Windows Support Forum

BSOD problem , dmp file included

Q: BSOD problem , dmp file included

Hello all!

Hoping you guys can help, I'm getting a repeated bluescreen when trying to load Cubase.

No new software has been installed/updated [to my knowledge] so I'm guessing it may be a hardware issue.

I backed everything up using Windows Backup, and attempted a System Restore to 3 weeks prior. This didn't work unfortunately, and after another bluescreen/reset Windows started and proceeded to desktop with this message:

Windows has recovered from an unexpected shutdown:

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.768.3
Locale ID: 2057

Additional information about the problem:
BCCode: 124
BCP1: 0000000000000000
BCP2: FFFFFA800811D748
BCP3: 0000000000000000
BCP4: 0000000000000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\100213-15007-01.dmp
C:\Users\Bouch\AppData\Local\Temp\WER-26020-0.sysdata.xml

I have included the dmp file as an attachment to this post.

Many thanks for any help in advance!

Relevancy 100%
Preferred Solution: BSOD problem , dmp file included

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: BSOD problem , dmp file included

Hi MissGrimsby.

The BSOD that you supplied is a stop 0x124, usually it is assumed to be a hardware related error. To debug that issue, we need some more information.

First, Post it following the Blue Screen of Death (BSOD) Posting Instructions.

Second, fill up your system specs.
See your system specs and fill it up here.

Also, take some hardware tests.

Test your RAM modules for possible errors.
How to Test and Diagnose RAM Issues with Memtest86+
Run memtest for at least 8 passes, preferably overnight.

Stress test the Graphics Card using Furmark.
Video Card - Stress Test with Furmark

Stress test the CPU.
Hardware - Stress Test With Prime95

Check if the Power Supply Unit (PSU) supplying adequate power to the computer or not.
eXtreme Power Supply Calculator
Also let us know the wattage of the PSU.

Is the computer hot? Report us the heat of the computer after a couple of hours of your normal usage. Upload a screenshot of the summery tab of Speccy.

Let us know the results.

BTW, we have noticed BSODs with Cubase earlier ... make it sure that the software is properly updated and the hardware is working fine.
________________________________________________________________________

Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 124, {0, fffffa800811d748, 0, 0}

Probably caused by : AuthenticAMD

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

WHEA_UNCORRECTABLE_ERROR (124)
A fatal hardware error has occurred. Parameter 1 identifies the type of error
source that reported the error. Parameter 2 holds the address of the
WHEA_ERROR_RECORD structure that describes the error conditon.
Arguments:
Arg1: 0000000000000000, Machine Check Exception
Arg2: fffffa800811d748, Address of the WHEA_ERROR_RECORD structure.
Arg3: 0000000000000000, High order 32-bits of the MCi_STATUS value.
Arg4: 0000000000000000, Low order 32-bits of the MCi_STATUS value.

Debugging Details:
------------------
BUGCHECK_STR: 0x124_AuthenticAMD

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT

PROCESS_NAME: System

CURRENT_IRQL: 0

STACK_TEXT:
fffff880`031715b0 fffff800`02f0ed29 : fffffa80`0811d720 fffffa80`06db7040 00000000`00000006 00000000`00000000 : nt!WheapCreateLiveTriageDump+0x6c
fffff880`03171ad0 fffff800`02dee217 : fffffa80`0811d720 fffff800`02e68658 fffffa80`06db7040 00000000`00000000 : nt!WheapCreateTriageDumpFromPreviousSession+0x49
fffff880`03171b00 fffff800`02d55865 : fffff800`02eca3a0 00000000`00000001 fffffa80`0785f980 fffffa80`06db7040 : nt!WheapProcessWorkQueueItem+0x57
fffff880`03171b40 fffff800`02cd5a21 : fffff880`0110be00 fffff800`02d55840 fffffa80`06db7000 00000000`00000000 : nt!WheapWorkQueueWorkerRoutine+0x25
fffff880`03171b70 fffff800`02f68cce : 00000000`00000000 fffffa80`06db7040 00000000`00000080 fffffa80`06cad990 : nt!ExpWorkerThread+0x111
fffff880`03171c00 fffff800`02cbcfe6 : fffff880`03090180 fffffa80`06db7040 fffff880`0309b040 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`03171c40 00000000`00000000 : fffff880`03172000 fffff880`0316c000 fffff880`03fa6400 00000000`00000000 : nt!KiStartSystemThread+0x16
STACK_COMMAND: kb

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: AuthenticAMD

IMAGE_NAME: AuthenticAMD

DEBUG_FLR_IMAGE_TIMESTAMP: 0

FAILURE_BUCKET_ID: X64_0x124_AuthenticAMD_PROCESSOR_BUS_PRV

BUCKET_ID: X64_0x124_AuthenticAMD_PROCESSOR_BUS_PRV

Followup: MachineOwner
---------

http://www.sevenforums.com/bsod-help-support/306914-bsod-problem-dmp-file-included.html
Relevancy 57.19%

It happened last night, i dont really know what happened.

A:Bsod crash c2 dmp file included

A couple of steps here:
First -
Quote:




H/W Diagnostics:
Please start by running these bootable hardware diagnostics:
http://www.carrona.org/memdiag.html (read the details at the link)
http://www.carrona.org/hddiag.html (read the details at the link)

Also, please run one of these free, independent online malware scans to ensure that your current protection hasn't been compromised: http://www.carrona.org/malware.html (read the details at the link)




Next -
Quote:




Please update or remove these older drivers that were loaded at the time of the crash. Don't use Windows Update or the Update drivers function of Device Manager. Please use the following instructions to locate the most current drivers:

Quote:




How To Find Updated Drivers:
- search Google for the name of the driver
- compare the Google results with what's installed on your system to figure out which device/program it belongs to
- visit the web site of the manufacturer of the hardware/program to get the latest drivers (DON'T use Windows Update or the Update driver function of Device Manager).
- if there are difficulties in locating them, post back with questions and someone will try and help you locate the appropriate program.




- some driver links are on this page: http://www.carrona.org/drvrdown.html

Here's the older drivers:

Code:
cmaudio.sys Mon Jul 15 22:58:09 2002 - VERY IMPORTANT!!! C-Media Audio WDM Driver ( http://www.cmedia.com.tw/EN/DownloadCenter_Detail.aspx?pserno=0&dtype=ALL )
MRVW24B.sys Sun Oct 28 23:21:52 2007 - DLink or Marvell Wireless Network Adapter
RivaTuner32.sys Tue Jul 17 15:13:33 2007 - Riva Tuner (uninstall until we're finished troubleshooting - no updates available AFAIK)





Then -
Quote:




Using Driver Verifier is an iffy proposition. Most times it'll crash and it'll tell you what the driver is. But sometimes it'll crash and won't tell you the driver. Other times it'll crash before you can log in to Windows. If you can't get to Safe Mode, then you'll have to resort to offline editing of the registry to disable Driver Verifier.

So, I'd suggest that you first backup your stuff and then make sure you've got access to another computer so you can contact us if problems arise. Then make a System Restore point (so you can restore the system using the Vista/Win7 Startup Repair feature).

Then, here's the procedure:
- Go to Start and type in "verifier" (without the quotes) and press Enter
- Select "Create custom settings (for code developers)" and click "Next"
- Select "Select individual settings from a full list" and click "Next"
- Select everything EXCEPT FOR "Low Resource Simulation" and click "Next"
- Select "Select driver names from a list" and click "Next"
Then select all drivers NOT provided by Microsoft and click "Next"
- Select "Finish" on the next page.

Reboot the system and wait for it to crash to the Blue Screen. Continue to use your system normally, and if you know what causes the crash, do that repeatedly. The objective here is to get the system to crash because Driver Verifier is stressing the drivers out.

Reboot into Windows (after the crash) and turn off Driver Verifier by going back in and selecting "Delete existing settings" on the first page, then locate and zip up the memory dump file and upload it with your next post.

If you can't get into Windows because it crashes too soon, try it in Safe Mode.
If you can't get into Safe Mode, try using System Restore from your installation DVD to set the system back to the previous restore point that you created.
If that doesn't work, post back and we'll have to see about fixing the registry entry off-line.

More info on this at this link: http://support.microsoft.com/?kbid=244617&sd=RM... Read more

http://www.techsupportforum.com/forums/f299/bsod-crash-c2-dmp-file-included-452739.html
Relevancy 57.19%

why did i get this bsod?

A:BSOD (DUMP file included)

Your dump blame Kaspersky (klif.sys) and a WinMount software

-Remove WinMount

You are using an old version of Kaspersky
The kl1.sys and klif.sys BSODs were known issues in the older 11.0.1.xxx versions, update to 11.0.2.556(with patch b) by uninstalling the current version and download the latest one

-Uninstall completly Kaspersky
-Install new version
Product Updates

Code:
BugCheck A, {89f2aff8, ff, 1, 82c841ed}

*** WARNING: Unable to verify timestamp for WMDrive.sys
*** ERROR: Module load completed but symbols could not be loaded for WMDrive.sys
*** WARNING: Unable to verify timestamp for klif.sys
*** ERROR: Module load completed but symbols could not be loaded for klif.sys
Probably caused by : WMDrive.sys ( WMDrive+860 )

http://www.sevenforums.com/bsod-help-support/131424-bsod-dump-file-included.html
Relevancy 57.19%

Quick back story. This computer was suffering from a stop code of 0x0116 about twice a month. The graphics drivers were uninstalled and updated with the newest ones. There were no issues for about two weeks until it started happening again.

I wiped the computer, installed latest drivers and all updates. Everything was working fine until I received the stop code 0x09f. I done some research, but do not know why it is occurring now. Anyone know? See attached file.
 

Relevancy 57.19%
A:BSOD (DUMP file included)

BSOD caused by a Kaspersky product(kl1.sys), This is a know problem in the older versions. Uninstall the product using the Removal tool then download the latest version 11.0.2.556
Product Updates

Code:
Unable to load image \SystemRoot\system32\DRIVERS\kl1.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for kl1.sys
*** ERROR: Module load completed but symbols could not be loaded for kl1.sys
Probably caused by : kl1.sys ( kl1+422df )

http://www.sevenforums.com/bsod-help-support/129903-bsod-dump-file-included.html
Relevancy 57.19%

Good day all Firstly thank for taking the time to read my woes Here other New details (.dmp - included) BSOD and GPU file goes around a month ago I got a Titan X since then I've been having these BSOD's I have removed all the old drivers through both going into safe mode and removing them manually and with Guru D DDU I have drivers installed that whilst not the newest are according to the Titan X owner group the best current ones to be using I have tried lots of things including Running Malware Virus scanners I've even replaced my RAM completely despite performing Memtest on it excessively just to be sure it isn't a RAM issue I've reseated all my components I've ran driver verifier which doesn't force a crash My system isn't overclocked My temperatures are completely safe and stable It has to be more than coincidence that this started happening after installing a new GPU something doesn't like it but for the life of me I can't BSOD - New GPU (.dmp file and other details included) figure it out Many thanks to anyone who helps Edit Fixed it turns out it was Thunder Master OC utility from palit causing all the issues even though I had removed the OC Thanks for oh yeah nothing

A:BSOD - New GPU (.dmp file and other details included)

- Just uninstalled Thunder Master that came with the GPU
- Reset bios to defaults

I'm still more than willing to accept help

http://www.sevenforums.com/bsod-help-support/373038-bsod-new-gpu-dmp-file-other-details-included.html
Relevancy 57.19%

Hi all,

I was playing LAN in my appartment when I suddenly BSODed.
Is there anyone who could make out why from the dump file ?

My specs are:
i7 intel.
Win 7 64
8 Bg Ram
Geforce 850

A:BSOD, one dump file included

  
Quote: Originally Posted by dancodan


Hi all,

I was playing LAN in my appartment when I suddenly BSODed.
Is there anyone who could make out why from the dump file ?

My specs are:
i7 intel.
Win 7 64
8 Bg Ram
Geforce 850


Yes

Hi and welcome

You seem to have two problems. One old drivers.

These need to be updated


Code:
secdrv.SYS fffff880`07f41000 fffff880`07f4c000 0x0000b000 0x4508052e 9/13/2006 8:18:38 AM
LVUSBS64.sys fffff880`04c6c000 fffff880`04c78900 0x0000c900 0x45ee07ec 3/6/2007 7:31:40 PM
Rtnic64.sys fffff880`047e7000 fffff880`047f9000 0x00012000 0x48401957 5/30/2008 10:12:23 AM

Code:

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\K\Desktop\022010-20451-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*d:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`02c0d000 PsLoadedModuleList = 0xfffff800`02e4ae50
Debug session time: Sat Feb 20 13:01:19.990 2010 (GMT-5)
System Uptime: 0 days 3:08:51.004
Loading Kernel Symbols
...............................................................
................................................................
.............................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F4, {3, fffffa8009492b30, fffffa8009492e10, fffff80002f87240}

Probably caused by : csrss.exe

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

CRITICAL_OBJECT_TERMINATION (f4)
A process or thread crucial to system operation has unexpectedly exited or been
terminated.
Several processes and threads are necessary for the operation of the
system; when they are terminated (for any reason), the system can no
longer function.
Arguments:
Arg1: 0000000000000003, Process
Arg2: fffffa8009492b30, Terminating object
Arg3: fffffa8009492e10, Process image file name
Arg4: fffff80002f87240, Explanatory message (ascii)

Debugging Details:
------------------
PROCESS_OBJECT: fffffa8009492b30

IMAGE_NAME: csrss.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 0

MODULE_NAME: csrss

FAULTING_MODULE: 0000000000000000

PROCESS_NAME: csrss.exe

EXCEPTION_CODE: (NTSTATUS) 0xc0000006 - The instruction at 0x%p referenced memory at 0x%p. The required data was not placed into memory because of an I/O error status of 0x%x.

BUGCHECK_STR: 0xF4_IOERR

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

CURRENT_IRQL: 0

STACK_TEXT:
fffff880`03ffc0e8 fffff800`0300a142 : 00000000`000000f4 00000000`00000003 fffffa80`09492b30 fffffa80`09492e10 : nt!KeBugCheckEx
fffff880`03ffc0f0 fffff800`02fb6269 : ffffffff`ffffffff fffffa80`0a0ea970 fffffa80`09492b30 fffffa80`09492b30 : nt!PspCatchCriticalBreak+0x92
fffff880`03ffc130 fffff800`02f... Read more

http://www.sevenforums.com/bsod-help-support/69445-bsod-one-dump-file-included.html
Relevancy 57.19%

My computer started up for no longer than 5 minutes, and the bluescreen came on. The computer restarted and now it seems like everything is okay for now... can anyone help with this?

On second thought, I can't seem to upload the .xml file that the bluescreen said would provide more information on the bluescreen.

A:Random BSOD DMP and XML file included.

Hi darknight; sorry you are having problems. Please read this thread and post back. We will be glad to help you. We need the system information the tool provides in order to better help you.

http://www.sevenforums.com/crashes-d...tructions.html

http://www.sevenforums.com/bsod-help-support/121691-random-bsod-dmp-xml-file-included.html
Relevancy 57.19%

Hi my name is Slavomir.
Lately i encountered BSOD and would really like to know what is the cause so i can prevent it in near future.

I already used SF Diagnostic tool and i will post a zip file with everything you need in orded to find out whats the cause.

Thank you for your help.

A:Windows 7 BSOD cdd.dll and other zip file included

Welcome to the Forum.

Based on the bugchecks, I would recommend you follow and complete the steps given below:1. If you are overclocking any hardware, please stop. Reset any changed values back to default and reset/clear CMOS: Clear CMOS - 3 Ways to Clear the CMOS - Reset BIOS. Uninstall any overclocking tool as these can also be a reason of blue screens.

2. Uninstall your current antivirus software. It can be a cause of BSOD very often. Please remove it with its removal tool and use Microsoft Security Essentials in its place. Malwarebytes is a great combination with it. Go through this thread for more info.

3. Run Disk Check with both boxes checked for all HDDs and with Automatically fix file system errors. Post back your logs for the checks after finding them using Check Disk (chkdsk) - Read Event Viewer Log

4. Run SFC /SCANNOW Command - System File Checker to check windows for integrity violations. Run it up to three times to fix all errors. Post back if it continues to show errors after a fourth run or if the first run comes back with no integrity violations.

5. Make scans with Kaspersky TDSskiller and ESET Online scanner.

6. Perform a Clean Start up, this will help avoid any problematic applications from bugging the system.

7. Use Revo Uninstaller Free to uninstall stubborn software. Opt for Advanced Mode and uninstall the software, delete the leftover registry entries.

8. Use Crystal Disk Info to upload a screenshot of your Hard Drives (s). Test your Hard Drives (s) running a Hard Drive Diag.

9. Test and Diagnose RAM issues with RAM - Test with Memtest86+. Pay close attention to Part 3 of the tutorial "If you have errors" Take the test for at least 7-10 passes. It may take up to 22 passes to find problems. Make sure to run it once after the system has been on for a few hours and is warm, and then also run it again when the system has been off for a few hours and is cold.

10. Monitor hardware temperature for overheating issues with system monitoring software like Speccy or HWMonitor. Upload a screen shot of the Summary tab as well:Piriform - Speccy
CPUID - HWMonitor

Code:
Loading Dump File [C:\Users\USER\Downloads\SF_16-01-2014\011614-30108-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.17273.amd64fre.win7_gdr.130318-1532
Machine Name:
Kernel base = 0xfffff800`03054000 PsLoadedModuleList = 0xfffff800`03290e70
Debug session time: Thu Jan 16 19:23:17.081 2014 (UTC + 6:00)
System Uptime: 0 days 5:30:36.971
Loading Kernel Symbols
...............................................................
................................................................
.....................................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 50, {fffff900c20867a0, 0, fffff9600065dc51, 0}


Could not read faulting driver name
Probably caused by : cdd.dll ( cdd!CddBitmapHw::Release+31 )

Followup: MachineOwner
---------

6: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* ... Read more

http://www.sevenforums.com/bsod-help-support/318635-windows-7-bsod-cdd-dll-other-zip-file-included.html
Relevancy 57.19%

Microsoft R Windows Debugger Version BSOD's included & file Dump AMD Copyright c Microsoft Corporation All rights reserved Loading Dump File C WINDOWS Minidump Mini - dmp Mini Kernel BSOD's & Dump file included Dump File Only registers and stack trace are available Symbol search path is Invalid Symbol loading may be unreliable without a symbol search path Use symfix to have the debugger choose a symbol path After setting your symbol path use reload to refresh symbol locations Executable search path is Symbols can not be loaded because symbol path is not initialized The Symbol Path can be set by using the NT SYMBOL PATH environment variable using the -y lt symbol path gt argument when starting the debugger using sympath and sympath Unable to load image ntoskrnl exe Win error n WARNING Unable to verify timestamp for ntoskrnl exe ERROR Module load completed but symbols could not be loaded for ntoskrnl exe Windows Server Kernel Version Service Pack MP procs Free x Product WinNt suite TerminalServer SingleUserTS Machine Name Kernel base xfffff PsLoadedModuleList xfffff d a Debug session time Mon Mar GMT- System Uptime days Symbols can not be loaded because symbol path is not initialized The Symbol Path can be set by using the NT SYMBOL PATH environment variable using the -y lt symbol path gt argument when starting the debugger using sympath and sympath Unable to load image ntoskrnl exe Win error n WARNING Unable to verify timestamp for ntoskrnl exe ERROR Module load completed but symbols could not be loaded for ntoskrnl exe Loading Kernel Symbols Loading User Symbols Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck fffff ce fffff Kernel symbols are WRONG Please fix symbols to do analysis Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the corre... Read more

A:BSOD's & Dump file included

Sorry for bumping, but any help would be appreciated. I did alot of ground work...but I basically tried everything I could as my posts show above.

From what I can tell, all of it points to a Software issue. Though, I can't determine what exactly caused this, as it was not BSODing prior to be receiving a Trojan, that I promptly removed and no traces have been found of any more(AD-Aware, Spybot S&D, NOD32, SuperAntiSpyware, MalAware remover)

Interesting to note, upon re-installing NOD32, when I restarted Windows, I got a "Microsoft has recovered from a serious error" prompt, three times, and the EVNTVWR had this to state:

Error code 0000000000000050, parameter1 fffff98396d99000, parameter2 0000000000000000, parameter3 0000000000000000, parameter4 0000000000000004.

Three times.
 

https://forums.techguy.org/threads/bsods-dump-file-included.810629/
Relevancy 57.19%

Please someone analyze this dump file caused BSOD:

A:Bsod =( [dump file included]

BUMP!
Please someone analyze it

http://www.sevenforums.com/bsod-help-support/141821-bsod-dump-file-included.html
Relevancy 56.76%

I have been having an issue with my computer rebooting at random and then giving the BSOD screen very briefly and once it reboots it goes to the BIOS screen saying no Boot Device found When you enter BIOS there is no boot device found everyday Dmp included random. file at BSOD almost I shut down the computer unplug it and pull the hard drive cables and put them back in and turn the computer on and poof it works just fine Randomly later it does it all over again First time it happened I went ahead and bought a brand new WD Blue hard drive and got rid of the old drive BSOD almost everyday at random. Dmp file included and did a fresh install of windows and all the programs I use frequently This did not work as it still does the problem I proceeded to check the Memory dmp file and below I will paste the text that was in the dmp file Other symptoms maybe associated with this problem Every so often but not always the PSU starts sounding very very loud and gets quite hot Been having major issues with buffering of videos on multiple sites from youtube BSOD almost everyday at random. Dmp file included to hulu and netflix Even running high speed cable internet USB ports at random just shut off Examples include say a webcam in the port all the sudden disconnects and I have to change it to a different port PC Specs AMD FX- gb ddr Balistix RAM WD tb Blue hard drive NVIDIA GeForce GTX Ti Windows Generic DVDRW Memory dmp File Code Microsoft R Windows Debugger Version AMD Copyright c Microsoft Corporation All rights reserved Loading Dump File C Windows MEMORY DMP Kernel Bitmap Dump File Only kernel address space is available Symbol Path validation summary Response Time ms Location Deferred SRV C Windows symbol cache http msdl microsoft com download symbols Symbol search path is SRV C Windows symbol cache http msdl microsoft com download symbols Executable search path is Windows Kernel Version MP procs Free x Product WinNt suite TerminalServer SingleUserTS Personal Built by amd fre winblue ltsb - Machine Name Kernel base xfffff b c PsLoadedModuleList xfffff b ee Debug session time Sun Jan UTC - System Uptime days Loading Kernel Symbols Loading User Symbols Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck Probably caused by ntkrnlmp exe nt FNODOBFM string' c Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis DPC WATCHDOG VIOLATION The DPC watchdog detected a prolonged run time at an IRQL of DISPATCH LEVEL or above Arguments Arg A single DPC or ISR exceeded its time allotment The offending component can usually be identified with a stack trace Arg The DPC time count in ticks Arg The DPC time allotment in ticks Arg Debugging Details ------------------ OVERLAPPED MODULE Address regions for 'lvuvc ' and 'lvuvc sys' overlap DPC TIMEOUT TYPE SINGLE DPC TIMEOUT EXCEEDED DEFAULT BUCKET ID WIN DRIVER FAULT BUGCHECK STR x PROCESS NAME System CURRENT IRQL d ANALYSIS VERSION debuggers dbg - amd fre LAST CONTROL TRANSFER from fffff b d a c to fffff b d f a STACK TEXT ffffd a f c fffff b d a c nt KeBugCheckEx ffffd a f c fffff b ca ffffe e e ffffd a f ea fffff b d fd nt FNODOBFM string' x c ffffd a f d fffff b a b fffff a fffff c cc c ffffd b nt KeClockInterruptNotify x ffffd a f f fffff b ce f ffffeb c d ffffd ed c fffff b c hal HalpTimerClockIpiRoutine x ffffd a f f fffff b d a ffffe e e d f ffffe eb a c nt KiCallInterruptServiceRoutine xa ffffd a f fb fffff b d b ffffe e e fffff c d ffffe e e nt KiInterruptSubDispatchNoLockNoEtw xea ffffd c fffff b cee c ffffe e d fffff d b e ffffd e fffff b d ca nt KiInterruptDispatchNoLockNoEtw xfb ffffd c d fffff b c ef ffffd e f ffffd c ffffd caa ffffd ec a nt KiSwapDirectoryTableBaseTarget x ffffd c fffff b c e ffffe nt KiExecuteAllDpcs x b ffffd c fffff b d dea ffffd e ffffd e ffffd f ffffe e d nt KiRetireDpcList xd ffffd cbe ffffd d ffffd nt KiIdleLoop x a STACK COMMAND kb FOLLOWUP IP nt FNODOBFM string' c fffff b d a c cc int SYMBOL STA... Read more

A:BSOD almost everyday at random. Dmp file included

Blue Screen of Death (BSOD) Posting Instructions

http://www.eightforums.com/bsod-crashes-debugging/74159-bsod-almost-everyday-random-dmp-file-included.html
Relevancy 56.76%

So long story short my parents computer has been blue screening on them for the past month or so As for what is going on when it happens Nothing at all the computer is sitting idle usually in the middle of the night or early morning After looking through event viewer and running a few test I have cleaned up the following to my ability All malware virus have been removed All drivers and hidden drivers have been updated using automatic searching I have turned off all sleep hibernate modes as it seems to only happen at those times and Uninstalled all unused software from their computer At this point all I can find is a bug report happens and the computer blue screens have tried to get a reader to open these dump files and review them but honestly it is above my knowledge network guy and above my patients at the moment since its not my computer lol Can someone please help me or even give me some advise on what to do next I have uploaded the most recent dmp file and if you need more I can supply them Thank you very much a head of time Nick

http://www.sevenforums.com/bsod-help-support/396729-bsod-while-sitting-idle-dmp-file-included.html
Relevancy 56.76%

Running Windows 7 Home Premium 64. I have run memtest and not getting any issues there. The BSOD's I see the most are tcpip.sys, driver_irq, and win32.sys. I am pretty certain it is some sort of driver error. I just can't figure out where its originating.

Thank you for any help ahead of time. I put all of the file requests from the BSOD posting guide in the requested zip file.

A:BSOD tcpip.sys + driver_irq zip file included

From the look of these minidmps you have numerous issues going on. First please remove your virtual drive that you are using and remove sptd.sys with this: DuplexSecure - Downloads download it and run it and uninstall the driver..you can replace it with magiciso's magic disc.
Then your Network Drivers need updating which are nvidia
Next update video card drivers from nvidia's site and your Intel audio from their site.


Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Administrator\Downloads\Windows_NT6_BSOD_jcgriff2\080711-13453-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*F:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.17592.amd64fre.win7sp1_gdr.110408-1631
Machine Name:
Kernel base = 0xfffff800`02e07000 PsLoadedModuleList = 0xfffff800`0304c650
Debug session time: Sun Aug 7 05:40:36.753 2011 (UTC - 6:00)
System Uptime: 0 days 3:02:40.035
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
.........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {11, 2, 0, fffff88002f9f585}

Probably caused by : portcls.sys ( portcls!CServiceGroup::ServiceDpc+59 )

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000011, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff88002f9f585, address which referenced memory

Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800030b6100
0000000000000011

CURRENT_IRQL: 2

FAULTING_IP:
portcls!CServiceGroup::ServiceDpc+59
fffff880`02f9f585 488b4b10 mov rcx,qword ptr [rbx+10h]

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0xD1

PROCESS_NAME: System

TRAP_FRAME: fffff880031fdae0 -- (.trap 0xfffff880031fdae0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=00000000c0000001 rbx=0000000000000000 rcx=fffffa8008957fa0
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff88002f9f585 rsp=fffff880031fdc70 rbp=fffffa8008957f40
r8=0000000000000000 r9=0000000000000000 r10=0185f9a90aa60168
r11=fffff88002eb0ec0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe cy
portcls!CServiceGroup::ServiceDpc+0x59:
fffff880`02f9f585 488b4b10 mov rcx,qword ptr [rbx+... Read more

http://www.sevenforums.com/bsod-help-support/185762-bsod-tcpip-sys-driver_irq-zip-file-included.html
Relevancy 56.76%

- windows 7 64bit
- the only OS I've had on this machine
- full retail
- the hardware's age is roughly 6-8 months
- the software's age is the same. no re-installs ever.

this only started happening around 2 months ago.

A:BSOD on daily basis, DMP file included.

Quote:
"It's not a true crash, in the sense that the bluescreen was initiated only because the combination of video driver and video hardware was being unresponsive, and not because of any synchronous processing exception".

Since Vista, the "Timeout Detection and Recovery" (TDR) components of the OS video subsystem have been capable of doing some truly impressive things to try to recover from issues which would have caused earlier OSs like XP to crash.

As a last resort, the TDR subsystem sends the video driver a "please restart yourself now!" command and waits a few seconds.

If there's no response, the OS concludes that the video driver/hardware combo has truly collapsed in a heap, and it fires off that stop 0x116 BSOD.

If playing with video driver versions hasn't helped, make sure the box is not overheating.

Try removing a side panel and aiming a big mains fan straight at the motherboard and GPU.

Run it like that for a few hours or days - long enough to ascertain whether cooler temperatures make a difference.

If so, it might be as simple as dust buildup and subsequently inadequate cooling.

I would download cpu-z and gpu-z (both free) and keep an eye on the video temps


STOP 0x116: VIDEO_TDR_ERROR troubleshooting

http://www.sevenforums.com/bsod-help-support/225576-bsod-daily-basis-dmp-file-included.html
Relevancy 56.76%

Microsoft R Windows Debugger Version AMD Copyright c Microsoft Corporation All rights reserved file BSOD's included & [SOLVED] Dump Loading Dump File C WINDOWS Minidump Mini - dmp Mini Kernel Dump [SOLVED] BSOD's & Dump file included File Only registers and stack trace are available Symbol search path is Invalid Symbol loading may be unreliable without a symbol search [SOLVED] BSOD's & Dump file included path Use symfix to have the debugger choose a symbol path After setting your symbol path use reload to refresh [SOLVED] BSOD's & Dump file included symbol locations Executable search path is Symbols can not be loaded because symbol path is not initialized The Symbol Path can be set by using the NT SYMBOL PATH environment variable using the -y lt symbol path gt argument when starting the debugger using sympath and sympath Unable to load image ntoskrnl exe Win error n WARNING Unable to verify timestamp for ntoskrnl exe ERROR Module load completed but symbols could not be loaded for ntoskrnl exe Windows Server Kernel Version Service Pack MP procs Free x Product WinNt suite TerminalServer SingleUserTS Machine Name Kernel base xfffff PsLoadedModuleList xfffff d a Debug session time Mon Mar GMT- System Uptime days Symbols can not be loaded because symbol path is not initialized The Symbol Path can be set by using the NT SYMBOL PATH environment variable using the -y lt symbol path gt argument when starting the debugger using sympath and sympath Unable to load image ntoskrnl exe Win error n WARNING Unable to verify timestamp for ntoskrnl exe ERROR Module load completed but symbols could not be loaded for ntoskrnl exe Loading Kernel Symbols Loading User Symbols Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck fffff ce fffff Kernel symbols are WRONG Please fix symbols to do analysis Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided y... Read more

A:[SOLVED] BSOD's & Dump file included

To update this issue, I got a BSOD after starting fraps. It was a nv4_disp.dll error. Then I remembered, the two times I BSOD'ed nv4_disp was with FRAPS. So I played the game normally without Fraps, and for 3-4 hours, no BSOD or crash or anything. Interesting, as Fraps never affected me like this before. It comes to my attention though, that since this is my new XP boot, that I also have a NEWER version of Fraps, and that clicked in my head. I'm going to try using an older version or fraps or so...

Though, I haven't had any ntoskrnl.exe BSODs today at all...I'm not sure why. Though I did up my Voltage because I remembered I was doing some work in the Bios and turned down my Voltage a little bit because I thought it was fine, so that might explain it. If what I have deduced is correct, then valid explanations for all problems have been found.

I'll update if anything else happens.

http://www.techsupportforum.com/forums/f10/solved-bsods-and-amp-dump-file-included-356602.html
Relevancy 55.9%

Well i cand do anything in my CP i get BSOD like 1-2per a day 6h use. it started like one random BSOD and nothing for week then it started come more 1per week -> 2per week -> 3per week -> Jne.

I have tryed Registery cleaner and some little thinks like Microsoft memory check, Hard disk errorcheking.

The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x0000000000000000, 0xfffffa800b613028, 0x00000000be200000, 0x000000000005110a). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: .
"Ton l?ysin tuolta eventeist?" = "i find that in event log"
well some reson memory.DMB cant be uploaded if u sent skype account i can send them over skype.

A:BSOD When just used computer Memory dump file included

There are no dmp files.... please upload them

also the system logs are only till June 2012.. please go to event viewer and save the log directly from there...

http://www.sevenforums.com/bsod-help-support/245713-bsod-when-just-used-computer-memory-dump-file-included.html
Relevancy 55.9%

Okay everytime from now to now i will be playing a game in mycase Test Drive Unlimited 2 for sometime and then the game will freezeup, sound will start messing up and game will crash and then the blue Screen error message will appear following by the system shutting down. It keeps happing.

Here are my system specs.
CPU - Phenom X4 9150e
RAM - Muskin DDR2 2gb pc6400 @ 800MHz
MOBO - ASUS M3N78 PRO
GPU - OEM Radeon HD 4850 512mb version
HDD - Seagate 7200RPM 750GB HDD
PSU - ROCKETFISH 500WATT PSU
OS - Windows 7 64 bit home premium


Just added the dmp file

A:BSOD while Playing TDU2, I have dump file included

  
Quote: Originally Posted by erekson714


Okay everytime from now to now i will be playing a game in mycase Test Drive Unlimited 2 for sometime and then the game will freezeup, sound will start messing up and game will crash and then the blue Screen error message will appear following by the system shutting down. It keeps happing.

Here are my system specs.
CPU - Phenom X4 9150e
RAM - Muskin DDR2 2gb pc6400 @ 800MHz
MOBO - ASUS M3N78 PRO
GPU - OEM Radeon HD 4850 512mb version
HDD - Seagate 7200RPM 750GB HDD
PSU - ROCKETFISH 500WATT PSU
OS - Windows 7 64 bit home premium


Just added the dmp file


I do notice Symantec which is a frequent cause of BSOD's. I would remove and replace it with Microsoft Security Essentials AT LEAST TO TEST
http://us.norton.com/support/kb/web_...080710133834EN

Microsoft Security Essentials - Free Antivirus for Windows

http://www.sevenforums.com/bsod-help-support/203275-bsod-while-playing-tdu2-i-have-dump-file-included.html
Relevancy 55.9%

I have the .dmp file for my error, i have no idea what is going on, i have tried reformatting, everything... please help me.

A:Windows 7 BSOD error 0x0000007f - DMP file INCLUDED

Hi -

Bugcheck = 0x7f (0xd,,,) = kernel mode trap; 0xd = An exception not covered by some other exception; a protection fault that pertains to access violations for applications

Update your NVIDIA nForce drivers -

Code:
nvm62x32.sys Fri Oct 17 17:00:39 2008 (48F8FCF7)

Update your Linksys wifi drivers -

Code:
MRVW24B.sys Sun Oct 28 23:21:52 2007 (472551D0)

NVIDIA --> http://www.nvidia.com/Download/index.aspx?lang=en-us

Linksys --> http://www.linksysbycisco.com/US/en/support

Did you upgrade an existing Windows OS to Windows 7? Be sure to run the Windows 7 Upgrade advisor --> http://www.microsoft.com/Windows/win...e-advisor.aspx

`

You are also in need of Windows Updates based on the timestamp that I noticed on the DirectX Kernel -

Windows Updates --> www.update.microsoft.com

Regards. . .

jcgriff2

.



Windows 7 x86 -- Bugcheck = 0x7f (0xd,,,)

Code:

Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\PalmDesert7\AppData\Local\Temp\Temp1_dmpfile[1].zip\New folder\011610-33431-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Invalid directory table base value 0x0
WARNING: Whitespace at end of path element
Symbol search path is: SRV*C:\symbols*http://msdl.microsoft.com/download/symbols


Executable search path is:
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.x86fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0x82653000 PsLoadedModuleList = 0x8279b810
Debug session time: Sat Jan 16 17:27:41.614 2010 (GMT-5)
System Uptime: 0 days 0:46:57.064
Loading Kernel Symbols
...............................................................
................................................................
...................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 7F, {d, 0, 0, 0}

Probably caused by : ntkrpamp.exe ( nt!KiSystemFatalException+f )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

UNEXPECTED_KERNEL_MODE_TRAP (7f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000d, EXCEPTION_GP_FAULT
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR: 0x7f_d

CUSTOMER_... Read more

http://www.techsupportforum.com/forums/f299/windows-7-bsod-error-0x0000007f-dmp-file-included-452519.html
Relevancy 55.9%

Hi there,

I'm running an IT department and one of my users is constantly getting BSOD's. It's happened three times today since the start of the morning. I need to fix this computer immediately .

I followed the instructions in this post: Blue Screen of Death (BSOD) Posting Instructions.

I've attached the .zip file that was created after running the tool, and I've attached a screenshot of the BSOD information that Windows provided me.

Hopefully someone can help me out with this soon.

Thank you,

A:BSOD at Random Moments... SF Dump File Included

Hi SFeldman217.

Install Service pack 1 and all other windows updates. Otherwise the system will remain vulnerable to threats.

Code:
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.17273.amd64fre.win7_gdr.130318-1532
Learn how to install Windows 7 Service Pack 1 (SP1)
Service Pack Center - Microsoft Windows

The BSOD is caused by Intel Graphics driver.

Code:
BugCheck 116, {fffffa80058d34e0, fffff88003e49cb0, 0, c}

Unable to load image \SystemRoot\system32\DRIVERS\igdkmd64.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for igdkmd64.sys
*** ERROR: Module load completed but symbols could not be loaded for igdkmd64.sys
Probably caused by : igdkmd64.sys ( igdkmd64+23cb0 )

Followup: MachineOwner
---------
And the driver is very old.

Code:
fffff880`03e26000 fffff880`043f9500 igdkmd64 T (no symbols)
Loaded symbol image file: igdkmd64.sys
Image path: \SystemRoot\system32\DRIVERS\igdkmd64.sys
Image name: igdkmd64.sys
Timestamp: Wed May 06 23:52:19 2009 (4A01D55B)
CheckSum: 005D8353
ImageSize: 005D3500
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
Update the Intel HD Graphics Driver, either from our forum link, Latest Intel HD Graphics Driver for Windows 7, or You may get it from Intel Download Center.
Moreover, you may run the Intel (R) Driver Update Utility to auto detect the appropriate driver for your computer.

Let us know the results.

** If you cannot find the appropriate driver, Execute SF Diag tool again, click the DXDiag button and upload the resulting Text tile.

http://www.sevenforums.com/bsod-help-support/306163-bsod-random-moments-sf-dump-file-included.html
Relevancy 55.9%

Hi all,

I've been getting the "Driver IRQL_Not_Less_Than_Or_Equal" error recently and I had no idea why.

I only get this error when playing games like Battlefield 3, Rage or other graphic intensive games.

I never install any hardware recently and except for a Samsung F3 1TB Hard disk that i brought recently.

Please help and advise me on what to do, thanks alot

P.S. Let me know if the zip file is contains all the vital information.

A:BSOD - Driver IRQL_Not_Less_Than_Or_Equal(Included SF Diagnostic File)

Welcome
Your reports have given many causes. One that appeared sevearl times is Athurx.sys.
Productname:Driver for Atheros CB42/CB43/MB42/MB43 Network Adapter Description:Atheros Extensible Wireless LAN device driver Company:Atheros Communications, Inc. File size:Various

Update driver and continue to use computer. If problem continues, I would go for a driver verifier test. This will give the true cause. If it is negative, we will look toward hardware. Good luck

http://www.sevenforums.com/bsod-help-support/243433-bsod-driver-irql_not_less_than_or_equal-included-sf-diagnostic-file.html
Relevancy 55.9%

My computer just crashed for the second time, the first time happening on 12/4/11, and i included the minidump folder to see if anyone could find out what happened, and what i could do to fix it.

EDIT: after a few seconds of the blue screen appearing, my computer restarted on its own. Windows 7 x64 Home Premium

thank you in advance
 

A:BSOD-Memory Management-minidump file included

Video driver is implicated as the cause in the Dec14 crash. Update your video driver or if you updated it just prior to the crashes, roll back to the earlier version.
 

https://forums.techguy.org/threads/bsod-memory-management-minidump-file-included.1031274/
Relevancy 55.9%

I have been getting many bsods recently and the main one is IRQL NOT LESS OR EQUAL I don't always get it immediately upon booting up most of the time its during the playing of a game I have ran memtest and my results came back within an hour saying no errors Here is what the dump file says Microsoft R Windows Debugger Version X Copyright c Microsoft Corporation All rights reserved Code Loading Dump File C Windows Minidump - - dmp Mini Kernel Dump File Only registers and stack trace are available Symbol Path validation summary Response Time ms Location Deferred SRV c symbols http msdl microsoft com download symbols Symbol search path is SRV c symbols http msdl microsoft com download symbols Executable search path is Windows Kernel Version MP procs Free x Product WinNt suite TerminalServer SingleUserTS Personal Built by amd fre th release sec - Machine Name Kernel base xfffff bbe b PsLoadedModuleList xfffff bc cd Debug session time Sun Mar UTC - System Uptime days Loading Kernel Symbols Loading User Symbols Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck A ff fffff bbecf e Probably caused by ntkrnlmp exe nt KiEndThreadAccountingPeriod e Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis IRQL NOT LESS OR EQUAL a An attempt File Help/Dump [Pleas IRQL_NOT_LESS_OR_EQUAL BSOD Included] was made to access a pageable or completely invalid address at an interrupt request level IRQL that is too high This is usually caused by drivers using improper addresses If a kernel debugger is available get the stack backtrace Arguments Arg memory referenced Arg ff IRQL Arg bitfield bit IRQL_NOT_LESS_OR_EQUAL BSOD [Pleas Help/Dump File Included] value read operation write operation bit value not an execute operation execute operation only on chips which support this level of status Arg fffff bbecf e address which referenced memory Debugging Details ------------------ DUMP CLASS DUMP QUALIFIER BUILD VERSION STRING amd fre th release sec - SYSTEM MANUFACTURER System manufacturer SYSTEM PRODUCT NAME System Product Name SYSTEM SKU SKU SYSTEM VERSION System Version BIOS VENDOR IRQL_NOT_LESS_OR_EQUAL BSOD [Pleas Help/Dump File Included] American Megatrends Inc BIOS VERSION BIOS DATE BASEBOARD MANUFACTURER ASUSTeK COMPUTER INC BASEBOARD PRODUCT Z -A BASEBOARD VERSION Rev xx DUMP TYPE BUGCHECK P BUGCHECK P ff BUGCHECK P BUGCHECK P fffff bbecf e READ ADDRESS fffff bc f Unable to get MiVisibleState CURRENT IRQL d FAULTING IP nt KiEndThreadAccountingPeriod e fffff bbecf e b mov rdx qword ptr rax h CPU COUNT CPU MHZ fa CPU VENDOR GenuineIntel CPU FAMILY CPU MODEL e CPU STEPPING CPU MICROCODE e F M S R SIG ' cache ' init CUSTOMER CRASH COUNT DEFAULT BUCKET ID WIN DRIVER FAULT BUGCHECK STR AV PROCESS NAME System ANALYSIS SESSION HOST JOHN-PC ANALYSIS SESSION TIME - - ANALYSIS VERSION x fre TRAP FRAME ffffd b bdf -- trap xffffd b bdf NOTE The trap frame does not contain all registers Some register values may be zeroed or incorrect rax fffff bc e rbx rcx rdx ffffd b acc rsi rdi rip fffff bbecf e rsp ffffd b bf rbp ea cd r ea cd r r ffffd b r b r r r r iopl nv up di pl nz na pe nc nt KiEndThreadAccountingPeriod x e fffff bbecf e b mov rdx qword ptr rax h ds fffff bc e ff Resetting default scope LAST CONTROL TRANSFER from fffff bbfc e to fffff bbfbd STACK TEXT ffffd b bca fffff bbfc e a ff nt KeBugCheckEx ffffd b bcb fffff bbfc ac e a e ffffd b e nt KiBugCheckDispatch x ffffd b bdf fffff bbecf e ffffe ed c b e f d ffffd b nt KiPageFault x ffffd b bf fffff bbfbeb ffffe de cd ffffd b ffffe dc c nt KiEndThreadAccountingPeriod x e ffffd b bfb fffff bbfbefb ff nt KiInterruptSubDispatchNoLockNoEtw xc ffffd b e nt KiInterruptDispatchNoLockNoEtw x STACK COMMAND kb THREAD SHA HASH MOD FUNC bf ae d cf a b c f THREAD SHA HASH MOD FUNC OFFSET a c cd f a f ee af d b bf THREAD SHA HASH MOD ee fcf fb cb e e f ddbed ec b a FOLLOWUP IP nt KiEndThreadAccountingPeriod e fffff bbecf e b mov rdx qword ptr rax h F... Read more

http://www.tenforums.com/bsod-crashes-debugging/44716-irql_not_less_or_equal-bsod-pleas-help-dump-file-included.html
Relevancy 55.9%

Hey guys, I have a problem here. I am getting alot of BSOD's (0x00000007F) lately and I already tested alot of things, tested my harddisks, the drivers and update's, did a memtest and all had a positive result. Now tht I did tht I am really stuck in what I should do next...

I posted the dump zip below, I hope you guys can help me out.
 

A:Windows BSOD 0x00000007F file dump zip included

I read your dumps but before dealing with them please tell us if your BSODs occur doing anything specific or if they are random. Second, tell us if you bought this system and who the manufacture was, i.e. Dell, HP, etc. or if you or someone else built it. If the latter what is the make of your motherboard?
 

http://www.techspot.com/community/topics/windows-bsod-0x00000007f-file-dump-zip-included.172380/
Relevancy 55.9%

Hi guys,

I have been having BSOD every once in a while. They seem to happen randomly when I am surfing the web. Can anybody help me with this? I attached the latest mini dmp file. I am using Windows 7 64 bit.

Greatly appreciate any help!

Edit: Looked at the BSOD posting instructions and followed the instructions. I attached what I got from the BSOD collection tool. I couldn't figure how to save the html file from the system performance tool.

A:BSOD happening randomly (mini dmp file included)

Could not see my newly attached mini dmp log...hope this post has it.

http://www.sevenforums.com/bsod-help-support/228158-bsod-happening-randomly-mini-dmp-file-included.html
Relevancy 55.9%

Hello
New girl here so please be patient ... merci .

Last night while converting a large avi file to DVD using ConvertXtoDVd .. I had a BSOD . ! First ever .

I have included the dmp file and also the full system info zip Seven forums requested.

Hope you can help identify the culprit ,
Many thanks
Danielle .

A:BSOD Converting avi file . Dmp and full system zip included .

Hello and welcome Danielle now did you use these for sending the dump files? if not please do because I cannt open the RAR stuff and the other has no BSOD dumps in it
Dump Files - Configure Windows to Create on BSOD
&
Blue Screen of Death (BSOD) Posting Instructions

http://www.sevenforums.com/bsod-help-support/398673-bsod-converting-avi-file-dmp-full-system-zip-included.html
Relevancy 55.9%

Hello This last week my computer has BSOD or more times i have included the zip file like the instructions say It happened the first time when i started Diablo from the Battle net desktop client the screens went starting included file zip BSOD or 3. while Diablo playing and black and the computer restarted the quot Windows has recovered from an unexpected shutdown quot window showed this Problem signature Problem Event Name BlueScreen OS Version Locale ID Additional information about the problem BCCode BCP FFFFFA E BCP FFFFF FA ED C BCP FFFFFFFFC A BCP OS Version Service Pack Product Files that help describe the problem C Windows Minidump BSOD while starting and or playing Diablo 3. included zip file - - dmp C Users Cliff BSOD while starting and or playing Diablo 3. included zip file AppData Local Temp WER- - sysdata xml it happened again today while i was playing diablo Here are my computer specs All my windows updates are up to date and so are my Video card drivers Computer specs OS Name Microsoft Windows Ultimate Version Service Pack Build Other OS Description Not Available OS Manufacturer Microsoft Corporation System Name CLIFF-PC System Manufacturer Gigabyte Technology Co Ltd System Model X A-UD R System Type x -based PC Processor Intel R Core TM i CPU GHz Mhz Core s Logical Processor s BIOS Version Date Award Software International Inc FA SMBIOS Version Windows Directory C Windows System Directory C Windows system Boot Device Device HarddiskVolume Locale United States Hardware Abstraction Layer Version quot quot User Name Cliff-PC Cliff Time Zone Pacific Daylight Time Installed Physical Memory RAM GB Total Physical Memory GB Available Physical Memory GB Total Virtual Memory GB Available Virtual Memory GB Page File Space GB GPU Way SLI EVGA GTX SC

A:BSOD while starting and or playing Diablo 3. included zip file

added dmp file folder.

http://www.sevenforums.com/bsod-help-support/338910-bsod-while-starting-playing-diablo-3-included-zip-file.html
Relevancy 55.47%

Hi, hope you're doing well.

this just started happening to me yesterday. Windows 7, 64 bit. I'll be doing nothing in particular on my Toshiba Satellite laptop and the screen will randomly just turn black...the back light is still on. The hard drive light on the front will also stop blinking and just turn off. I have to manually shut down my laptop by holding the power button....I can restart it normally but then after a random amount of time, the screen will turn black again. It might last 15 minutes or an hour but it happens again. I've included the file requested for BSOD situations because I"m not sure of the issue.

Thanks for any help, I truly appreciate it!

A:Screen turns black, and HDD light goes off, BSOD file included, Thanks

fun new development! i now hear static whenever my computer is playing music or any other types of sounds....ugh

http://www.sevenforums.com/bsod-help-support/265024-screen-turns-black-hdd-light-goes-off-bsod-file-included-thanks.html
Relevancy 55.47%

Hello boot and file (dmp BSOD's Dual included) random reboots i installed both win bit build rc and windows xp sp on harddrive Both of them are randomly rebooting sometimes with sometimes without bsod' s I attached a zip containing the first and the most recent dumpfile What i noticed A few days ago i was working in dsmax and i got these pop-up messages that there was something wrong with the drivers of my Dual boot BSOD's and random reboots (dmp file included) graphics card dsmax would than freeze and my monitor would tick but come back in a few seconds and would work fine again That same day i suddenly got a BSOD saying machine check exception I uninstalled any recently installed software but the problem still occured When i Dual boot BSOD's and random reboots (dmp file included) booted win xp i got reboots aswell so i figured it was a hardware problem The last few bsod' s gave the x code which i red a few threads about and Dual boot BSOD's and random reboots (dmp file included) the cause seems consistent with the analysing BlueScreenView did on the crashdumps There' s something wrong with the hall dll and the ntoskrnl exe according to bluescreenview Also i noticed that the first time i booted win xp there was no lan connection which is highly unusual for that os These are the results of a bios scan i did bad drivers are in cursive Disk Drives Hitachi HDS CLA ATA Device SAMSUNG HD SI ATA Device Display adapters NVIDIA GeForce GT Microsoft Corporation - WDDM v DVD CD-ROM drives TSSTcorp CDDVDW SH-S A ATA Device UNA IZKPIZ I SCSI CdRom Device Human Interface Devices HID-compliant consumer control device USB Input Device USB Input Device IDE ATA ATAPI controllers Standard Dual Channel PCI IDE Controller Standard Dual Channel PCI IDE Controller Standard Dual Channel PCI IDE Controller Standard Dual Channel PCI IDE Controller Keyboards HID Keyboard Device Mice and other pointing devices Microsoft PS Mouse Monitors PHILIPS S inch CM Network adapters Realtek RTL C P C P Family PCI-E Gigabit Ethernet NIC NDIS Processors Intel R Core TM Quad CPU Q GHz SCSI and RAID controllers ADSJB K IDE Controller Sound video and game controllers E-MU E-DSP Audio Processor WDM High Definition Audio Device System Devices OHCI Compliant Host Controller Universal Serial Bus controllers Intel R ICH Family USB Enhanced Host Controller - A A Intel R ICH Family USB Enhanced Host Controller - A C Intel R ICH Family USB Universal Host Controller - A Intel R ICH Family USB Universal Host Controller - A Intel R ICH Family USB Universal Host Controller - A Intel R ICH Family USB Universal Host Controller - A Intel R ICH Family USB Universal Host Controller - A Intel R ICH Family USB Universal Host Controller - A USB Composite Device Disconnected Devices Freecom Mobile Drive XXS USB Device HID-compliant mouse Intel R G G Express Chipset Intel R High Definition Audio HDMI ST AS USB Device Samsung YP-U USB Device Standard PS Keyboard USB Input Device USB Mass Storage Device USB Mass Storage Device USB Mass Storage Device YAMAHA MOTIF-R Systeem specs Field Value Computer Operating System Windows Ultimate Media Center Edition OS Service Pack - DirectX DirectX c Motherboard CPU Type x Intel Pentium III Xeon MHz Motherboard Name MSI G M Digital Motherboard Chipset Unknown System Memory MB BIOS Type Unknown Display Video Adapter GeForce GT Video Adapter GeForce GT Monitor Philips S CM quot CRT Multimedia Audio Adapter E-MU E-DSP Audio Processor WDM NoDB Audio Adapter High Definition Audio Controller NoDB Storage IDE Controller Standard Dual Channel PCI IDE Controller IDE Controller Standard Dual Channel PCI IDE Controller IDE Controller Standard Dual Channel PCI IDE Controller IDE Controller Standard Dual Channel PCI IDE Controller SCSI RAID Controller ADSJB K IDE Controller Disk Drive Hitachi HDS CLA ATA Device Disk Drive SAMSUNG HD SI ATA Device Disk Drive SAMSUNG HD SI ATA Device Optical Drive TSSTcorp CDDVDW SH-S A ATA Device Optical Drive UNA IZKPIZ I SCSI CdRom ... Read more

A:Dual boot BSOD's and random reboots (dmp file included)

  
Quote: Originally Posted by marcush


Hello, i installed both win 7 64 bit (build rc 7600) and windows xp sp2 on 1 harddrive. Both of them are randomly rebooting, sometimes with sometimes without bsod' s. I attached a zip containing the first and the most recent dumpfile.

What i noticed:

A few days ago i was working in 3dsmax and i got these pop-up messages that there was something wrong with the drivers of my graphics card. 3dsmax would than freeze and my monitor would tick but come back in a few seconds and would work fine again. That same day i suddenly got a BSOD saying: machine check exception. I uninstalled any recently installed software but the problem still occured.
When i booted win xp i got reboots aswell, so i figured it was a hardware problem. The last few bsod' s gave the 0x124 code, which i red a few threads about and the cause seems consistent with the analysing BlueScreenView did on the crashdumps. There' s something wrong with the hall.dll and the ntoskrnl.exe according to bluescreenview. Also i noticed that the first time i booted win xp, there was no lan connection, which is highly unusual for that os. These are the results of a bios scan i did (bad drivers are in cursive):

Code:
Disk Drives
Hitachi HDS721050CLA362 ATA Device
SAMSUNG HD103SI ATA Device
Display adapters
NVIDIA GeForce 8600 GT (Microsoft Corporation - WDDM v1.1)
DVD/CD-ROM drives
TSSTcorp CDDVDW SH-S222A ATA Device
UNA IZKPIZ49I SCSI CdRom Device
Human Interface Devices
HID-compliant consumer control device
USB Input Device
USB Input Device
IDE ATA/ATAPI controllers
Standard Dual Channel PCI IDE Controller
Standard Dual Channel PCI IDE Controller
Standard Dual Channel PCI IDE Controller
Standard Dual Channel PCI IDE Controller
Keyboards
HID Keyboard Device
Mice and other pointing devices
Microsoft PS/2 Mouse
Monitors
PHILIPS 105S(15inch/CM2300)
Network adapters
Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Processors
Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
SCSI and RAID controllers
ADSJB03K IDE Controller
Sound, video and game controllers
E-MU E-DSP Audio Processor (WDM)
High Definition Audio Device
System Devices
1394 OHCI Compliant Host Controller
Universal Serial Bus controllers
Intel(R) ICH10 Family USB Enhanced Host Controller - 3A3A
Intel(R) ICH10 Family USB Enhanced Host Controller - 3A3C
Intel(R) ICH10 Family USB Universal Host Controller - 3A34
Intel(R) ICH10 Family USB Universal Host Controller - 3A35
Intel(R) ICH10 Family USB Universal Host Controller - 3A36
Intel(R) ICH10 Family USB Universal Host Controller - 3A37
Intel(R) ICH10 Family USB Universal Host Controller - 3A38
Intel(R) ICH10 Family USB Universal Host Controller - 3A39
USB Composite Device
Disconnected Devices
Freecom Mobile Drive XXS USB Device
HID-compliant mouse
Intel(R) G45/G43 Express Chipset
Intel(R) High Definition Audio HDMI
ST332082 0AS USB Device
Samsung YP-U2 USB Device
Standard PS/2 Keyboard
USB Input Device
USB Mass Storage Device
USB Mass Storage Device
USB Mass Storage Device
YAMAHA MOTIF-R

Systeem specs:
Field Value
Computer
Operating System Windows 7 Ultimate Media Center Edition
OS Service Pack -
DirectX 4.09.00.0904 (DirectX 9.0c)

Motherboard
CPU Ty... Read more

http://www.sevenforums.com/bsod-help-support/87593-dual-boot-bsods-random-reboots-dmp-file-included.html
Relevancy 55.47%

Below is some information on the rig further below is the dump Seems to be a memory problem yes Is it for sure that the memory is bad in that case or are there other possibilities I have two sticks how do I tell which one is the problem Should I replace both Going to run Memtest when I get home Any further suggestions Intel Core Quad Processor Q x GHz MB L Cache FSB Asus P N-E SLI nForce i SLI Chipset w -channel CODEC Gb LAN S-ATA Raid USB IEEE- Dual PCI-E MB GB Corsair XMS NVIDIA GeForce GT MB w DVI TV Out Video Microsoft R Windows Debugger Version X Copyright c Microsoft Corporation All rights reserved Loading Dump File C Documents and Settings Bleeping PC Desktop Mini - dmp wMini Kernel Dump File Only registers and the me file Filter: Dump cause. Help contents BSOD included. pinpoint stack trace are available Symbol search path is C WINDOWS Symbols Executable search path is Unable to load image ntoskrnl exe Win error n WARNING Unable to verify timestamp for ntoskrnl exe Windows XP Kernel Version Service Pack BSOD Filter: Help me pinpoint the cause. Dump file contents included. MP procs Free x compatible Product WinNt suite TerminalServer SingleUserTS Kernel base x d PsLoadedModuleList x c Debug session time Thu Dec GMT- System Uptime days Unable to load image ntoskrnl exe Win error n WARNING Unable to verify timestamp for ntoskrnl exe Loading Kernel Symbols Loading User Symbols Loading unloaded module list WARNING Unable to verify timestamp for hal dll Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck C bab c b Probably caused by memory corruption nt MmDeleteKernelStack Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis MACHINE CHECK EXCEPTION c A fatal Machine Check Exception has occurred KeBugCheckEx parameters x Processors If the processor has ONLY MCE feature available For example Intel Pentium the parameters are - Low bits of P MC TYPE MSR - Address of MCA EXCEPTION structure - High bits of P MC ADDR MSR - Low bits of P MC ADDR MSR If the processor also has MCA feature available For example Intel Pentium Pro the parameters are - Bank number - Address of MCA EXCEPTION structure - High bits of MCi STATUS MSR for the MCA bank that had the error - Low bits of MCi STATUS MSR for the MCA bank that had the error IA Processors - Bugcheck Type - MCA ASSERT - MCA GET STATEINFO SAL returned an error for SAL GET STATEINFO while processing MCA - MCA CLEAR STATEINFO SAL returned an error for SAL CLEAR STATEINFO while processing MCA - MCA FATAL FW reported a fatal MCA - MCA NONFATAL SAL reported a recoverable MCA and we don t support currently support recovery or SAL generated an MCA and then couldn t produce an error record xB - INIT ASSERT xC - INIT GET STATEINFO SAL returned an error for SAL GET STATEINFO while processing INIT event xD - INIT CLEAR STATEINFO SAL returned an error for SAL CLEAR STATEINFO while processing INIT event xE - INIT FATAL Not used - Address of log - Size of log - Error code in the case of x GET STATEINFO or x CLEAR STATEINFO AMD Processors - Bank number - Address of MCA EXCEPTION structure - High bits of MCi STATUS MSR for the MCA bank that had the error - Low bits of MCi STATUS MSR for the MCA bank that had the error Arguments Arg Arg bab c Arg b Arg Debugging Details ------------------ NOTE This is a hardware error This error was reported by the CPU via Interrupt This analysis will provide more information about the specific error Please contact the manufacturer for additional information about this error and troubleshooting assistance This error is documented in the following publication - IA- Intel r Architecture Software Developer s Manual Volume System Programming Guide Bit Mask MA Model Specific MCA O ID Other Information Error Code Error Code VV SDP AEUECRC LRCNVVC ---------------------------------------------------------------- VAL - MCi STATUS register is valid Indicates that the information contained within the IA MCi STATUS register is valid When th... Read more

A:BSOD Filter: Help me pinpoint the cause. Dump file contents included.

I could tell more about your problem if I had the blue screen's error message.
 

https://forums.techguy.org/threads/bsod-filter-help-me-pinpoint-the-cause-dump-file-contents-included.660133/
Relevancy 55.04%

Hi I'm Gary I know some about computers but not enough My home computer that my I'm I new included a log :) problem file and have son also uses I'm new and I have a problem :) log file included has stopped recognizing domain names I'm new and I have a problem :) log file included The only thing it shows in IE is quot Can't show this page quot also my Outlook no longer connects to Cablelynx my I'm new and I have a problem :) log file included provider to get my email - no error - just doesn't connect If I do ipconfig in the dos window I can get it to ping a numeric adress but not a name I ran Spybot and it found EDS Exploit on my ID and about things on my son's ID I got rid of all those things EDS or EOS came back each time until I found steps on the internet to remove it and went through them The computer shows up clean now but still doesn't recognize anything I'm using Norton Antivirus Ver - Virus Definition and Norton Internet Security Ver These no longer find updates because of the problem My friend here at work told me about HijackThis and this Web site I would appreciate any help you can give I'm also reading the Security page on how to not let this happen again My HijackThis log file is listed below Once again Thank You for any help any of you can give Also I had a USB drive plugged in at the time to put the file on but everything else but the Norton stuff should have been off as far as I can tell Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C PROGRA COMMON AOL ACS acsd exe C Program Files Common Files Symantec Shared ccProxy exe C Program Files Common Files Symantec Shared ccSetMgr exe C WINDOWS System CTsvcCDA exe C Program Files Norton Internet Security Norton AntiVirus navapsvc exe C Program Files Common Files Symantec Shared SNDSrvc exe C WINDOWS System svchost exe C WINDOWS wanmpsvc exe C WINDOWS System MsPMSPSv exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Symantec Shared Security Center SymWSC exe C WINDOWS System HPZipm exe C WINDOWS Explorer EXE C WINDOWS system dla tfswctrl exe C WINDOWS System DSentry exe C Program Files Dell Media Experience PCMService exe C Program Files Common Files Real Update OB realsched exe C Program Files MusicMatch MusicMatch Jukebox mmtask exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Common Files Dell EUSW Support exe C Program Files HP hpcoretech hpcmpmgr exe C Program Files Hewlett-Packard HP Software Update HPWuSchd exe C WINDOWS System hphmon exe C Program Files Digital Line Detect DLG exe C Documents and Settings Gary Desktop HijackThis exe C Program Files Messenger msmsgs exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKLM Software Microsoft Internet Explorer Main Start Page http www dell me com myway R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www dell me com myway O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO no name - B CA - A - D -A DF- BB - no file O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO Web assistant - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - Toolbar Web assistant - B EAC - D - b e- B -A C A A - C... Read more

A:I'm new and I have a problem :) log file included

Actually, you log is clean.

Download WinsockFix and unzip it. Then double-click on it to run it to help with your connectivity problem.

You can get a patch for the SpyBot/DSO Exploit issue here (known bug): http://www.majorgeeks.com/download4392.html

Let us know if you continue to have issues.

http://www.techsupportforum.com/forums/f284/im-new-and-i-have-a-problem-log-file-included-27155.html
Relevancy 54.61%

I'm at a loss as to what to do here My brother installed windows ultimate on my pc nearly a year ago and all has been well until file mode, included. in 30seconds Repeated dump BSOD safe after unless about a week ago While my husband was playing silly games on FB some win virus protector popped up I never got a look at it myself he said it crashed the pc and that it was actually malware he then found a solution to the problem via a google search I'm unsure what that quot solution quot was either But after this so called problem was fixed our pc started rebooting itself At first it would just or reboots to get back to normal and only when we were running the ram pretty hard it would crash But now as soon as we start up the BSOD death almost immediately pops up It cashes Repeated BSOD after 30seconds unless in safe mode, dump file included. so fast I am having a hard time reading what it says but I did catch the phrase quot Not less or Equal quot Any help would be greatly appreciated

A:Repeated BSOD after 30seconds unless in safe mode, dump file included.

Sorry, just now read the rules and instructions to posting here. I'm working on getting the file you actually need, with the system health and all of that jazz. The file I included in the first post is just the straight .dmp files, no other information.

http://www.sevenforums.com/bsod-help-support/204810-repeated-bsod-after-30seconds-unless-safe-mode-dump-file-included.html
Relevancy 53.75%

Hi all My laptop is running ok but I have noticed that certain programs have been taking a lot longer than usual to install update e g iTunes but they always do Possibly CBS Included System MSI - - Problem log File Then the last few days AVG Antivirus has been wanting to auto-update the software not just the virus definitions but each time it would freeze during the ''configuring'' step and subsequently cause every other program running to freeze and stop the opening of any other program - although I could still move the cursor so not a complete freeze if that makes sense So today I removed AVG with the removal tool and tried to do a fresh install but now I get a failure message immediately telling me ''MSI Engine failed to initialize the package'' I have no System File Problem - Possibly MSI - CBS log Included idea how to go about fixing this and ran system file check which said corrupt files were found but it was unable to repair some of them Here is the log Originally Posted by CBS log - - Info CBS TI --- Initializing Trusted Installer --- - - Info CBS TI Last boot time - - - - Info CBS Starting TrustedInstaller initialization - - Info CBS Ending TrustedInstaller initialization - - Info CBS Starting the TrustedInstaller main loop - - Info CBS TrustedInstaller service starts successfully - - Info CBS No startup processing required TrustedInstaller service was not set as autostart - - Info CBS Startup processing thread terminated normally - - Info CBS Starting TiWorker initialization - - Info CBS Ending TiWorker initialization - - Info CBS Starting the TiWorker main loop - - Info CBS TiWorker starts successfully - - Info CBS Universal Time is - - - - Info CBS Loaded Servicing Stack v with Core C Windows winsxs amd microsoft-windows-servicingstack bf ad e none e f e cbscore dll - - Info CSI WcpInitialize wcp dll version called stack x ff a e x ff a c x ff a da x f a d df x f a d c x ffac d - - Info CSI WcpInitialize wcp dll version called stack x ff a e x ff a f x ff a e e x ff a f x f a d df x f a d c - - Info CBS SQM Initializing online with Windows opt-in False - - Info CBS SQM Cleaning up report files older than days - - Info CBS SQM Requesting upload of all unsent reports - - Info CBS SQM Failed to start upload with file pattern C Windows servicing sqm std sqm flags x HRESULT x - E FAIL - - Info CBS SQM Failed to start standard sample upload HRESULT x - E FAIL - - Info CBS SQM Queued file s for upload with pattern C Windows servicing sqm all sqm flags x - - Info CBS SQM Warning Failed to upload all unsent reports HRESULT x - E FAIL - - Info CBS NonStart Set pending store consistency check - - Info CBS Session initialized by client WindowsUpdateAgent - - Info CBS Session initialized by client WindowsUpdateAgent I have no idea how to read one of these or even if it effectively evaluates the status of the installer so any help with this would be much appreciated PS Apologies if this is in the wrong sub-forum

A:System File Problem - Possibly MSI - CBS log Included

Ok so since then I restored windows to yesterday evening to see how things would be, AVG was a bit wonky so first tried to repair the install (using the regular install file downloaded from the website) - this led to a BSOD citing ''BAD_POOL-HEADER''. I don't know what that is but anyway I continued by then removing AVG and trying a fresh install and this time it worked fine, no problems.

I just ran and sfc scan again however and got the same message as before but this time the log file is alarmingly much much longer and has a lot more information in it so I've attached the file instead of copying the text in here.

Again I'd really appreciate it if someone more knowledgeable could help me diagnose the issue

http://www.eightforums.com/general-support/52238-system-file-problem-possibly-msi-cbs-log-included.html
Relevancy 53.75%

Hi I am having some problems with internet I use mozilla firefox and since the past two days or so my browser keeps going to this adult site which is not appropriate I ran a norton anti-virus scan and it found nothing so the problem has not yet gone what should i do This is my hijackthis Mozilla File Problem With (HJT Firefox. Included) log file Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Problem With Mozilla Firefox. (HJT File Included) Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C Program Files Common Files Symantec Shared ccSvcHst exe C Program Files Common Files Symantec Shared AppCore AppSvc exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files Common Files Symantec Shared ccSvcHst exe C Program Files Java jre bin jqs exe c Program Files Common Files LightScribe LSSrvc exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS Explorer EXE C windows system hpsysdrv exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C Program Files Common Files Real Update OB realsched exe C Program Files iTunes iTunesHelper exe C WINDOWS system ctfmon exe C Program Files Stardock ObjectDock ObjectDock exe C Program Files iPod bin iPodService exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files Windows Live Messenger msnmsgr exe C Program Files Windows Live Messenger usnsvc exe C Program Files uTorrent uTorrent exe C PROGRA Yahoo MESSEN ymsgr tray exe C program files mozilla firefox firefox exe C Program Files iTunes iTunes exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Adobe PDF Link Helper - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO RealPlayer Download and Record Plugin for Internet Explorer - C E -B - BC - - C CA - C Program Files Real RealPlayer rpbrowserrecordplugin dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo common yiesrvc dll O - BHO Java tm Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO ST - EDE -C B - E- - BF AF E - C Program Files MSN Apps ST en-xu stmain dll O - BHO CPrintEnhancer Object - AE A AA-A - B -B -C E E FE - C Program Files HP Smart Web Printing SmartWebPrinting dll O - BHO MSNToolBandBHO - BDBD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar en-us msntb dll O - BHO Java tm Plug-In ... Read more

A:Problem With Mozilla Firefox. (HJT File Included)

bump
 

https://forums.techguy.org/threads/problem-with-mozilla-firefox-hjt-file-included.779482/
Relevancy 53.75%

Windows Vista Home Premium Travelmate laptop Internet Explorer Vers When I am browsing the internet a new tabbed browser opens and gives me a false warning that my computer is at risk The initial web address that appears is quot em pc-on-internet quot and so on then it opens another site that warns me that my computer is at risk I installed Threatfire so I hope it helps Also I run AVG free edition antivirus on a daily em.pc-on-internet problem, included HJT Solved: file scheduled time and it never finds any threats And about Solved: em.pc-on-internet problem, HJT file included a week ago Windows Solved: em.pc-on-internet problem, HJT file included Security Center started telling me that Windows did not find an AV program although I have AVG As well WSC tells me that Windows Defender is not running although when I click Windows defender it tells me that my computer is running normally Please help me with these annoyances thanks PS When I ran HJT it gave out a warning telling me to edit a file through the Run command and when I did I could not find the file it told me to delete but here is the logfile Logfile of HijackThis v Scan saved at AM on Platform Unknown Windows WinNT MSIE Internet Explorer v Running processes C Windows system Dwm exe C Windows Explorer EXE C Windows system taskeng exe C Program Files Windows Defender MSASCui exe C Program Files Grisoft AVG avgcc exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Nokia Nokia PC Suite LaunchApplication exe C Program Files Java jre bin jusched exe C Windows System igfxtray exe C Windows System hkcmd exe C Windows System igfxpers exe C Program Files Adobe Reader Reader reader sl exe C Acer Empowering Technology eDataSecurity eDSloader exe C Program Files Launch Manager LManager exe C Program Files Microsoft Xbox Accessories XBoxStat exe C Program Files ThreatFire TFTray exe C Windows ehome ehtray exe C Program Files Logitech SetPoint SetPoint exe C Windows System w eject exe C Windows system wbem unsecapp exe C Windows system igfxsrvc exe C Windows ehome ehmsas exe C Acer Empowering Technology ENET ENMTRAY EXE C Acer Empowering Technology EPOWER EPOWER DMC EXE C Windows system igfxext exe C Acer Empowering Technology ACER EMPOWERING FRAMEWORK SUPERVISOR EXE C Program Files Common Files Logitech khalshared KHALMNPR EXE C Users Abie Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http g msn ca SEENCA SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Explorer Main Search Page http g msn ca SEENCA SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Explorer Main Start Page http www google ca R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer SearchURL Default http g msn ca SEENCA SAOS FORM TOOLBR R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Win... Read more

https://forums.techguy.org/threads/solved-em-pc-on-internet-problem-hjt-file-included.627829/
Relevancy 53.75%

I have a quot Movieland quot virus on my computer that says I am legally obligated file help (hijackthis problem... included) Movieland please to pay for a service i didn t ask for as you have heard before Here is my Hijackthis log please help Thank you Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe Movieland problem... please help (hijackthis file included) C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS System wltrysvc exe C WINDOWS System bcmwltry exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C WINDOWS system CTSvcCDA EXE C Program Files ewido anti-malware ewidoctrl exe C Program Files Norton SystemWorks Norton GoBack GBPoll exe C Program Files Norton SystemWorks Norton AntiVirus navapsvc exe C Program Files Dell NICCONFIGSVC NICCONFIGSVC exe C Program Files Norton SystemWorks Norton AntiVirus IWP NPFMntor exe C PROGRA NORTON NORTON NPROTECT EXE C PROGRA NORTON NORTON SPEEDD NOPDB EXE C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system MsPMSPSv exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C Program Files Apoint Apoint exe C Program Files Java j re bin jusched exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files Dell QuickSet quickset exe C WINDOWS system WLTRAY exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Real RealPlayer RealPlay exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Dell Media Experience DMXLauncher exe C Program Files Musicmatch Musicmatch Jukebox mm tray exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Dell Support DSAgnt exe C Program Files AIM aim exe C PROGRA P PNET P PNET EXE C winstall exe C Program Files Apoint Apntex exe C Program Files Digital Line Detect DLG exe C Program Files Dell Photo Printer dlbcserv exe C Program Files Norton SystemWorks Norton GoBack GBTray exe C Program Files Creative MediaSource CTCMS EXE C Program Files Creative MediaSource Detector CTDetect exe C Program Files ItBill itbill exe C Program Files LimeWire LimeWire exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C Program Files PestTrap PestTrap exe C Program Files Messenger msmsgs exe C Documents and Settings Noah Desktop Movieland Removal Files hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKCU Software Microsoft Internet Explorer Main Search Bar http mysearch myway com jsp dellsidebar jsp p DE R - HKCU Software Microsoft Internet Explorer Main Start Page http www myspace com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKLM Software Microsoft Internet Explorer Main Start Page http www dell me com myway R - URLSearchHook AOLTBSearch Class - EA - - DB- F -D CA FB C D - C Program Files AOL AOL Toolbar aoltb dll R - URLSearchHook no name - D F -B FE- -BF - AB D D - C Program Files MyWaySA SrchAsDe deSrcAs dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - D F -B FE- -BF - AB D D - C Program Files MyWaySA SrchAsDe deSrcAs dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO AOL Toolbar Launcher - C - CB - A -B F - EA C F - C Program Files AOL AOL Toolbar aoltb dll O - BHO CNavExtBho Class - BDF E -B - AD-A -FADC B - C Program Files Norton SystemWorks Norton AntiVirus Na... Read more

Relevancy 53.75%

Hello I am having the same problem a previous person had I try to use a scanner or imaging device and can t then get the error C WINDOWS SYSTEM AUTOEXEC NT The system file is not suitable for running MS-DOS and Microsoft Windows applications Choose Close to terminate application I have tried to call toshiba on this My laptop support and they said to do that whole expand deal but I couldn t get that to work I posted a hijackthis logfile below tosee if theres some problem w my computer file hijackthis included Autoexec.nt problem, any help would be soo appreciated I need to be able to use one of my two scanners Thanks Katrina Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT Autoexec.nt problem, hijackthis file included MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C PROGRA COMMON AOL ACS acsd exe c Program Files Norton AntiVirus navapsvc exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C WINDOWS wanmpsvc exe C WINDOWS System THotkey exe C Program Files Apoint K Apoint exe C WINDOWS system TFNF exe C WINDOWS system TPWRTRAY EXE C Program Files TOSHIBA TouchED TouchED Exe C PROGRA NORTON navapw exe C WINDOWS System ezSP Px exe C toshiba ivp ism pinger exe C toshiba sysstability tsyssmon exe C Program Files America Online a aoltray exe C Program Files Apoint K Apntex exe C Program Files Internet Explorer iexplore exe C PROGRA MICROS Office FRONTPG EXE C Program Files America Online a waol exe C Program Files America Online a shellmon exe C Program Files America Online a aolwbspd exe C Documents and Settings our family My Documents hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http red clientapps yahoo com customize ie defaults stp ymsgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http red clientapps yahoo com customize ie defaults su ymsgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http red clientapps yahoo com customize ie defaults stp ymsgr http www yahoo com O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C PROGRA Yahoo COMPAN Installs cpn ycomp dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO CNavExtBho Class - BDF E -B - AD-A -FADC B - c Program Files Norton AntiVirus NavShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - c Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Yahoo Companion - EF BD -C FB- D - F- D F - C PROGRA Yahoo COMPAN Installs cpn ycomp dll O - HKLM Run THotkey C WINDOWS System THotkey exe O - HKLM Run StTHK StTHK exe O - HKLM Run NvCplDaemon RUNDLL EXE NvQTwk NvCplDaemon initialize O - HKLM Run nwiz nwiz exe installquiet O - HKLM Run Apoint C Program Files Apoint K Apoint exe O - HKLM Run TFNF TFNF exe O - HKLM Run Tpwrtray TPWRTRAY EXE O - HKLM Run TouchED C Program Files TOSHIBA TouchED TouchED Exe O - HKLM Run NAV Agent c PROGRA NORTON navapw exe O - HKLM Run ezShieldProtector for Px C WINDOWS System ezSP Px exe O - HKLM Run Pinger c toshiba ivp ism pinger exe run O - HKLM Run TSysSMon c toshiba sysstability tsyssmon exe detect O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run Yahoo Pager C Program Files Yahoo Messenger ypager exe -quiet O - HKCU Run Symantec NetDriver Monitor C PROGRA SYMNET SNDMon exe O - HKCU Run PopUpStopperFreeEdition quot C PROGRA PANICW POP-UP PSFree exe quot O - Global Startup America Online Tray Icon lnk C Progr... Read more

A:Autoexec.nt problem, hijackthis file included

bump!!
 

https://forums.techguy.org/threads/autoexec-nt-problem-hijackthis-file-included.303299/
Relevancy 53.32%

Please help Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files Windows Defender MsMpEng exe C WINDOWS System svchost User: New Malware/Adware File (Log Help! Included) Problem exe C WINDOWS system spoolsv exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C PROGRA Grisoft AVGFRE avgemc exe C Program Files UPHClean uphclean exe C WINDOWS System wltrysvc exe C WINDOWS Explorer EXE C Program Files ATI Help! New User: Malware/Adware Problem (Log File Included) Technologies ATI Control Panel atiptaxx exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Windows Defender MSASCui exe C WINDOWS system carpserv exe C WINDOWS System bcmwltry exe C Program Files Java jre bin jusched exe C WINDOWS thiselt exe C Program Files QuickTime qttask exe C Program Files iTunes iTunesHelper exe C dfndrff e exe C PROGRA Grisoft AVGFRE avgcc exe C WINDOWS Duce exe C WINDOWS win exe C Program Files Messenger msmsgs exe C Program Files iPod bin iPodService exe C PROGRA MOZILL FIREFOX EXE C Program Files webHancer Programs whagent exe C WINDOWS system mmc exe C Program Files HiJackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Search URL http searchbar findthewebsiteyouneed com R - HKCU Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink Link iteyouneed com R - HKLM Software Microsoft Internet Explorer Main Search Page http searchbar findthewebsiteyouneed com R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId amp homepage http www microsoft com isapi redir dll prd SUB PRD amp clcid SUB CLSID amp pver SUB PVER amp ar home R - URLSearchHook no name - A B - - CD - AA - D C D - no file F - REG system ini UserInit userinit exe O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSL encrypt - FE-D - e -AF E- E F A - C WINDOWS system nse dll O - BHO WhIeHelperObj Class - c b -cdfe- d - a- e a e - C Program Files webHancer programs whiehlpr dll O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run Windows Defender quot C Program Files Windows Defender MSASCui exe quot -hide O - HKLM Run CARPService carpserv exe O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run pop apelt C WINDOWS thiselt exe O - HKLM Run ExploreUpdSched C WINDOWS system mwinopes exe ELT O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run newname C nwnmff e exe O - HKLM Run defender C dfndrff e exe O - HKLM Run keyboard C kybrdff e exe O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run TheMonitor C WINDOWS Duce exe O - HKLM Run win C WINDOWS win exe O - HKLM Run webHancer Agent C Program Files webHancer Programs whagent exe O - HKLM Run webHancer Survey Companion C Program Files webHancer Programs whsurvey exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - Startup Think-Adz lnk C WINDOWS system mwinopes exe O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Hijacked Internet access by WebHancer O - Hijacked Internet access by WebHancer O - Hijacked Internet access... Read more

A:Help! New User: Malware/Adware Problem (Log File Included)

Hi and welcome to TSG!

Please do not post duplicate threads. Reply here:

http://forums.techguy.org/security/506240-please-help-adware-popups-everywhere.html

This thread is closed.
 

https://forums.techguy.org/threads/help-new-user-malware-adware-problem-log-file-included.506258/
Relevancy 53.32%

HI ppl I have similar problem occured to iguantor further info at this thread http forums techguy org malware-removal-hijackthis-logs -solved-trojan-generic-dx-keeps html I running Windows XP SP and Mc Afee VirusScan Version with the with Trojan keeps included) appearing(HJT Problem it file generic.dx latest DAT file with HijackThis I run the Mc Afee VirusScan detected the virus at C WINDOWS system at dll and requested to restart my PC to complete the process of deleting the trojan I did restart the computer But the trojan is still in PC and the Mc Afee Virus alert keeps popping up whenver I run my Windows Explorer Here s a copy of my HJT file Logfile of Trend Problem with Trojan generic.dx it keeps appearing(HJT file included) Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Problem with Trojan generic.dx it keeps appearing(HJT file included) svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS System DVDRAMSV exe c program files mcafee com agent mcdetect exe c PROGRA mcafee com vso mcshield exe c PROGRA Problem with Trojan generic.dx it keeps appearing(HJT file included) mcafee com agent mctskshd exe C PROGRA McAfee com PERSON MpfService exe C PROGRA McAfee SPAMKI MSKSrvr exe C WINDOWS System nvsvc exe C Program Files Analog Devices SoundMAX SMAgent exe C Program Files TOSHIBA TME Tmesbs exe C WINDOWS Explorer EXE C Program Files D-Link AirPlus G AirGCFG exe C Program Files ANI ANIWZCS Service WZCSLDR exe C PROGRA McAfee com PERSON MpfTray exe C PROGRA mcafee com agent mcagent exe C Program Files McAfee com VSO mcvsshld exe C Program Files McAfee com VSO oasclnt exe C PROGRA mcafee com mps mscifapp exe C PROGRA McAfee SPAMKI MskAgent exe c progra mcafee com vso mcvsescn exe C WINDOWS System THotkey exe C Program Files TOSHIBA TOSHIBA Controls TFncKy exe C WINDOWS system TFNF exe C Program Files TOSHIBA TME TMESBS EXE C WINDOWS system TPWRTRAY EXE C Program Files TOSHIBA Wireless Hotkey TosHKCW exe C Program Files Java jre bin jusched exe C Program Files Common Files Real Update OB realsched exe C Program Files MSN Messenger MsnMsgr Exe C WINDOWS system ctfmon exe C WINDOWS system RAMASST exe C PROGRA McAfee com PERSON MpfAgent exe c progra mcafee com vso mcvsftsn exe C WINDOWS system wuauclt exe C Program Files Avant Browser avant exe C Program Files MSN Messenger usnsvc exe C Program Files Mozilla Firefox firefox exe C PROGRA mcafee com agent McDash exe c program files mcafee com shared mghtml exe c PROGRA mcafee com vso mcmnhdlr exe C Program Files BitComet BitComet exe C WINDOWS system wuauclt exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie defaults su msgr http www yahoo com R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRA Yahoo Companion Installs cpn... Read more

A:Problem with Trojan generic.dx it keeps appearing(HJT file included)

The trojan still keep annoys me whenever I have my McAfee on standby, the virus alert(from McAfee) keeps popping up notify me about the generix.dx trojan.

Anybody that can help me here???
 

https://forums.techguy.org/threads/problem-with-trojan-generic-dx-it-keeps-appearing-hjt-file-included.712907/
Relevancy 53.32%

http www bleepingcomputer com forums t windows-failed-to-start-system-repair-cant-discover-problem I have the file .txt Problem FRST64 Bad posted Driver included with 07 same problem as the thread listed above I have gone ahead and done the initial things suggested in the thread up to and including gathering the txt file from the frst program I will paste it below I Problem 07 Bad Driver posted with FRST64 .txt file included am on my laptop as my windows absolutely freezes and restarts the second the windows logo attempts to appear I can run Problem 07 Bad Driver posted with FRST64 .txt file included the repair and get to command prompt I do not have a windows repair disk and making the usb and reinstalling seems to be a pain The gentlemen that helped the guy before me seemed to be on point so I have began his previous road and stopped where I feel is best I would greatly appreciate any help with this problem I just bought a new motherboard thinking it would fix the crashes but I guess I have a bad windows driver all along Scan result of Farbar Recovery Scan Tool FRST x Version - - Ran by SYSTEM at - - Running from G Windows Ultimate X OS Language English US The current controlset is ControlSet Registry Whitelisted HKLM Run RTHDVCPL C Program Files Realtek Audio HDA RAVCpl exe -s - - Realtek Semiconductor HKLM-x Run AVG UI C Program Files x AVG AVG avgui exe TRAYONLY - - AVG Technologies CZ s r o HKU CommandCenter Run Skype C Program Files x Skype Phone Skype exe minimized regrun - - Skype Technologies S A HKLM RunOnce Restore C Windows system rstrui exe RUNONCE - - Microsoft Corporation Tcpip Parameters DhcpNameServer Services Whitelisted AVGIDSAgent C Program Files x AVG AVG avgidsagent exe - - AVG Technologies CZ s r o avgwd C Program Files x AVG AVG avgwdsvc exe - - AVG Technologies CZ s r o cFosSpeedS C Program Files ASRock XFast LAN spd exe -service - - cFos Software GmbH PnkBstrA C Windows SysWow PnkBstrA exe - - Drivers Whitelisted AVGIDSDriver C Windows System DRIVERS avgidsdrivera sys - - AVG Technologies CZ s r o AVGIDSHA C Windows System Drivers AVGIDSHA sys - - AVG Technologies CZ s r o Avgldx C Windows System Drivers Avgldx sys - - AVG Technologies CZ s r o Avgloga C Windows System Drivers Avgloga sys - - AVG Technologies CZ s r o Avgmfx C Windows System Drivers Avgmfx sys - - AVG Technologies CZ s r o Avgrkx C Windows System Drivers Avgrkx sys - - AVG Technologies CZ s r o Avgtdia C Windows System Drivers Avgtdia sys - - AVG Technologies CZ s r o Synth dVsc C Windows System drivers synth dvsc sys x tsusbhub C Windows System drivers tsusbhub sys x VGPU C Windows System drivers rdvgkmd sys x NetSvcs Whitelisted One Month Created Files and Folders - - - - - - D C FRST - - - - - - D C Windows LastGood Tmp - - - - - - D C ProgramData Intel - - - - - - D C Users Default AppData Roaming TuneUp Software - - - - - - D C Users Default User AppData Roaming TuneUp Software - - - - - - A C Users CommandCenter Downloads linuxmint- -cinnamon-dvd- bit iso - - - - - - D C Program Files x ASRock Utility - - - - - - D C Users CommandCenter Downloads ME Win - Win Vista Vista XP XP v M - - - - - - D C Users CommandCenter AppData Roaming InstallShield - - - - - - A C Users CommandCenter Downloads ME Win - Win Vista Vista XP XP v M zip - - - - - - A C Users CommandCenter Downloads AXTU v zip - - - - - - A C Users CommandCenter Downloads P Extreme Gen WIN zip - - - - - - A C Users CommandCenter Downloads P Extreme UEFI z - - - - - - A C Users CommandCenter Downloads P Extreme L ROM zip - - - - - - A C Windows MEMORY DMP - - - - - - A C Windows Minidump - - dmp - - - - - - D C Windows Minidump - - - - - - D C Windows SysWOW Macromed - - - - - - A Adobe Systems Incorporated C Windows SysWOW FlashPlayerApp exe - - - - - - A Adobe Systems Incorporated C Windows SysWOW FlashPlayerCPLApp cpl - - - - - - D C Windows System Macromed - - - - - - A AVG C Users CommandCenter Downloads avg tuh stf all c exe - - - - - - SHD C ProgramData D D F- - C... Read more

A:Problem 07 Bad Driver posted with FRST64 .txt file included

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
***************************************************
=http://www.bleepstatic.com/images/site/icons/steps/step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/487815 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.
Thank you for your patience, and again sorry for the delay.
***************************************************
We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.comDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

http://www.bleepingcomputer.com/forums/t/487815/problem-07-bad-driver-posted-with-frst64-txt-file-included/
Relevancy 53.32%

Hangs while loading control panel and start menu It does access to Hanging included. Panel while Control file S and Log Specs included. trying eventually load but it takes seconds WAY too long All help would be GREATLY appreciated Logfile of Trend Micro HijackThis v BETA Scan saved at PM on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Sunbelt Software Personal Firewall kpf ss exe C WINDOWS Explorer EXE C Program Files Common Files Microsoft Shared VS Debug mdm exe C Program Files Eset nod krn exe C WINDOWS system svchost exe C Program Files Sunbelt Software Personal Firewall kpf gui exe C Program Files Analog Devices Core smax pnp exe C Program Files Analog Devices SoundMAX Smax exe C Program Files Microsoft IntelliType Pro itype exe Log file included. Specs included. Hanging while trying to access Control Panel and S C Program Files Microsoft IntelliPoint Log file included. Specs included. Hanging while trying to access Control Panel and S ipoint exe C WINDOWS system RUNDLL EXE C Program Files Eset nod kui exe C Program Files BillP Studios WinPatrol winpatrol exe C PROGRAM FILES MESSENGER MSMSGS EXE C Log file included. Specs included. Hanging while trying to access Control Panel and S Program Files Sunbelt Software Personal Firewall kpf gui exe C Downloads HiJackThis v exe O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - HKLM Run DigitalStorm C Windows System Splash exe O - HKLM Run SoundMAXPnP C Program Files Analog Devices Core smax pnp exe O - HKLM Run SoundMAX quot C Program Files Analog Devices SoundMAX Smax exe quot tray O - HKLM Run itype quot C Program Files Microsoft IntelliType Pro itype exe quot O - HKLM Run IntelliPoint quot C Program Files Microsoft IntelliPoint ipoint exe quot O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run nod kui quot C Program Files Eset nod kui exe quot WAITSERVICE O - HKLM Run WinPatrol C Program Files BillP Studios WinPatrol winpatrol exe O - HKCU Run MSMSGS quot C PROGRAM FILES MESSENGER MSMSGS EXE quot background O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - DPF CA FB - E E- B -BF - E A CAA CD Office Genuine Advantage Validation Tool - http go microsoft com fwlink linkid O - DPF E F - B - D - - BD D PCPitstop Utility - http pcpitstop com pcpitstop PCPitStop CAB O - DPF C A- BE- B -A BB- B FE A ewidoOnlineScan Control - http downloads ewido net ewidoOnlineScan cab O - DPF E F B - A- - EE-BA D BE Driver Agent ActiveX Control - http driveragent com files driveragent cab O - SharedTaskScheduler Browseui preloader - C -A BA- D -B B- A C E - C WINDOWS system browseui dll O - SharedTaskScheduler Component Categories cache daemon - C EF- B - d -BE - C - C WINDOWS system browseui dll O - Service InstallDriver Table Manager IDriverT - Macrovision Corporation - C Program Files Common Files InstallShield Driver Intel IDriverT exe O - Service Sunbelt Kerio Personal Firewall KPF - Sunbelt Software - C Program Files Sunbelt Software Personal Firewall kpf ss exe O - Service NOD Kernel Service NOD krn - Eset - C Program Files Eset nod krn exe specs Power Supply Genuine Certified and Tested W Processor Intel Core Duo E GHz MHz Front Side Bus MB Cache Conroe Motherboard ASRock i GZ Chipset Intel GZ Socket Memory GB DDR Super Talent at MHz Dual Channel Floppy Media Digital Media Card Reader Black Hard Drive GB Western Digital... Read more

A:Log file included. Specs included. Hanging while trying to access Control Panel and S

Hi boburke

I see you have Trend Micro HijackThis v2.0. This version of HijackThis is still a beta and is undergoing testing at this time. We prefer you to use Deckards System Scanner and then during the course of the fix HijackThis v.1.99.1. If you still need help please uninstall HijackThis v2.0 then follow these instructions.


Download Deckard's System Scanner to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, 2 text files will open - main.txt and extra.txt
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt back in this thread (do not attach it).
Please attach extra.txt to your post.


To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box: C:\Deckard\System Scanner\extra.txt

Click Upload.

What DSS will do:
create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

http://www.techsupportforum.com/forums/f284/log-file-included-specs-included-hanging-while-trying-to-access-control-panel-and-s-145268.html
Relevancy 52.03%

I was following the guide from the top of the page, and had a problem with part of it.

When I run the system health report I get:
Error:
An error has occurred while trying to generate the report.
The system cannot find the path specified.

Here is my BSOD dump and system file collection results.

Let me know what else I can do to make it easier to solve. I will try my best!

A:BSOD problem on hp laptop. info included

The most important report is not there; the minidump
Blue Screen of Death (BSOD) Posting Instructions

http://www.vistax64.com/crashes-debugging/286354-bsod-problem-hp-laptop-info-included.html
Relevancy 46.01%

While surfing the web Norton came up and said that C Windows dlm exe was infected with a Trojan virus It could neither repair nor quarantine the - Included Can't File, Quarantine Infected Log File file and I was not sure if I should hastily delete it or not I stumbled upon this site and saw others with similar cases So I downloaded Hijack This and ran a scan Here s the log below Thanks to anyone willing to help Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer Infected File, Can't Quarantine - Log File Included v SP Running processes C WINDOWS System Infected File, Can't Quarantine - Log File Included smss Infected File, Can't Quarantine - Log File Included exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System lexbces exe C WINDOWS system spoolsv exe C WINDOWS System LEXPPS EXE C WINDOWS SOUNDMAN EXE C WINDOWS System carpserv exe C Program Files QuickTime qttask exe C PROGRA Logitech MOUSEW SYSTEM EM EXEC EXE C Program Files Common Files Real Update OB realsched exe C WINDOWS System LXSUPMON EXE C WINDOWS System CTHELPER EXE C Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe C Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe C WINDOWS dl exe C WINDOWS dlm exe C PROGRA Proc Ford Software Wave road regs exe C WINDOWS System RUNDLL EXE C Program Files Hewlett-Packard HP Share-to-Web hpgs wnf exe C WINDOWS System CTsvcCDA exe C Program Files Common Files Microsoft Shared Media Manager airsvcu exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C Program Files MediaKey OSD EXE C Program Files MediaKey Versato exe C WINDOWS explorer exe C Program Files Internet Explorer iexplore exe C Documents and Settings Kyle My Documents My Received Files hjt HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www msn ca R - HKLM Software Microsoft Internet Explorer Main Start Page http riviera cc obfuscated R - HKLM Software Microsoft Internet Explorer Main Search Bar http opti riviera cc obfuscated R - HKLM Software Microsoft Internet Explorer Main Search Page http opti riviera cc obfuscated R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www daewoocomputer net R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http opti riviera cc obfuscated R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www msn ca O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run CARPService carpserv exe O - HKLM Run NeroCheck C WINDOWS System NeroCheck exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run EM EXEC C PROGRA Logitech MOUSEW SYSTEM EM EXEC EXE O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run NAV Agent C PROGRA NORTON navapw exe O - HKLM Run MECA C Program Files MECA Meca exe O - HKLM Run LXSUPMON C WINDOWS System LXSUPMON EXE RUN O - HKLM Run WINDVDPatch CTHELPER EXE O - HKLM Run UpdReg C WINDOWS UpdReg EXE O - HKLM Run Jet Detection quot C Program Files Creative SBLive PROGRAM ADGJDet exe quot O - HKLM Run CamMonitor C Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe O - HKLM Run Share-to-Web Namespace Daemon C Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe O - HKLM Run Dial C WINDOWS dl exe O - HKLM Run Dial C WINDOW... Read more

A:Infected File, Can't Quarantine - Log File Included

Have a look at this thread http://forums.techguy.org/showthread.php?threadid=215474&90068ef66b0d48b4d35365630275933b
 

https://forums.techguy.org/threads/infected-file-cant-quarantine-log-file-included.219827/
Relevancy 44.72%

bit full retail Hardware is month old built myself OS was installed when I built it from a USB drive did not include an optical drive in the build SPECS i k ATI GPU corsair tx PSU ASRock Extreme Gen motherboard Corsair vengance ddr ram x gb Coolermaster hyper cooling unit gb Western Digital HD gb Crucial M ssd OS is installed on this drive It was working fine the first weeks I had the build then I went on a vacation for a week I come back and the thing BSODs on me times in an hour and a half First thing I tried was setting clocks back to normal was at ghz on the i BSOD Self included) built computer. (BSOD semi-randomly. dump.zip went back down to ghz and it was stable for like BSOD semi-randomly. Self built computer. (BSOD dump.zip included) minutes after I did that but it then crashed again Also did a memory diagnostic test BSOD semi-randomly. Self built computer. (BSOD dump.zip included) and everything was supposedly good My max temps with prime now are like degrees celsius with RealTemp because I have the coolermaster hyper as opposed to the stock cooler so it shouldnt be crashing due to over heating Also first crash occured firing up minecraft Thanks for any and all help guys

A:BSOD semi-randomly. Self built computer. (BSOD dump.zip included)

Quote:
Also did a memory diagnostic test and everything was supposedly good.


Using which tool/software? You should run Memtes86+ for at least 7 Passes (Test each RAM stick individually)
RAM - Test with Memtest86+
Your BSODs are RAM/Memory related, rest your RAM settings to their default values in your BIOS. Stop any overclocking if any.

Run Prime 95 to test your CPU. Carefully the instructions in this tutorial: CPU - Stress Test with Prime95. Run 3 separate tests, one on each of the settings (Blend, Small FFTs, Large FFTs). Post back with your results.
Note that this test may overheat the CPU, ensure proper cooling.

Post back with your results.

Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

CACHE_MANAGER (34)
See the comment for FAT_FILE_SYSTEM (0x23)
Arguments:
Arg1: 0000000000050853
Arg2: fffff88018cbc7a8
Arg3: fffff88018cbc000
Arg4: fffff80001ede67c

Debugging Details:
------------------
EXCEPTION_RECORD: fffff88018cbc7a8 -- (.exr 0xfffff88018cbc7a8)
ExceptionAddress: fffff80001ede67c (nt!CcLazyWriteScan+0x0000000000000188)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

CONTEXT: fffff88018cbc000 -- (.cxr 0xfffff88018cbc000)
rax=0000000000240000 rbx=0000000000000000 rcx=fffff80002097940
rdx=0000000000000000 rsi=ffff6a8009de4390 rdi=0000000000000000
rip=fffff80001ede67c rsp=fffff88018cbc9e0 rbp=fffff80002036280
r8=fffff88001e5e840 r9=0000000000000000 r10=fffffa800790be30
r11=0000000000000002 r12=0000000000000001 r13=0000000000000000
r14=fffffa8009e313b0 r15=ffff6a8009de4418
iopl=0 nv up ei ng nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010282
nt!CcLazyWriteScan+0x188:
fffff800`01ede67c 488b4e60 mov rcx,qword ptr [rsi+60h] ds:002b:ffff6a80`09de43f0=????????????????
Resetting default scope

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: System

CURRENT_IRQL: 2

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1: 0000000000000000

EXCEPTION_PARAMETER2: ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800020c8100
ffffffffffffffff

FOLLOWUP_IP:
nt!CcLazyWriteScan+188
fffff800`01ede67c 488b4e60 mov rcx,qword ptr [rsi+60h]

FAULTING_IP:
nt!CcLazyWriteScan+188
fffff800`01ede67c 488b4e60 mov rcx,qword ptr [rsi+60h]

BUGCHECK_STR: 0x34

LAST_CONTROL_TRANSFER: from fffff80001ede189 to fffff80001ede67c

STACK_TEXT:
fffff880`18cbc9e0 fffff800`01ede189 : fffff880`000000c5 fffffa80`00000000 00000000`00000000 ffff6a80`09de4390 : nt!CcLazyWriteScan+0x188
fffff880`18cbcac0 fffff800`01ea2841 : fffffa80`07909570 fffff800`0218b601 fffff800`020978c0 00000000`00000002 : nt!CcWorkerThread+0x1f9
fffff880`18cbcb70 fffff800`0212fe6a : 00000000`00000000 fffffa80`09813b50 00000000`00000080 fffffa80`078ea040 : nt!ExpWorkerThread+0x111
fffff880`18cbcc00 fffff800`01e89ec6 : fffff880`01ed0180 fffffa80`09813b50 fffffa80`078f9b50 00000000`00000202 : nt!PspSystemThreadStartup+0x5a
fffff880`18cbcc40 00000000`00000000 : fffff880`18cbd000 fffff880`18cb7000 fffff880`18cbc8a0 00000000`00000000 : nt!KxStartSystemThread+0x16
SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: nt!CcLazyWriteScan+188

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.e... Read more

http://www.sevenforums.com/bsod-help-support/237942-bsod-semi-randomly-self-built-computer-bsod-dump-zip-included.html
Relevancy 44.29%

Howdy all new user here Files Problems, SF BSOD BSOD Utility Random Included looking to isolate a blue screen problem that makes me quite sad as it's becoming rather annoying A friend a while back years-ish solved a bsod problem with you guy's help and I thought I would do the same Random BSOD Problems, SF BSOD Utility Files Included I read and followed the quot Blue Screen of Death BSOD Posting Instructions quot and have attached it to this post Here is a mirror download http www filedropper com sevenforums This blue screen occurs at random intervals it seems the first occurrence happened about a week ago while playing StarCraft II with a friend however I am convinced that the blue screen happens at random because I has occurred multiple times while doing pretty much nothing besides surfing the web Whenever the BSOD occurs there is something that says quot Driver IRQL Not Less Than Or Equal quot I think If there is anything else I can provide you fine folk in order to isolate and hopefully fix this problem please give me a shout and I will do my best to provide it

A:Random BSOD Problems, SF BSOD Utility Files Included

shameless bump

http://www.sevenforums.com/bsod-help-support/243307-random-bsod-problems-sf-bsod-utility-files-included.html
Relevancy 43.86%

I have tried updating windows and GPU drivers, checked temps and they seemed fine. It only happens during that one game and no other apps, surfing, or games. I tried messing with video and audio settings in game. No luck on anything. I saw some other threads where users posted the BSOD report and were helped greatly, so here it goes... (attachment included)

http://www.sevenforums.com/bsod-help-support/396359-bsod-only-when-playing-dota-bsod-report-included.html
Relevancy 43.86%

Hey guys, i just built a new computer, and it seems like it blue screens at least once a day. Can someone pinpoiint the problem using the DMP file so that I can get rid of the culprit? I have no idea what the first thing to do is to analyze it, but if someone has some free time can you please give it a look?Here is the link to the DMP file:Mini071909-01.dmpI would appreciate any help at all!

http://www.bleepingcomputer.com/forums/t/242941/bsod-problem-have-dmp-file/
Relevancy 43.43%

Attached is the SF Diagnostic Tool i run today. Please do help me?

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

Additional information about the problem:
BCCode: 50
BCP1: FFFFF900C00C0770
BCP2: 0000000000000000
BCP3: FFFFF96000726D15
BCP4: 0000000000000000
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\021514-17050-01.dmp
C:\Users\Mak\AppData\Local\Temp\WER-28267-0.sysdata.xml

Read our privacy statement online:
Windows 7 Privacy Statement - Microsoft Windows

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt

A:BSOD Problem! See Attached File!

Hi markbartowski.

Install Service pack 1 and all other windows updates. Otherwise the system will remain vulnerable to threats.

Code:
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Learn how to install Windows 7 Service Pack 1 (SP1)
Service Pack and Update Center - Microsoft Windows

Daemon Tools, Alcohol 120% and Power Archiver Pro uses SCSI Pass Through Direct (SPTD), which is a well known BSOD causer. Uninstall Daemon Tools at first. Then download SPTD standalone installer from Disk-Tools.com, and execute the downloaded file as guided below :
Double click to open it.
Click this button only:

If it is grayed out, as in the picture, there is no more SPTD in your system, and you just close the window.
Also test your RAM modules for possible errors.
How to Test and Diagnose RAM Issues with Memtest86+
Run memtest for at least 8 passes, preferably overnight.

If it start showing errors/red lines, stop testing. A single error is enough to determine that something is going bad there.

Let us know the results.
_____________________________________________________________________________________

Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 50, {fffff900c00c0770, 0, fffff96000726d15, 0}
Could not read faulting driver name
Probably caused by : cdd.dll ( cdd!DrvAssociateSharedSurface+51 )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffff900c00c0770, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff96000726d15, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000000, (reserved)

Debugging Details:
------------------
Could not read faulting driver name

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002eb00e0
GetUlongFromAddress: unable to read from fffff80002eb0198
fffff900c00c0770

FAULTING_IP:
cdd!DrvAssociateSharedSurface+51
fffff960`00726d15 399f50070000 cmp dword ptr [rdi+750h],ebx

MM_INTERNAL_CODE: 0

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT

BUGCHECK_STR: 0x50

PROCESS_NAME: dwm.exe

CURRENT_IRQL: 0

ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre

TRAP_FRAME: fffff88006295920 -- (.trap 0xfffff88006295920)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffff96000726cc4 rbx=0000000000000000 rcx=fffff900c0749ce8
rdx=00000000400018c0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff96000726d15 rsp=fffff88006295ab0 rbp=fffff900c0749ce8
r8=000000006f12135a r9=0000000000000040 r10=000000000391f760
r11=fffff88006295b08 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
cdd!DrvAssociateSharedSurface+0x51:
fffff960`00726d15 399f50070000 cmp d... Read more

http://www.sevenforums.com/bsod-help-support/322069-bsod-problem-see-attached-file.html
Relevancy 43.43%

Hi, everyone. First post here. I've been experiencing a problem identical to the one discussed in this (two-year old) thread: [SOLVED] AMD Graphics Driver repeated crash

The first reply linked to the BSOD Posting Instructions thread, which I followed, but immediately I hit a road block. The BSOD File Collection app, run as an Admin, gave me this text output:


Quote:




There is a problem with the Environement variables on this system.
Unable to determine the location of the Documents or Desktop folders.

Copy and paste the following information to the
forum where you are receiving assistance:
*********************************************************************

Microsoft Windows [Version 6.1.7601]

HomeDrive C:
HomePath \Users\imperialarmy
Userprofile C:\Users\imperialarmy
*********************************************************************




Any info on what this means would be greatly appreciated. Thanks!

A:BSOD File Collection App problem

Hi,

This implies it cannot properly locate the environment variable for your Documents or Desktop (%HOMEPATH%\Documents or %USERPROFILE%\Documents). For Desktop, it's %UserProfile%\Desktop. The reason for this is likely due to the fact that you're trying to execute the collection app somewhere other than these two locations.

Are you executing the app from your OS' Documents folder?

Regards,

Patrick

http://www.techsupportforum.com/forums/f299/bsod-file-collection-app-problem-837186.html
Relevancy 43.43%

Log is attached, its on a friends computer, earlier today she went to a website and it gave her a popup, one of those fake ones that says you have viruses, she clicked off of it, and now she is getting all of these annoying pop ups and then it just plays things without pops ups like congrats you've won whatever. any help appreciated. thanks guys
 

https://forums.techguy.org/threads/pop-ups-from-everywhere-hjt-file-included.795134/
Relevancy 43.43%

something is terribly wronglog file Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exeC WINDOWS system winlogon File Help Included) (log Please exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC WINDOWS System nvsvc exeC Program Files Wireless-G USB Network Adapter WLService exeC Program Files Wireless-G USB Network Adapter WUSB G exeC WINDOWS Explorer EXEC WINDOWS SOUNDMAN EXEC iTunes iTunesHelper exeC Program Files Java jre bin jusched exeC GmailNotifier gnotify exeC Help Please (log File Included) aim aim exeC Steam Steam exeC Program Files iPod bin iPodService exeC Program Files Logitech SetPoint SetPoint exeC PictureProject NkbMonitor exeC Program Files Common Files Logitech KHAL KHALMNPR EXEC WINDOWS System svchost exeC WINDOWS System svchost exeC iTunes iTunes exeC Last fm LastFM exeC Documents and Settings treyrex Desktop hijackthis HijackThis exeO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - HKLM Run SoundMan SOUNDMAN EXEO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartupO - HKLM Run iTunesHelper quot C iTunes iTunesHelper exe quot O - HKLM Run Logitech Hardware Abstraction Layer KHALMNPR EXEO - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run e - f c- e -a ec-b a b c C GmailNotifier gnotify exeO - HKCU Run AIM C aim aim exe -cnetwait odlO - HKCU Run Steam quot C Steam Steam exe quot -silentO - Startup Adobe Gamma lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exeO - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exeO - Global Startup Logitech SetPoint lnk C Program Files Logitech SetPoint SetPoint exeO - Global Startup NkbMonitor exe lnk C PictureProject NkbMonitor exeO - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http update microsoft com windowsupdate b O - DPF E A- D- EE - C-DC FA D FC MUWebControl Class - http update microsoft com microsoftupdat b O - DPF EF A B-FC - C - EF-FB E A E McFreeScan Class - http download mcafee com molbin iss-loc mcfscan cabO - Winlogon Notify WgaLogon - C WINDOWS SYSTEM WgaLogon dllO - Service Adobe LM Service - Adobe Systems - C Program Files Common Files Adobe Systems Shared Service Adobelmsvc exeO - Service InstallDriver Table Manager IDriverT - Macrovision Corporation - C Program Files Common Files InstallShield Driver Intel IDriverT exeO - Service iPodService - Apple Computer Inc - C Program Files iPod bin iPodService exeO - Service NVIDIA Display Driver Service NVSvc - NVIDIA Corporation - C WINDOWS System nvsvc exeO - Service WUSB GSVC - Unknown owner - C Program Files Wireless-G USB Network Adapter WLService exe quot quot WUSB G exe file missing

A:Help Please (log File Included)

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download Bit Defender 8 Free EditionInstall the program and then follow the prompts to download all available updates.Select Antivirus and then click the Settings button. Click Default. Click Ok.Select Local Drives and click Scan.When the scan is complete save the log and post it back here in your next reply.

http://www.bleepingcomputer.com/forums/t/72101/help-please-log-file-included/
Relevancy 43.43%

My friends computer run very slowly Windows Logfile of HijackThis v Scan saved at PM on Platform Windows SE Win x A MSIE Internet Explorer v Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM SPOOL EXE C WINDOWS SYSTEM MPREXE EXE C help file (Log Please included) WINDOWS SYSTEM mmtask tsk C PROGRAM FILES KASPERSKY LAB ANTIVIRAL TOOLKIT PRO AVPCC EXE C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RNAAPP EXE C WINDOWS SYSTEM TAPISRV EXE C PROGRAM FILES KASPERSKY LAB ANTIVIRAL TOOLKIT PRO AVPM EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS SYSTEM PDESK EXE C PROGRAM FILES KASPERSKY LAB ANTIVIRAL TOOLKIT PRO AVPCC EXE C PROGRAM FILES COMMON FILES REAL UPDATE OB REALSCHED EXE C WINDOWS SYSTEM INTERNAT EXE C WINDOWS Please help (Log file included) SYSTEM WMIEXE EXE C PROGRAM FILES Please help (Log file included) INTERNET EXPLORER IEXPLORE EXE C PROGRAM FILES WINCMD WINCMD EXE C PROGRAM FILES HJC HIJACKTHIS EXE O - BHO AcroIEHlprObj Class - E Please help (Log file included) F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run SystemTray SysTray Exe O - HKLM Run Matrox Powerdesk C WINDOWS SYSTEM PDesk exe Autolaunch O - HKLM Run AVPCC C Program Files Kaspersky Lab AntiViral Toolkit Pro avpcc exe wait O - HKLM Run TkBellExe C Program Files Common Files Real Update OB realsched exe -osboot O - HKLM Run LaunchAttuneSetup C WINDOWS SYSTEM msiexec exe i quot D Corel Graphics Aveo attune msi quot q O - HKLM Run webHancer Survey Companion quot C Program Files webHancer Programs whSurvey exe quot O - HKLM Run internat exe internat exe O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices AVPCC Service C Program Files Kaspersky Lab AntiViral Toolkit Pro avpcc exe Service O - Plugin for spop C PROGRA INTERN Plugins NPDocBox dll nbsp

A:Please help (Log file included)

Add remove programs – remove if present – webHancer

Print this and boot to safe mode (Start tapping F8 at the first black screen after power up)
Fix these with HJT

O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe –osboot

O4 - HKLM\..\Run: [LaunchAttuneSetup] C:\WINDOWS\SYSTEM\msiexec.exe /i "D:\Corel\Graphics10\Aveo\09\01\attune.msi" /q

O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe"

View Hidden Files
Open Windows Explorer. Go to Tools, Folder Options and click on the View tab.
Make sure that "Show hidden files and folders" is checked.
Also uncheck "Hide protected operating system files".
Uncheck hide extensions
Now click "Apply to all folders", Click "Apply" then "OK"
Delete these folders

C:\Program Files\webHancer

START – RUN – type in %temp% OK - Edit – Select all – File – Delete
Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp
Empty the recycle bin
Boot and post a new log

Please give feedback on what worked/didn’t work and the current status of your system
 

https://forums.techguy.org/threads/please-help-log-file-included.351576/
Relevancy 43.43%

ogfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Unable to get Internet Explorer version Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C WINDOWS wanmpsvc exe C WINDOWS System mssearchnet exe C WINDOWS System nvctrl exe C HP KBD KBD EXE C ImageMate CompactFlash USB SandIcon Exe C Program Files iTunes iTunesHelper exe C WINDOWS System S tray exe C PROGRA ALWILS Avast ashDisp exe C Program Files QuickTime qttask exe C WINDOWS System ctfmon exe help, Log Need Included File C Program Files MSN Messenger msnmsgr exe C Program Files Alwil Software Avast ashWebSv exe C Program Files Ares Ares exe C Program Files Alwil Software Avast ashMaiSv exe C Program Files CompuServe cstray exe C Program Files iPod bin iPodService exe C WINDOWS System wuauclt exe C WINDOWS System svchost exe C Program Files PhotoDeluxe BE ezphoto Ezphoto exe C Documents and Settings Owner Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page bak http yahoo com N - Netscape user pref quot browser startup homepage quot quot Need help, Log File Included www yahoo com quot C Documents and Settings Owner Application Data Mozilla Profiles default ts ww s slt prefs js N - Netscape user pref quot browser search defaultengine quot quot engine C A CProgram Files CNetscape CNetscape Csearchplugins CSBWeb src quot C Documents Need help, Log File Included and Settings Owner Application Data Mozilla Profiles default ts ww s slt prefs js O - BHO HomepageBHO - fad a- e- e -b Need help, Log File Included -b d b - C WINDOWS System hp F tmp file missing O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run KBD C HP KBD KBD EXE O - HKLM Run WCOLOREAL quot C Program Files COMPAQ Coloreal coloreal exe quot O - HKLM Run NvCplDaemon RUNDLL EXE NvQTwk NvCplDaemon initialize O - HKLM Run nwiz nwiz exe installquiet keeploaded O - HKLM Run SandIcon C ImageMate CompactFlash USB SandIcon Exe O - HKLM Run iTunesHelper C Program Files iTunes iTunesHelper exe O - HKLM Run S TRAY S tray exe O - HKLM Run avast C PROGRA ALWILS Avast ashDisp exe O - HKLM Run VTPreset VTPreset exe O - HKLM Run Windows Task Manager C windows system taskmgn exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKCU Run NVIEW rundll exe nview dll nViewLoadHook O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - HKCU Run msnmsgr quot C Program Files MSN Messenger msnmsgr exe quot background O - HKCU Run rundll C Documents and Settings Owner rundll exe O - HKCU Run ares quot C Program Files Ares Ares exe quot -h O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup CompuServe Tray Icon lnk C Program Files CompuServe cstray exe O - Global Startup Quicken Scheduled Updates lnk C Program Files Quicken bagent exe O - Extra context menu item amp Google Search - res c program files google GoogleToolbar dll cmsearch html O - Extra context menu item amp Translate English Word - res c program files google GoogleToolbar dll cmwordtrans html O - Extra context menu item Backward Links - res c program files google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res c program files google GoogleToolbar dll cmcache html O - Extra context menu item E amp xporter vers Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra context menu item Similar Pages - r... Read more

A:Need help, Log File Included

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Download smitRem at http://noahdfear.geekstogo.com/click...click.php?id=1 and save the file to your desktop.

Please download Ewido Security Suite at http://www.ewido.net/en/download/ and read the Ewido setup instructions at http://rstones12.geekstogo.com/ewidosetup.htm. Install it, and update the definitions to the newest files. Do NOT run a scan yet.

If you have not already installed Ad-Aware SE 1.06, follow the download and setup instructions at http://rstones12.geekstogo.com/adawareSE_setup.htm. Otherwise, check for updates. Don't run it yet!

Download CleanUp! http://cleanup.stevengould.org/ (Alternate Link if main link don't work - http://www.greyknight17.com/spy/CleanUp.exe ) and install it. Don't run it yet.

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.

CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp!. Run CleanUp! and click on the Options button. Uncheck 'Scan local drives for temporary files'. Also uncheck those two Newsgroup entries if you don't want to delete them. Click OK and then click on the CleanUp! button. Let it run. After it's done, choose Yes to logoff.

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

O2 - BHO: HomepageBHO - {893fad3a-931e-4e53-b515-b1426d63799b} - C:\WINDOWS\System32\hp6F05.tmp (file missing)
O4 - HKLM\..\Run: [Windows Task Manager] C:\windows\system32\taskmgn.exe
O4 - HKCU\..\Run: [rundll32] C:\Documents and Settings\Owner\rundll32.exe
O21 - SSODL: Trayz - {F5B7D0BE-5f02-4211-96DB-386DFA244900} - C:\WINDOWS\fnakmnon.dll (file missing)

Delete these if found:

C:\windows\system32\taskmgn.exe
C:\Documents and Settings\Owner\rundll32.exe<<<<this location only!
C:\WINDOWS\fnakmnon.dll

Run the smitRem.exe tool you downloaded earlier. Follow the prompts on the screen. Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.


Open Ad-aware and do a full scan. Remove all it finds.

Run Ewido:

* Click on scanner.
* Click on Complete System Scan and the scan will begin.
* NOTE: During some scans with ewido it is finding cases of false positives.
* You will need to step through the process of cleaning files one-by-one.
* If Ewido detects a file you KNOW to be legitimate, select none as the action.
* Do NOT select 'Perform action on all infections'.
* If you are unsure of any entry found, select none for now.
* When the scan is finished, click the Save report button at the bottom of the screen.
* Save the report to your desktop.

Close Ewido.

Next go to Control Panel->Display->Desktop (or Appearance)->Customize Desktop->Web-> Uncheck 'Security Info' if present.

Reboot back into Windows and go to http://www.pandasoftware.com/actives..._principal.htm to do a full system scan. Make sure the autoclean box is checked. Save the scan log.

Then post the Panda log here along with the logs for HijackThis, smitfiles.txt and Ewido.

http://www.techsupportforum.com/forums/f284/need-help-log-file-included-70786.html
Relevancy 43.43%

Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati evxx exe C WINDOWS system svchost exe included Help HJ file Log C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS System CTsvcCDA exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C Program Files Analog Devices SoundMAX SMAgent exe C WINDOWS System MsPMSPSv exe C WINDOWS system Ati evxx exe C WINDOWS Explorer Help HJ Log file included EXE C Program Files Analog Devices SoundMAX SMTray exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files Creative SBAudigy LS Surround Mixer CTSysVol exe C Program Files Common Files InstallShield UpdateService issch exe C WINDOWS System rundll exe C WINDOWS System ctfmon exe C Program Files totalcmd TOTALCMD EXE C Program Files HJC HijackThis exe R - HKCU Software Microsoft Internet Explorer Default http fastsearchweb com srh php q s Help HJ Log file included R Help HJ Log file included - HKCU Software Microsoft Internet Explorer Main Default Page URL about blank R - HKCU Software Microsoft Internet Explorer Main Default Search URL about blank R - HKCU Software Microsoft Internet Explorer Main Search Page res C WINDOWS System mcicdb dll sp html obfuscated R - HKLM Software Microsoft Internet Explorer Main Search Bar res C WINDOWS System mcicdb dll sp html obfuscated R - HKLM Software Microsoft Internet Explorer Main Search Page res C WINDOWS System mcicdb dll sp html obfuscated R - HKCU Software Microsoft Internet Explorer Search Default Search URL about blank R - HKCU Software Microsoft Internet Explorer Search CustomizeSearch about blank R - HKLM Software Microsoft Internet Explorer Search SearchAssistant res C WINDOWS System mcicdb dll sp html obfuscated R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch about blank O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - F DE DD-A B - CD- -A A F E B - C WINDOWS System mcicdb dll file missing O - BHO no name - C B DDB -E E - D- - F - C WINDOWS System mszfe dll file missing O - BHO AlxTB BHO - F FABE - FC- de- C A- C DB D - C WINDOWS System AlxTB dll file missing O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar FreshBar - ABAA D- AB- -A - BD B A A - C WINDOWS System iecust dll file missing O - HKLM Run Smapp C Program Files Analog Devices SoundMAX SMTray exe O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run KAVPersonal C Program Files Kaspersky Lab Kaspersky Anti-Virus Personal kav exe minimize O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run CTSysVol C Program Files Creative SBAudigy LS Surround Mixer CTSysVol exe r O - HKLM Run UpdReg C WINDOWS UpdReg EXE O - HKLM Run MSys quot C Program Files Tetris morfitwebentrance exe quot O - HKLM Run ISUSPM Startup C PROGRA COMMON INSTAL UPDATE ISUSPM exe -startup O - HKLM Run ISUSScheduler quot C Program Files Common Files InstallShield UpdateService issch exe quot -start O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKCU Run Instant Access rundll exe EGDACCESS dll InstantAccess O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - Global Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra context menu item Mail to a Friend - http client alexa com holiday script actions mailto htm O - Extra button Related - c fe - f d- d -a b- aa c a - C WINDOWS web related htm O - Extra Tools menuitem Show amp Related Links - c fe - f d- d -a b- aa c a - C WINDOWS web related htm O - DPF - - - - - ms-its mhtml file d oo mht http count... Read more

A:Help HJ Log file included

What is your problem?
 

https://forums.techguy.org/threads/help-hj-log-file-included.356693/
Relevancy 43.43%

alright guys the HJT program told me to ask somebody more qualified than I so i came here here s the HJT file pls tell me what to fix Logfile of HijackThis v Scan saved at AM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system file hjt included, HELP PLS spoolsv exe C WINDOWS System Atievxx exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS System wins DLLHOST EXE C WINDOWS Explorer EXE C PROGRA NORTON navapw exe C Program Files Wire HomePortal PortalMon exe C Program Files QuickTime qttask exe C Program Files Messenger msmsgs exe C Program Files AIM aim exe C Program Files Meaya Popup Ad Filter PopFilter exe C Program Files InterVideo Common Bin WinCinemaMgr exe C Program Files Microsoft Broadband Networking MSBNTray exe C WINDOWS System wins svchost exe C Program Files Internet Explorer iexplore exe C Documents and Settings Mike Robinson Desktop HijackThis exe F - REG system ini UserInit C WINDOWS System Userinit exe O - BHO no name - - - - - - no file O - Toolbar Norton AntiVirus - CDD BF- hjt file included, PLS HELP FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm hjt file included, PLS HELP ocx O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C WINDOWS Downloaded Program Files ycomp dll O - HKLM Run NAV Agent C PROGRA NORTON navapw exe O - HKLM Run wSysTray C Program Files Wire HomePortal PortalMon exe O - HKLM Run Zenet rundll exe C PROGRA COMMON Toolbar CNBabe dll DllStartup O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run DeadAIM rundll exe quot C PROGRA AIM DeadAIM ocm quot ExportedCheckODLs O - HKLM Run TrojanScanner C Program Files Trojan Remover Trjscan exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run AIM C Program Files AIM aim exe -cnetwait odl O - HKCU Run Popup Ad Filter C Program Files Meaya Popup Ad Filter PopFilter exe O - HKCU Run Extreme Messenger for AIM C Program Files Extreme Messenger ExtremeMessenger exe nosplash O - Global Startup GStartup lnk C Program Files Common Files GMT GMT exe O - Global Startup InterVideo WinCinema Manager lnk C Program Files InterVideo Common Bin WinCinemaMgr exe O - Global Startup Microsoft Broadband Networking lnk O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item Allow Popups - C Program Files Meaya Popup Ad Filter WhiteGetUrl js O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button AIM HKLM O - Extra button Messenger HKLM O - Extra Tools menuitem Messenger HKLM O - DPF BF D - C - B -BC -D ABDDC B QuickTime Object - http www apple com qtactivex qtplugin cab O - DPF B BCA- F C- CF- - Shockwave ActiveX Control - http download macromedia com pub shockwave cabs director sw cab O - DPF B EB E- B B- D -A - A CC A Cult D ActiveX Player - http www cult d com download cult cab O - DPF C A-C F- D -BBFB- A FAD - http www eyetide com download Eyetide Installer cab O - DPF F C AA- B- -BA - A BB F Update Class - http v windowsupdate microsoft com CAB x unicode iuctl CAB O - DPF AD FAFB - D - C -AF - D E FD - http dload ipbill com del loader cab O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http fpdownload macromedia com pub shockwave cabs flash swflash cab O - DPF EF BD -C FB- D - F- D F Yahoo Companion - http us dl yimg com download yahoo com dl toolbar yiebio cab nbsp

Relevancy 43.43%

Recently I've got myself a nd monitor and my tower is in my lower right side this is how my desk looks like http deskdeck com wp-content uploa puter-Desk Games, BSOD SS Any Playing Included BSOD jpg My temps are a little bit higher now sometimes im getting some fPS drops my GPU temps when playing are going - - when idle CPU is good never goes above Using a aftermarket cooler Now i recently got a BSOD launching a BSOD Playing Any Games, BSOD SS Included game called quot Life Is Strange quot this happens in every games im tryinig to play and yes time to time theres FPS drops but only once in a while Here's some info on my AMD CC and some System Info Gyazo - b d bce f d e bbd d cef a png Gyazo - d e e eb d a b png Gyazo - e e b b fce d BSOD Playing Any Games, BSOD SS Included png here's my dmp file http www media fire com download sb hnch rxahq - - dmp remove space in the middle of media and fire I've heard that using a program called MSI Afterburner can help me by increasing fan speed to decrease temperature any thoughts I would really like to fix this soon its been happening since last month thanks Image View - TIS The BSOD sorry i couldn't capture every words i was just shocked when it happened and quickly grabbed my camera P

A:BSOD Playing Any Games, BSOD SS Included

You need to post in the BSOD forum following Blue Screen of Death (BSOD) Posting Instructions

http://www.sevenforums.com/graphic-cards/377067-bsod-playing-any-games-bsod-ss-included.html
Relevancy 43%

I am using a Dell Inspiron 15R(5520) with Windows Home Premium x 64 Bit.I got my system recently serviced because of some USB Port Problems. Since then My system is getting BSOD.It is a 2 month old system

The only softwares i have installed are google chrome, Km Player and U torrent.
One Norton Security scan toolbar got installed.

While Getting BSOD, the blue screen showed that the problem is with the file called NETIO.SYS.

My search on the internet about the above mentioned file showed that this problem occurs because of some compatibility issues with Norton Drivers. But even after uninstalling the software , my system is getting crashed.

Please help

A:BSOD While Using Utorrent problem with the file NETIO.sys

Please follow these instructions
http://www.sevenforums.com/crashes-d...tructions.html

http://www.sevenforums.com/bsod-help-support/268606-bsod-while-using-utorrent-problem-file-netio-sys.html
Relevancy 43%

I've been having problem the past weeks with BSOD I've run Prime for like h no BSOD and the temp is around C I've done some chkdsk on all of my drives Have one SSD and four file -ntoskrnl.exe main BSOD problem HDDs I've also run memtest First time I got one errr after pass finished and started with pass The test had run for like hrs Then I pulled out one of the RAM the BSOD -ntoskrnl.exe main problem file one closest to the HDD cage ran the test again for passes - hrs no errors Ran the RAM I pulled out same length no errors Put the other three back in and ran the test over night for hrs no errors I think it was around - passes Under computer properties it was Installed RAM GB GB BSOD -ntoskrnl.exe main problem file usable But I still had problems Reinstalled Windows Enterprise installed all the Windows updates and the drivers from Gigabytes webpage this time without the EasyTune etc I also have simple programs like uTorrent Minecraft Server Mumble Server Wampserver Plex Media Server and Filezilla BSOD -ntoskrnl.exe main problem file Server on it So no random programs etc Still got problems I've tried to reset BIOS didn't help I have changed from IDE to AHCI in the BIOS cause I have SSD When I come home today I will try to pull out two RAM and see what happens if that doesn't help I will try to run with the two I pull out I will also try to disconnect the HDDs and only have the SSD plugged in I will try to update BIOS too If none works I will reinstall Windows again and dont install ANYTHING and see what happens Any ideas I will upload the dumps here when I get back I've searched around the web here and on Google and it seems it could be RAM Graphic Drivers RAM slot HDD or Mobo Hopefully it will be some driver but it would be weird when I'm downloading from Gigabyte's website Hope not it is the mobo or hdd Ram would be okey I think it could be the RAM cause I dropped one or two on my motherboard in my other computer when I swaped them out for GB in my main computer That's why I think it could be the RAM but Memtest only showed one error one time But I will try rerun that test if you guys want me to I had linux before Windows and I THINK the computer worked just fine for like a week or so before the problem showed up and I can't remember what could have cause it The computer is almost a month old now I was very careful when I put the computer together I bought everything in parts Could it be that the pins under the CPU who is crocked when I put the CPU down I was really carefull The BSOD happens randomly Sometimes if happens after couple of minutes sometimes it can running for hrs Also it happens when the computer is in idle when I'm not doing anything This morning it happened to times when I was downloading to one of my HDDs I've got problems with system service exception driver irql not less or equal IRQL NOT LESS OR EQUAL pfn list corrupt memory management And files ntoskrnl exe In every BSOD rt win sys ntfs sys hal dll I will check rest of the files when I come home from work and also upload the dump files Best regards I really hope you smart people can help me out I've been trying to fix this problem on my own for weeks now It starting to piss me off Lol Computer Specs OS Windows Enterprise -Bit CPU Intel i Haswell Motherboard GA-H M-D H Memory Corsair GB x GB CL Mhz VENGEANCE Graphics Card s Integrated Hard Drives Samsung EVO GB OS Disk Western Digital Green TB Western Digital Green TB Seagate Barracuda TBx Keyboard Mouse Logitech Wireless with touchpad

A:BSOD -ntoskrnl.exe main problem file

Here comes my dumps: https://dl.dropboxusercontent.com/u/...6_17283367.rar
(Download link don't work for some reason. Check the atteched files further down the thread.)

Does it matter that I use my computer via Remote Access from my main computer? That shouldn't be an issue.

Got a BSOD now when I got home.
This time is was the files: ntoskrnl.exe, tcpip.sys and win32k.sys.

Took out 2 of 4 RAM slots and will see if it BSODs anything. The RAMS are at 1600mhz atm. Shall I change back to 1333mhz?
Under Computer Properties it says: Installed RAM: 8GB (7.88GB usable)

I also use Classic theme on the dekstop. Not the Areo.

EDIT: My Samsung 840 EV 120GB SSD have the latest firmware and the chkdsk didn't show any problems what I could see and Samsung Magician showed that the disk is healthy so I don't think is the SSD anyway.

Atm I'm running with 2x4GB RAM and trying to see if the system is stable. If not, I will try the other two sticks in the meantime you guys look at the dump files.

While the system is running I checked the Event Viewer in Windows under Custom Views->Administrative Events and found these Errors:
Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

http://www.sevenforums.com/bsod-help-support/326492-bsod-ntoskrnl-exe-main-problem-file.html
Relevancy 43%

I have had up to 10 BSOD on my laptop, most of them for tcpip.sys file, 'usually' happens when browsing on the net by firefox browser.
My system is:
hp laptop
core i5
4Gb of RAM
Win7-Home premium-64bit
Intel HD graphic card
Can anyone help me?!

A:BSOD problem by tcpip.sys file on laptop

Yes, but first we need more information and your reports. Please upload your reports after following the blue screen posting instructions.http://www.techsupportforum.com/foru...ta-452654.html

-----

http://www.techsupportforum.com/forums/f299/bsod-problem-by-tcpip-sys-file-on-laptop-689672.html
Relevancy 43%

Hi guys,

I've already tried all the tips in the "Before posting your minidumps, please read this" post but to no avail.

The error code I get is:
BCCode: f4
BCP1: 00000003
BCP2: 8901B2C0
BCP3: 8901B434
BCP4: 805C8C7C
OSVer: 5_1_2600
SP: 3_0
Product: 768_1


Thanks

Dave
 

A:BSOD problem, can someone check my minidump file please?

Your error is 0x000000F4: CRITICAL_OBJECT_TERMINATION
One of the many processes or threads crucial to system operation has unexpectedly exited or been terminated. As a result, the system can no longer function. Specific causes are many, and often best resolved by a careful history of the problem and the circumstances of the error message.

It specifically cited your harddrive as the issue therefore...

1. Back up everything of value A.S.A.P.

2. Find the make of your harddrive, go to the manufacture's website and download and run their free harddrive diagnostic utility. Run the tests.

* Get back to us with the results.
 

http://www.techspot.com/community/topics/bsod-problem-can-someone-check-my-minidump-file-please.147713/
Relevancy 43%

Hello Team My treasured soul-companion lives in the UK and Dump BSOD to Which - file Problem upload? at this stage this is an initial enquiry on her behalf so that I can advise her on best options Of course I will be giving her every encouragement to join the happy band at Seven Forums and I'm certain she will I believe that the laptop she's experiencing difficulties with is an Acer Aspire Core i Windows Home Premium bit She had experienced a number of instant 'data protection' shut-downs over the past days however last evening about hours ago a full-on BSOD happened Prior to the BSOD event happening she had been working her way through a number of various methods of initial investigation to try and determine where her problems might be for example Scannow Check Disk and System Restore etc but now with the BSOD it's apparent that more aggressive tactics are needed So that I can give advice about the best options open to her I need to know which of the Dump files types from here is best uploaded to the Forum for evaluation As I see it she BSOD Problem - Which Dump file to upload? has a choice of two Small Memory Dump Minidump File on BSOD or Kernel Memory Dump File on BSOD So which of the above two is preferred Your assistance will be most appreciated and any advice passed on My treasured soul-companion is slowly but surely harvesting the BSOD Problem - Which Dump file to upload? crop on her head and I'm not too keen on bald-headed pates mine's bad enough Tony and the Sepoys

A:BSOD Problem - Which Dump file to upload?

Hi Tony,

You need her to reconfigure windows to collect the correct info.
You want small memory dumps - "MiniDumps" for analysis

http://www.sevenforums.com/tutorials/174459-dump-files-configure-windows-create-bsod.html

And here are the instructions for posting:

http://www.sevenforums.com/crashes-d...tructions.html



   Tip
Ensure you click the "GRAB ALL" button and then wait for each window to appear in turn and then click OK

Hope this answers your query?

Cheers

Dave

http://www.sevenforums.com/bsod-help-support/284871-bsod-problem-dump-file-upload.html
Relevancy 43%

Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C Program Files Network Associates Common Framework FrameworkService exe C Program Files Network Associates VirusScan mcshield exe C Program Files Network Associates VirusScan vstskmgr exe C WINDOWS system srxTitan exe C WINDOWS Explorer EXE C WINDOWS System svchost exe C WINDOWS System THotkey exe C Program Files Apoint K Apoint exe C Program Files TOSHIBA TouchED TouchED Exe C Program Files Toshiba TOSHIBA Controls TFncKy exe C WINDOWS system TFNF exe C WINDOWS system TPWRTRAY EXE C Program Files Apoint I've File Log Included Been HiJacked HELP K Apntex exe C toshiba ivp ism pinger exe C Program Files Network Associates VirusScan SHSTAT EXE C Program Files Network Associates Common Framework UpdaterUI exe C USBStorage USBDetector exe C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C Program Files Common Files Real Update OB realsched exe C Program Files iPod bin iPodService exe C Program Files Anti Trojan Elite TJEnder exe C Program Files South River Technologies Titan FTP Server srxTray exe C Program Files Ares HELP I've Been HiJacked Log File Included Ares exe C Program Files Web Rebates WebRebates exe C Program Files Web Rebates WebRebates exe C Program Files Mozilla Firefox firefox exe C HJT HijackThis exe R - HKCU Software HELP I've Been HiJacked Log File Included Microsoft Internet Explorer Main Search Bar HELP I've Been HiJacked Log File Included http websearch shopnav com sidesea amp id R - HKCU Software Microsoft Internet Explorer Main Search Page http websearch shopnav com sidesea amp id R - HKCU Software Microsoft Internet Explorer Main Start Page http agora bc edu R - HKLM Software Microsoft Internet Explorer Main Search Bar http websearch shopnav com sidesea amp id R - HKLM Software Microsoft Internet Explorer Main Search Page http websearch shopnav com sidesea amp id R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http websearch shopnav com sidesea amp id R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch http websearch shopnav com sidesea amp id R - HKCU Software Microsoft Internet Explorer SearchURL Default websearch shopnav com q cgi q R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www yahoo com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer sas ne attbb net R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride ne attbb net R - URLSearchHook no name - EC D D- C - C D-BC -C D DA - C Program Files TV Media TvmBho dll O - BHO Band Class - F A A- C - -A - E DC AB E - C WINDOWS systb dll O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C WINDOWS Downloaded Program Files ycomp dll O - Toolbar no name - D D -F E - ad- A - ECE AC - no file O - Toolbar Bows platform up - F AC C - B - B- D- F B - C PROGRA ADMINS greyopen dll file missing O - Toolbar no name - CDE A D-A - -BF -E B C F EB - no file O - HKLM Run THotkey C WINDOWS System THotkey exe O - HKLM Run StTHK StTHK exe O - HKLM Run Apoint C Program Files Apoint K Apoint exe O - HKLM Run TouchED C Program Files TOSHIBA TouchED TouchED Exe O - HKLM Run TFncKy C Program Files Toshiba TOSHIBA Controls TFncKy exe Type O - HKLM Run TFNF TFNF exe O - HKLM Run Tpwrtray TPWRTRAY EXE O - HKLM Run Pinger c toshiba ivp ism pinger exe run O - HKLM Run ShStatEXE quot C Program Files Network Associates VirusScan SHSTAT EXE quot STANDALONE O - HKLM Run McAfeeUpdaterUI quot C Program Files Network Associates Common Framework UpdaterUI exe quot StartedFromRunKey O - HKLM Run EnigmaPopupStop C Program Files SpyHunter PopupBlocker EnigmaPopupStop exe ... Read more

A:HELP I've Been HiJacked Log File Included

Hi Steve and welcome to TSF.

Don't post your email address in a public forum like this one. There are spammers lurking here. Please watch the language also. It's edited out.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn't be - but double check it):

C:\Program Files\Web_Rebates\WebRebates1.exe
C:\Program Files\Web_Rebates\WebRebates0.exe

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

Web Rebates
TV Media
Search Upgrader
SpyHunter - it?s rogueware (or known to be rogueware in the past) and we highly recommend that you uninstall it. Rogue/Suspect means that these products are of unknown, questionable, or dubious value as anti-spyware protection.

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidese...4550&id=5.20013
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidese...4550&id=5.20013
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidese...4550&id=5.20013
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidese...4550&id=5.20013
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.shopnav.com/sidese...4550&id=5.20013
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.shopnav.com/sidese...4550&id=5.20013
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.shopnav.com/q.cgi?q=
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: Bows platform up - {F1AC6C84-5B43-329B-946D-96F382521B03} - C:\PROGRA~1\ADMINS~1\greyopen.dll (file missing)
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [EnigmaPopupStop] C:\Program Files\SpyHunter\PopupBlocker\EnigmaPopupStop... Read more

http://www.techsupportforum.com/forums/f284/help-ive-been-hijacked-log-file-included-43899.html
Relevancy 43%

I have run Hyjack This and I am including my log file for help on items that should be removed file Hyjack included HELP!!! log PLEASE This and PLEASE HELP!!! Hyjack This log file included the best way to remove them I have had various Trojan viruses removed and continue to have Hyjack problems I am also unable to delete some Wild Tangent components as well as downlaod the Windows Service Pack I have Windows XP operating system Thanks for your help Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS PLEASE HELP!!! Hyjack This log file included system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System brsvc a exe C WINDOWS system spoolsv exe C WINDOWS System brss a exe C WINDOWS Explorer EXE C WINDOWS System hkcmd exe C Program Files Roxio Easy CD Creator DirectCD DirectCD exe C Program Files BroadJump Client Foundation CFD exe C Program Files Support com bin tgcmd exe C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C Program Files Common Files Logitech QCDriver LVCOMS EXE C Program Files AVPersonal AVGNT EXE C Program Files BellSouth Internet Tools blsloader exe C Program Files Java jre bin jusched exe C Program Files Scansoft PaperPort pptd nt exe C WINDOWS System ctfmon exe C Program Files Internet Explorer iexplore exe c progra intern iexplore exe C Program Files Scansoft PaperPort SmartUI SmartUI exe C Program Files AVPersonal AVWUPSRV EXE C WINDOWS SYSTEM Brmfrmps exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C WINDOWS System svchost exe C WINDOWS System BRMFRSMG EXE C WINDOWS System wuauclt exe C Program Files Internet Explorer iexplore exe C Program Files AVPersonal AVGUARD EXE C Documents and Settings Dave McLeod Local Settings Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Internet Explorer Main Search Bar http www laxysffmeapcc com AMgTTgjwQ rBIn bNNjJz aywdDLvfYw yyeL OQtUo w VbtYt VE mI jxWu html R - HKLM Software Microsoft Internet Explorer Main SearchAssistant about blank R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com customize ie defaults su ymsgr http www yahoo com R - URLSearchHook no name - - C- B - - D FEC A - no file O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dll O - BHO BlspcHlpr Class - C F-CB - D- A-B F E EA - C Program Files BellSouth Internet Tools blspc dll O - BHO no name - E - - F-B BC- F CE B - C DOCUME CRYSTA APPLIC WAITEX PollBurn exe O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn ycomp dll O - Toolbar no name - BB F-A - C -A F- EA EC - no file O - Toolbar AIM Search - D A B-D B- d - A - EE F C - C Program Files AIM Toolbar AIMBar dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS system msdxm ocx O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run AdaptecDirectCD quot C Program Files Roxio Easy CD Creator DirectCD DirectCD exe quot O - HKLM Run BJCFD C Program Files BroadJump Client Foundation CFD exe O - HKLM Run tgcmd quot C Program Files Support com bin tgcmd exe quot server nosystray O - HKLM Run Microsoft Works Update Detection C Program Files Common Files Microsoft Shared Works Shared WkUFind exe O - HKLM Run LVCOMS C Program Files Common Files Logitech QCDriver LVCOMS EXE O - HKLM Run blspcloader quot C Program Files BellSouth Internet Tools blsloader exe quot O - HKLM Run WildTangent CDA RUNDLL exe quot C Program Files WildTangent Apps CDA cdaEngine dll quot cdaEngineMain O - HKLM Run SunJavaUpdateSched C Program Files Java jre ... Read more

Relevancy 43%

I'm about to lose my mind with all the spyware on my computer and the problems created by them I've used Ad-Aware SE Spybot Search amp Destroy and even included) me (log of get file rid Please spyware help tried Registry Mechanic but nothing is working I get non-stop pop-ups where the pop-up tries to download something and a windows notification pops up and asks whether I want or install or not install of the pop-ups addresses say www loadingwebsite com followed by someother random BS PLEASE HELP ME FIX THIS BEFORE I LOSE Please help me get rid of spyware (log file included) WHATEVER SANITY I HAVE LEFT Here is my Hijack This log Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Symantec AntiVirus DefWatch exe C Program Files Symantec AntiVirus Rtvscan exe C WINDOWS wanmpsvc exe C Program Files Yahoo Messenger YPager exe C WINDOWS system rundll exe C WINDOWS explorer exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C DOCUME Owner LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts auto search msn com O - Hosts search netscape com O - Hosts ieautosearch O - Hosts ieautosearch O - Hosts ieautosearch O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run WinampAgent C Program Files Winamp winampa exe O - HKLM Run ntechin C WINDOWS system n exe O - HKLM Run vmss C WINDOWS system vmss vmss exe O - HKCU Run AIM C Program Files AIM aim exe -cnetwait odl O - HKCU Run Weather C Program Files AWS WeatherBug Weather exe O - HKCU Run PopUpStopperFreeEdition quot C PROGRA PANICW POP-UP PSFree exe quot O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU RunOnce Web Offer Command c del C WINDOWS system EZPOPS EXE O - Extra context menu item amp AIM Search - res C Program Files AIM Toolbar AIMBar dll aimsearch htm O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button The Gaming Club Poker - A AC - CA - e d-AB - BFC EEB - C Program Files gamingclubMPP MPPoker exe O - Extra button AIM - AC E - - d -BC D- B D A DE - C Program Files AIM aim exe O - Extra button PartyPoker com - B FE D - AA - F - C B- A F E - C Program Files PartyPoker IEExtension dll O - Extra 'Tools' menuitem PartyPoker com - B FE D - AA - F - C B- A F E - C Program Files PartyPoker IEExtension dll O - Extra button MoneySide - E F - C A- -A E -A DEA A - c Program Files Microsoft Money System mnyviewer dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra button WeatherBug - AF CABAB- F - f -A -B D EF CB - C PROGRA AWS WEATHE Weather exe HKCU O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - Trusted IP range O - DPF Yahoo Chess - http download games yahoo com game ts y ct x cab O - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com fwlink link amp clcid x O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http v windowsupdate microsoft co O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net ll xscan cab O - DPF DD -B E - C -B F-F D EA AvxScanOnline Control - http www bitdefender com scan Msie bitdefender cab O - DPF B F - DD- CF - FD- DE A E EB CounterX Class - http t com cabtest counter cab ... Read more

A:Please help me get rid of spyware (log file included)

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers.

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

WeatherBug - it's adware. If you didn't install this yourself, uninstall it. If you did install it yourself, you may keep it and ignore any fixes/deletions listed below.

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch (These may be back, FYI.)
O1 - Hosts: 69.20.16.183 ieautosearch
O1 - Hosts: 69.20.16.183 ieautosearch
O4 - HKLM\..\Run: [ntechin] C:\WINDOWS\system32\n20050308.exe
O4 - HKLM\..\Run: [vmss] C:\WINDOWS\system32\vmss\vmss.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {B4F32846-56DD-4CF5-94FD-17DE1A12E9EB} (CounterX Class) - http://t058.com/cabtest/counter.cab
O20 - Winlogon Notify: MS-DOS Emulation - C:\WINDOWS\system32\lv6809jue.dll

Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\WINDOWS\system32\n20050308.exe
C:\WINDOWS\system32\lv6809jue.dll
C:\WINDOWS\system32\vmss\
C:\Program Files\AWS\ <<<If you removed WeatherBug.

Reboot into Normal Mode and run new HijackThis scan. If there were some entries that didn't show up in Safe Mode, you may check and fix those that appear now in normal mode (if you do that, make sure to run a new scan again). Save the log file and run KRC HijackThis Analyzer in the same folder to get the result.txt log. Just post the contents of ... Read more

http://www.techsupportforum.com/forums/f284/please-help-me-get-rid-of-spyware-log-file-included-40229.html
Relevancy 43%

Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C Program Files Stardock Object Desktop WindowBlinds wbload exe C WINDOWS system LEXBCES EXE C WINDOWS system LEXPPS EXE C WINDOWS system spoolsv exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Symantec AntiVirus DefWatch exe C WINDOWS System svchost exe C WINDOWS system wdfmgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS Explorer EXE C WINDOWS System alg exe C WINDOWS system wuauclt exe C WINDOWS system ishost exe C WINDOWS system isnotify exe C WINDOWS system ismini exe C WINDOWS system issearch exe C Program Files Common Files Symantec Shared ccApp exe C PROGRA SYMANT VPTray exe C Program Files Analog Devices Core smax pnp exe C WINDOWS System hkcmd exe C Program Files Lexmark X Series lxbabmgr exe C Program Files Java jre bin jusched exe C Program Files Lexmark X Series lxbabmon exe C Program Files Common Files Real Update OB realsched exe C WINDOWS system LVCOMSX EXE C Program Files Logitech Video LogiTray exe C WINDOWS system LXSUPMON EXE C Program Files QuickTime qttask exe C this (hijack included) Help! file Program Files iTunes iTunesHelper exe C WINDOWS system rundll Help! (hijack this file included) exe Help! (hijack this file included) C Program Files Help! (hijack this file included) Common Files FCFBCA D- - - - Update exe C WINDOWS system ctfmon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files iPod bin iPodService exe C PROGRA SMBOLS userinit exe C Program Files Common Files curity w auclt exe C Program Files Common Files AOL ee aolsoftware exe C Program Files Logitech SetPoint SetPoint exe C Program Files Google Web Accelerator GoogleWebAccWarden exe C Program Files Common Files Logitech KhalShared KHALMNPR EXE C Program Files Google Web Accelerator googlewebaccclient exe C Program Files Logitech Video FxSvr exe C WINDOWS system wuauclt exe c program files internet explorer iexplore exe C Program Files Symantec AntiVirus Rtvscan exe C WINDOWS system wuauclt exe C WINDOWS System msiexec exe C Program Files Common Files Microsoft Shared Source Engine OSE EXE C WINDOWS System MsiExec exe C DOCUME ADMINI LOCALS Temp b exe C Program Files Network Monitor netmon exe C WINDOWS Ukc command exe C PROGRA COMMON izrw izrwm exe C PROGRA COMMON izrw izrwa exe C Documents and Settings Administrator Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www lkmedia net angelsandairwaves forum R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings AutoConfigURL http localhost proxy pac R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file R - URLSearchHook no name - DEA F - E - -B FD- E E - C WINDOWS system envpp dll R - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file O - Toolbar Google Web Accelerator - DB BFA -A E - E- E A-C D CBF - C Program Files Google Web Accelerator GoogleWebAccToolbar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run vptray C PROGRA SYMANT VPTray exe O - HKLM Run SoundMAXPnP C Program Files Analog Devices Core smax pnp exe O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hk... Read more

Relevancy 43%

heyy uh well i keep crashing til a point where i cant even load into my desktop today weirdllly i was able to get into my windows but everything was have log file included. a virus i HJT gone but it was okay it didnt crash until a few hours later it started to UPDATE its now restarting on its own each time i happen to leave my computer Logfile of Trend Micro HijackThis v BETA Scan saved at PM on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe c Program Files Common Files Symantec Shared ccProxy exe c Program Files Common Files Symantec Shared ccSetMgr exe c Program Files Norton AntiVirus navapsvc exe c Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS Explorer EXE C WINDOWS system spoolsv i have a virus HJT log file included. exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil i have a virus HJT log file included. Software Avast ashServ exe i have a virus HJT log file included. C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE c Program Files Common Files Symantec Shared Security Center SymWSC exe C Program Files Alwil Software Avast ashMaiSv exe C Program Files Alwil Software Avast ashWebSv exe C Program Files Java j re bin jusched exe C windows system hpsysdrv exe C Program Files Java j re bin jucheck exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS AGRSMMSG exe C WINDOWS system ps exe C WINDOWS ALCXMNTR EXE C PROGRA ALWILS Avast ashDisp exe C Program Files Winamp winampa exe C WINDOWS system ctfmon exe C Program Files Updates from HP Program Updates from HP exe C Program Files Common Files Symantec Shared SNDSrvc exe C WINDOWS system wuauclt exe C Program Files AIM aim exe C Program Files Mozilla Firefox firefox exe C Documents and Settings HP Owner Desktop HiJackThis v exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TY ion amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TY ion amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TY ion amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Search Page http ie redirect hp com svs rdr TY ion amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Start Page http google com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TY ion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TY ion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TY ion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Search Page http ie redirect hp com svs rdr TY ion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TY ion amp pf desktop O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO Web assistant - ECB - F - bbc- D- DDF E - c Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - c Program Files Norton AntiVirus NavShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - c Program Files Norton AntiVirus NavShExt dll O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKLM Run hpsysdrv c windows system hpsysdrv exe O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run VTTimer VTTimer exe O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run IS CfgWiz c Program Files Common Files Symantec Shared cfgwiz exe GUID NIS CMDLINE quot REBOOT quot O - HKLM Run SSC UserPrompt c Progr... Read more

A:i have a virus HJT log file included.

I don't see anything suspicious in the log. Restarts can also be caused by overheating or bad RAM.
 

https://forums.techguy.org/threads/i-have-a-virus-hjt-log-file-included.557174/
Relevancy 43%

heyy uh well i keep crashing til a point where i cant even load into my desktop today weirdllly i was able to get into my windows but everything was gone but it was okay it didnt crash until a few hours later it started to UPDATE its now restarting on its own each time i happen to leave my computer Logfile of Trend Micro included. virus HJT have file log i a HijackThis v BETA Scan saved at PM on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe c Program Files Common Files Symantec Shared ccProxy exe c Program Files Common Files Symantec Shared ccSetMgr exe c Program Files Norton AntiVirus navapsvc exe c Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS i have a virus HJT log file included. Explorer EXE C WINDOWS system spoolsv exe C i have a virus HJT log file included. Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE c Program Files Common Files Symantec Shared Security Center SymWSC exe C Program Files Alwil Software Avast ashMaiSv exe C Program Files Alwil Software Avast ashWebSv exe C Program Files Java j re bin jusched exe C windows system hpsysdrv exe C Program Files Java j re bin jucheck exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS AGRSMMSG exe C WINDOWS system ps exe C WINDOWS ALCXMNTR EXE C PROGRA ALWILS Avast ashDisp exe C Program Files Winamp winampa exe C WINDOWS system ctfmon exe C Program Files Updates from HP Program Updates from HP exe C Program Files Common Files Symantec Shared SNDSrvc exe C WINDOWS system wuauclt exe C Program Files AIM aim exe C Program Files Mozilla Firefox firefox exe C Documents and Settings HP Owner Desktop HiJackThis v exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs i have a virus HJT log file included. rdr TYPE amp tp iehome amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Search Page http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Start Page http google com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Search Page http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN US amp c Q amp bd pavilion amp pf desktop O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO Web assistant - ECB - F - bbc- D- DDF E - c Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - c Program Files Norton AntiVirus NavShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - ... Read more

Relevancy 43%

I ve run Spybot and rebooted twice and run Ad-Aware SE Personal and rebooted twice and am still getting several pop-ups There is also a CashBack program that is reinstalling and placing a dog icon in my systray I ve removed it twice but it keeps reinstalling A similar issue happened once before and this forum was a big help Any assistance this time is appreciated HijackThis - file Pop-ups log included HijackThis log file is Logfile Pop-ups - HijackThis log file included of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system LEXPPS EXE C WINDOWS system spoolsv exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system cisvc exe C WINDOWS System CTsvcCDA exe C Program Files Cisco Systems VPN Client cvpnd exe C WINDOWS system elwvica famif exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C WINDOWS system eico tuuv exe C WINDOWS System MsPMSPSv exe C Program Files Common Files Symantec Shared Security Center SymWSC exe C WINDOWS system cidaemon exe C WINDOWS system cidaemon exe C WINDOWS Explorer exe C WINDOWS BCMSMMSG exe C WINDOWS System DSentry exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Creative SBLive Diagnostics diagent exe C Program Files Common Files Real Update OB realsched exe C Program Files Roxio Easy CD Creator DirectCD DirectCD exe C Program Files Common Files Dell EUSW Support exe C Program Files Dell Support Alert bin NotifyAlert exe C Program Files Java jre bin jusched exe C Program Files Dell AIO Printer A dlbabmon exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C WINDOWS system exp exe C WINDOWS system wintask exe C WINDOWS system dmbuwv dsxum exe C WINDOWS system wrauia exe C WINDOWS system icgjuri pcgwwic exe C WINDOWS system qmubl alarvce exe C WINDOWS system arlvb ldgq exe C WINDOWS system yoybnebi bqhobixd exe C WINDOWS system ppta fkabsah exe C WINDOWS system bpxbnlq exe C WINDOWS system wmeeftp exe c windows system ywlnrn exe C WINDOWS DvzCommon DvzMsgr exe C Program Files NaviSearch bin nls exe C Program Files BullsEye Network bin bargains exe C WINDOWS explorer exe C Program Files Microsoft Office Office WINWORD EXE C Program Files Microsoft Works MSWorks exe C Program Files CashBack bin cashback exe C Program Files Messenger msmsgs exe C Documents and Settings weo My Documents Downloads HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKLM Software Microsoft Internet Explorer Main Start Page http www dellnet com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www exactsearch net sidesearch R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - Default URLSearchHook is missing F - system ini Shell Explorer exe C WINDOWS Nail exe F - REG system ini Shell Explorer exe C WINDOWS Nail exe N - Netscape user pref quot browser startup homepage quot quot http home netscape com quot C Documents and Settings weo Application Data Mozilla Profiles default zjzt ye slt prefs js N - Netscape user pref quot browser search defaultengine quot quot engine C A CProgram Files CNetscape CNetscape Csearchplugins CSBWeb src quot C Documents and Settings weo Application Data Mozilla Profiles default zjzt ye slt prefs js O - BHO no name - -DD - - EC - E - no file O - BHO no name - C E -DD - A D-ABCD- D D - C WINDOWS cfgmgr dll O - BHO no name - A - - a - D - A B - C WINDOWS Bolger dll O - BHO ohb - A FF- EF- A - - E C B - C WINDOWS system nsjED dll O - BHO no name - AEECBFDA- FA- -BDCE- C E CE B - C WINDOWS system nvms dll O - BHO no name - CE - EE - - -AB A E - C WINDOWS system mscb dll O - BHO no name - F E - E- -BE D-ED A FD DA - C WINDOW... Read more

A:Pop-ups - HijackThis log file included

Are you sure you're running updated versions of those programs? If not, try updating them manually, run them and then reboot, then run another HJT and post the log. I will be able to provide assistance with any logs between 5 and 6pm GMT+1
 

https://forums.techguy.org/threads/pop-ups-hijackthis-log-file-included.356092/
Relevancy 43%

Hi guys included) Im file help desperate!! Please me!! (log i am in big trouble It all started last week when i installed a game called - Urban Terror and i played it through a server The game was legal by the way As days went by i noticed my computer was acting very strange ever since i played that game on a server It will take ages to load for something very small and it often comes to a halt Just days ago something terrible happened You know the Norton Antivirus Please help me!! Im desperate!! (log file included) and Firewall program which comes standard on ure windows computer right Well it stopped loading That is the icon tray didnt appear next to the clock I cant even get it to run and all it said was that i didnt have any quot priveleages quot Some of my other programs which involves exe didnt work I used system restore and everything returned back to quot normal quot Please help me!! Im desperate!! (log file included) The next day the bad news returned again I was double clicking my icon tray and all of a sudden norton firewall and antivirus stopped Please help me!! Im desperate!! (log file included) working I tried to use system restore but it didnt work As well the system tray icons are gone Some of my programs cant even access the internet anymore I was then given no choice but to remove norton firewall and anti-virus However the uninstallation didnt go as planned It kept on saying there was an error but i kept on telling the popup to proceed and then it uninstalled I then downloaded Avast but it said that norton anti-virus is still in use and it might clash with the computer The bad news doesnt stop there as my myspace account has been phised and someone was sending spam to everyone on my list Just then a popup came up saying a warning which involves a destination of my hard drive C windows temp svcipa exe I googled it and it is a trojan I used every scanning tool avaialble to clean my harddrive and its still acting funny Random quot bing quot sounds are sometimes heard out of no where More often than not the computer comes to a crawl and even the simplest of task is quot Not Responding quot Can someone please help me This is a good computer which i didnt buy too long ago I use Windows XP Here is my log from my Hijack this scan Can some please help me Thank you so much whoever can I am desperate Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Java jre bin jusched exe C windows system hpsysdrv exe C WINDOWS system hkcmd exe C WINDOWS system hphmon exe C HP KBD KBD EXE C Program Files Common Files InterVideo SchSvr SchSvr exe C Program Files InterVideo Common Bin WinRemote exe C WINDOWS SOUNDMAN EXE C Program Files Alwil Software Avast aswUpdSv exe C WINDOWS AGRSMMSG exe C WINDOWS ALCWZRD EXE C WINDOWS ALCMTR EXE C Program Files Common Files Real Update OB realsched exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Alwil Software Avast ashServ exe C WINDOWS system igfxtray exe C Program Files Softwin BitDefender bdnagent exe C Program Files iTunes iTunesHelper exe C PROGRA ALWILS Avast ashDisp exe C PROGRA INTERN mum exe C Program Files PeerGuardian pg exe C PROGRA Grisoft AVG avgamsvr exe C Program Files HP Digital Imaging bin hpqtra exe C PROGRA Grisoft AVG avgupsvc exe c Program Files Norton AntiVirus navapsvc exe C WINDOWS system svchost exe C Program Files Common Files Softwin BitDefender Communicator xcommsvr exe c Program Files Common Files Symantec Shared Security Center SymWSC exe C WINDOWS system wscntfy exe C Program Files iPod bin iPodService exe c program files softwin bitdefender bdmcon exe C Program Files MSN Messenger msnmsgr exe C Program Files MSN Messenger u... Read more

A:Please help me!! Im desperate!! (log file included)

Hi and welcome to TSG,

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually
Instead of Windows loading as normal, the Advanced Options Menu should appear
Select the first option, to run Windows in Safe Mode, then press Enter
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to the clipboard ready for posting back on the forum).
Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

 

https://forums.techguy.org/threads/please-help-me-im-desperate-log-file-included.560695/
Relevancy 43%

Hello all This is my first time to this forum and I'm hoping someone can check out my logfile from HiJackThis My girlfriend was using my computer and claimed she log file WinBlueSoft?? Please included help--HJT started seeing pop-ups and getting porn ads embedded into sites like the local WinBlueSoft?? Please help--HJT log file included news channel and other normally porn-free sites I did a scan with Malwarebytes and found a ton of items which I deleted and also found that WinBlueSoft was in my Add Remove Programs I removed it from there but I am still getting pop-ups The infected items are being found over and over again each time I do a scan with Malwarebytes and with AdAware even in Safe Mode I just discovered I cannot do a defrag I can get to the defrag screen but I get an error message when I try to defrag C that says quot Disk Defragmenter could not start quot I've got a total drive size of GB and GB remaining but I'm not sure that would affect the defrag process Lastly I cannot get the DVD burner to burn using any of the most popular burning software anymore--the programs always say something to the effect that there is no DVD burning device installed The drive itself works and plays both music CDs game discs and movie DVDs My recovery disc for my computer is not recognized when I reboot although I am able to explore that disc and see the contents of it I can't think of any other info that would be useful to you all so I'll just attach the logfile and check back soon Thank you for any help you can offer Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS SYSTEM winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS system spoolsv exeC Program Files Common Files Maxtor Schedule schedul exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Bonjour mDNSResponder exeC WINDOWS Microsoft NET Framework v mscorsvw exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Java jre bin jqs exeC WINDOWS System svchost exeC WINDOWS system nvsvc exeC WINDOWS System svchost exeC WINDOWS system PnkBstrA exeC Program Files Common Files New Boundary PrismXL PRISMXL SYSC WINDOWS system svchost exeC Program Files Viewpoint Common ViewpointService exeC WINDOWS system svchost exeC WINDOWS Explorer exeC Program Files Digital Media Reader shwiconem exeC WINDOWS ALCFDRTM EXEC WINDOWS SOUNDMAN EXEC WINDOWS ALCWZRD EXEC Program Files CyberLink PowerDVD PDVDServ exeC WINDOWS system RunDLL exeC Program Files HP HP Software Update HPWuSchd exeC Program Files Microsoft IntelliType Pro itype exeC Program Files Java jre bin jusched exeC Program Files iTunes iTunesHelper exeC Program Files Microsoft Xbox Accessories XboxStat exeC Program Files Microsoft IntelliType Pro dpupdchk exeC Program Files Pinnacle Shared Files Programs USBTip USBTip exeC Program Files Maxtor MaxBlast MaxBlastMonitor exeC Program Files Maxtor MaxBlast TimounterMonitor exeC Program Files Common Files Maxtor Schedule schedhlp exeC Program Files Windows Media Player WMPNSCFG exeC Program Files TRENDnet TEW- UB WlanCU exeC Program Files iPod bin iPodService exeC WINDOWS system dllhost exeC Program Files Mozilla Firefox firefox exeC Program Files Trend Micro HijackThis HijackThis exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaul rch search htmlR - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft co... Read more

A:WinBlueSoft?? Please help--HJT log file included

Hello and to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.-----------------------------------------------------------We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREKind regardsNet_Surfer

http://www.bleepingcomputer.com/forums/t/237482/winbluesoft-please-help-hjt-log-file-included/
Relevancy 43%

Win XP
Can't get user logged in
windows installer won't run
totally buggy since visiting chinese P2P site
 

https://forums.techguy.org/threads/hijack-file-included.693080/
Relevancy 43%

Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS system spoolsv exe C WINDOWS System SCardSvr exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Broadcom ASFIPMon AsfIpMon exe C Program Files Bonjour mDNSResponder exe C WINDOWS cndw command exe C Program Files Google Common Google Updater GoogleUpdaterService exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Dell QuickSet NICCONFIGSVC exe C File This (hijack Included) Help.... Please WINDOWS system HPZipm exe C WINDOWS system StacSV exe C WINDOWS system svchost exe C Program Please Help.... (hijack This File Included) Files NTRU Cryptosystems NTRU TCG Software Stack bin tcsd win exe C Program Files Wave Systems Corp Trusted Drive Manager TdmService exe C WINDOWS system dllhost exe C WINDOWS System WLTRYSVC EXE C WINDOWS System bcmwltry exe C WINDOWS system dllhost exe C WINDOWS system wbem wmiprvse exe C WINDOWS System alg exe C WINDOWS system msdtc exe C WINDOWS system wbem wmiprvse exe C WINDOWS system iftuyszv exe C WINDOWS Explorer EXE C Program Files Apoint Apoint exe C Program Files Java jre bin jusched exe C Program Files Dell QuickSet quickset exe C Program Files Wave Systems Corp Services Manager Docmgr bin WavXDocMgr exe C Program Files Wave Systems Corp SecureUpgrade exe C WINDOWS system WLTRAY exe C WINDOWS system KADxMain exe C Program Files CyberLink PowerDVD DX PDVDDXSrv exe C Program Files Google Google Desktop Search GoogleDesktop exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files SigmaTel C-Major Audio WDM stsystra exe C Program Files iTunes iTunesHelper exe C Program Files HP HP Software Update HPWuSchd exe C Program Files HP ToolBoxFX bin HPTLBXFX exe C Program Files HP HP UT bin hppusg exe C Documents and Settings rwp lsass exe C WINDOWS mrofinu exe C WINDOWS system rundll exe C Program Files Common Files InstallShield UpdateService ISUSPM exe C WINDOWS system ctfmon exe C Program Files Microsoft ActiveSync wcescomm exe C Program Files Adobe Acrobat Distillr acrotray exe C Program Files PrintKey Printkey exe C WINDOWS system igfxsrvc exe C Program Files Apoint ApMsgFwd exe C PROGRA MI AA rapimgr exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files iPod bin iPodService exe C Program Files Apoint Apntex exe C Program Files Apoint HidFind exe C Program Files Safari Safari exe C Program Files Microsoft Office OFFICE OUTLOOK EXE C WINDOWS system NOTEPAD EXE C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL www google com ig dell hl en amp client dell-usuk-rel amp channel us amp ibd R - HKLM Software Microsoft Internet Explorer Search Default Page URL www google com ig dell hl en amp client dell-usuk-rel amp channel us amp ibd R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local F - REG system ini UserInit C WINDOWS system userinit exe C WINDOWS system iftuyszv exe O - HKLM Run Apoint C Program Files Apoint Apoint exe O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run Dell QuickSet C Program Files Dell QuickSet quickset exe O - HKLM Run WavXMgr C Program Files Wave Systems Corp Services Manager Docmgr bin WavXDocMgr exe O - HKLM Run SecureUpgrade C Program Files Wave Systems Corp SecureUpgrade exe O - HKLM Run Broadcom Wireless Manager UI C WINDOWS system WLTRAY exe O - HKLM Run KADxMain C WINDOWS system KADxMain exe O - HKLM Run PDVDDXSrv quot C Program Files CyberLink PowerDVD DX PDVDDXSrv exe quot O - HKLM Run Google ... Read more

A:Please Help.... (hijack This File Included)

Hi Welcome to TSG!!
Download SDFix and save it to your Desktop.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix and remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Remember to re-enable the protection again afterwards before connecting to the Internet.

Double click SDFix.exe and choose Install to extract it to its own folder on the Desktop. Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.

Open the c:\SDFix folder and double click RunThis.cmd to start the script.
Type Y to begin the script.
It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
Your system will take longer that normal to restart as the fixtool will be running and removing files.
When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt back to the thread.
Next
Please visit this webpage for instructions for downloading and running ComboFix.

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.
 

https://forums.techguy.org/threads/please-help-hijack-this-file-included.726696/
Relevancy 43%

Help Hijack This Log is below desperately need my computer back I suddenly have CPU usage and AdAware I'm File Hijacked?? Log Included Help! will get rid of it for a few minutes and it just comes back - have current version of Norton Security Suite that keeps finding tracking cookie that AdAware Misses - also have SpywareBlaster and SpyCatcher installed SpyCatcher started to flash warnings that it has stopped spyware from running whenever I open a program right about the time this all started - is this a malware program by any chance Also the same time this started about of the last regular Windows updates from Microsoft failed - this has never happened to me before and with little Help! I'm Hijacked?? Log File Included time spent so far haven't found a way to delete the failed installations so they will update successfully Also I just upgraded to AdAware free version from the previous edition - there were about new infections found by Help! I'm Hijacked?? Log File Included the upgraded program that the Help! I'm Hijacked?? Log File Included previous one didn't find but the previous free version listed the number of infections found when it ran but when it notified how many it was removing there were always more than the program stated - the new version doesn't tell me how many it's deleting so I wonder if they're still there or not That used to do it until I rebooted and then they would be back which tells me at least those are in the registry I got the latest version of Hijack This and installed this morning below is the log file Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files Windows Defender MsMpEng exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSvcHst exe C Program Files Common Files Symantec Shared AppCore AppSvc exe C WINDOWS system spoolsv exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS Explorer EXE C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C WINDOWS system VTTimer exe C WINDOWS system VTtrayp exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Roxio Easy Media Creator Drag to Disc DrgToDsc exe C Program Files Browser MOUSE mouse a exe C Program Files Windows Defender MSASCui exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS system ctfmon exe C Program Files Messenger msmsgs exe C Program Files Microsoft Location Finder LocationFinder exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C PROGRA Magentic bin MgApp exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files MySQL MySQL Server bin mysqld-nt exe C WINDOWS System svchost exe C PROGRA INCRED bin IMApp exe C WINDOWS system wuauclt exe C Documents and Settings Laurel My Documents Downloads Hijack This AntiSpyware hijackthis- HijackThis exe C Program Files Internet explorer Iexplore exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http www laurelsjewelryart com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SpywareBlock Class - A E F- A- B -B -E C A F - C Program F... Read more

A:Help! I'm Hijacked?? Log File Included

Me again - I just wanted to update, since so many posts newer than mine have gotten lots of attention while mine has gotten none, I'm about to be HOMELESS because I can't use my computer......

Regarding the 5 steps, I have been trying to complete as much as possible. Obviously the failed Windows Updates are the main concern and quite possibly my problem, and since I have my machine set to update automatically and daily I would imagine anyone else that does the same would know the exact updates I need....

Besides immunizing with IE-SPYAD because it's unclear whether the program will work, or is needed, with IE7 which I believe is past the beta stage now, the only thing I can think of that I haven't done yet regarding the 5 steps is install DSS - this is because it took over 6 hours for a SpyBot scan that I believe normally takes 5 minutes.....which did find 5 things not previously found, 3 of which seemed to have to do with disabling of Windows security such as antivirus and firewall??? And now the Panda scan has been running for over 4 hours and isn't even a third done.... As soon as I can I will download dss and submit a new scan and log file, but with the way things are going that could take days and I really need HELP!!!!!

Any suggestions anyone may have regarding the failed Win XP (SP2) updates would be really appreciated (I made sure all updates were made before installing the sp2).

Thanks a lot folks.

http://www.techsupportforum.com/forums/f284/help-im-hijacked-log-file-included-174933.html
Relevancy 43%

My dads computer is very sick File HJT Solved: Help!! Please Included I know he has the dyfuca virus and other spyware I have ran ad aware and removed all it could but some were left Please review the HJT file and advise me on the fixes Thanks Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C Solved: Please Help!! HJT File Included WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS System CTsvcCDA exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C WINDOWS wanmpsvc exe C Program Solved: Please Help!! HJT File Included Files Common Files WinTools WToolsS exe C WINDOWS System MsPMSPSv exe C WINDOWS System alg exe C WINDOWS system wscntfy exe C PROGRA Toolbar PIB exe C WINDOWS explorer exe C PROGRA Toolbar TBPS exe c PROGRA Toolbar radio exe C Program Files Internet Explorer iexplore exe C Documents and Settings Ken Local Settings Temporary Internet Files Content IE NIJANO HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www rr com R - HKLM Software Microsoft Internet Explorer Main Start Page http www dellnet com R - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com customize ycomp wave defaults su http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by Roadrunner R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - B DE- C - BF-B B- B F A E - C Program Files Microsoft Money System mnyside dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO no name - DA F-A AA- CCF-A - E FD - C PROGRA COMMON WinTools WToolsT dll O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run dla C WINDOWS system dla tfswctrl exe O - HKLM Run diagent quot C Program Files Creative SBLive Diagnostics diagent exe quot startup O - HKLM Run UpdReg C WINDOWS UpdReg EXE O - HKLM Run DVDSentry C WINDOWS System DSentry exe O - HKLM Run MMTray C Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run BJCFD C Program Files BroadJump Client Foundation CFD exe O - HKLM Run tgcmd quot C Program Files Support com bin tgcmd exe quot server nosystray deaf O - HKLM Run HP Component Manager quot C Program Files HP hpcoretech hpcmpmgr exe quot O - HKLM Run BCMSMMSG BCMSMMSG exe O - HKLM Run Microsoft Works Update Detection C Program Files Common Files Microsoft Shared Works Shared WkUFind exe O - HKLM Run mmtask C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe O - HKLM Run Preview AdService C Program Files Preview AdService PrevAdServ exe O - HKLM Run UpdateManager quot C Program Files Common Files Sonic Update Manager sgtray exe quot r O - HKLM Run HP Software Update C Program Files HP HP Software Update HPWuSchd exe O - HKLM Run WinTools C PROGRA COMMON WinTools WToolsA exe O - HKLM Run TBPS C PROGRA Toolbar TBPS exe O - HKLM RunOnce TBPS C PROGRA Toolbar TBPS exe boot O - HKLM RunOnce WinTools C PROGRA COMMON WinTools WToolsA exe boot O - HKCU Run MoneyAgent quot C Program Files Microsoft Money System mnyexpr exe quot O - HKCU Run MSMSGS quot C Program Files ... Read more

Relevancy 43%

My firewall HJT been have file included. I infected!! stopped SVC Host from connecting outbound The report read that something had commanded it to connect and was closing that application When I cleaned out my offline files and history all of my cookies except four were also gone I have my machine set to where it only allows the cookies I accept and never erase them I ran Spybot and get this as I have been infected!! HJT file included. a threat Win Agent pz path C windows system wnspoem Shortly after this threat appears on the screen but before the scan is complete the computer will shut off and will not restart until I unplug it The same happens when I run AVG except I don t get an error before the system shuts down NOD comes up clean I restored to a known good point and at least I can boot up where as before it would boot shut down and reboot continiously All of my saved login names and passwords are also missing and have to be re-entered The system runs great until I try to scan Here is my log All help is greatly appreciated Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Eset nod kui exe C Program Files Grisoft AVG Anti-Spyware guard exe C WINDOWS System drivers CDAC BA EXE C Program Files Lavasoft Personal Firewall lpfw exe C Program Files Eset nod krn exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C WINDOWS System BRMFRSMG EXE C Program Files Canon CAL CALMAIN exe C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http news google com nwshp hl en amp gl us R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run POINTER point exe O - HKLM Run Personal Firewall C Program Files Lavasoft Personal Firewall lpfw exe waitservice O - HKLM Run nod kui quot C Program Files Eset nod kui exe quot WAITSERVICE O - Global Startup Adobe Reader Speed Launch lnk disabled O - Global Startup QuickBooks Delivery Agent lnk disabled O - Global Startup QuickBooks Update Agent lnk disabled O - HKCU Software Policies Microsoft Internet Explorer Control Panel present O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - Extra Tools menuitem Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - DPF - E - D - - ED - https install charter com diskless bin tgctlcm cab O - DPF EB E A- A - AB -A FB- BD C F F CKAVWebScan Object - http www kaspersky com kos english kavwebscan unicode cab O - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com fwlink linkid O - DPF - F - BB - D -FA D F A AB YInstStarter Class - http us dl yimg com download yahoo com dl yinst yinst current cab O - DPF F E B A- A - CA- - D CB MSN Photo Upload Tool - http by fd bay hotmail msn com resources MsnPUpld cab O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http update microsoft com windowsupdate v V Controls en x client wuweb site cab O - DPF E F- D - A - DD -E EEEC Symantec RuFSI Utility Class - http security symantec com sscv SharedContent common bin cabsa cab O - DPF A C - - B-B C- C F FujifilmUploader Class - http photo walmart com photo uploads FujifilmUploadClient cab O - DPF BAC - DD- - D- ... Read more

A:I have been infected!! HJT file included.

I finally got SpyBot to run an entire session and removed the only thing it found. Could someone please look at my HJT and tell me if everything is OK before I start entering usernames and passwords again.

I need to pay some bills, but don't won't my information hijacked.

Thanks all. When I am sure this thing is safe I definitely will donate.
 

https://forums.techguy.org/threads/i-have-been-infected-hjt-file-included.575313/
Relevancy 43%

DDS Ver - - - NTFSx Run by Alan Muther at on Mon Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV AVG Anti-Virus Free On-access scanning enabled Updated Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C Program Files Intel Wireless Bin WLKeeper exe svchost exe svchost exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin and file included virus Too zip pop-ups...DDS many AppleMobileDeviceService exe C PROGRA AVG AVG avgwdsvc exe C Program Files Bonjour mDNSResponder exe C Program Files Common Files Creative Labs Shared Service CreativeLicensing exe C WINDOWS system CTsvcCDA exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C PROGRA AVG AVG avgrsx exe C Program Files Dell Too many virus pop-ups...DDS and zip file included NICCONFIGSVC NICCONFIGSVC exe C Program Files Intel Wireless Bin RegSrvc exe svchost exe C WINDOWS system svchost exe -k imgsvc C Too many virus pop-ups...DDS and zip file included Program Files Viewpoint Common ViewpointService exe C PROGRA AVG Too many virus pop-ups...DDS and zip file included AVG avgemc exe C WINDOWS system dllhost exe C WINDOWS ehome ehtray exe C WINDOWS system igfxpers exe C WINDOWS system igfxsrvc exe C Program Files Intel Wireless bin ZCfgSvc exe C WINDOWS eHome ehmsas exe C Program Files Intel Wireless Bin ifrmewrk exe C WINDOWS stsystra exe C Program Files Dell QuickSet quickset exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Creative SBAudigy Surround Mixer CTSysVol exe C WINDOWS system Rundll exe C Program Files Creative VoiceCenter AndreaVC exe C Program Files CyberLink PowerDVD DVDLauncher exe C WINDOWS system dla tfswctrl exe C Program Files Common Files InstallShield UpdateService issch exe C PROGRA AVG AVG avgtray exe C DOCUME ALANMU LOCALS Temp clclean C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C WINDOWS SQ STI EXE C Program Files Lavasoft Ad-Aware AAWTray exe C Program Files NetWaiting netWaiting exe C Program Files Creative MediaSource Detector CTDetect exe C Program Files Creative MediaSource Go CTCMSGo exe C WINDOWS system ctfmon exe C Program Files DellSupport DSAgnt exe C Program Files Messenger msmsgs exe C Program Files iPod bin iPodService exe C Program Files Digital Line Detect DLG exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtMng exe C Program Files Toshiba Bluetooth Toshiba Stack TosA dp exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtHid exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtHsp exe C Program Files Toshiba Bluetooth Toshiba Stack tosOBEX exe C Program Files Toshiba Bluetooth Toshiba Stack tosBtProc exe C PROGRA Intel Wireless Bin Dot XCfg exe C WINDOWS System svchost exe -k HTTPFilter C Program Files Mozilla Firefox firefox exe C Program Files iTunes iTunes exe C Program Files Microsoft Office OFFICE WINWORD EXE C Program Files Windows Live Messenger msnmsgr exe C Program Files Windows Live Messenger usnsvc exe C Documents and Settings Alan Muther Desktop dds com Pseudo HJT Report uStart Page hxxp www dell com uInternet Settings ProxyOverride local BHO d cb -c cd- c f-bfdc- b afbdc c - c windows system efcDVnKD dll BHO c ec -b df- a- - bc eedb - No File BHO d bf - f - bd-f - c d - No File TB AVG Security Toolbar a a -bacc- d - - a e e - c progra avg avg AVGTOO DLL EB Real com fe fa -d c- d - fa- c f afe - c windows system Shdocvw dll uRun ModemOnHold c program files netwaiting netWaiting exe uRun SetDefaultMIDI MIDIDef exe uRun Creative Detector quot c program files creative mediasource detector CTDetect exe quot R uRun Creative MediaSource Go quot c program files creative mediasource go CTCMSGo exe quot SCB ... Read more

A:Too many virus pop-ups...DDS and zip file included

Hello -

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper at this forum.

---------------------------------------------------------------------------------------------
Download ComboFix

* IMPORTANT !!! Place combofix.exe on your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
Double click on combofix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware.

With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement.

ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says:

The Recovery Console was successfully installed.



Click on Yes, to continue scanning for malware.
Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

---------------------------------------------------------------------------------------------
Ensure your AntiVirus and AntiSpyware applications are re-enabled. A reboot should have done this.

---------------------------------------------------------------------------------------------

http://www.techsupportforum.com/forums/f100/too-many-virus-pop-ups-dds-and-zip-file-included-339529.html
Relevancy 43%

I have this problem where i am getting Random Pop Ups and advertisments I have scanned using Norton for viruses and Microsoft Antispyware without finding anything As a result i am including a HiJack this report as followed - Logfile of HijackThis - file Ups Log included Pop HJT Random v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system SRVANY EXE Random Pop Ups - HJT Log file included C WINDOWS system svchost exe Random Pop Ups - HJT Log file included C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccProxy exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Norton Internet Security ISSVC exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C WINDOWS system DVDRAMSV exe C WINDOWS system FEELitDM exe C PROGRA Symantec NORTON GHOSTS EXE C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Norton Internet Security Norton AntiVirus navapsvc exe C Program Files Norton SystemWorks Norton Utilities NPROTECT EXE C WINDOWS system nvsvc exe C WINDOWS system sdpasvc exe C WINDOWS System snmp exe C PROGRA NORTON SPEEDD nopdb exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system mqsvc exe C WINDOWS system mqtgsvc exe C WINDOWS system wscntfy exe C WINDOWS Explorer EXE C Program Files Common Files Symantec Shared ccApp exe C WINDOWS system carpserv exe C WINDOWS vsnpstd exe C Program Files iTunes iTunesHelper exe C Program Files QuickTime qttask exe C Program Files iPod bin iPodService exe C Program Files Symantec Norton Ghost GhostStartTrayApp exe C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C WINDOWS system taskswitch exe C WINDOWS System svchost exe C Program Files MessengerPlus MsgPlus exe C Program Files Common Files Real Update OB realsched exe C WINDOWS SOUNDMAN EXE C PROGRA IMMERS IMMERS IDesktop exe C Program Files Java jre bin jusched exe C Program Files Microsoft AntiSpyware gcasServ exe C Program Files Internet Explorer iexplore exe C Program Files NETGEAR WG TSU Utility Gear T exe C WINDOWS system RUNDLL EXE C Program Files Microsoft AntiSpyware gcasDtServ exe C Program Files Pinnacle Shared Files InstantCDDVD PCLETray exe c progra intern iexplore exe C Program Files Pinnacle InstantCDDVD InstantWrite iwctrl exe C WINDOWS system ctfmon exe C Program Files Adobe Acrobat Distillr AcroTray exe C Program Files GetRight getright exe C Program Files Microsoft Office OFFICE ONENOTEM EXE C WINDOWS system RAMASST exe C Program Files GetRight getright exe C Program Files Slawdog Smart Shutdown Smart Shutdown exe C Program Files LimeWire LimeWire exe C Program Files Messenger msmsgs exe C Program Files MSN Messenger msnmsgr exe C Program Files CA eTrust PestPatrol PPActiveDetection exe C Program Files Internet Explorer iexplore exe C Program Files HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKLM Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by PC Doctor O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO bho gr Class - FF D- A - A-A EF- BA A E - C Program Files GetRight xx gr dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO CNisExtBho Class - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google go... Read more

A:Random Pop Ups - HJT Log file included

Hi pc_doctor

Uninstall MessengerPlus! 3 from Add/Remove Programs.
_________________________________________________________________

Download and run the LOP Uninstaller here: http://www.thespykiller.co.uk/downloads.htm

Close all browser windows, run the remover, reboot.
Post a new log.
 

https://forums.techguy.org/threads/random-pop-ups-hjt-log-file-included.388858/
Relevancy 43%

Please advise on invalid files to remove Thanks Logfile of HijackThis v Scan saved at PM on Platform Windows ME Win x MSIE Internet Explorer v SP Running processes C WINDOWS HJT included Advise, Please file SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C WINDOWS SYSTEM STIMON EXE C WINDOWS SYSTEM ZONELABS VSMON EXE C WINDOWS SYSTEM KB KB EXE C WINDOWS SYSTEM DEVLDR EXE C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS SYSTEM SYSTRAY EXE C PROGRAM FILES SUPPORT COM BIN TGCMD EXE C PROGRAM FILES GRISOFT AVG FREE AVGCC EXE C PROGRAM FILES GRISOFT AVG FREE AVGAMSVR EXE C PROGRAM FILES COMMON FILES REAL UPDATE OB REALSCHED EXE C PROGRAM FILES GRISOFT AVG FREE AVGEMC EXE C WINDOWS SYSTEM QTTASK EXE C WINDOWS SYSTEM WMIEXE EXE C PROGRAM FILES ZONE LABS ZONEALARM ZLCLIENT EXE C WINDOWS SYSTEM SPOOL EXE C PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE C WINDOWS SYSTEM WBEM WINMGMT EXE C PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE C WINDOWS SYSTEM DDHELP EXE C WINDOWS SYSTEM PSTORES EXE C PROGRAM FILES HIJACKTHIS HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by Roadrunner R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHELPER DLL O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar CleanMyPC Toolbar - EC - E - - E- E - C PROGRAM FILES CLEANMYPC POPUP BLOCKER CLEANBAR DLL file missing O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run tgcmd quot C Program Files Support com bin tgcmd exe quot server startmonitor deaf O - HKLM Run AVG CC C PROGRA GRISOFT AVGFRE AVGCC EXE STARTUP O - HKLM Run AVG AMSVR C PROGRA GRISOFT AVGFRE Please Advise, HJT file included AVGAMSVR EXE O - HKLM Run TkBellExe quot C Program Files Common Please Advise, HJT file included Files Real Update OB realsched exe quot -osboot O - HKLM Run AVG EMC C PROGRA GRISOFT AVGFRE AVGEMC EXE O - HKLM Run QuickTime Task quot C WINDOWS SYSTEM QTTASK EXE quot Please Advise, HJT file included -atboottime O - HKLM Run Zone Labs Client C Program Files Zone Labs ZoneAlarm zlclient exe O - HKLM Run devldr exe C WINDOWS SYSTEM devldr exe O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices StillImageMonitor C WINDOWS SYSTEM STIMON EXE O - HKLM RunServices StateMgr C WINDOWS System Restore StateMgr exe O - HKLM RunServices TrueVector C WINDOWS SYSTEM ZONELABS VSMON EXE -service O - HKLM RunServices KB C WINDOWS SYSTEM KB KB EXE O - Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item amp Define - C Program Files Common Files Microsoft Shared Reference A ERS DEF HTM O - Extra context menu item Look Up in amp Encyclopedia - C Program Files Common Files Microsoft Shared Reference A ERS ENC HTM O - Extra context menu item Shorten URL - http www cjb net menuext html O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button Encarta Encyclopedia - FDEF - - D -A E- DBED - C Program Files Common Files Microsoft Shared Reference A ERS ENC HTM O - Extra Tools menuitem Encarta Encyclopedia - FDEF - - D -A E- DBED - C Program Files Common Files Microsoft Shared Reference A ERS ENC HTM O - Extra button Define - DA DE - A- D -A E- DBED - C Program Files Common Files Microsoft Shared Reference A ERS DEF HTM O - Extra Tools menuitem Define - DA DE - A- D -A E- DBED - C Program Files Common Files Microsoft Shared Refere... Read more

Relevancy 43%

I definitely have a virus The homepage on IE was changed to coolpics com and I can not change it you no longer can HJ File Included Log Virus highlight the buttons in properties I also can not open task manger or edit the registry because I get an Virus HJ Log File Included error message stating that it has been disabled by the administrater which I am When I shut down I get svhost exe is shutting down message which takes forever to end and I also get some small random IE box in the top left corner of my screen showing quot page not found quot When I do a virus scan I get an infected trojan in svchost exe and svhost exe but quarantining them does nothing Thanks in advance for your help Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS System PackethSvc exe C Program Files ewido security suite ewidoctrl exe c PROGRA mcafee com vso mcvsrte exe C WINDOWS System svchost exe C WINDOWS wanmpsvc exe C WINDOWS system fxssvc exe c PROGRA mcafee com vso mcshield exe C PROGRA mcafee com vso mcvsshld exe c progra mcafee com vso mcvsescn exe C PROGRA mcafee com agent mcagent exe C Program Files iTunes iTunesHelper exe C PROGRA MUSICM MUSICM MMDiag exe C WINDOWS system svchost exe C WINDOWS system svhost exe C Program Files iPod bin iPodService exe C Program Files Musicmatch Musicmatch Jukebox mim exe C Program Files America Online waol exe C Program Files America Online shellmon exe C Program Files Internet Explorer iexplore exe C DOCUME JONATH LOCALS Temp IEXPLORE EXE C DOCUME JONATH LOCALS Temp EXPLORE EXE C WINDOWS system back exe C Documents and Settings Jonathan Valentino Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http thecoolpics net O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - HKLM Run VSOCheckTask quot c PROGRA mcafee com vso mcmnhdlr exe quot checktask O - HKLM Run VirusScan Online quot c PROGRA mcafee com vso mcvsshld exe quot O - HKLM Run MCUpdateExe C PROGRA mcafee com agent McUpdate exe O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MimBoot C PROGRA MUSICM MUSICM mimboot exe O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run QuickTime Task quot C qttask exe quot -atboottime O - HKLM Run Task Manager C WINDOWS system svchost exe O - HKLM Run SVCHOST C WINDOWS system svhost exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Global Startup America Online Tray Icon lnk C Program Files America Online aoltray exe O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - HKCU Software Policies Microsoft Internet Explorer Control Panel present O - HKCU Software Microsoft Windows CurrentVersion Policies System DisableRegedit O - Extra button Related - c fe - f d- d -a b- aa c a - C WINDOWS web related htm O - Extra Tools menuitem Show amp Related Links - c fe - f d- d -a b- aa c a - C WINDOWS web related htm O - DPF F ADAC- D - D F- A - C DADB - http cdn downloadcontrol com files installers cab SystemDoctor FreeInstall cab O - DPF E F - B - D - - BD D PCPitstop Utility - http www pcpitstop com pcpitstop PCPitStop CAB O - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com fwlink linkid O - DPF - F - BB - D -FA D F A AB YInstStarter Class - http us dl yimg com download yahoo com dl yinst yinst current cab O - DPF F E B A- A - CA- - D CB MSN Photo Upload Tool - http by fd bay hotmail msn com resources MsnPUpld cab O - DPF D D - D - C- F F-F E PlayerOCX Con... Read more

Relevancy 43%

Hi please help me my home page keeps changing now instead of having google My kids use this computer as well and i worried they have put something nasty on it I have run Hijackthis i dont have a clue how to proceed to get rid of it so could you be gentle Thanks for help in advance Logfile of Trend Micro HijackThis v BETA Scan saved at on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec included help, have HiJackthis Please file Shared ccEvtMgr exe C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PIFSvc exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files Belkin Bluetooth Software bin btwdins exe C Program Files CyberLink PowerCinema Kernel TV CLCapSvc exe C Program Files CyberLink PowerCinema Kernel TV CLSched exe C Program Files CyberLink Shared Files CLML NTService CLMLServer exe C Program Files CyberLink Shared Files CLML NTService CLMLService exe C WINDOWS system inetsrv inetinfo exe C Program Files Common Files Microsoft Shared Please help, have included HiJackthis file VS DEBUG MDM EXE C Norton Antivirus navapsvc exe C Norton Antivirus IWP NPFMntor exe C WINDOWS system nvsvc exe C WINDOWS system PnkBstrA exe C WINDOWS system svchost exe C WINDOWS Explorer EXE C Program Files Java jre bin jusched exe C Program Files CyberLink PowerCinema PCMService exe Please help, have included HiJackthis file C Program Files Creative SBAudigy DVDAudio CTDVDDET EXE C Program Files Creative SBAudigy Surround Mixer CTSysVol exe C Program Files Creative Shared Files Module Loader DLLML exe C WINDOWS CTHELPER EXE C Program Files Common Files Symantec Shared ccApp exe C WINDOWS System spool DRIVERS W X E FATIAEE EXE C WINDOWS system rundll exe C WINDOWS system RUNDLL EXE C Program Files iTunes iTunesHelper exe C WINDOWS system ctfmon exe C Microsoft ActiveSync WCESCOMM EXE C Program Files Messenger msmsgs exe C Program Files Belkin Bluetooth Software BTTray exe C Program Files RALINK Common RaUI exe C Program Files iPod bin iPodService exe C Program Files Common Files Symantec Shared Security Console NSCSRVCE EXE C HiJack This HiJackThis v exe R - HKCU Software Microsoft Internet Explorer Main Start Page R - HKLM Software Please help, have included HiJackthis file Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO NAV Helper - A F D D-E - D -B A - BB FDD - C Norton Antivirus NavShExt dll O - BHO EpsonToolBandKicker Class - E FB- DD- F -B AC-B CAE F A - C Program Files EPSON EPSON Web-To-Page EPSON Web-To-Page dll O - Toolbar Norton AntiVirus - C E A- F - E-B E- B - C Norton Antivirus NavShExt dll O - Toolbar EPSON Web-To-Page - EE D F- B- - D-C B AAEBA D - C Program Files EPSON EPSON Web-To-Page EPSON Web-To-Page dll O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run Ptipbmf rundll exe ptipbmf dll SetWriteCacheMode O - HKLM Run PCMService quot C Program Files CyberLink PowerCinema PCMService exe quot O - HKLM Run A C- F... Read more

A:Please help, have included HiJackthis file

Can't believe how quickly this jumped off the first page...any help would be great thanks
 

https://forums.techguy.org/threads/please-help-have-included-hijackthis-file.652202/
Relevancy 43%

Please help I have IstBar problem and I can t get rid of it with Kaspersky AVP and Ad aware This is my log file Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C HELP!!! in file post included HJ Log WINDOWS System Ati evxx exe C WINDOWS HELP!!! HJ Log file included in post system svchost exe C WINDOWS System svchost exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Kaspersky Lab AntiViral Toolkit Pro avpcc exe C WINDOWS SOUNDMAN EXE C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files Common Files Real Update OB realsched exe C Program Files Tech Wheel Mouse MOUSE A EXE C Program Files Kaspersky Lab AntiViral Toolkit Pro avpcc exe C WINDOWS kocinpg exe C WINDOWS System ctfmon exe C Program Files ISTsvc istsvc exe C wincmd WinCmd exe C Program Files Internet Explorer IEXPLORE EXE c Program Files HJC HijackThis exe R - Default URLSearchHook is missing O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run LWBMOUSE C Program Files Tech Wheel Mouse MOUSE A EXE O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKLM Run AVPCC C Program Files Kaspersky Lab AntiViral Toolkit Pro avpcc exe wait O - HKLM Run b S BCG C WINDOWS kocinpg exe O - HKLM Run IST Service C Program Files ISTsvc istsvc exe O - HKCU Run CTFMON EXE C WINDOWS System ctfmon exe O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - DPF D BDCE-D - D -BF - EA E BlueStream Flash Class - http www rovion com Controls Rovion cab O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net housecall trendmicro com housecall xscan cab O - DPF A A - DA - DAF-B - F E E ActiveScan Installer Class - http www pandasoftware com activescan as asinst cab O - HKLM System CCS Services Tcpip -EA - - D- E E NameServer O - HKLM System CS Services Tcpip -EA - - D- E E NameServer nbsp

A:HELP!!! HJ Log file included in post

I have virus Trojan Downloader.win32.istbar.gen and I can't delete C:\Program Files\ISTsvc\istsvc.exe

since I notice that I don't have new version of HijackThis this is new log file:

Logfile of HijackThis v1.99.0
Scan saved at 7:56:12 PM, on 2/7/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\AntiViral Toolkit Pro\avpcc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Tech\Wheel Mouse\5.0\MOUSE32A.EXE
C:\Program Files\Kaspersky Lab\AntiViral Toolkit Pro\avpcc.exe
C:\WINDOWS\kocinpg.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\HJC\HijackThis.exe

R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Tech\Wheel Mouse\5.0\MOUSE32A.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVPCC] C:\Program Files\Kaspersky Lab\AntiViral Toolkit Pro\avpcc.exe /wait
O4 - HKLM\..\Run: [b1S6BCG] C:\WINDOWS\kocinpg.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) - http://www.rovion.com/Controls/Rovion.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVP Control Centre Service - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\AntiViral Toolkit Pro\avpcc.exe
 

https://forums.techguy.org/threads/help-hj-log-file-included-in-post.327765/
Relevancy 43%

Wow I have a killer problem here I had a malware that was popping up IE windows and kept trying to connect to the net anytime I went to windows explorer or control panels plus the ultimant defender I tried to use search and destroy avg antivirus microtrend windows malware remover and no luck plus IE is popping up a new set of about to windows every min or so Any help is very grateful ok was fast enough to get a log from in a normal boot if I hit the enter fast enough it made the scan then had to ctrl a and ctrl c within like sec to get it but got it Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot file HIJ included trojan mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C trojan HIJ file included WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C Program Files Intel Wireless Bin WLKeeper exe C WINDOWS system spoolsv exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C WINDOWS system CTsvcCDA exe C WINDOWS system lqdhoadn exe C Program Files Network Monitor netmon exe C Program Files Intel Wireless bin ZCfgSvc exe C Program Files Intel Wireless Bin ifrmewrk exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Java jre bin jusched exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files desksite bin cma exe C Program Files Intel Wireless Bin RegSrvc exe C PROGRA MYWEBS bar bin mwsoemon exe C Program Files Common Files InstallShield UpdateService issch exe C WINDOWS system svchost exe C Program Files iTunes iTunesHelper exe C Program Files Google Gmail Notifier gnotify exe C WINDOWS TEMP win ED tmp exe C WINDOWS mgrs exe C Program Files Creative Sync Manager Unicode CTSyncU exe C Program Files Creative MediaSource CTDetctu exe C Program Files Siber Systems AI RoboForm RoboTaskBarIcon exe C Documents and Settings Admin Application Data WinTouch WinTouch exe C Documents and Settings Admin Application Data Microsoft Windows ymhooq exe C Program Files Opera Opera exe C Program Files Yahoo Widgets YahooWidgetEngine exe C Program Files iPod bin iPodService exe C WINDOWS System svchost exe C Program Files Yahoo Widgets YahooWidgetEngine exe C Program Files Intel Wireless Bin Dot XCfg exe C WINDOWS system taskmgr exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http yahoo com R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll R - URLSearchHook no name - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - Toolbar webCollect Toolbar - DF BE -E BF- - DA- CCA B C - C Program Files webCollect toolbar v webCollect Toolbar dll O - Toolbar amp RoboForm - d a - d - d - - e a - C Program Files Siber Systems AI RoboForm roboform dll O - HKLM Run IntelZeroConfig quot C Program Files Intel Wireless bin ZCfgSvc exe quot O - HKLM Run IntelWireless quot C Program Files Intel Wireless Bin ifrmewrk exe quot tf Intel PROSet Wireless O - HKLM Run igfxtray C WINDOWS system igfxtray exe O - HKLM Run igfxhkcmd C WINDOWS system hkcmd exe O - HKLM Run igfxpers C WINDOWS system igfxpers exe O - HKLM Run DVDLauncher quot C Program Files CyberLink PowerDVD DVDLauncher exe quot O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run ATIPTA quot C Program Files ATI Technologies ATI Control Panel atiptaxx exe quot O - HKLM Run ymetray quot C Program Files Yahoo Yahoo Music Engine YahooMusicEngine exe quot -preload O - HKLM Run Desksite CMA C Program Files desksite bin cma exe O - HKLM Run My Web Sea... Read more

Relevancy 42.57%

I have run Spybot Adaware and online virus scan and cleaned everything they told me included Browser file HJT log hijacked, but my IE browser is still hijacked Below is the HJT log file This is my church s computer and I need to get it back on line Thanks Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files APC APC PowerChute Personal Edition mainserv exe c Program Files Common Files Symantec Shared ccEvtMgr exe c Program Files Norton AntiVirus navapsvc exe C WINDOWS System ScsiAccess EXE C WINDOWS wanmpsvc exe C WINDOWS system rundll exe C WINDOWS Explorer EXE C windows system hpsysdrv exe C Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe C Program Files Browser hijacked, HJT log file included Hewlett-Packard HP Share-to-Web hpgs wnd exe C HP KBD KBD EXE c Program Files Hewlett-Packard HP Share-to-Web hpgs wnf exe C Program Files Common Files Real Update OB realsched exe C Program Files Common Files Real Update OB rnathchk exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS system S tray exe C WINDOWS System spool drivers w x hpztsb exe C Program Files SED SED Browser hijacked, HJT log file included exe C WINDOWS system rkvuwr exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files D-Link AirPlus DWL- AIRPLUS EXE C Program Files FinePixViewer QuickDCF exe C PVSW Bin w dbsmgr exe C Program Files interMute SpamSubtract SpamSubtract exe C Program Files APC APC PowerChute Personal Edition apcsystray exe C Program Files Messenger msmsgs exe C Documents and Settings Administrator Desktop HJT HijackThis exe O - Hosts auto search msn com O - Hosts search netscape com O - Hosts ieautosearch O - Hosts ieautosearch O - Toolbar hp toolkit - B E - D D- DEB- B - D BCF F - C HP EXPLOREBAR HPTOOLKT DLL O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - c Program Files Norton AntiVirus NavShExt dll O - HKLM Run hpsysdrv c windows system hpsysdrv exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run CamMonitor c Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe O - HKLM Run Share-to-Web Namespace Daemon c Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe O - HKLM Run KBD C HP KBD KBD EXE O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run ccApp quot c Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot c Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run PS C WINDOWS system ps exe O - HKLM Run S TRAY S tray exe O - HKLM Run REGSHAVE C Program Files REGSHAVE REGSHAVE EXE AUTORUN O - HKLM Run HPDJ Taskbar Utility C WINDOWS System spool drivers w x hpztsb exe O - HKLM Run SESync quot C Program Files SED SED exe quot O - HKLM Run AlcxMonitor ALCXMNTR EXE O - HKCU Run SpybotSD TeaTimer C Program Files Spybot - Search amp Destroy TeaTimer exe O - Startup Pervasive SQL Workgroup Engine lnk C PVSW Bin w dbsmgr exe O - Startup spamsubtract lnk C Program Files interMute SpamSubtract SpamSubtract exe O - Global Startup APC UPS Status lnk O - Global Startup D-Link AirPlus DWL- Configuration Utility lnk O - Global Startup Exif Launcher lnk C Program Files FinePixViewer QuickDCF exe O - Global Startup Pervasive SQL Workgroup Engine lnk C PVSW Bin w dbsmgr exe O - Extra context menu item amp Google Search - res c program files google GoogleToolbar dll cmsearch html O - Extra context menu item Backward Links - res c program files google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res c program files google GoogleToolbar dll cmcache html O - Extra context menu item E amp xp... Read more

A:Browser hijacked, HJT log file included

First download lspfix.exe from http://www.spyware911.net/downloads/LSPFix.exe. Launch the application, and
click the "I know what I'm doing" checkbox. and move all instances of calsp.dll to the remove
pane(left hand) and click finish.

Now start your computer in Safe Mode and delete:
C:\windows\system32\calsp.dll - file

How to restart to safe mode:
Because XP will not always show you hidden files and folders by default, Go to Start - Search and under "More advanced search options". Make sure there is a check by "Search System Folders" and "Search hidden files and folders" and "Search system subfolders"

Next click on My Computer. Go to Tools - Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and "Hide extensions for known file types". Now click "Apply to all folders"
Click "Apply" then "OK

Post a new hijackthis log
 

https://forums.techguy.org/threads/browser-hijacked-hjt-log-file-included.315149/
Relevancy 42.57%

AVG cleaned out malware and quarantined some stuff but it s not over Thank you so much for included file still on- Malware log hanging any help you can give me Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS Malware still hanging on- log file included System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files AVG AVG avgchsvx exe C Program Files AVG AVG avgrsx exe C Program Files AVG AVG avgcsrvx exe C WINDOWS system Ati evxx exe C WINDOWS system spoolsv exe C WINDOWS Explorer exe C Program Files AVG AVG Identity Protection Agent Bin AVGIDSAgent exe C Program Files ATI Technologies Malware still hanging on- log file included ATI Control Panel atiptaxx exe C Program Files Toshiba Toshiba Applet thotkey exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS AGRSMMSG exe C Program Files TOSHIBA ConfigFree NDSTray exe C Program Files Synaptics SynTP Toshiba exe C Program Files TOSHIBA Touch and Launch PadExe exe C Program Files TOSHIBA TOSHIBA Zooming Utility SmoothView exe C WINDOWS system dla DLACTRLW exe C Program Files Toshiba Tvs TvsTray exe C Program Files TOSHIBA TOSHIBA Controls TFncKy exe C WINDOWS system TDispVol exe C WINDOWS RTHDCPL EXE C WINDOWS system TPSBattM exe C PROGRA AVG AVG avgtray exe C Program Files TOSHIBA TOSCDSPD toscdspd exe C WINDOWS system ctfmon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system RAMASST exe C Program Files AVG AVG Identity Protection agent bin avgidsmonitor exe C WINDOWS system acs exe C Program Files Common Files AOL ACS AOLAcsd exe C Program Files Common Files AOL TopSpeed aoltsmon exe C Program Files AVG AVG avgwdsvc exe C Program Files AVG AVG avgfws exe C Program Files TOSHIBA ConfigFree CFSvcs exe C WINDOWS system DVDRAMSV exe C Program Files AVG AVG avgam exe C Program Files AVG AVG avgnsx exe C WINDOWS system svchost exe c TOSHIBA IVP swupdate swupdtmr exe C Program Files TOSHIBA TOSHIBA Applet TAPPSRV exe C Program Files AVG AVG avgcsrvx exe C toshiba ivp ism ivpsvmgr exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www toshiba com search R - HKCU Software Microsoft Internet Explorer Main Start Page https www google com accounts Ser zpwhtygjntrz amp scc amp ltmpl default amp ltmplcache R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - URLSearchHook AVG Security Toolbar BHO - A BC A - F - -AA - D C - C Program Files AVG AVG Toolbar IEToolbar dll F - REG system ini Shell Explorer exe rundll exe mwyb wdo hudrv O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS System DLA DLASHX W DLL O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO AVG Security Toolbar BHO - A BC A - F - -AA - D C - C Program Files AVG AVG Toolbar IEToolbar dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files Google Google Toolbar GoogleToolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - Toolbar AVG Security Too... Read more

Relevancy 42.57%

This morning I had a little yellow triangle with a black exclamation mark included VIRUS AWOLA HJT file log - appear in my AWOLA VIRUS - HJT log file included toolbar Upon doing some investigation and updating Spybot S amp D and running it in the safe mode as well as searching files AWOLA VIRUS - HJT log file included and deleting them from my program files control panel and other locations after re-booting the yellow triangle continues to reappear as well as I can hear my pop-up blocker blocking AWOLA VIRUS - HJT log file included tons of attempts I need help getting rid of this cursed thing I have included my HJT log which I just ran about minutes ago Thanks in advance for help I look forward to hearing from anyone who can assist Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C WINDOWS system spoolsv exe C WINDOWS System svchost exe C Program Files Alwil Software Avast ashMaiSv exe C Program Files Alwil Software Avast ashWebSv exe C WINDOWS system wscntfy exe C WINDOWS Explorer EXE C Program Files Bellsouth HelpCenter b bin sprtcmd exe C Program Files ATT Internet Tools blsloader exe C Program Files Java jre bin jusched exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C WINDOWS system ctfmon exe C Documents and Settings Owner Application Data jdhfg exe C Program Files Digital Line Detect DLG exe C Program Files Logitech SetPoint SetPoint exe C Program Files Common Files Logitech KHAL KHALMNPR EXE C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main SearchAssistant http search bearshare com sidebar html src ssb R - HKCU Software Microsoft Internet Explorer Main Start Page http my att net R - URLSearchHook no name - D DEE F-DB - BEB- FF -E F A E A - no file F - REG system ini UserInit C WINDOWS system Userinit exe O - Hosts www winmx com O - BHO no name - D -C F - efb- B - ECA - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO BlspcHlpr Class - C F-CB - D- A-B F E EA - C Program Files ATT Internet Tools blspc dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - D C -F A- bd-BA -FDAB A E - no file O - HKLM Run HelpCenter C Program Files Bellsouth HelpCenter b bin sprtcmd exe P HelpCenter O - HKLM Run blspcloader quot C Program Files ATT Internet Tools blsloader exe quot O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKCU Run updateMgr quot C Program Files Adobe Acrobat Reader AdobeUpdateManager exe quot AcRdB -reboot O - HKCU Run LDM C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run OM Monitor C Program Files OLYMPUS OLYMPUS Master Monitor exe -NoStart O - HKCU Run Microsoft Windows Adapter C Documents and Settings Owner Application Data jdhfg exe O - Global Startup Digital Line Detect lnk O - Global Startup Logitech SetPoint lnk C Program Files Logitech SetPoint SetPoint exe O - Extra context menu item Add to AMV Convert Tool - C Program Files MP Player Utilities AMVConverter grab html O - Extra context menu item Add to Media Manager - C Program Files MP Player Utilities MediaManager grab html O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF... Read more

A:AWOLA VIRUS - HJT log file included

Hello biddle1,

Infection is showing here, so assuming you have not made too made changes since posting this log let's work from what shows here for now.
To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.
To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.
Download ComboFix.exe from here to your desktop

Then disconnect from net access. Once you have done that, click the downloaded ComboFix.exe file to run the repair.
When starting ComboFix will cause your computer's internal speakers to produce two beeps, and during the start process display two warnings. These are intended to discourage people who are not getting help in the forum from just experimenting with tools they do not understand. Just to inform you so you will understand that the procedures are expected, and okay.

ComboFix will also change the drive autoplay settings there as it's own added security measure. When we have completed all repairs here we will return the default Windows settings.
A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop, however given the infection there ComboFix will likely cause a reboot in order to complete it's repairs.

(ComboFix will also disable any screensaver settings made, so know that at some point when we complete repairs you will need to reset your screensaver)

Re-enable net access, and post back the C:\ComboFix.txt log as well as a new HijackThis log please.
 

https://forums.techguy.org/threads/awola-virus-hjt-log-file-included.693884/
Relevancy 42.57%

Ok, so i make backups of all my games on to my pc so i don't need to carry the disks with me (i lan it up often). When i bought two new Samsung F1 750gb harddrives i was copying data over to one of them and my PC crashed (other story) and then THIS happened!

Its kinda annoying and i think it's a Vista thing because Ubuntu sees the drive as how i named it.

I've tried renaming the disk, and no avail.

Please help!

Thanks in advance
~V
 

Relevancy 42.57%

I thank you in advance for this I have tried a few things to remove this File Log included Startium other issues. and but have come up with nothing I have found tghe other threads with info on Startium and other issues. Log File included this but I am leary to use the information since each system is unique and I do not want to damage my system I ahve the startium bar and random popups hapening on this computer I am using AGP Pro anti-virus and Zona Allarm pro Firewall I also run AdAware to clean things from time to time None of these programs seems to be finding and removing my problems Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS System hkcmd exe C WINDOWS SOUNDMAN EXE C Program Files Common Files Real Update OB evntsvc exe C Program Files QuickTime qttask exe C PROGRA Grisoft AVG avgcc exe C PROGRA Grisoft AVG avgemc exe C PROGRA ZONELA ZONEAL zapro exe C WINDOWS System syscpy exe C Program Files Media Media UpdateStats exe C WINDOWS System rundll exe C WINDOWS uptodate exe C WINDOWS emsw exe C WINDOWS System wjview exe C WINDOWS System rundll exe C Program Files ISTsvc istsvc exe C WINDOWS System winservn exe C Program Files Common Files Intuit QuickBooks QBUpdate qbupdate exe C Program Files Sentinelware Developments Random Desktop Random Desktop exe C Program Files DiGiCam Digicam exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C WINDOWS System svchost exe C WINDOWS system ZoneLabs vsmon exe C WINDOWS System UquPz exe C WINDOWS System Kio wM exe C WINDOWS System BRMFRSMG EXE C Program Files DiGiCam BcastTcp exe C Program Files DiGiCam DMMailServer exe C Program Files Internet Explorer iexplore exe C Documents and Settings Adam Local Settings Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer SearchURL http i-lookup com search html R - HKCU Software Microsoft Internet Explorer Main Start Page http www skyhighcomics com R - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - CF B - EEB- - C - EF F - C WINDOWS System stlbdist DLL O - BHO no name - D E- F - - DE - E - C WINDOWS System gdpvoice dll O - BHO Clear Search - E D A- B F- CF - B - CA D - C Program Files ClearSearch IE ClrSch DLL file missing O - BHO no name - AA ED - DD- d - -CF F - c windows googletoolbar en -big dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar amp Google - C B - - d - B - A CD F - c windows googletoolbar en -big dll O - Toolbar no name - EF AE - A D- C - B - ED C - no file O - Toolbar Search - CF B - EEB- - C - EF F - C WINDOWS System stlbdist DLL O - Toolbar no name - CA - - F -BA -BC DED AB ED - no file O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run TkBellExe C Program Files Common Files Real Update OB evntsvc exe -osboot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run AVG EMC C PROGRA Grisoft AVG avgemc exe O - HKLM Run AVG RegCleaner C PROGRA Grisoft AVG avgregcl exe BOOT O - HKLM Run Zone Labs Client C PROGRA ZONELA ZONEAL zapro exe O - HKLM Run Syscpy C WINDOWS System syscpy exe O - HKLM Run ClrSchLoader C Program Files ClearSearch Loader exe O - HKLM Run Power Scan C Program Files Power Scan powerscan exe O - HKLM Run UpdateStats C Program Files Media Media UpdateStats exe O - HKLM Run QY GP ZDK HF C WINDOWS System UwdTwS exe O - HKLM Run CF B - EEB- - C - EF F rundll exe C WINDOW... Read more

Relevancy 42.57%

I have virtuamonde, and Virtumond on my computer, and SD Search and Destroy hasn't done anything to resolve it, and I keep getting a popup from it about BME313e2b3d not being changed. My log is attached, someone please help me get rid of this damn thing, I can't stand my computer being so infected. I'm also getting occasional popups which I assume are from these two trojans.

So in the past few days the thing where my desktop doesn't load seems to have taken effect as well, just a little addition.

A:Virtuamonde and Virtumond Log File Included

Hello and Welcome.

You've only attached the extra.txt created by Deckard's System Scanner. There should also be a main.txt created. If it's been closed, it will be located at C:\Deckard\System Scanner\main.txt Please post it.

http://www.techsupportforum.com/forums/f284/virtuamonde-and-virtumond-log-file-included-275755.html
Relevancy 42.57%

Hi all tHis is my first post My browser seems to have been hijacked by a foreign language program Here is my HJT log any help woulfd be appreciated Thanks Log hijack included file Italian in advance Robert Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Italian hijack Log file included Running processes C WINDOWS System smss exe Italian hijack Log file included C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost Italian hijack Log file included exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Norton Internet Security NISUM EXE C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C Program Files Norton Internet Security ccPxySvc exe C WINDOWS System E S RP EXE C WINDOWS System gearsec exe C Program Files Symantec Norton Ghost GhostStartService exe C Program Files Norton SystemWorks Norton AntiVirus navapsvc exe C PROGRA NORTON NORTON NPROTECT EXE C WINDOWS system slserv exe C PROGRA NORTON NORTON SPEEDD NOPDB EXE C WINDOWS System svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS wanmpsvc exe C Program Files Common Files Symantec Shared Security Center SymWSC exe C WINDOWS Explorer EXE C WINDOWS mHotkey exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Scansoft PaperPort pptd nt exe C WINDOWS System spool DRIVERS W X E S I F EXE C Program Files Neato MediaFACE SetHook exe C Program Files Roxio Easy CD Creator DragToDisc DrgToDsc exe C Program Files Roxio Easy CD Creator AudioCentral RxMon exe C Program Files iTunes iTunesHelper exe C Program Files Symantec Norton Ghost GhostStartTrayApp exe C WINDOWS SM BG EXE C Program Files Logitech Video LogiTray exe C Program Files Roxio Easy CD Creator AudioCentral Playlist exe C Program Files iPod bin iPodService exe C Documents and Settings Robert Allen Application Data sgrunt IE exe C Program Files AWS WeatherBug Weather exe C Program Files Microsoft ActiveSync WCESCOMM EXE C Program Files EarthLink TotalAccess TaskPanl exe C Program Files BigFix BigFix exe C Program Files Sony Ericsson Mobile audevicemgr exe C Program Files palmOne HOTSYNC EXE C PROGRA SONYER Mobile CONNEC CONNMN EXE c Program Files Intuwave Ltd Shared mRouterRunTime mRouterRuntime exe C WINDOWS system LVComS exe C PROGRA SONYER Mobile CONNEC CapMan exe C PROGRA SONYER Mobile CONNEC ElogErr exe C PROGRA SONYER Mobile CONNEC BROADC EXE C PROGRA SONYER Mobile CONNEC SCRFS exe C WINDOWS system wuauclt exe C PROGRA SONYER Mobile MOBILE EPMWOR EXE C Program Files Microsoft Office Office OUTLOOK EXE C PROGRA SONYER Mobile SYNCIN EXE C Program Files Microsoft Office Office WINWORD EXE C Program Files Scansoft PaperPort PaprPort exe C Program Files Scansoft PaperPort SSIndexr exe C Program Files Scansoft PaperPort PPLinks exe C Program Files Scansoft PaperPort PPScanMg exe C WINDOWS system calc exe C Program Files Windows Media Player wmplayer exe C Program Files Internet Explorer iexplore exe C Program Files Microsoft ActiveSync WCESMgr exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C WINDOWS system taskmgr exe C Program Files WinRAR WinRAR exe C DOCUME ROBERT LOCALS Temp Rar EX HijackThis exe C Program Files Norton SystemWorks Norton AntiVirus OPScan exe C Program Files Messenger msmsgs exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www robertallenvideo com R - HKCU Software Microsoft Internet Explorer Main Start Page bak about blank R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www emachines com O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO EarthLink Popup Blocker - B F E - F - a-B -B E C EDF - C Program Files EarthLink ... Read more

Relevancy 42.57%

For the past few Log File Google Redirects, HJT Included days I have been getting Google redirects Occasionally when I click on google search Google Redirects, HJT Log File Included results I am taken to an advertising page instead of the result I asked for Additionally my browser seems to be running slower than usual and I am unable to update my antivirus software Symantec Antivirus Corporate Edition I ran a full virus scan and a Malwarebytes scan Malwarebytes found Trojan Vundo H and removed it After Vundo was removed the computer stopped opening IE windows that asked my to buy an antivirus program but the redirecting problem persists More recent scans have found nothing Here's the HJT log I can also post the Malwarebytes log if that will help Thanks for any help Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC Program Files Common Files Symantec Shared ccSetMgr exeC Program Files Common Files Symantec Shared SPBBC SPBBCSvc exeC WINDOWS Explorer EXEC WINDOWS System WLTRYSVC EXEC WINDOWS System bcmwltry exeC WINDOWS system spoolsv exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Bonjour mDNSResponder exeC Program Files Symantec AntiVirus DefWatch exeC Program Files Java jre bin jqs exeC WINDOWS runservice exeC Program Files Common Files Microsoft Shared VS Debug mdm exeC Program Files MozyHome mozybackup exeC WINDOWS system nvsvc exeC Program Files Symantec AntiVirus SavRoam exeC Program Files Dell Support Center bin sprtsvc exeC WINDOWS system svchost exeC WINDOWS system UAService exeC Program Files Viewpoint Common ViewpointService exeC Program Files Synaptics SynTP SynTPEnh exeC WINDOWS system rundll exeC WINDOWS system WLTRAY exeC Program Files Dell QuickSet quickset exeC WINDOWS stsystra exeC Program Files Common Files InstallShield UpdateService issch exeC Program Files Dell MediaDirect PCMService exeC Program Files Google Google Desktop Search GoogleDesktop exeC Program Files Common Files Symantec Shared ccApp exeC PROGRA SYMANT VPTray exeC Program Files Dell Support Center bin sprtcmd exeC Program Files iTunes iTunesHelper exeC Program Files Java jre bin jusched exeC WINDOWS system ctfmon exeC Program Files Google Google Desktop Search GoogleDesktop exeC WINDOWS system rundll exeC Program Files Digital Line Detect DLG exeC Program Files MozyHome mozystat exeC Program Files iPod bin iPodService exeC Program Files Common Files Symantec Shared ccEvtMgr exeC Program Files Messenger msmsgs exeC Program Files Internet Explorer IEXPLORE EXEC Program Files Malwarebytes' Anti-Malware mbam exeC WINDOWS system taskmgr exeC WINDOWS system NOTEPAD EXEC Program Files Mozilla Firefox firefox exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL www google com ig dell hl en amp client dell-usuk amp channel us amp ibd R - HKCU Software Microsoft Internet Explorer Main Start Page http www mlb com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search Default Page URL www google com ig dell hl en amp client dell-usuk amp channel us amp ibd R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe A... Read more

A:Google Redirects, HJT Log File Included

Hi,I see you have Viewpoint installed...Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.ViewpointViewpoint ManagerViewpoint Media PlayerThen, * Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPost the log from ComboFix in your next reply.

http://www.bleepingcomputer.com/forums/t/194293/google-redirects-hjt-log-file-included/
Relevancy 42.57%

Sinowal Trojan I keep getting a pop up doesn t look like it is a legit windows defender message quot Security Center Alert-Windows Firewall has blocked activity of harmful software Clicking on the quot enable quot tab takes you to an ad for Perfect Defender whatever that is I ran spybot S amp D and Malware bytes Hopefully you can help Thanks file Virus included ? Sinowal log HJT in advance Here is the log file Windows XP SP WinNT MSIE Internet Explorer v Sinowal Virus ? HJT log file included SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Common Files Acronis Schedule schedul exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system HPZipm exe C Program Files Common Files New Boundary PrismXL PRISMXL SYS C WINDOWS system svchost exe C WINDOWS system igfxtray exe C WINDOWS system hkcmd exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files CyberLink PowerDVD PDVDServ exe C PROGRA Grisoft AVGFRE avgcc exe C PROGRA Grisoft AVGFRE avgemc exe C Program Files Java jre bin jusched exe C Program Files QuickTime qttask exe C Program Files Acronis TrueImageHome TrueImageMonitor exe C Program Files Acronis TrueImageHome TimounterMonitor exe C Program Files Common Files Acronis Schedule schedhlp exe C WINDOWS Twain Fjscan SOP FtLnSOP exe C WINDOWS Twain fjscan FjtwSetup exe C Program Files Multimedia Card Reader readericon exe C WINDOWS System spool DRIVERS W X fppdis a exe C WINDOWS system ctfmon exe C Program Files Citrix GoToMeeting g mstart exe C Documents and Settings Owner Application Data Google xtgoj exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Citrix GoToMeeting g mcomm exe C Program Files Adobe Acrobat Distillr AcroTray exe C Program Files Citrix GoToMeeting g mlauncher exe C Program Files BigFix BigFix exe C Program Files Research In Motion BlackBerry Internet Edition DesktopMgr exe C Program Files Panasonic Palmcorder CARD LINK for USB regcnt exe C Program Files Internet Explorer iexplore exe C Program Files MWSnap MWSnap exe C Program Files Trend Micro HijackThis HijackThis exe C Program Files Outlook Express msimn exe C Program Files Mozilla Firefox firefox exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www gatewaybiz com O - BHO HelperObject Class - C D-C - C - -FCE AD C - C Program Files TechSmith SnagIt SnagItBHO dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO RealPlayer Download and Record Plugin for Internet Explorer - C E -B - BC - - C CA - C Program Files Real RealPlayer rpbrowserrecordplugin dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - Toolbar SnagIt - FF E -ABDE- EB-B E-D AAB CABE - C Program Files TechSmith SnagIt SnagItIEAddin dll O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run AVG EMC C PROGRA Grisoft AVGFRE avgemc exe O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O... Read more

https://forums.techguy.org/threads/sinowal-virus-hjt-log-file-included.776145/