parameter3 b2f8c288, parameter4 00000000.
7/21/2011 11:48:09 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83d8925, parameter3 b29c1314, parameter4 00000000.
7/21/2011 11:48:08 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83d8925, parameter3 b267e2e4, parameter4 00000000.
7/21/2011 11:48:07 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83e0925, parameter3 b27598b8, parameter4 00000000.
7/21/2011 11:48:06 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83b0925, parameter3 ac6452f8, parameter4 00000000.
7/21/2011 11:48:05 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b8440925, parameter3 b225cea8, parameter4 00000000.
7/21/2011 11:48:05 PM, error: System Error [1003] - Error code 000000ea, parameter1 89ce2020, parameter2 8aac2830, parameter3 8b161e30, parameter4 00000001.
7/21/2011 11:48:04 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83f0925, parameter3 b40a42e4, parameter4 00000000.
7/21/2011 11:48:03 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b8400925, parameter3 ab8b0400, parameter4 00000000.
7/21/2011 11:48:03 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83e0925, parameter3 b26e28b8, parameter4 00000000.
7/21/2011 11:48:02 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83b8925, parameter3 b26ca8ac, parameter4 00000000.
7/21/2011 11:48:01 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b8430925, parameter3 b17a92c0, parameter4 00000000.
7/21/2011 11:48:00 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83d0925, parameter3 b22dc320, parameter4 00000000.
7/21/2011 11:47:59 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b8400925, parameter3 b211b2f8, parameter4 00000000.
7/21/2011 11:47:51 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b8418925, parameter3 a52be2e4, parameter4 00000000.
7/21/2011 11:47:47 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b8420925, parameter3 95c892fc, parameter4 00000000.
7/21/2011 11:47:45 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b83f0925, parameter3 b2c972f8, parameter4 00000000.
7/21/2011 11:47:43 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b8438925, parameter3 b2846874, parameter4 00000000.
7/21/2011 11:47:41 PM, error: System Error [1003] - Error code 1000008e, parameter1 e0000001, parameter2 b8410925, parameter3 b82772c4, parameter4 00000000.
7/21/2011 11:46:54 PM, error: Service Control Manager [7000] - The wscsvc service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.
7/21/2011 11:46:54 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the path specified.
7/21/2011 11:46:53 PM, error: System Error [1003] - Error code 000000ea, parameter1 8a6a3020, parameter2 899eadd8, parameter3 89a1c278, parameter4 00000001.
7/20/2011 12:39:49 AM, error: Service Control Manager [7034] - The MSCamSvc service terminated unexpectedly. It has done this 1 time(s).
7/20/2011 12:39:45 AM, error: Service Control Manager [7034] - The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).
7/20/2011 11:11:12 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
.
==== End Of File ===========================

**Rodrigo** · 30-07-2011

after many, many failed attempts I can't seem to post the GMER log.
The first attempt at posting all of the logs was hampered by an error message, so I figured the problem could maybe be fixed by posting the logs on reply at a time but from trial and error I've found that the GMER log is the only one i'm having an issue posting...
Both the "submit reply" and "preview post" links redirect to a page that says "Fatal error: Maximum execution time of 60 seconds exceeded in /home/7068/daldafor/www.d-a-l.com/public_html/help/includes/class_bbcode.php on line 745"

**broni** · 30-07-2011

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running tools or applying updates other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==============================================

Upload GMER log here: Free File Hosting - Online Storage; Upload Mp3, Videos, Music. Backup Files
Post download link (copy URL: link):

BSOD madness

BSOD madness

Similar Threads

Window madness!

Bsod

DirectX Madness

HELPPPP My CD-RW drive SUCKS- DVD drive in it's place??? MADNESS

Slow pc madness!