Tech Support Forum banner
Cancel

STOP: 0x0000008E and a kgdqfxbp.sys error on the BSOD.

1155 Views 3 Replies 1 Participant Last post by  benmat_rox
B
2
Hi there all - I have this quite annoying problem of whenever i run this game called Rakion, my comp will start to lag, then as soon as i click on something my comp will go to BSOD. I can leave my computer there loading the game for about half an hour, but AS SOON AS I click, it'll BSOD.

Then when starting back into windows, i get a System recovered from fatal error message, and in extra details it says all this crap


In another post I made, someone told me that the crashes are ALL being caused by this lame *** error, so posting a DSS log to make sure everythings clean would be a good idea, so here it is -

Deckard's System Scanner v20071014.68
Run by Matt on 2008-03-18 19:45:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
10: 2008-03-18 08:45:59 UTC - RP10 - Deckard's System Scanner Restore Point
9: 2008-03-18 06:53:26 UTC - RP9 - System Checkpoint
8: 2008-03-16 10:34:34 UTC - RP8 - System Checkpoint
7: 2008-03-14 14:55:28 UTC - RP7 - Installed DirectX 9.0
6: 2008-03-14 14:29:19 UTC - RP6 - Installed DirectX 9.0


-- First Restore Point --
1: 2008-03-11 08:05:20 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

System Drive C: has 0.98 GiB (less than 15%) free.


-- HijackThis (run as Matt.exe) ------------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-18 19:46:31
Platform: Windows XP Service Pack 1 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\soundman.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\Matt.WEED-E54TYGM59R\My Documents\Downloads\Programs\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\Jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar3.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm
O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} () - http://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab Class) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{AB3FB78E-7529-409D-B570-83F8ADFF8CD5}: NameServer = 1.1.1.1,1.1.1.2
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: AtiExtEvent - C:\WINDOWS\System32\
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe


--
End of file - 8413 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) --------------------

backup-20060618-141017-640 O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
backup-20060618-141018-850 O20 - Winlogon Notify: pptp16 - C:\WINDOWS\SYSTEM32\pptp16.dll
backup-20060618-141018-884 O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
backup-20060619-152052-456 O20 - Winlogon Notify: pptp16 - C:\WINDOWS\SYSTEM32\pptp16.dll
backup-20060620-161215-525 O20 - Winlogon Notify: pptp16 - pptp16.dll (file missing)

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 giveio - c:\windows\system32\giveio.sys
R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>
R3 AR5211 (TP-LINK 11G Wireless Adapter Service) - c:\windows\system32\drivers\11gadapter.sys <Not Verified; TP-LINK Technologies Co., Ltd.; TP-LINK 11G Wireless Adapter>
R3 hamachi (Hamachi Network Interface) - c:\windows\system32\drivers\hamachi.sys <Not Verified; Applied Networking Inc.; Hamachi Virtual Network Interface Driver>

S1 ATITool (ATITool Overclocking Utility) - c:\windows\system32\drivers\atitool.sys <Not Verified; W1zzard; ATITool Driver>
S1 pptp24 (MMX virtualization service) - c:\windows\system32\pptp24.sys (file missing)
S2 pptp16 (MMX2 virtualization service) - c:\windows\system32\pptp24.sys (file missing)
S3 dump_wmimmc - c:\program files\softnyx\rakion\bin\gameguard\dump_wmimmc.sys (file missing)
S3 FUTUREX - c:\downloads\bittorrent\aida32pe_375\aida32.sys (file missing)
S3 NaiFiltr - c:\windows\system32\drivers\naifiltr.sys (file missing)
S3 NPPTNT2 - c:\windows\system32\npptnt2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
S3 XTrapD12 - c:\windows\system32\xtrapd12.sys (file missing)
S3 zenos1 - c:\documents and settings\matt\desktop\warez\zenosengine\zenos.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ACS (TP-LINK Configuration Service) - c:\windows\system32\acs.exe

S2 Avg7Alrt (AVG7 Alert Manager Server) - c:\progra~1\grisoft\avgfre~1\avgamsvr.exe (file missing)
S2 Avg7UpdSvc (AVG7 Update Service) - c:\progra~1\grisoft\avgfre~1\avgupsvc.exe (file missing)
S2 AVGEMS (AVG E-mail Scanner) - c:\progra~1\grisoft\avgfre~1\avgemc.exe (file missing)
S2 AvSynMgr (AVSync Manager) - "c:\program files\mcafee\mcafee virusscan\avsynmgr.exe" (file missing)
S3 McShield - "c:\program files\common files\network associates\mcshield\mcshield.exe" (file missing)
S3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E977-E325-11CE-BFC1-08002BE10318}
Description: Intel PCIC compatible PCMCIA controller
Device ID: ROOT\UNKNOWN\0000
Manufacturer: Intel
Name: Intel PCIC compatible PCMCIA controller
PNP Device ID: ROOT\UNKNOWN\0000
Service: pcmcia


-- Files created between 2008-02-18 and 2008-03-18 -----------------------------

2008-03-18 19:42:55 0 d-------- C:\Program Files\SpywareBlaster
2008-03-18 19:38:19 0 d-------- C:\WINDOWS\LastGood
2008-03-16 21:42:59 0 d--h----- C:\Documents and Settings\Matt.WEED-E54TYGM59R\SendTo
2008-03-16 21:42:59 0 d--h----- C:\Documents and Settings\Matt.WEED-E54TYGM59R\PrintHood
2008-03-16 21:42:59 0 d--h----- C:\Documents and Settings\Matt.WEED-E54TYGM59R\NetHood
2008-03-15 02:01:03 0 d-------- C:\Program Files\EA GAMES
2008-03-13 21:56:58 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Application Data\LimeWire
2008-03-13 21:56:16 0 d-------- C:\Program Files\LimeWire
2008-03-12 22:32:55 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Application Data\IDM
2008-03-12 22:32:55 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Application Data\DMCache
2008-03-12 17:19:17 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Application Data\Sun
2008-03-11 21:58:05 0 d------c- C:\WUTemp
2008-03-11 21:41:50 0 d------c- C:\NVIDIA
2008-03-11 20:48:35 0 dr------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\My Documents
2008-03-11 19:39:29 0 d-------- C:\Program Files\Driver Cleaner Pro
2008-03-11 19:13:09 664 --a------ C:\WINDOWS\System32\d3d9caps.dat
2008-03-11 19:13:07 552 --a------ C:\WINDOWS\System32\d3d8caps.dat
2008-03-11 19:13:04 0 d-------- C:\Program Files\SystemRequirementsLab
2008-03-11 19:04:40 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Start Menu
2008-03-11 19:04:40 0 dr-h----- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Recent
2008-03-11 19:04:40 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Desktop
2008-03-11 19:01:22 0 d-------- C:\WINDOWS\Prefetch
2008-03-11 16:12:42 0 d-------- C:\WINDOWS\EHome
2008-03-11 16:12:37 0 d------c- C:\ee9413136265347b3a82c886ed4359
2008-03-11 15:57:50 0 d-------- C:\Documents and Settings\Matt\Application Data\Identities
2008-03-11 15:57:49 0 dr------- C:\Documents and Settings\Matt\Start Menu
2008-03-11 15:57:49 0 dr-h----- C:\Documents and Settings\Matt\SendTo
2008-03-11 15:57:49 0 d-------- C:\Documents and Settings\Matt\Recent
2008-03-11 15:57:49 0 d--h----- C:\Documents and Settings\Matt\PrintHood
2008-03-10 17:08:45 0 d---s---- C:\Documents and Settings\Matt.WEED-E54TYGM59R\UserData
2008-03-10 17:08:24 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Application Data\Macromedia
2008-03-10 17:08:08 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Application Data\Google
2008-03-10 16:47:16 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Favorites
2008-03-10 16:47:16 0 d---s---- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies
2008-03-10 16:47:16 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Application Data
2008-03-10 16:47:15 0 d-------- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Templates
2008-03-10 16:47:15 0 d--h----- C:\Documents and Settings\Matt.WEED-E54TYGM59R\Local Settings
2008-03-10 16:47:13 1310720 --ah----- C:\Documents and Settings\Matt.WEED-E54TYGM59R\NTUSER.DAT
2008-03-10 16:00:14 0 d-------- C:\Program Files\Softnyx
2008-03-08 18:00:02 0 d-------- C:\Documents and Settings\Matt\Contacts
2008-03-08 17:48:03 0 d------c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-08 17:47:52 0 d-------- C:\Program Files\Windows Live
2008-03-08 17:47:46 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-06 22:00:21 81408 --a------ C:\WINDOWS\System32\wscsvc(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-06 22:00:17 0 d-------- C:\WINDOWS\provisioning
2008-03-06 21:56:02 0 d-------- C:\WINDOWS\ServicePackFiles
2008-03-06 21:51:05 2897920 --a------ C:\WINDOWS\System32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-06 19:30:00 0 d-------- C:\Documents and Settings\Matt\Application Data\IDM
2008-03-06 19:30:00 0 d-------- C:\Documents and Settings\Matt\Application Data\DMCache
2008-03-06 19:29:56 0 d-------- C:\Program Files\Internet Download Manager
2008-03-06 16:01:06 0 d-------- C:\Documents and Settings\Matt\UserData
2008-03-04 12:51:35 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-03-04 12:37:14 0 d-------- C:\Program Files\World of Warcraft
2008-03-03 22:01:25 0 d--h----- C:\Documents and Settings\Matt\Templates
2008-03-03 22:01:25 0 d-------- C:\Documents and Settings\Matt\My Documents
2008-03-03 22:01:25 0 d-------- C:\Documents and Settings\Matt\Local Settings
2008-03-03 22:01:25 0 d-------- C:\Documents and Settings\Matt\Favorites
2008-03-03 22:01:25 0 d-------- C:\Documents and Settings\Matt\Desktop
2008-03-03 22:01:25 0 d-------- C:\Documents and Settings\Matt\Cookies
2008-03-03 22:01:25 0 dr-h----- C:\Documents and Settings\Matt\Application Data
2008-03-03 22:01:25 0 d---s---- C:\Documents and Settings\Matt\Application Data\Microsoft
2008-03-03 21:06:58 0 d-------- C:\Documents and Settings\Matt\Application Data\Sun
2008-03-03 21:05:43 0 d-------- C:\Documents and Settings\Matt\Application Data\Macromedia
2008-03-03 21:05:35 0 d-------- C:\Documents and Settings\Matt\Application Data\Google


-- Find3M Report ---------------------------------------------------------------

2008-03-11 18:53:09 0 d-------- C:\Program Files\Movie Maker
2008-03-11 18:51:51 0 d-------- C:\Program Files\Windows NT
2008-03-11 18:35:51 23680 --a------ C:\WINDOWS\System32\emptyregdb.dat
2008-03-11 18:34:57 0 d-------- C:\Program Files\Messenger
2008-03-11 15:57:55 0 d-------- C:\Program Files\Common Files
2008-03-10 23:27:56 0 d-------- C:\Program Files\MSN Messenger


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [01/05/2007 08:14 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01/07/2007 11:59 AM]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" []
"SoundMan"="SOUNDMAN.EXE" [08/03/2006 05:12 AM C:\WINDOWS\soundman.exe]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [10/22/2006 12:22 PM]
"nwiz"="nwiz.exe" [10/22/2006 12:22 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [10/22/2006 12:22 PM]
"WMC_AutoUpdate"="" []
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [01/27/2007 10:42 PM]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [03/12/2008 10:33 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pptp16.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pptp24.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VIA RAID TOOL.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VIA RAID TOOL.lnk
backup=C:\WINDOWS\pss\VIA RAID TOOL.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Matt^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\Matt\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!xSpeed]
C:\!xSpeednet\!xSpeednet.exe reg

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSwitch]
C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tsearch]
"C:\PROGRA~1\TSEARC~1.0\TSearch 1.0.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe




-- End of Deckard's System Scanner: finished at 2008-03-18 19:47:43 ------------

Attachments

See less See more
Save
Like
Status
Not open for further replies.
1 - 4 of 4 Posts
B
Well holy ****, I just did a Panda scan and it came up with. . . Alot of **** came up - Heres a log from it.


Incident Status Location

Virus:bck/haxdoor.gen Disinfected Operating system
Hacktool:hacktool/rootkit.d Not disinfected c:\windows\system32\klo5.sys
Virus:bck/haxdoor.a Disinfected Operating system
Virus:trj/dermon.e Disinfected Operating system
Adware:adware/yazzle Not disinfected c:\windows\downloaded program files\YazzleActiveX.inf
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][1].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][1].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][2].txt
Spyware:Cookie/Smartadserver Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Matt\Cookies\[email protected][2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\matt[email protected][2].txt
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Matt.WEED-E54TYGM59R\Cookies\[email protected][1].txt
Virus:Trj/Downloader.MDW Disinfected C:\Program Files\Real\RealArcade\GoogleInstApp.exe
Virus:Bck/Haxdoor.NP Disinfected C:\System Volume Information\_restore{46534BDB-99F5-4CF4-84B4-71B63F4B7EE8}\RP1222\A0407519.sys
Virus:Bck/Haxdoor.NP Disinfected C:\System Volume Information\_restore{46534BDB-99F5-4CF4-84B4-71B63F4B7EE8}\RP1222\A0407520.sys
Virus:Generic Malware Disinfected C:\WINDOWS\KGFLqfxbp\KGV.exe
Save
Like
B
Bump....Why is it that no one replies to my posts until i bump them lol
Save
Like
B
bump...
Save
Like
1 - 4 of 4 Posts
Status
Not open for further replies.
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top