|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
08-03-2008, 04:16 PM
|
#1 (permalink) |
|
Registered User
Join Date: Apr 2008
Posts: 18
OS: Windows XP
|
Blue Screen of Death!
Somewhat =).
I had made a post on this site about 4 months ago regarding how my computer was compromised and I recieved help from "ahjin" - unfortunately I was unable to completely finish this due to the fact that I was in a horrible car crash and have been recovering since. Since then my sibling(s) have been using my computer and have managed to get several viruses on here, I hope someone can be of assistance =). I ran a DSS log as well as using a program called "ATF Cleaner.exe" as I had been recommended by some friends, however afterwards I decided they probably weren't the best source of information and so I come to this forum seeking help! Here is my DSS log: Deckard's System Scanner v20071014.68 Run by Owner on 2008-08-03 18:15:49 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Owner.exe) ----------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:15:52 PM, on 8/3/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Razer\DeathAdder\razerhid.exe C:\Program Files\Veoh Networks\Veoh\VeohClient.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe c:\WINDOWS\system32\ZuneBusEnum.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Razer\DeathAdder\razertra.exe C:\Program Files\Razer\DeathAdder\razerofa.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\system32\wscntfy.exe C:\My Backup -- 07-08-31 1035PM\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Owner.Glenn\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\AIM6\oThEr\ZuneLauncher.exe" O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 3472 bytes -- Files created between 2008-07-03 and 2008-08-03 ----------------------------- 2008-08-03 17:40:25 0 d-------- C:\Program Files\Trend Micro 2008-08-03 17:32:14 0 d-------- C:\WINDOWS\system32\appmgmt 2008-08-03 14:44:53 94208 --a------ C:\WINDOWS\system32\pphc17mj0e33r.exe 2008-08-03 14:44:52 0 d-------- C:\Documents and Settings\Owner.Glenn\Application Data\rhc57mj0e33r 2008-08-03 14:44:28 60928 --a------ C:\WINDOWS\system32\blphc17mj0e33r.scr <Not Verified; Sysinternals; Sysinternals Blue Screen> 2008-08-03 14:44:25 110080 --a------ C:\WINDOWS\system32\lphc17mj0e33r.exe 2008-07-21 16:05:38 0 d-------- C:\WINDOWS\system32\CatRoot_bak -- Find3M Report --------------------------------------------------------------- 2008-08-03 17:31:53 0 d-------- C:\Program Files\Common Files\AOL 2008-08-03 15  11 0 d-------- C:\Program Files\Common Files2008-07-15 13:24:08 0 d-------- C:\Program Files\World of Warcraft 2008-07-11 02:56:40 0 d-------- C:\Program Files\Google 2008-07-08 12:17:00 0 d-------- C:\Program Files\Common Files\Adobe 2008-07-08 12:16:11 0 d-------- C:\Documents and Settings\Owner.Glenn\Application Data\AdobeUM 2008-07-02 12:52:33 0 d-------- C:\Documents and Settings\Owner.Glenn\Application Data\.ABC 2008-06-26 11:29:00 0 d-------- C:\Program Files\DivX 2008-06-26 11:25:40 0 d-------- C:\Program Files\BearShare 2008-06-22 12:27:15 0 d-------- C:\Program Files\Picasa2 2008-06-10 14:56:55 0 d-------- C:\Program Files\Razer 2008-06-10 14:56:55 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-10 11:17:28 0 d-------- C:\Program Files\ABC 2008-06-08 11:43:44 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment 2008-06-02 21:56:00 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll 2008-05-30 19:22:48 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2008-05-30 19:22:48 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2008-05-30 19:22:48 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2008-05-30 19:22:46 815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX®> 2008-05-30 19:22:46 683520 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2008-05-25 14:49:38 35344 --a------ C:\WINDOWS\DIIUnin.dat 2008-05-25 14:48:49 21840 --a-----t C:\WINDOWS\system32\SIntfNT.dll 2008-05-25 14:48:49 17212 --a-----t C:\WINDOWS\system32\SIntf32.dll 2008-05-25 14:48:49 12067 --a-----t C:\WINDOWS\system32\SIntf16.dll 2008-05-25 13:48:07 2829 --a------ C:\WINDOWS\DIIUnin.pif 2008-05-25 13:48:06 94208 --a------ C:\WINDOWS\DIIUnin.exe <Not Verified; Blizzard Entertainment; Diablo II Uninstaller> 2008-05-22 18:22:18 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2008-05-22 18:19:46 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2008-05-22 18:19:46 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2008-05-22 18:18:54 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservicesonce HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce HKEY_USERS\.default\software\microsoft\windows\currentversion\runservices HKEY_USERS\.default\software\microsoft\windows\currentversion\run Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 4:05:56 PM] !d; "HideStartupScripts"=0 (0x0) !d; "NoDispScrSavPage"=1 (0x1) HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\run Written by Bobbi Flekman 2006 (C) GeneralFlags REG_DWORD 1 (0x1) RestoredStateInfo REG_BINARY 18000000f2010000230000007c0000007200000001000000 REGEDIT4 "DefaultDomainName"="GLENN" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\GPExtensions] "NoGPOListChanges"=dword:00000001 2c,41,70,70,6c,69,63,61,74,69,6f,6e,29,00,00 "ProcessGroupPolicy"="ProcessGroupPolicy" "NoGPOListChanges"=dword:00000001 "NotifyLinkTransition"=dword:00000001 "RequiresSucessfulRegistry"=dword:00000001 "MaxNoGPOListChangesInterval"=dword:00000001 "NoMachinePolicy"=dword:00000001 "RequiresSuccessfulRegistry"=dword:00000001 "RequiresSuccessfulRegistry"=dword:00000001 74,61,6c,6c,65,72,2c,41,70,70,6c,69,63,61,74,69,6f,6e,29,00,00 "NoGPOListChanges"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Notify] "Logoff"="ChainWlxLogoffEvent" "Logoff"="CryptnetWlxLogoffEvent" "Asynchronous"=dword:00000001 "Asynchronous"=dword:00000001 "Logoff"="SchedEventLogOff" "DllName"=hex(2):73,63,6c,67,6e,74,66,79,2e,64,6c,6c,00 "Asynchronous"=dword:00000001 "Disconnect"="TSEventDisconnect" "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SCLogon] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\SpecialAccounts] "ASPNET"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Credentials] !d;s/.*t//;s/ [hkey.*/n Asynchronous REG_DWORD 0 (0x0) !d;s/.*t//;s/ [hkey.*/n Asynchronous REG_DWORD 0 (0x0) !d;s/.*t//;s/ [hkey.*/n DLLName REG_SZ cscdll.dll !d;s/.*t//;s/ [hkey.*/n DLLName REG_SZ wlnotify.dll !d;s/.*t//;s/ [hkey.*/n Asynchronous REG_DWORD 0 (0x0) !d;s/.*t//;s/ [hkey.*/n Logoff REG_SZ WLEventLogoff !d;s/.*t//;s/ [hkey.*/n DLLName REG_SZ WlNotify.dll !d;s/.*t//;s/ [hkey.*/n Asynchronous REG_DWORD 0 (0x0) !d;s/.*t//;s/ [hkey.*/n DLLName REG_SZ wlnotify.dll Written by Bobbi Flekman 2006 (C) HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) ApplicationGoo REG_BINARY 140200001002000000020000900434000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000007000b000000000007000b0000003f000000020000000400010001000000000000000000000000000000440000000100560061007200460069006c00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f006e00000000000904e404f0030000010053007400720069006e006700460069006c00650049006e0066006f000000cc03000001003000340030003900300034004500340000004a001900010043006f006d006d0065006e007400730000004300720079007300740061006c002000530051004c002000440065007300690067006e0065007200200037002e0030000000000088003400010043006f006d00700061006e0079004e0061006d006500000000005300650061006700610074006500200053006f00660074007700610072006500200049006e0066006f0072006d006100740069006f006e0020004d0061006e006100670065006d0065006e0074002000470072006f00750070002c00200049006e0063002e000000ae00450001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000280063002900200031003900390031002d003100390039001000000000000000 CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) DisableHeapLookAside REG_SZ 1 CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) ApplicationGoo REG_BINARY 5409000054020000000200008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe000001000200a8112e0400000200a8112e0400003f000000200000000400000001000000000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500320030002e0032002e0030002e003100300037003000000032000900010049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b00200033000000230054020000000200008c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010003009e112604000003009e11260400003f000000200000000400000001000000000000000000000000000000ec020000010053007400720069006e006700460069006c00650049006e0066006f000000c8020000010030003000300030003000340062003000000038001000010043006f006d006d0065006e007400730000004f007200690067006e0061006c002000560065007200730069006f006e00000042001100010043006f006d00700061006e0079004e0061006d006500000000005300410050002000410047002c002000570061006c006c0064006f0072006600000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f0077007300000000003c000e000100460069006c006500560065007200730069006f006e000000000034003500310030002e0033002e0030002e003100300036003200000032000900010049006e007400650072006e0061006c004e0061006d0065000000460045005700460052004f004e005400000000007a002b0001004c006500670061006c0043006f007000790072006900670068000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b0020003300000023005402000000020000200334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000400f003000000000400f00300003f0000000000000004000100010000000000000000000000000000007e020000010053007400720069006e006700460069006c00650049006e0066006f0000005a02000001003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073000000000036000b000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002e003100300030003800000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390033002d0031003900390037002000530041005000200041004700000000002800000001004c006500670061006c0054007200610064000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b0020003300000023005402000000020000180334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010000000400dd03000000000400dd0300003f00000000000000040001000100000000000000000000000000000078020000010053007400720069006e006700460069006c00650049006e0066006f0000005402000001003000340030003900300034004500340000002e000700010043006f006d00700061006e0079004e0061006d00650000000000530041005000200041004700000000005a0019000100460069006c0065004400650073006300720069007000740069006f006e00000000005300410050002000460072006f006e00740065006e006400200066006f0072002000570069006e0064006f00770073000000000034000a000100460069006c006500560065007200730069006f006e000000000034002e0030002e0030002e0039003800390000002c000600010049006e007400650072006e0061006c004e0061006d0065000000460052004f004e00540000005e001d0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390033002d0031003900390037002000530041005000200041004700000000002800000001004c006500670061006c00540072006100640065006d000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b002000330000002300 CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) ApplicationGoo REG_BINARY 5802000054020000000200006c0734000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000000000000000000000000000cc060000010053007400720069006e006700460069006c00650049006e0066006f00000054030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009c003c0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000300000002000000530065007200760069006300650020005000610063006b002000340000002300 CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) ApplicationGoo REG_BINARY 580200005402000000020000440234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100010001000c000000010001000c00000000000000000000000400000001000000000000000000000000000000440000000000560061007200460069006c00650049006e0066006f00000000002400040000005400720061006e0073006c006100740069006f006e00000000000904b004a4010000010053007400720069006e006700460069006c00650049006e0066006f00000080010000010030003400300039003000340042003000000040002000010043006f006d00700061006e0079004e0061006d00650000000000440065004c006f0072006d00650020004d0061007000700069006e0067000000440022000100500072006f0064007500630074004e0061006d006500000000005200650067002000280044004c0069006200620079005c006d0073006600290000000000340014000100460069006c006500560065007200730069006f006e000000000031002e00300031002e0030003000310032000000380014000100500072006f006400750063007400560065007200730069006f006e00000031002e00300031002e003000300031003200000034001200010049006e007400650072006e0061006c004e0061006d00650000004d004e00470052004500470033003200000000000200000000000000010000004c0000003cfd0600040000000000000065050000020000000300000000000100530065007200760069006300650020005000610063006b002000330000002300 CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) GlobalFlag REG_SZ 0x00200000 CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) GlobalFlag REG_SZ 0x00200000 DisableHeapLookAside REG_SZ 1 DisableHeapLookAside REG_SZ 1 ApplicationGoo REG_BINARY 140200001002000000020000b40234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100350007000000000035000700000000003f00000000000000040000000100000000000000000000000000000012020000010053007400720069006e006700460069006c00650049006e0066006f000000ee010000010030003400300039003000340062003000000042001100010043006f006d00700061006e0079004e0061006d00650000000000500065006f0070006c00650053006f00660074002c00200049006e0063002e0000000000280000000100460069006c0065004400650073006300720069007000740069006f006e00000000002a0005000100460069006c006500560065007200730069006f006e000000000037002e0035003300000000009c003c0001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900380038002d0031003900390038002000500065006f0070006c00650053006f00660074002c00200049006e0063002e002000200041006c006c00200052006900670068007400730020005200650073006500720076006500640000003c000a0001004f0072006900670069006e0061006c00460069006c0065006e0061006d00650000007000730064006d0074002e001000000000000000 DisableHeapLookAside REG_SZ 1 DisableHeapLookAside REG_SZ 1 CheckAppHelp REG_DWORD 1 (0x1) ApplicationGoo REG_BINARY 000700005402000000020000840734000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f000000000000000400040001000000000000000000000000000000e4060000010053007400720069006e006700460069006c00650049006e0066006f00000060030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009e003d0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b0020003300000024005402000000020000a40834000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000004080000010053007400720069006e006700460069006c00650049006e0066006f000000f0030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d0065000000530065007400750070000000a600410001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b0020003300000024005402000000020000180434000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100050005000700a807050005000700a8073f00000000000000040004000100000000000000000000000000000078030000010053007400720069006e006700460069006c00650049006e0066006f00000054030000010030003400300039003000340042003000000018000000010043006f006d006d0065006e007400730000004c001600010043006f006d00700061006e0079004e0061006d006500000000004d006900630072006f0073006f0066007400200043006f00720070006f0072006100740069006f006e000000680020000100460069006c0065004400650073006300720069007000740069006f006e00000000004d006900630072006f0073006f00660074002000450078006300680061006e00670065002000530065007200760065007200200053006500740075007000000036000b000100460069006c006500560065007200730069006f006e000000000035002e0035002e0031003900360030002e003700000000002c000600010049006e007400650072006e0061006c004e0061006d00650000005300650074007500700000009a003b0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020000200000000000000010000004c0000003cfd0600050000000000000065050000020000000000000000000000530065007200760069006300650020005000610063006b002000330000002400 ApplicationGoo REG_BINARY 140200001002000000020000040334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe000001001c0008000000000000000800000000003f00000000000000040000000100000000000000000000000000000064020000010053007400720069006e006700460069006c00650049006e0066006f00000040020000010030003400300039003000340062003000000044001200010043006f006d00700061006e0079004e0061006d0065000000000043006f00720065006c00200043006f00720070006f0072006100740069006f006e0000004e0013000100460069006c0065004400650073006300720069007000740069006f006e000000000043006f00720065006c002000530065007400750070002000570069007a00610072006400000000002c0006000100460069006c006500560065007200730069006f006e000000000038002e00300032003800000046001300010049006e007400650072006e0061006c004e0061006d006500000043006f00720065006c002000530065007400750070002000570069007a00610072006400000000006c00240001004c006500670061006c0043006f007000790072006900670068007400000043006f0070007900720069006700680074002000a900200031003900390037002c00200043006f00720065006c00200043006f00720070006f0072000800000000000000 ApplicationGoo REG_BINARY 140200001002000000020000380334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe0000010002000a0001000a0002000a0001000a000000000000000000040001000100000000000000000000000000000098020000010053007400720069006e006700460069006c00650049006e0066006f0000007402000001003000340030003900300034004500340000004a001500010043006f006d00700061006e0079004e0061006d00650000000000530079006d0061006e00740065006300200043006f00720070006f0072006100740069006f006e000000000060001c000100460069006c0065004400650073006300720069007000740069006f006e0000000000530079006d0061006e007400650063002000530079006d006500760065006e007400200049006e007300740061006c006c0065007200000034000a000100460069006c006500560065007200730069006f006e0000000000310030002e0032002e00310030002e003100000030000800010049006e007400650072006e0061006c004e0061006d006500000053004500560049004e005300540000007e002d0001004c006500670061006c0043006f007000790072006900670068007400000043006f00700079007200690067006800740020002800430029002000530079006d0061006e00740065006300200043006f0072000100000000000000 CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) DisableHeapLookAside REG_SZ 1 CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) CheckAppHelp REG_DWORD 1 (0x1) DisableHeapLookAside REG_SZ 1 CheckAppHelp REG_DWORD 1 (0x1) ApplicationGoo REG_BINARY 1402000010020000000200007c0334000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000001000900260000000100090026003f000000000000000400000001000000000000000000000000000000dc020000010053007400720069006e006700460069006c00650049006e0066006f000000b8020000010030003400300039003000340062003000000066002700010043006f006d006d0065006e0074007300000042007500730069006e00650073007300200049006e00740065006c006c006900670065006e006300650020006f006e0020004500760065007200790020004400650073006b0074006f0070000000000048001400010043006f006d00700061006e0079004e0061006d0065000000000043006f0067006e006f007300200049006e0063006f00720070006f0072006100740065006400000060001c000100460069006c0065004400650073006300720069007000740069006f006e000000000043006f0067006e006f0073002000470065006e006500720069006300200049006e007300740061006c006c006100740069006f006e00000038000c000100460069006c006500560065007200730069006f006e000000000031002c00200030002c002000330038002c0020003900000030000800010049006e007400650072006e0061006c004e0061006d00650000000100000000000000 GlobalFlag REG_SZ 0x000010F0 ApplicationGoo REG_BINARY 140200001002000000020000a40234000000560053005f00560045005200530049004f004e005f0049004e0046004f0000000000bd04effe00000100000001000100000000000100010000003f00000000000000010001000100000000000000000000000000000004020000010053007400720069006e006700460069006c00650049006e0066006f000000e0010000010030003400300039003000340045003400000020000000010043006f006d00700061006e0079004e0061006d00650000000000580018000100460069006c0065004400650073006300720069007000740069006f006e000000000049004e005300540041004c004c0020004d004600430020004100700070006c00690063006100740069006f006e000000300008000100460069006c006500560065007200730069006f006e000000000031002e0030002e00300030003100000030000800010049006e007400650072006e0061006c004e0061006d006500000049004e005300540041004c004c0000002400000001004c006500670061006c0043006f00700079007200690067006800740000002800000001004c006500670061006c00540072006100640065006d00610072006b0073000000000040000c0001004f0072006900670069006e0061006c00460069006c0065006e0061006d006500000049004e005300540041004c004c002e004500580045000000300008000800000000000000 "Notification Packages scecli Written by Bobbi Flekman 2006 (C) HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state NextRefreshReason REG_DWORD 0 (0x0) HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Extension-List LoggingStatus REG_DWORD 0 (0x0) HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Extension-List\{c6dc5466-785a-11d2-84d0-00c04fb169f7} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\GPLink-List SOM REG_SZ Local HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\GPO-List WQL-Id REG_SZ NextRefreshReason REG_DWORD 0 (0x0) HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\Extension-List LoggingStatus REG_DWORD 0 (0x0) HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\Extension-List\{c6dc5466-785a-11d2-84d0-00c04fb169f7} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\GPLink-List SOM REG_SZ Local HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\GPO-List WQL-Id REG_SZ HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\Loopback-GPLink-List HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-1006\Loopback-GPO-List NextRefreshReason REG_DWORD 0 (0x0) HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-500\Extension-List LoggingStatus REG_DWORD 0 (0x0) HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-500\GPLink-List SOM REG_SZ Local HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-500\GPO-List WQL-Id REG_SZ HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-500\Loopback-GPLink-List HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1421459260-3877980121-2075166522-500\Loopback-GPO-List Written by Bobbi Flekman 2006 (C) SecurityProviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SaslProfiles HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SCHANNEL HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\WDigest SafeBoot registry key needs repairs. This machine cannot enter Safe Mode. [hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\File system] @="Driver Group" [hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\RpcSs] @="Service" [hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\vgasave.sys] @="Driver" [hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] @="DiskDrive" [hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] @="Hdc" [hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] @="Keyboard" [hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] @="Mouse" [hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] @="System" [hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] @="Volume" SteelWerX Registry Console Tool 2.0 Written by Bobbi Flekman 2006 (C) HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder !d;s/t.*t/=/;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk !d;s/t.*t/=/;s/hkey.*/[&]/;/]/{x;p;x;} path REG_SZ C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk !d;s/t.*t/=/;s/hkey.*/[&]/;/]/{x;p;x;} backup REG_SZ C:\WINDOWS\pss\BigFix.lnkCommon Startup location REG_SZ Common Startup command REG_SZ C:\PROGRA~1\BigFix\bigfix.exe /atstartup item REG_SZ BigFix SteelWerX Registry Console Tool 2.0 Written by Bobbi Flekman 2006 (C) HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6 key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ aim6 hkey REG_SZ HKCU !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ AOLSP Scheduler hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ Ares hkey REG_SZ HKCU !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ "C:\Documents and Settings\Owner.Glenn\Desktop\Ares\Ares.exe" -h inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ BearShare hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ "C:\Program Files\BearShare\BearShare.exe" /pause inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ ehtray hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ C:\WINDOWS\ehome\ehtray.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ GoogleDesktop hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ AOLHostManager hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ C:\Program Files\Common Files\AOL\1188627185\EE\AOLHostManager.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ mcagent hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ c:\PROGRA~1\mcafee.com\agent\mcagent.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ McUpdate hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ C:\PROGRA~1\mcafee.com\agent\McUpdate.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ MpfTray hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKAGENTEXE key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ MskAgent hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ MSKDetct hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ NvCpl hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ NvMcTray hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ nwiz hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ nwiz.exe /install inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OASClnt key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ oasclnt hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ C:\Program Files\McAfee.com\VSO\oasclnt.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\readericon key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ readericon45G hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ C:\Program Files\Digital Media Reader\readericon45G.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ RECGUARD hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ %WINDIR%\SMINST\RECGUARD.EXE inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ Remind_XP hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ %WINDIR%\Creator\Remind_XP.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ SOUNDMAN hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ SOUNDMAN.EXE inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ GoogleToolbarNotifier hkey REG_SZ HKCU !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ mcvsshld hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe inimapping REG_SZ 0 !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run item REG_SZ mcmnhdlr hkey REG_SZ HKLM !d;s/.*t//;s/hkey.*/[&]/;/]/{x;p;x;} command REG_SZ "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask inimapping REG_SZ 0 HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs Written by Bobbi Flekman 2006 (C) HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components * 2,0,0,0 2,0,0,0 1.0.0.0 EN KB913433 3,2,2,26 11,0,5721,5145 11,0,5721,5145 DirectAnimation EN 4,7,0,0320 * 1,397,2406,1 1,0,0,0 Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) 6,0,2900,2180 1 (0x1) EN 11,0,5721,5145 4,71,1113,0 6,0,2900,2180 1,0,0,0 6,00,01,0223 5,6,0,8835 1 (0x1) 5,00,2918,1900 EN 5,0,0,1 C:\WINDOWS\system32\msieftp.dll 11,0,5721,5145 4,9,9,2 2,0,50727,0 WAB en en 2 (0x2) 1 (0x1) 5,5000,3130,0 6,0,2800,2180 .NET Framework * 1,00,0000,6 .NET Framework 4,71,1968,1 2,1,4026,0 EN 4,74,9273,0 5,0,00,0 -- End of Deckard's System Scanner: finished at 2008-08-03 18:16:07 ------------ I know its quite long and I hope that whoever reads this knows what they're looking for, because I sure don't =X. I am now not able to successfully log onto my computer, after logging on I am greeted with the same blue wallpaper as before and am currently unable to access the start menu or any other menu other than the task manager menu, which, after trying to delete different proccesses will lead to a screen that tells me for some reason (I haven't really been able to look over it and give you an exact statement on it) my computer will be restarting within 60 seconds and from there it counts down. I CAN run my cokmputer in safe mode however as you probably know that eliminates any use of the internet on that computer, so unfortunately I will have to use the one I am currently on. Tomorrow I will be buying a flash drive so I can transfer any files that are needed on my computer from the computer I am currently on, any help offered is much appreciated. BTW: If on normal mode I cannot use the task manager's "run" command to start any new programs as far as I can tell, the only programs I've tried have been "explorer.exe" so I could see if I could access the start menu. Thanks in advance, =). Last edited by amateur; 08-03-2008 at 10:35 PM. Reason: to retain 0-reply status |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
08-08-2008, 07:58 AM
|
#3 (permalink) |
|
Registered User
Join Date: Apr 2008
Posts: 18
OS: Windows XP
|
Re: Blue Screen of Death!
If I have in some way posted this in the wrong format and that is why no one is responding please do tell, as far as I can see (I've read the stickies) I haven't posted in an incorrect manner. Please help!
|
|
|
|
|
08-08-2008, 08:13 AM
|
#4 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 26,545
OS: WinXP and Vista
|
Re: Blue Screen of Death!
Hello krosia,
We are simply overwhelmed with users requesting assistance. Your system, for all intents and purposes, was clean 4 months ago. You recently reinfected yourself. Since you mentioned that you looked around the forums, did you notice that your main.txt output format doesn't look the same as the others? Boot in Safe Mode and run dss.exe again. I'd like to see if the infection is interfering. Post a fresh main.txt please. |
|
|
|
|
08-11-2008, 11:08 AM
|
#5 (permalink) |
|
Registered User
Join Date: Apr 2008
Posts: 18
OS: Windows XP
|
Re: Blue Screen of Death!
I'm sorry I didn't notice that, I was out for the weekend to an out-of-state family reunion - I'm back now and today I will be getting the flash drive so I can transfer files from one computer to the next. I should have the file to you by 6:00PM EST tonight, thank you so much!
|
|
|
|
|
08-11-2008, 01:25 PM
|
#6 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 26,545
OS: WinXP and Vista
|
Re: Blue Screen of Death!
Hi krosia,
Change of plans. Disregard running dss.exe again. Kindly do the following instead: Download all necessary tools and transfer to the infected computer... Download this file and save it to your desktop. Double click on the zip folder, then double click on the .reg file within. Click yes to allow it to merge into your registry. --------------------------------------------------- Reboot your system. --------------------------------------------------- Download ComboFix.exe from here **Note: It is important that it is saved directly to your desktop** -------------------------------------------------------------------- With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time. Go to Microsoft's website => http://support.microsoft.com/kb/310994 Select the download that's appropriate for your Operating System  Download the file & save it as it's originally named, next to ComboFix.exe.  ---------------------------------------------------------------------
|
|
|
|
|
08-11-2008, 04:27 PM
|
#7 (permalink) |
|
Registered User
Join Date: Apr 2008
Posts: 18
OS: Windows XP
|
Re: Blue Screen of Death!
I have encountered a problem (I have only just now read your most recent reply). My computer does not actually register that the USB Device is there, and I cannot get it to register that it has a writable CD in the drive. Are there any settings that I could change in terms of the way the computer boots up that could be causing this? I had to change the startup to a diagnostic one instead of a normal startup due to the fact that that i couldn't do anything in a normal startup outside of safe mode - I would go change it back and enter safe mode again to see if that was the problem but, unfortunately, I cannot honestly remember how I changed that around. Immediately after posting this i will be puting the files you said to download on the USB drive and will be awaiting your reply, thank you so much!
|
|
|
|
|
08-11-2008, 05:15 PM
|
#9 (permalink) |
|
Registered User
Join Date: Apr 2008
Posts: 18
OS: Windows XP
|
Re: Blue Screen of Death!
ComboFix 08-08-10.06 - Owner 2008-08-11 18:57:22.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1618 [GMT -4:00] Running from: C:\Documents and Settings\Owner.Glenn\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Owner.Glenn\Application Data\macromedia\Flash Player\#SharedObjects\2LTK3NTM\interclick.com C:\Documents and Settings\Owner.Glenn\Application Data\macromedia\Flash Player\#SharedObjects\2LTK3NTM\interclick.com\ud.sol C:\Documents and Settings\Owner.Glenn\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com C:\Documents and Settings\Owner.Glenn\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol C:\Documents and Settings\Owner.Glenn\Application Data\Microsoft\dtsc C:\Documents and Settings\Owner.Glenn\Application Data\Microsoft\dtsc\29970.exe C:\Documents and Settings\Owner.Glenn\Application Data\rhc57mj0e33r C:\WINDOWS\system32\blphc17mj0e33r.scr C:\WINDOWS\system32\lphc17mj0e33r.exe C:\WINDOWS\system32\phc17mj0e33r.bmp C:\WINDOWS\system32\pphc17mj0e33r.exe C:\WINDOWS\system32\tdssadw.dll C:\WINDOWS\system32\tdssinit.dll C:\WINDOWS\system32\tdssl.dll C:\WINDOWS\system32\tdssmain.dll C:\WINDOWS\system32\tdssservers.dat . ((((((((((((((((((((((((( Files Created from 2008-07-11 to 2008-08-11 ))))))))))))))))))))))))))))))) . 2008-08-03 17:40 . 2008-08-03 17:40 <DIR> d-------- C:\Program Files\Trend Micro 2008-07-21 16:05 . 2008-07-21 16:22 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-04 16:02 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-03 21:31 --------- d-----w C:\Program Files\Common Files\AOL 2008-08-03 21:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL 2008-07-15 17:24 --------- d-----w C:\Program Files\World of Warcraft 2008-07-11 06:56 --------- d-----w C:\Program Files\Google 2008-07-08 16:17 --------- d-----w C:\Program Files\Common Files\Adobe 2008-07-08 16:16 --------- d-----w C:\Documents and Settings\Owner.Glenn\Application Data\AdobeUM 2008-07-02 16:52 --------- d-----w C:\Documents and Settings\Owner.Glenn\Application Data\.ABC 2008-06-26 15:29 --------- d-----w C:\Program Files\DivX 2008-06-26 15:25 --------- d-----w C:\Program Files\BearShare 2008-06-22 16:27 --------- d-----w C:\Program Files\Picasa2 2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-13 13:10 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-03 01:56 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll 2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll 2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll 2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll 2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll 2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll 2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll 2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll 2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll 2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll 2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll 2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll 2008-05-25 18:48 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll 2008-05-25 18:48 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll 2008-05-25 18:48 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll 2008-05-25 17:48 94,208 ----a-w C:\WINDOWS\DIIUnin.exe 2008-05-25 17:48 2,829 ----a-w C:\WINDOWS\DIIUnin.pif 2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe 2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll 2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll 2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll 2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Aim6"="C:\Program Files\AIM6\aim6.exe" [2008-01-03 12:15 50528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2005-02-25 20:24 966656] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2002-09-14 01:42 212992] "readericon"="C:\Program Files\Digital Media Reader\readericon45G.exe" [2005-12-09 21:44 139264] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 01:07 81920] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 01:07 8491008] "MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [2005-08-12 19:16 1121792] "HostManager"="C:\Program Files\Common Files\AOL\1188627185\EE\AOLHostManager.exe" [2004-11-03 17:03 125528] "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 23:56 64512] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe] "nwiz"="nwiz.exe" [2007-09-17 01:07 1626112 C:\WINDOWS\system32\nwiz.exe] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [2007-09-01 02:05:12 2168360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "C:\\Program Files\\America Online 9.0\\waol.exe"= "C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"= "C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"= "C:\\Program Files\\Common Files\\AOL\\1188627185\\EE\\AOLServiceHost.exe"= "C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"= "C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"= "C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"= "C:\\Program Files\\Starcraft\\StarCraft.exe"= "C:\\My Backup -- 07-08-31 1035PM\\Program Files\\Steam\\steamapps\\fireflycss\\counter-strike source\\hl2.exe"= "C:\\Program Files\\Flagship Studios\\Mythos\\bin\\Mythos.exe"= "C:\\My Backup -- 07-08-31 1035PM\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\My Backup -- 07-08-31 1035PM\\Program Files\\iTunes\\iTunes.exe"= "C:\\Documents and Settings\\Owner.Glenn\\Desktop\\Steam\\steamapps\\fireflycss\\counter-strike source\\hl2.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\ABC\\abc.exe"= "C:\\My Backup -- 07-08-31 1035PM\\Program Files\\Mozilla Firefox\\firefox.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys [2008-04-29 19:39] R2 ZuneBusEnum;Zune Bus Enumerator;c:\WINDOWS\system32\ZuneBusEnum.exe [2008-04-29 19:56] R3 DAdderFltr;DeathAdder Mouse;C:\WINDOWS\system32\drivers\dadder.sys [2007-04-12 06:46] S3 XDva037;XDva037;C:\WINDOWS\system32\XDva037.sys [] S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service;c:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2008-04-29 19:56] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b2857270-7ce4-11dc-9b94-0015583e1376}] \Shell\AutoRun\command - K:\LaunchU3.exe -a *Newly Created Service* - CATCHME . - - - - ORPHANS REMOVED - - - - HKCU-Run-swg - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe HKCU-Run-ares - C:\Documents and Settings\Owner.Glenn\Desktop\Ares\Ares.exe HKLM-Run-VSOCheckTask - C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe HKLM-Run-VirusScan Online - c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe HKLM-Run-OASClnt - C:\Program Files\McAfee.com\VSO\oasclnt.exe HKLM-Run-MSKAGENTEXE - C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe HKLM-Run-MPFExe - C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe HKLM-Run-MCUpdateExe - C:\PROGRA~1\mcafee.com\agent\McUpdate.exe HKLM-Run-MCAgentExe - c:\PROGRA~1\mcafee.com\agent\mcagent.exe HKLM-Run-Google Desktop Search - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe HKLM-Run-BearShare - C:\Program Files\BearShare\BearShare.exe HKLM-Run-AOL Spyware Protection - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Owner.Glenn\Application Data\Mozilla\Firefox\Profiles\ttyysiv4.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.aol.com/aolcom/search?invocationType=tbff50ie7&query= ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-11 19:00:01 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet002\Services\tdssserv] . Completion time: 2008-08-11 19 15ComboFix-quarantined-files.txt 2008-08-11 23 13Pre-Run: 214,266,269,696 bytes free Post-Run: 214,251,925,504 bytes free 164 --- E O F --- 2008-07-10 07:01:12 |
|
|
|
|
08-11-2008, 07:09 PM
|
#10 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 26,545
OS: WinXP and Vista
|
Re: Blue Screen of Death!
How is the system behaving now? Do you have internet access?
Perform an online scan with Panda ActiveScan
* Turn off the real time scanner of any existing antivirus program while performing the online scan |
|
|
|
|
08-11-2008, 08:43 PM
|
#11 (permalink) |
|
Registered User
Join Date: Apr 2008
Posts: 18
OS: Windows XP
|
Re: Blue Screen of Death!
I just got back from watching Pineapple Express (funnnny movie btw), and just checked this thread - when I was still waiting on someone to respond to this thread I found that there were no longer any network settings on the computer, and, at the time, there was seemingly no way to change that. I will be checking soon on getting the network working for that computer (I have a very rough idea of what to do, and any method I'd use would rely heavily on the windows "wizards" for assistance - if that's not alright then I'll take any advice you have to offer on that as well). If I can indeed get the internet working on that computer then I'll be sure to continue to follow the procedures you have laid out.
Again I can't thank you enough! |
|
|
|
|
08-11-2008, 08:49 PM
|
#12 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 26,545
OS: WinXP and Vista
|
Re: Blue Screen of Death!
Please do check that right away as I'll only be online another hour, and will be offline most of tomorrow.
|
|
|
|
|
08-12-2008, 05:57 AM
|
#13 (permalink) |
|
Registered User
Join Date: Apr 2008
Posts: 18
OS: Windows XP
|
Re: Blue Screen of Death!
I am now able to access the internet on the computer (I am currently on the one you have been helping me fix =D!) and so far everything seems to be running very well, the settings that were changed have reverted and so far I haven't run into any problems. As a precaution I haven't used any log ons that would be a serious detriment to me so if there is some kind of keylogger still I don't think they'll be getting much.
I'm starting that pandascan now =). |
|
|
|
