[Inactive] hello, my sister win xp desktop pc have a trojan

Started By ProblemsRBad, Nov 04 2011 01:54 PM

This topic is locked
Go to first unread post

61 replies to this topic

#1 ProblemsRBad

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 04 November 2011 - 01:54 PM

Yes, and it was stuck in a reboot loop windows xp would load to the desktop then just reboot. I deleted the avast antivirus and the rebooting slowed down but after 5 min. reboot again. I tried to put more light software panda cloud antivirus but I keep getting error when i install it. maybe the trojan malwarebytes found is stopping panda from installing. I have a error log from panda cloud antivirus. I managed to get all the scan logs through safe mode as admin here they are,

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8079

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

11/3/2011 8:28:38 PM
mbam-log-2011-11-03 (20-28-38).txt

Scan type: Quick scan
Objects scanned: 174363
Time elapsed: 2 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\system32\bthsvw32.dll (Trojan.Dropper) -> Quarantined and deleted successfully.

-------------------------------------------------------------------------------------------------------------------------------
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-03 23:10:36
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-17 Maxtor_6Y080M0 rev.YAR51HW0
Running: jf3161l8.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pxtdrpoc.sys

---- Kernel code sections - GMER 1.0.15 ----

? uymcai.sys The system cannot find the file specified. !

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x58 0x29 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x62 0x0B 0x8F 0xE8 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Documents and Settings\Amy\Desktop\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xCB 0xA4 0xD9 0xEB ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8B 0xD9 0x8E 0xFC ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x74 0xC9 0x76 0x81 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x4A 0x8A 0xBA 0x11 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12 0xCD 0x57 0xE4 0x06 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x58 0x29 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x62 0x0B 0x8F 0xE8 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Documents and Settings\Amy\Desktop\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xCB 0xA4 0xD9 0xEB ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x8B 0xD9 0x8E 0xFC ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x74 0xC9 0x76 0x81 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12 0x4A 0x8A 0xBA 0x11 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12 0xCD 0x57 0xE4 0x06 ...

---- EOF - GMER 1.0.15 ----

-------------------------------------------------------------------------------------------------------------------------------

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-03 23:10:47
-----------------------------
23:10:47.328 OS Version: Windows 5.1.2600 Service Pack 3
23:10:47.328 Number of processors: 2 586 0x304
23:10:47.328 ComputerName: AMYS UserName:
23:10:47.937 Initialize success
23:14:54.312 AVAST engine defs: 11110301
08:03:02.406 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-c
08:03:02.421 Disk 0 Vendor: Maxtor_6Y160P0 YAR41BW0 Size: 156334MB BusType: 3
08:03:02.437 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-17
08:03:02.453 Disk 1 Vendor: Maxtor_6Y080M0 YAR51HW0 Size: 76293MB BusType: 3
08:03:04.546 Disk 1 MBR read successfully
08:03:04.546 Disk 1 MBR scan
08:03:04.640 Disk 1 Windows XP default MBR code
08:03:04.687 Disk 1 scanning sectors +156232125
08:03:05.046 Disk 1 scanning C:\WINDOWS\system32\drivers
08:03:34.265 Service scanning
08:03:36.406 Modules scanning
08:04:11.468 Disk 1 trace - called modules:
08:04:11.546 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
08:04:11.562 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x82ba19b0]
08:04:11.609 3 CLASSPNP.SYS[f85d4fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x82ba3830]
08:04:12.796 AVAST engine scan C:\WINDOWS
08:04:45.734 AVAST engine scan C:\WINDOWS\system32
08:12:54.171 AVAST engine scan C:\WINDOWS\system32\drivers
08:14:17.609 AVAST engine scan C:\Documents and Settings\Administrator
08:16:31.078 AVAST engine scan C:\Documents and Settings\All Users
08:19:02.250 Scan finished successfully
09:13:16.796 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
09:13:16.828 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBRlog.txt"

-------------------------------------------------------------------------------------------------------------------------------

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Administrator at 9:13:47 on 2011-11-04
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.250 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mSearchAssistant =
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1309968471750
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.69.1
TCP: Interfaces\{015CD00F-CAF9-40F5-8B1F-EC72337BF308} : DhcpNameServer = 68.87.77.134 68.87.72.134
TCP: Interfaces\{C8CF6FB7-8BA8-4999-9DF2-43F5E069E8CA} : DhcpNameServer = 192.168.69.1
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\yain7pud.default\
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-7-17 218688]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2010-12-27 547744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-7-3 366152]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys --> c:\windows\system32\drivers\avfwim.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-3 22216]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2010-12-15 1085440]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-6 136176]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-6 136176]
S4 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2010-8-24 92008]
S4 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2010-11-11 268528]
.
=============== Created Last 30 ================
.
2011-11-04 00:17:33 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2011-11-03 21:55:33 -------- d-----w- C:\temp
.
==================== Find3M ====================
.
2011-10-22 13:35:07 114688 ----a-w- c:\windows\DUMP4c3b.tmp
2011-09-08 19:26:26 106496 ----a-w- c:\windows\DUMP4863.tmp
2011-09-08 19:24:53 106496 ----a-w- c:\windows\DUMP4a76.tmp
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-03 17:08:31 114688 ----a-w- c:\windows\DUMP51b9.tmp
2011-09-01 14:59:43 114688 ----a-w- c:\windows\DUMP46ad.tmp
2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-15 16:09:12 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
.
============= FINISH: 9:14:42.51 ===============

--------------------------------------------------------------------------------------------------------------------------------

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2/24/2010 11:51:04 PM
System Uptime: 11/3/2011 8:30:28 PM (13 hours ago)
.
Motherboard: Dell Inc. | | 0G5611
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 9.601 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 153 GiB total, 15.576 GiB free.
F: is CDROM ()
I: is CDROM ()
J: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom NetXtreme 57xx Gigabit Controller
Device ID: PCI\VEN_14E4&DEV_1677&SUBSYS_01791028&REV_01\4&1D7EFF9E&0&00E0
Manufacturer: Broadcom
Name: Broadcom NetXtreme 57xx Gigabit Controller
PNP Device ID: PCI\VEN_14E4&DEV_1677&SUBSYS_01791028&REV_01\4&1D7EFF9E&0&00E0
Service: b57w2k
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: AvFw Packet Filter Miniport
Device ID: ROOT\AV_FLTDEV9MP\0000
Manufacturer: Avira
Name: Broadcom NetXtreme 57xx Gigabit Controller - AvFw Packet Filter Miniport
PNP Device ID: ROOT\AV_FLTDEV9MP\0000
Service: avfwim
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: AvFw Packet Filter Miniport
Device ID: ROOT\AV_FLTDEV9MP\0001
Manufacturer: Avira
Name: WAN Miniport (IP) - AvFw Packet Filter Miniport
PNP Device ID: ROOT\AV_FLTDEV9MP\0001
Service: avfwim
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: AvFw Packet Filter Miniport
Device ID: ROOT\AV_FLTDEV9MP\0002
Manufacturer: Avira
Name: D-Link WDA-1320 Desktop Adapter - AvFw Packet Filter Miniport
PNP Device ID: ROOT\AV_FLTDEV9MP\0002
Service: avfwim
.
==== System Restore Points ===================
.
RP18: 7/21/2011 7:22:28 PM - System Checkpoint
RP19: 7/22/2011 8:02:28 PM - System Checkpoint
RP20: 7/25/2011 2:40:04 AM - System Checkpoint
RP21: 7/26/2011 11:34:01 AM - System Checkpoint
RP22: 7/27/2011 7:37:04 PM - System Checkpoint
RP23: 7/28/2011 8:25:24 PM - System Checkpoint
RP24: 8/1/2011 12:01:57 AM - System Checkpoint
RP25: 8/2/2011 12:50:17 AM - System Checkpoint
RP26: 8/3/2011 7:26:26 AM - System Checkpoint
RP27: 8/4/2011 7:50:19 AM - System Checkpoint
RP28: 8/5/2011 11:25:58 AM - System Checkpoint
RP29: 8/6/2011 3:35:49 PM - System Checkpoint
RP30: 8/7/2011 6:28:32 PM - System Checkpoint
RP31: 8/8/2011 7:16:46 PM - System Checkpoint
RP32: 8/9/2011 8:16:46 PM - System Checkpoint
RP33: 8/10/2011 9:16:48 PM - System Checkpoint
RP34: 8/11/2011 10:16:48 PM - System Checkpoint
RP35: 8/12/2011 7:00:16 PM - Software Distribution Service 3.0
RP36: 8/13/2011 8:19:32 PM - System Checkpoint
RP37: 8/15/2011 7:51:00 AM - System Checkpoint
RP38: 8/16/2011 8:39:22 AM - System Checkpoint
RP39: 8/17/2011 9:39:23 AM - System Checkpoint
RP40: 8/18/2011 9:40:26 AM - System Checkpoint
RP41: 8/19/2011 10:39:23 AM - System Checkpoint
RP42: 8/20/2011 10:47:56 AM - System Checkpoint
RP43: 8/21/2011 11:27:26 AM - System Checkpoint
RP44: 8/22/2011 12:16:30 PM - System Checkpoint
RP45: 8/23/2011 1:16:30 PM - System Checkpoint
RP46: 8/24/2011 2:15:25 PM - System Checkpoint
RP47: 8/24/2011 7:00:18 PM - Software Distribution Service 3.0
RP48: 8/25/2011 7:15:23 PM - System Checkpoint
RP49: 8/26/2011 8:15:26 PM - System Checkpoint
RP50: 8/27/2011 9:15:23 PM - System Checkpoint
RP51: 8/28/2011 9:21:44 PM - System Checkpoint
RP52: 8/30/2011 7:40:49 PM - System Checkpoint
RP53: 8/31/2011 7:52:37 PM - System Checkpoint
RP54: 9/2/2011 2:25:05 PM - System Checkpoint
RP55: 9/3/2011 3:14:20 PM - System Checkpoint
RP56: 9/4/2011 4:14:21 PM - System Checkpoint
RP57: 11/3/2011 5:13:47 PM - Software Distribution Service 3.0
RP58: 11/3/2011 8:01:13 PM - Software Distribution Service 3.0
RP59: 11/3/2011 8:04:10 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.2.6
BitTorrent
Bonjour
Buzz
CCleaner
Color Scheme Editor
Cooking Academy 2 World Cuisine
County Fair
daHornet Version 1.34
DarkWave Studio 3.2.7
discoDSP Discovery Pro
EA Download Manager
ES DGenR8 VST 2.9.5
ESET Online Scanner v3
FlipShare
GEAR 32bit Driver Installer
Google Earth Plug-in
Google Update Helper
HamsterFreeVideoConverter
Hospital Tycoon
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format 11 SDK (KB973442)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
IMEA Sequencer version 1.4
Intel® Graphics Media Accelerator Driver
iTunes
Java Auto Updater
Java™ 6 Update 26
LADSPA_plugins-win-0.4.15
Live 8.2.1
LiveSticks1.0.6
Logitech Gaming Software 5.10
Malwarebytes' Anti-Malware version 1.51.2.1300
MeldaProduction Free VST Effects
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WinUsb 1.0
Microsoft WSE 3.0 Runtime
MixMeister BPM Analyzer 1.0
MixMeister Studio Demo 7.4.4
Mozilla Firefox 6.0.1 (x86 en-US)
MSXML 6.0 Parser (KB927977)
Naviextras Toolbox
Naviextras Toolbox Prerequesities
OhmForce Frohmage VST2
Psycle 1.8.8
QuickTime
RGSS-RTP Standard
RollerCoaster Tycoon 3
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
The Sims 2 Family Fun Stuff
The Sims 2 Glamour Life Stuff
The Sims 2 Pets
The Sims 2 University
The Sims™ 2 Apartment Life
The Sims™ 2 Best of Business Collection
The Sims™ 2 Bon Voyage
The Sims™ 2 Double Deluxe
The Sims™ 2 FreeTime
The Sims™ 2 IKEA® Home Stuff
The Sims™ 2 Mansion and Garden Stuff
The Sims™ 2 Seasons
The Sims™ 2 Teen Style Stuff
The Sims™ 3
Thrillville™: '07
TomTom HOME 2.7.6.2056
TomTom HOME Visual Studio Merge Modules
Unlocker 1.8.8
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
Virus Guard - powered by BitDefender
VLC media player 1.0.5
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Mobile Device Updater Component
Windows Search 4.0
WinRAR archiver
Yahoo! Messenger
Zune
Zune Language Pack (DEU)
Zune Language Pack (ESP)
Zune Language Pack (FRA)
Zune Language Pack (ITA)
Zune Language Pack (NLD)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
.
==== Event Viewer Messages From Past Week ========
.
11/3/2011 9:14:09 PM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
11/3/2011 8:32:29 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm PCIIde sptd ssmdrv
11/3/2011 8:12:32 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 80593a2f, parameter3 a986e8a0, parameter4 00000000.
11/3/2011 8:09:20 PM, error: System Error [1003] - Error code 100000d1, parameter1 4759336d, parameter2 00000002, parameter3 00000000, parameter4 aa7145e1.
11/3/2011 7:59:43 PM, error: System Error [1003] - Error code 1000000a, parameter1 0000db75, parameter2 00000002, parameter3 00000001, parameter4 80702a16.
11/3/2011 5:55:49 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
11/3/2011 5:23:30 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm sptd ssmdrv
11/3/2011 5:17:38 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 80593341, parameter3 a9ac16dc, parameter4 00000000.
11/3/2011 5:13:09 PM, error: System Error [1003] - Error code 1000000a, parameter1 0000303b, parameter2 0000001c, parameter3 00000000, parameter4 804e1af6.
11/3/2011 5:13:08 PM, error: System Error [1003] - Error code 10000050, parameter1 89f39e03, parameter2 00000001, parameter3 f876564d, parameter4 00000000.
11/3/2011 5:13:05 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 aa554e85, parameter3 aa3a6ca0, parameter4 00000000.
11/3/2011 5:13:03 PM, error: System Error [1003] - Error code 000000f4, parameter1 00000003, parameter2 8213e268, parameter3 8213e3dc, parameter4 8060577e.
11/3/2011 5:13:01 PM, error: System Error [1003] - Error code 00000073, parameter1 00000001, parameter2 c000017d, parameter3 00000004, parameter4 f8a43bb8.
11/3/2011 5:12:42 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 aa5b1eb0, parameter3 f872388c, parameter4 00000000.
11/3/2011 5:12:37 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 4e61c580, parameter3 f5ba28e4, parameter4 00000000.
11/3/2011 5:10:46 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/3/2011 5:09:25 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 aswSnx aswSP aswTdi Fips intelppm sptd ssmdrv
11/3/2011 5:08:53 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
11/3/2011 5:08:01 PM, error: sptd [4] - Driver detected an internal error in its data structures for .
.
==== End Of File ===========================

-------------------------------------------------------------------------------------------------------------------------------

this is the error log from try to install panda cloud antivirus

[17:49.04][INFO] StubInstaller:Application Starts
[17:49.05][INFO] CDownloader:Stub Installer Version: 1.0.0.22: 30.05.2011
[17:49.05][INFO] CDownloader:installationPath initialized: C:\Program Files\Panda Security\Panda Cloud Antivirus
[17:49.05][INFO] CRequest::SetConnectionTimeout(500)
[17:49.05][INFO] CRequest::SetConnectionTimeout(500), succeed
[17:49.05][INFO] CRequest::SetConnectionTimeout(500)
[17:49.05][INFO] CRequest::GetSession, The web browser: firefox, detected as system default
[17:49.05][INFO] CRequest::GetSession, Quering FireFox configuration settings...
[17:49.05][INFO] CRequest::GetSession, Completed. The following: '' proxy server has been detected.
[17:49.05][INFO] CRequest::GetSession, Creating session with dirrect connection.
[17:49.05][INFO] CRequest::GetSession, Completed.
[17:49.06][INFO] CDownloader:MajorVersion: 5, MinorVersion 1
[17:49.06][INFO] CDownloader:isWow: 0
[17:49.06][INFO] CDownloader:RAM: 502
[17:49.06][INFO] CDownloader:diskspace: 10119
[17:49.06][INFO] CDownloader:Browser version: 8
[17:49.06][INFO] CDownloader:major: 8
[17:49.06][INFO] CDownloader:checkCompatibleMode: 0
[17:49.06][INFO] CDownloader:Main Installer version number 0
[17:49.06][INFO] CDownloader:Main Installer version number 0
[17:49.25][INFO] CDownloader::SetConnectionTimeout(500)
[17:49.25][INFO] CDownloader::SetConnectionTimeout(500), succeed
[17:49.25][INFO] CDownloader::SetConnectionTimeout(500)
[17:49.25][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...udAntivirus.exe
[17:49.25][INFO] CDownloader::Close()
[17:49.25][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[17:49.25][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[17:49.25][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[17:49.25][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[17:49.25][INFO] CDownloader::GetSession, Completed.
[17:49.25][INFO] CDownloader:Connecting to server
[17:49.25][INFO] CConnection::Open, Connecting to server
[17:49.25][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...udAntivirus.exe
[17:49.25][INFO] CDownloader::SetConnectionTimeout(5000)
[17:49.25][INFO] CDownloader::SetConnectionTimeout(5000), succeed
[17:49.25][INFO] CDownloader::SetConnectionTimeout(5000)
[17:49.25][INFO] CDownloader::SetMaxRetires(5), succeed
[17:49.25][INFO] CDownloader::Close()
[17:49.25][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[17:49.25][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[17:49.25][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[17:49.25][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[17:49.25][INFO] CDownloader::GetSession, Completed.
[17:49.25][INFO] CDownloader:Connecting to server
[17:49.25][INFO] CConnection::Open, Connecting to server
[17:49.25][INFO] CConnection::Open, complete
[17:49.25][INFO] CDownloader:File Name:
[17:49.25][INFO] CDownloader:{45D976FB-7B7F-4928-BE93-E5BD684C85EA}.exe
[17:49.25][INFO] CConnection::Open, complete
[17:49.25][INFO] CDownloader:File Name:
[17:49.25][INFO] CDownloader:{2A397FA0-F0D9-4EAC-9EB2-24624732D4CE}.exe
[17:49.26][INFO] CDownloader:Testing Connection
[17:49.26][INFO] CSession:Setting default options
[17:49.26][INFO] CSession::SetConnectionTimeout(7000)
[17:49.26][INFO] CSession::SetConnectionTimeout(7000)
[17:49.26][INFO] CSession::SetConnectionTimeout(7000), succeed
[17:49.26][INFO] CSession::SetMaxRetires(5), succeed
[17:49.26][INFO] CSession::GetSession, The web browser: firefox, detected as system default
[17:49.26][INFO] CSession::GetSession, Quering FireFox configuration settings...
[17:49.26][INFO] CSession::GetSession, Completed. The following: '' proxy server has been detected.
[17:49.26][INFO] CSession::GetSession, Creating session with dirrect connection.
[17:49.26][INFO] CSession::GetSession, Completed.
[17:49.26][INFO] CConnection::Open, Connecting to server
[17:49.26][INFO] CDownloader:Testing Connection
[17:49.26][INFO] CRequest::SetConnectionTimeout(500)
[17:49.26][INFO] CRequest::SetConnectionTimeout(500), succeed
[17:49.26][INFO] CRequest::SetConnectionTimeout(500)
[17:49.27][INFO] CConnection::Open, complete
[17:49.27][INFO] CDownloader:CDownloader::RunConnectivityTest: Running 10 dummy test segments
[17:49.27][INFO] CSegment:#1:test starting...
[17:49.27][INFO] CSegment:#2:test starting...
[17:49.27][INFO] CSegment:#1::Open, Connecting to server
[17:49.27][INFO] CSegment:#3:test starting...
[17:49.27][INFO] CSegment:#2::Open, Connecting to server
[17:49.27][INFO] CSegment:#4:test starting...
[17:49.27][INFO] CSegment:#5:test starting...
[17:49.27][INFO] CSegment:#6:test starting...
[17:49.27][INFO] CSegment:#7:test starting...
[17:49.27][INFO] CSegment:#3::Open, Connecting to server
[17:49.27][INFO] CSegment:#4::Open, Connecting to server
[17:49.27][INFO] CSegment:#8:test starting...
[17:49.27][INFO] CSegment:#6::Open, Connecting to server
[17:49.27][INFO] CSegment:#5::Open, Connecting to server
[17:49.27][INFO] CSegment:#9:test starting...
[17:49.27][INFO] CSegment:#10:test starting...
[17:49.27][INFO] CSegment:#8::Open, Connecting to server
[17:49.27][INFO] CSegment:#7::Open, Connecting to server
[17:49.27][INFO] CSegment:#9::Open, Connecting to server
[17:49.27][INFO] CSegment:#10::Open, Connecting to server
[17:49.27][INFO] CSegment:#1:starting test download...
[17:49.27][INFO] CSegment:#2:starting test download...
[17:49.27][INFO] CSegment:#4:starting test download...
[17:49.27][INFO] CSegment:#6:starting test download...
[17:49.27][INFO] CSegment:#5:starting test download...
[17:49.27][INFO] CSegment:#3:starting test download...
[17:49.27][INFO] CSegment:#8:starting test download...
[17:49.27][INFO] CDownloader:Starting download
[17:49.27][INFO] CDownloader:Runnig 10 segments...

[17:49.27][INFO] CSegment:#1:starting...
[17:49.27][INFO] CSegment:#9:starting test download...
[17:49.27][INFO] CSegment:#2:starting...
[17:49.27][INFO] CSegment:#1::Open, Connecting to server
[17:49.27][INFO] CSegment:#3:starting...
[17:49.27][INFO] CSegment:#2::Open, Connecting to server
[17:49.27][INFO] CSegment:#4:starting...
[17:49.27][INFO] CSegment:#5:starting...
[17:49.27][INFO] CSegment:#4::Open, Connecting to server
[17:49.27][INFO] CSegment:#6:starting...
[17:49.27][INFO] CSegment:#7:starting...
[17:49.27][INFO] CSegment:#6::Open, Connecting to server
[17:49.27][INFO] CSegment:#8:starting...
[17:49.27][INFO] CSegment:#9:starting...
[17:49.27][INFO] CSegment:#10:starting...
[17:49.27][INFO] CSegment:#8::Open, Connecting to server
[17:49.27][INFO] CSegment:#10::Open, Connecting to server
[17:49.27][INFO] CSegment:#3::Open, Connecting to server
[17:49.27][INFO] CSegment:#5::Open, Connecting to server
[17:49.27][INFO] CSegment:#7::Open, Connecting to server
[17:49.27][INFO] CSegment:#9::Open, Connecting to server
[17:49.27][INFO] CSegment:#7:starting test download...
[17:49.27][INFO] CSegment:#10:starting test download...
[17:49.27][INFO] CSegment:#1:Dispose, starting
[17:49.27][INFO] CSegment:#1:Dispose, complete
[17:49.27][INFO] CSegment:#2:Dispose, starting
[17:49.27][INFO] CSegment:#2:Dispose, complete
[17:49.27][INFO] CSegment:#3:Dispose, starting
[17:49.27][INFO] CSegment:#3:Dispose, complete
[17:49.27][INFO] CSegment:#4:Dispose, starting
[17:49.27][INFO] CSegment:#4:Dispose, complete
[17:49.27][INFO] CSegment:#5:Dispose, starting
[17:49.27][INFO] CSegment:#5:Dispose, complete
[17:49.27][INFO] CSegment:#6:Dispose, starting
[17:49.27][INFO] CSegment:#6:Dispose, complete
[17:49.27][INFO] CSegment:#7:Dispose, starting
[17:49.27][INFO] CSegment:#7:Dispose, complete
[17:49.27][INFO] CSegment:#8:Dispose, starting
[17:49.27][INFO] CSegment:#8:Dispose, complete
[17:49.27][INFO] CSegment:#9:Dispose, starting
[17:49.27][INFO] CSegment:#9:Dispose, complete
[17:49.27][INFO] CSegment:#10:Dispose, starting
[17:49.27][INFO] CSegment:#10:Dispose, complete
[17:49.27][INFO] CSession::Close()
[17:49.27][INFO] CSession::Close()
[17:49.27][INFO] CDownloader::DoRun, delete file.
[17:49.27][INFO] CDownloader:Download complete successfully
[17:49.28][INFO] CSegment:#1:starting download...
[17:49.28][INFO] CSegment:#2:starting download...
[17:49.28][INFO] CSegment:#4:starting download...
[17:49.28][INFO] CSegment:#6:starting download...
[17:49.28][INFO] CSegment:#3:starting download...
[17:49.28][INFO] CSegment:#10:starting download...
[17:49.28][INFO] CSegment:#5:starting download...
[17:49.28][INFO] CSegment:#8:starting download...
[17:49.28][INFO] CSegment:#7:starting download...
[17:49.29][INFO] CSegment:#9:starting download...
[17:50.02][ERROR] 0:CSegment:#10:::GetCurrentThreadId(): 904 Position(): 31436091

[17:50.02][ERROR] -100:CSegment:#10:failed to read internet resource data, WIN_INTET_ERROR: 183
[17:50.02][INFO] CSegment:#10:download failed, 35s left.
[17:50.02][ERROR] 0:CSegment:#3:::GetCurrentThreadId(): 1888 Position(): 7305286

[17:50.02][ERROR] -100:CSegment:#3:failed to read internet resource data, WIN_INTET_ERROR: 183
[17:50.02][INFO] CSegment:#3:download failed, 35s left.
[17:50.03][ERROR] 0:CSegment:#4:::GetCurrentThreadId(): 964 Position(): 10724457

[17:50.03][ERROR] -100:CSegment:#4:failed to read internet resource data, WIN_INTET_ERROR: 183
[17:50.03][INFO] CSegment:#4:download failed, 36s left.
[17:50.03][ERROR] 0:CSegment:#7:::GetCurrentThreadId(): 1024 Position(): 21194962

[17:50.03][ERROR] -100:CSegment:#7:failed to read internet resource data, WIN_INTET_ERROR: 183
[17:50.03][INFO] CSegment:#7:download failed, 36s left.
[17:50.04][ERROR] 0:CSegment:#8:::GetCurrentThreadId(): 1028 Position(): 24556789

[17:50.04][ERROR] -100:CSegment:#8:failed to read internet resource data, WIN_INTET_ERROR: 183
[17:50.04][INFO] CSegment:#8:download failed, 37s left.
[17:50.05][ERROR] 0:CSegment:#2:::GetCurrentThreadId(): 896 Position(): 3722275

[17:50.05][ERROR] -100:CSegment:#2:failed to read internet resource data, WIN_INTET_ERROR: 183
[17:50.05][INFO] CSegment:#2:download failed, 38s left.
[17:50.06][ERROR] 0:CSegment:#6:::GetCurrentThreadId(): 1020 Position(): 17456303

[17:50.06][ERROR] -100:CSegment:#6:failed to read internet resource data, WIN_INTET_ERROR: 183
[17:50.06][INFO] CSegment:#6:download failed, 39s left.
[17:50.09][ERROR] 0:CSegment:#1:::GetCurrentThreadId(): 1012 Position(): 311296

[17:50.09][ERROR] -100:CSegment:#1:failed to read internet resource data, WIN_INTET_ERROR: 183
[17:50.09][INFO] CSegment:#1:download failed, 42s left.
[17:51.44][INFO] CSegment:#9:download complete, 137s left.
[17:51.44][INFO] CDownloader:WaitAll, removing succed #9 segment
[17:51.44][INFO] CSegment:#9:Dispose, starting
[17:51.44][INFO] CSegment:#9:Dispose, complete
[17:51.44][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #7
[17:51.44][INFO] CSegment:#7:starting...
[17:51.44][INFO] CSegment:#7::Open, Connecting to server
[17:51.44][INFO] CSegment:#7:starting download...
[17:51.46][INFO] CSegment:#5:download complete, 139s left.
[17:51.46][INFO] CDownloader:WaitAll, removing succed #5 segment
[17:51.46][INFO] CSegment:#5:Dispose, starting
[17:51.46][INFO] CSegment:#5:Dispose, complete
[17:51.46][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #8
[17:51.46][INFO] CSegment:#8:starting...
[17:51.46][INFO] CSegment:#8::Open, Connecting to server
[17:51.46][INFO] CSegment:#8:starting download...
[17:52.45][INFO] CSegment:#7:download complete, 61s left.
[17:52.45][INFO] CDownloader:WaitAll, removing succed #7 segment
[17:52.45][INFO] CSegment:#7:Dispose, starting
[17:52.45][INFO] CSegment:#7:Dispose, complete
[17:52.45][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #10
[17:52.45][INFO] CSegment:#10:starting...
[17:52.45][INFO] CSegment:#10::Open, Connecting to server
[17:52.45][INFO] CSegment:#10:starting download...
[17:52.54][INFO] CSegment:#8:download complete, 68s left.
[17:52.54][INFO] CDownloader:WaitAll, removing succed #8 segment
[17:52.54][INFO] CSegment:#8:Dispose, starting
[17:52.54][INFO] CSegment:#8:Dispose, complete
[17:52.54][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #2
[17:52.54][INFO] CSegment:#2:starting...
[17:52.54][INFO] CSegment:#2::Open, Connecting to server
[17:52.54][INFO] CSegment:#2:starting download...
[17:53.43][INFO] CSegment:#10:download complete, 58s left.
[17:53.44][INFO] CDownloader:WaitAll, removing succed #10 segment
[17:53.44][INFO] CSegment:#10:Dispose, starting
[17:53.44][INFO] CSegment:#10:Dispose, complete
[17:53.44][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #3
[17:53.44][INFO] CSegment:#3:starting...
[17:53.44][INFO] CSegment:#3::Open, Connecting to server
[17:53.44][INFO] CSegment:#3:starting download...
[17:53.46][INFO] CSegment:#2:download complete, 52s left.
[17:53.46][INFO] CDownloader:WaitAll, removing succed #2 segment
[17:53.46][INFO] CSegment:#2:Dispose, starting
[17:53.46][INFO] CSegment:#2:Dispose, complete
[17:53.46][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #4
[17:53.46][INFO] CSegment:#4:starting...
[17:53.46][INFO] CSegment:#4::Open, Connecting to server
[17:53.46][INFO] CSegment:#4:starting download...
[17:54.23][INFO] CSegment:#3:download complete, 39s left.
[17:54.23][INFO] CDownloader:WaitAll, removing succed #3 segment
[17:54.23][INFO] CSegment:#3:Dispose, starting
[17:54.23][INFO] CSegment:#3:Dispose, complete
[17:54.23][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #6
[17:54.23][INFO] CSegment:#6:starting...
[17:54.23][INFO] CSegment:#6::Open, Connecting to server
[17:54.23][INFO] CSegment:#6:starting download...
[17:54.32][INFO] CSegment:#4:download complete, 46s left.
[17:54.32][INFO] CDownloader:WaitAll, removing succed #4 segment
[17:54.32][INFO] CSegment:#4:Dispose, starting
[17:54.32][INFO] CSegment:#4:Dispose, complete
[17:54.32][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #1
[17:54.32][INFO] CSegment:#1:starting...
[17:54.32][INFO] CSegment:#1::Open, Connecting to server
[17:54.32][INFO] CSegment:#1:starting download...
[17:55.20][INFO] CSegment:#6:download complete, 57s left.
[17:55.20][INFO] CDownloader:WaitAll, removing succed #6 segment
[17:55.20][INFO] CSegment:#6:Dispose, starting
[17:55.20][INFO] CSegment:#6:Dispose, complete
[17:55.33][INFO] CSegment:#1:download complete, 61s left.
[17:55.33][INFO] CDownloader:WaitAll, removing succed #1 segment
[17:55.33][INFO] CSegment:#1:Dispose, starting
[17:55.33][INFO] CSegment:#1:Dispose, complete
[17:55.33][INFO] CDownloader:Download complete successfully
[17:55.33][INFO] CDownloader:Setting default options
[17:55.33][INFO] CDownloader:Started ThreadExecute
[17:55.33][INFO] CDownloader::SetConnectionTimeout(7000)
[17:55.33][INFO] CDownloader:ThreadExecute after CDlgDownload::m_hSection
[17:55.33][INFO] CDownloader::SetConnectionTimeout(7000)
[17:55.33][INFO] CDownloader::SetConnectionTimeout(7000), succeed
[17:55.33][INFO] CDownloader::SetMaxRetires(5), succeed
[17:55.33][INFO] CDownloader::SetConnectionTimeout(500), succeed
[17:55.33][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...g/Page_2_en.png
[17:55.33][INFO] CDownloader::Close()
[17:55.33][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[17:55.33][INFO] CDownloader:Command line for MainInstaller: -sp"/ConfigurationFile:C:\Temp\CloudAvBootstrap.xml"
[17:55.33][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[17:55.33][INFO] CRequest::SetConnectionTimeout(500)
[17:55.33][INFO] CRequest::SetConnectionTimeout(500), succeed
[17:55.33][INFO] CRequest::SetConnectionTimeout(500)
[17:55.33][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[17:55.33][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[17:55.33][INFO] CDownloader::GetSession, Completed.
[17:55.33][INFO] CDownloader:Setting default options
[17:55.33][INFO] CDownloader::SetConnectionTimeout(7000)
[17:55.33][INFO] CDownloader::SetConnectionTimeout(7000)
[17:55.33][INFO] CDownloader::SetConnectionTimeout(7000), succeed
[17:55.33][INFO] CDownloader::SetMaxRetires(5), succeed
[17:55.33][INFO] CDownloader::SetConnectionTimeout(500), succeed
[17:55.33][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...g/Page_3_en.png
[17:55.33][INFO] CDownloader::Close()
[17:55.33][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[17:55.33][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[17:55.33][INFO] CDownloader:Connecting to server
[17:55.33][INFO] CConnection::Open, Connecting to server
[17:55.33][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[17:55.33][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[17:55.33][INFO] CDownloader::GetSession, Completed.
[17:55.33][INFO] CDownloader:Setting default options
[17:55.33][INFO] CDownloader::SetConnectionTimeout(7000)
[17:55.33][INFO] CDownloader::SetConnectionTimeout(7000)
[17:55.33][INFO] CDownloader::SetConnectionTimeout(7000), succeed
[17:55.33][INFO] CDownloader::SetMaxRetires(5), succeed
[17:55.33][INFO] CDownloader::SetConnectionTimeout(500), succeed
[17:55.33][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...g/Page_4_en.png
[17:55.33][INFO] CDownloader::Close()
[17:55.33][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[17:55.33][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[17:55.33][INFO] CDownloader:Connecting to server
[17:55.33][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[17:55.33][INFO] CConnection::Open, Connecting to server
[17:55.33][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[17:55.33][INFO] CDownloader::GetSession, Completed.
[17:55.33][INFO] CDownloader:Connecting to server
[17:55.33][INFO] CConnection::Open, Connecting to server
[17:55.33][INFO] CConnection::Open, complete
[17:55.33][INFO] CDownloader:File Name:
[17:55.33][INFO] CDownloader:{1B7F286E-9682-4161-886B-AA3B0D155B10}.png
[17:55.33][INFO] CDownloader:Testing Connection
[17:55.33][INFO] CDownloader:Starting download
[17:55.33][INFO] CDownloader:Runnig 1 segments...

[17:55.33][INFO] CSegment:#1:starting...
[17:55.33][INFO] CSegment:#1::Open, Connecting to server
[17:55.33][INFO] CConnection::Open, complete
[17:55.33][INFO] CDownloader:File Name:
[17:55.33][INFO] CDownloader:{BD8026EB-A3F3-4A40-8DA5-1CE7A1EFB1BE}.png
[17:55.33][INFO] CDownloader:Testing Connection
[17:55.33][INFO] CDownloader:Starting download
[17:55.33][INFO] CDownloader:Runnig 1 segments...

[17:55.33][INFO] CSegment:#1:starting...
[17:55.33][INFO] CSegment:#1::Open, Connecting to server
[17:55.33][INFO] CDownloader:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{2A397FA0-F0D9-4EAC-9EB2-24624732D4CE}.exe
[17:55.33][INFO] CDownloader:Finish execute
[17:55.33][INFO] CConnection::Open, complete
[17:55.33][INFO] CDownloader:File Name:
[17:55.33][INFO] CDownloader:{93FBD20C-ADBE-452E-91C7-9A2E363CBB25}.png
[17:55.33][INFO] CDownloader:Testing Connection
[17:55.33][INFO] CDownloader:Starting download
[17:55.33][INFO] CDownloader:Runnig 1 segments...

[17:55.33][INFO] CSegment:#1:starting...
[17:55.33][INFO] CSegment:#1::Open, Connecting to server
[17:55.33][INFO] CSegment:#1:starting download...
[17:55.33][INFO] CSegment:#1:starting download...
[17:55.34][INFO] CSegment:#1:starting download...
[17:55.35][INFO] CSegment:#1:download complete, 2s left.
[17:55.35][INFO] CDownloader:WaitAll, removing succed #1 segment
[17:55.35][INFO] CSegment:#1:Dispose, starting
[17:55.35][INFO] CSegment:#1:Dispose, complete
[17:55.35][INFO] CDownloader:Download complete successfully
[17:55.36][INFO] CSegment:#1:download complete, 3s left.
[17:55.36][INFO] CDownloader:WaitAll, removing succed #1 segment
[17:55.36][INFO] CSegment:#1:Dispose, starting
[17:55.36][INFO] CSegment:#1:Dispose, complete
[17:55.36][INFO] CDownloader:Download complete successfully
[17:55.36][INFO] CSegment:#1:download complete, 3s left.
[17:55.36][INFO] CDownloader:WaitAll, removing succed #1 segment
[17:55.36][INFO] CSegment:#1:Dispose, starting
[17:55.36][INFO] CSegment:#1:Dispose, complete
[17:55.36][INFO] CDownloader:Download complete successfully
[17:55.50][INFO] CRequest::SetConnectionTimeout(500)
[17:55.50][INFO] CRequest::SetConnectionTimeout(500), succeed
[17:55.50][INFO] CRequest::SetConnectionTimeout(500)
[19:06.01][INFO] StubInstaller:Application Exit
[19:06.01][INFO] CDownloader::Close()
[19:06.01][INFO] CDownloader::Close()
[19:06.01][INFO] CDownloader::Close()
[19:06.01][INFO] CDownloader:Delete file failed
[19:06.01][INFO] CDownloader:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{45D976FB-7B7F-4928-BE93-E5BD684C85EA}.exe
[19:06.01][INFO] CDownloader:Delete file failed
[19:06.01][INFO] CDownloader:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{2A397FA0-F0D9-4EAC-9EB2-24624732D4CE}.exe
[19:06.01][INFO] CDownloader:Delete file failed
[19:06.01][INFO] CDownloader:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{1B7F286E-9682-4161-886B-AA3B0D155B10}.png
[19:06.01][INFO] CDownloader::Close()
[19:06.01][INFO] CDownloader::Close()
[19:06.08][INFO] StubInstaller:Application Starts
[19:06.08][INFO] CDownloader:Stub Installer Version: 1.0.0.22: 30.05.2011
[19:06.08][INFO] CDownloader:installationPath initialized: C:\Program Files\Panda Security\Panda Cloud Antivirus
[19:06.08][INFO] CRequest::SetConnectionTimeout(500)
[19:06.08][INFO] CRequest::SetConnectionTimeout(500), succeed
[19:06.08][INFO] CRequest::SetConnectionTimeout(500)
[19:06.08][INFO] CRequest::GetSession, The web browser: firefox, detected as system default
[19:06.08][INFO] CRequest::GetSession, Quering FireFox configuration settings...
[19:06.08][INFO] CRequest::GetSession, Completed. The following: '' proxy server has been detected.
[19:06.08][INFO] CRequest::GetSession, Creating session with dirrect connection.
[19:06.08][INFO] CRequest::GetSession, Completed.
[19:06.25][ERROR] -502:CRequest::Ping, failed to create new connection, WIN_INET_ERROR:12007
[19:06.25][INFO] CDownloader:MajorVersion: 5, MinorVersion 1
[19:06.25][INFO] CDownloader:isWow: 0
[19:06.25][INFO] CDownloader:RAM: 502
[19:06.25][INFO] CDownloader:diskspace: 10119
[19:06.25][INFO] CDownloader:Browser version: 8
[19:06.25][INFO] CDownloader:major: 8
[19:06.25][INFO] CDownloader:checkCompatibleMode: 0
[19:06.25][INFO] CDownloader:Main Installer version number 0
[19:06.25][INFO] CDownloader:Main Installer version number 0
[19:09.21][INFO] CDownloader::SetConnectionTimeout(500)
[19:09.21][INFO] CDownloader::SetConnectionTimeout(500), succeed
[19:09.21][INFO] CDownloader::SetConnectionTimeout(500)
[19:09.21][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...udAntivirus.exe
[19:09.21][INFO] CDownloader::Close()
[19:09.21][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[19:09.21][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[19:09.21][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[19:09.21][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[19:09.21][INFO] CDownloader::GetSession, Completed.
[19:09.21][INFO] CDownloader:Connecting to server
[19:09.21][INFO] CConnection::Open, Connecting to server
[19:09.21][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...udAntivirus.exe
[19:09.21][INFO] CDownloader::SetConnectionTimeout(5000)
[19:09.21][INFO] CDownloader::SetConnectionTimeout(5000), succeed
[19:09.21][INFO] CDownloader::SetConnectionTimeout(5000)
[19:09.21][INFO] CDownloader::SetMaxRetires(5), succeed
[19:09.21][INFO] CDownloader::Close()
[19:09.21][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[19:09.21][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[19:09.21][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[19:09.21][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[19:09.21][INFO] CDownloader::GetSession, Completed.
[19:09.21][INFO] CDownloader:Connecting to server
[19:09.21][INFO] CConnection::Open, Connecting to server
[19:09.22][ERROR] -1:CConnection::Open, failed by timout
[19:09.22][INFO] CDownloader::Close()
[19:09.26][ERROR] -1:CConnection::Open, failed by timout
[19:09.26][INFO] CDownloader::Close()
[19:09.36][ERROR] -1:CConnection:m_hHttpFile == NULL
[19:09.36][ERROR] -400:CConnection:InternetOpenUrl, failed, WIN_INET_ERROR:183
[19:09.36][ERROR] -1:CConnection::Open, worker thread has exited
[19:09.36][ERROR] -1:CDownloader:No connection available, breaking...
[19:09.36][INFO] CDownloader:Download complete with errors, last ERROR: -500
[19:09.40][ERROR] -1:CConnection:m_hHttpFile == NULL
[19:09.40][ERROR] -400:CConnection:InternetOpenUrl, failed, WIN_INET_ERROR:183
[19:09.40][ERROR] -1:CConnection::Open, worker thread has exited
[19:09.40][ERROR] -1:CDownloader:No connection available, breaking...
[19:09.40][INFO] CDownloader:Download complete with errors, last ERROR: -500
[19:14.21][INFO] CRequest::SetConnectionTimeout(500)
[19:14.21][INFO] CRequest::SetConnectionTimeout(500), succeed
[19:14.21][INFO] CRequest::SetConnectionTimeout(500)
[19:14.26][INFO] CRequest::SetConnectionTimeout(500)
[19:14.26][INFO] CRequest::SetConnectionTimeout(500), succeed
[19:14.26][INFO] CRequest::SetConnectionTimeout(500)
[19:14.31][INFO] StubInstaller:Application Exit
[19:14.31][INFO] CDownloader::Close()
[19:14.31][INFO] CDownloader::Close()
[19:14.59][INFO] StubInstaller:Application Starts
[19:14.59][INFO] CDownloader:Stub Installer Version: 1.0.0.22: 30.05.2011
[19:14.59][INFO] CDownloader:installationPath initialized: C:\Program Files\Panda Security\Panda Cloud Antivirus
[19:14.59][INFO] CRequest::SetConnectionTimeout(500)
[19:14.59][INFO] CRequest::SetConnectionTimeout(500), succeed
[19:14.59][INFO] CRequest::SetConnectionTimeout(500)
[19:14.59][INFO] CRequest::GetSession, The web browser: firefox, detected as system default
[19:14.59][INFO] CRequest::GetSession, Quering FireFox configuration settings...
[19:14.59][INFO] CRequest::GetSession, Completed. The following: '' proxy server has been detected.
[19:14.59][INFO] CRequest::GetSession, Creating session with dirrect connection.
[19:14.59][INFO] CRequest::GetSession, Completed.
[19:15.00][INFO] CDownloader:MajorVersion: 5, MinorVersion 1
[19:15.00][INFO] CDownloader:isWow: 0
[19:15.00][INFO] CDownloader:RAM: 502
[19:15.00][INFO] CDownloader:diskspace: 10118
[19:15.00][INFO] CDownloader:Browser version: 8
[19:15.00][INFO] CDownloader:major: 8
[19:15.00][INFO] CDownloader:checkCompatibleMode: 0
[19:15.00][INFO] CDownloader:Main Installer version number 0
[19:15.01][INFO] CDownloader:Main Installer version number 0
[19:15.26][INFO] CDownloader::SetConnectionTimeout(500)
[19:15.26][INFO] CDownloader::SetConnectionTimeout(500), succeed
[19:15.26][INFO] CDownloader::SetConnectionTimeout(500)
[19:15.26][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...udAntivirus.exe
[19:15.26][INFO] CDownloader::Close()
[19:15.26][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[19:15.26][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[19:15.26][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[19:15.26][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[19:15.26][INFO] CDownloader::GetSession, Completed.
[19:15.26][INFO] CDownloader:Connecting to server
[19:15.26][INFO] CConnection::Open, Connecting to server
[19:15.26][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...udAntivirus.exe
[19:15.26][INFO] CDownloader::SetConnectionTimeout(5000)
[19:15.26][INFO] CDownloader::SetConnectionTimeout(5000), succeed
[19:15.26][INFO] CDownloader::SetConnectionTimeout(5000)
[19:15.26][INFO] CDownloader::SetMaxRetires(5), succeed
[19:15.26][INFO] CDownloader::Close()
[19:15.26][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[19:15.26][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[19:15.26][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[19:15.26][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[19:15.26][INFO] CDownloader::GetSession, Completed.
[19:15.26][INFO] CDownloader:Connecting to server
[19:15.26][INFO] CConnection::Open, Connecting to server
[19:15.26][INFO] CConnection::Open, complete
[19:15.26][INFO] CDownloader:File Name:
[19:15.26][INFO] CDownloader:{3FF9F44B-C34C-4E79-B383-BE8630AEF9B5}.exe
[19:15.26][INFO] CConnection::Open, complete
[19:15.26][INFO] CDownloader:File Name:
[19:15.26][INFO] CDownloader:{41D7D6B5-FA63-4D7C-82E7-9E99B0981D2C}.exe
[19:15.27][INFO] CDownloader:Testing Connection
[19:15.27][INFO] CDownloader:Testing Connection
[19:15.27][INFO] CSession:Setting default options
[19:15.27][INFO] CSession::SetConnectionTimeout(7000)
[19:15.27][INFO] CRequest::SetConnectionTimeout(500)
[19:15.27][INFO] CSession::SetConnectionTimeout(7000)
[19:15.27][INFO] CRequest::SetConnectionTimeout(500), succeed
[19:15.27][INFO] CSession::SetConnectionTimeout(7000), succeed
[19:15.27][INFO] CRequest::SetConnectionTimeout(500)
[19:15.27][INFO] CSession::SetMaxRetires(5), succeed
[19:15.27][INFO] CSession::GetSession, The web browser: firefox, detected as system default
[19:15.27][INFO] CSession::GetSession, Quering FireFox configuration settings...
[19:15.27][INFO] CSession::GetSession, Completed. The following: '' proxy server has been detected.
[19:15.27][INFO] CSession::GetSession, Creating session with dirrect connection.
[19:15.27][INFO] CSession::GetSession, Completed.
[19:15.27][INFO] CConnection::Open, Connecting to server
[19:15.28][INFO] CConnection::Open, complete
[19:15.28][INFO] CDownloader:CDownloader::RunConnectivityTest: Running 10 dummy test segments
[19:15.28][INFO] CSegment:#1:test starting...
[19:15.28][INFO] CSegment:#2:test starting...
[19:15.28][INFO] CSegment:#1::Open, Connecting to server
[19:15.28][INFO] CSegment:#3:test starting...
[19:15.28][INFO] CSegment:#2::Open, Connecting to server
[19:15.28][INFO] CSegment:#4:test starting...
[19:15.28][INFO] CSegment:#5:test starting...
[19:15.28][INFO] CSegment:#6:test starting...
[19:15.28][INFO] CSegment:#4::Open, Connecting to server
[19:15.28][INFO] CSegment:#7:test starting...
[19:15.28][INFO] CSegment:#3::Open, Connecting to server
[19:15.28][INFO] CSegment:#5::Open, Connecting to server
[19:15.28][INFO] CSegment:#8:test starting...
[19:15.28][INFO] CSegment:#9:test starting...
[19:15.28][INFO] CSegment:#7::Open, Connecting to server
[19:15.28][INFO] CSegment:#10:test starting...
[19:15.28][INFO] CSegment:#6::Open, Connecting to server
[19:15.28][INFO] CSegment:#9::Open, Connecting to server
[19:15.28][INFO] CSegment:#10::Open, Connecting to server
[19:15.28][INFO] CSegment:#8::Open, Connecting to server
[19:15.28][INFO] CSegment:#1:starting test download...
[19:15.28][INFO] CSegment:#2:starting test download...
[19:15.28][INFO] CSegment:#4:starting test download...
[19:15.28][INFO] CSegment:#3:starting test download...
[19:15.28][INFO] CDownloader:Starting download
[19:15.28][INFO] CDownloader:Runnig 10 segments...

[19:15.28][INFO] CSegment:#1:starting...
[19:15.28][INFO] CSegment:#2:starting...
[19:15.28][INFO] CSegment:#1::Open, Connecting to server
[19:15.28][INFO] CSegment:#3:starting...
[19:15.28][INFO] CSegment:#2::Open, Connecting to server
[19:15.28][INFO] CSegment:#4:starting...
[19:15.28][INFO] CSegment:#5:starting...
[19:15.28][INFO] CSegment:#6:starting...
[19:15.28][INFO] CSegment:#7:starting...
[19:15.28][INFO] CSegment:#8:starting...
[19:15.28][INFO] CSegment:#4::Open, Connecting to server
[19:15.28][INFO] CSegment:#6::Open, Connecting to server
[19:15.28][INFO] CSegment:#9:starting...
[19:15.28][INFO] CSegment:#8::Open, Connecting to server
[19:15.28][INFO] CSegment:#10:starting...
[19:15.28][INFO] CSegment:#10::Open, Connecting to server
[19:15.28][INFO] CSegment:#3::Open, Connecting to server
[19:15.28][INFO] CSegment:#5::Open, Connecting to server
[19:15.28][INFO] CSegment:#7::Open, Connecting to server
[19:15.28][INFO] CSegment:#9::Open, Connecting to server
[19:15.28][INFO] CSegment:#5:starting test download...
[19:15.28][INFO] CSegment:#7:starting test download...
[19:15.28][INFO] CSegment:#6:starting test download...
[19:15.29][INFO] CSegment:#9:starting test download...
[19:15.29][INFO] CSegment:#8:starting test download...
[19:15.29][INFO] CSegment:#10:starting test download...
[19:15.29][INFO] CSegment:#1:Dispose, starting
[19:15.29][INFO] CSegment:#1:Dispose, complete
[19:15.29][INFO] CSegment:#2:Dispose, starting
[19:15.29][INFO] CSegment:#2:Dispose, complete
[19:15.29][INFO] CSegment:#3:Dispose, starting
[19:15.29][INFO] CSegment:#3:Dispose, complete
[19:15.29][INFO] CSegment:#4:Dispose, starting
[19:15.29][INFO] CSegment:#4:Dispose, complete
[19:15.29][INFO] CSegment:#5:Dispose, starting
[19:15.29][INFO] CSegment:#5:Dispose, complete
[19:15.29][INFO] CSegment:#6:Dispose, starting
[19:15.29][INFO] CSegment:#6:Dispose, complete
[19:15.29][INFO] CSegment:#7:Dispose, starting
[19:15.29][INFO] CSegment:#7:Dispose, complete
[19:15.29][INFO] CSegment:#8:Dispose, starting
[19:15.29][INFO] CSegment:#8:Dispose, complete
[19:15.29][INFO] CSegment:#9:Dispose, starting
[19:15.29][INFO] CSegment:#9:Dispose, complete
[19:15.29][INFO] CSegment:#10:Dispose, starting
[19:15.29][INFO] CSegment:#10:Dispose, complete
[19:15.29][INFO] CSession::Close()
[19:15.29][INFO] CSession::Close()
[19:15.29][INFO] CDownloader::DoRun, delete file.
[19:15.29][INFO] CDownloader:Download complete successfully
[19:15.29][INFO] CSegment:#1:starting download...
[19:15.29][INFO] CSegment:#2:starting download...
[19:15.29][INFO] CSegment:#5:starting download...
[19:15.29][INFO] CSegment:#6:starting download...
[19:15.29][INFO] CSegment:#4:starting download...
[19:15.29][INFO] CSegment:#3:starting download...
[19:15.29][INFO] CSegment:#8:starting download...
[19:15.29][INFO] CSegment:#7:starting download...
[19:15.29][INFO] CSegment:#9:starting download...
[19:15.33][ERROR] -1:CSegment:#10:m_hHttpFile == NULL
[19:15.33][ERROR] -400:CSegment:#10:InternetOpenUrl, failed, WIN_INET_ERROR:183
[19:15.55][ERROR] 0:CSegment:#8:::GetCurrentThreadId(): 404 Position(): 24909045

[19:15.55][ERROR] -100:CSegment:#8:failed to read internet resource data, WIN_INTET_ERROR: 183
[19:15.55][INFO] CSegment:#8:download failed, 27s left.
[19:16.27][ERROR] 0:CSegment:#1:::GetCurrentThreadId(): 1072 Position(): 1327104

[19:16.27][ERROR] -100:CSegment:#1:failed to read internet resource data, WIN_INTET_ERROR: 183
[19:16.27][INFO] CSegment:#1:download failed, 59s left.
[19:16.34][ERROR] 0:CSegment:#3:::GetCurrentThreadId(): 1080 Position(): 8419398

[19:16.34][ERROR] -100:CSegment:#3:failed to read internet resource data, WIN_INTET_ERROR: 183
[19:16.34][INFO] CSegment:#3:download failed, 66s left.
[19:17.35][INFO] CSegment:#7:download complete, 127s left.
[19:17.38][INFO] CDownloader:WaitAll, removing succed #7 segment
[19:17.38][INFO] CSegment:#7:Dispose, starting
[19:17.38][INFO] CSegment:#7:Dispose, complete
[19:17.38][WARNING] -400:CDownloader::WaitAll, restarting failed Segment #10
[19:17.38][INFO] CSegment:#10:starting...
[19:17.38][INFO] CSegment:#10::Open, Connecting to server
[19:17.39][INFO] CSegment:#10:starting download...
[19:17.40][INFO] CSegment:#9:download complete, 132s left.
[19:17.41][INFO] CSegment:#2:download complete, 133s left.
[19:17.41][INFO] CDownloader:WaitAll, removing succed #2 segment
[19:17.41][INFO] CSegment:#2:Dispose, starting
[19:17.41][INFO] CSegment:#2:Dispose, complete
[19:17.41][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #8
[19:17.41][INFO] CSegment:#8:starting...
[19:17.41][INFO] CSegment:#8::Open, Connecting to server
[19:17.41][INFO] CSegment:#8:starting download...
[19:17.41][INFO] CSegment:#4:download complete, 133s left.
[19:17.41][INFO] CDownloader:WaitAll, removing succed #4 segment
[19:17.41][INFO] CSegment:#4:Dispose, starting
[19:17.41][INFO] CSegment:#4:Dispose, complete
[19:17.41][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #1
[19:17.41][INFO] CSegment:#1:starting...
[19:17.41][INFO] CSegment:#1::Open, Connecting to server
[19:17.42][INFO] CSegment:#1:starting download...
[19:17.42][INFO] CSegment:#6:download complete, 134s left.
[19:17.42][INFO] CDownloader:WaitAll, removing succed #6 segment
[19:17.42][INFO] CSegment:#6:Dispose, starting
[19:17.42][INFO] CSegment:#6:Dispose, complete
[19:17.42][WARNING] -100:CDownloader::WaitAll, restarting failed Segment #3
[19:17.42][INFO] CSegment:#3:starting...
[19:17.42][INFO] CSegment:#3::Open, Connecting to server
[19:17.42][INFO] CSegment:#3:starting download...
[19:17.43][INFO] CDownloader:WaitAll, removing succed #9 segment
[19:17.43][INFO] CSegment:#9:Dispose, starting
[19:17.43][INFO] CSegment:#9:Dispose, complete
[19:17.47][INFO] CSegment:#5:download complete, 139s left.
[19:17.47][INFO] CDownloader:WaitAll, removing succed #5 segment
[19:17.47][INFO] CSegment:#5:Dispose, starting
[19:17.47][INFO] CSegment:#5:Dispose, complete
[19:18.00][INFO] CSegment:#1:download complete, 19s left.
[19:18.01][INFO] CDownloader:WaitAll, removing succed #1 segment
[19:18.01][INFO] CSegment:#1:Dispose, starting
[19:18.01][INFO] CSegment:#1:Dispose, complete
[19:18.01][INFO] CSegment:#3:download complete, 19s left.
[19:18.01][INFO] CDownloader:WaitAll, removing succed #3 segment
[19:18.01][INFO] CSegment:#3:Dispose, starting
[19:18.01][INFO] CSegment:#3:Dispose, complete
[19:18.05][INFO] CSegment:#8:download complete, 24s left.
[19:18.05][INFO] CDownloader:WaitAll, removing succed #8 segment
[19:18.05][INFO] CSegment:#8:Dispose, starting
[19:18.05][INFO] CSegment:#8:Dispose, complete
[19:18.08][INFO] CSegment:#10:download complete, 30s left.
[19:18.08][INFO] CDownloader:WaitAll, removing succed #10 segment
[19:18.08][INFO] CSegment:#10:Dispose, starting
[19:18.08][INFO] CSegment:#10:Dispose, complete
[19:18.08][INFO] CDownloader:Download complete successfully
[19:18.08][INFO] CDownloader:Setting default options
[19:18.08][INFO] CDownloader:Started ThreadExecute
[19:18.08][INFO] CDownloader::SetConnectionTimeout(7000)
[19:18.08][INFO] CDownloader:ThreadExecute after CDlgDownload::m_hSection
[19:18.08][INFO] CDownloader::SetConnectionTimeout(7000)
[19:18.08][INFO] CDownloader::SetConnectionTimeout(7000), succeed
[19:18.08][INFO] CDownloader::SetMaxRetires(5), succeed
[19:18.08][INFO] CDownloader::SetConnectionTimeout(500), succeed
[19:18.08][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...g/Page_2_en.png
[19:18.08][INFO] CDownloader::Close()
[19:18.08][INFO] CDownloader:Command line for MainInstaller: -sp"/ConfigurationFile:C:\Temp\CloudAvBootstrap.xml"
[19:18.08][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[19:18.08][INFO] CRequest::SetConnectionTimeout(500)
[19:18.08][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[19:18.08][INFO] CRequest::SetConnectionTimeout(500), succeed
[19:18.08][INFO] CRequest::SetConnectionTimeout(500)
[19:18.08][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[19:18.08][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[19:18.08][INFO] CDownloader::GetSession, Completed.
[19:18.08][INFO] CDownloader:Setting default options
[19:18.08][INFO] CDownloader::SetConnectionTimeout(7000)
[19:18.08][INFO] CDownloader::SetConnectionTimeout(7000)
[19:18.08][INFO] CDownloader::SetConnectionTimeout(7000), succeed
[19:18.08][INFO] CDownloader::SetMaxRetires(5), succeed
[19:18.08][INFO] CDownloader::SetConnectionTimeout(500), succeed
[19:18.08][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...g/Page_3_en.png
[19:18.08][INFO] CDownloader::Close()
[19:18.08][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[19:18.08][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[19:18.08][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[19:18.08][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[19:18.08][INFO] CDownloader:Connecting to server
[19:18.08][INFO] CDownloader::GetSession, Completed.
[19:18.08][INFO] CConnection::Open, Connecting to server
[19:18.08][INFO] CDownloader:Setting default options
[19:18.08][INFO] CDownloader:Connecting to server
[19:18.08][INFO] CDownloader::SetConnectionTimeout(7000)
[19:18.08][INFO] CDownloader::SetConnectionTimeout(7000)
[19:18.08][INFO] CDownloader::SetConnectionTimeout(7000), succeed
[19:18.08][INFO] CDownloader::SetMaxRetires(5), succeed
[19:18.08][INFO] CDownloader::SetConnectionTimeout(500), succeed
[19:18.08][INFO] CDownloader:DownloadUrl: http://acs.pandasoft...g/Page_4_en.png
[19:18.08][INFO] CDownloader::Close()
[19:18.08][INFO] CDownloader::GetSession, The web browser: firefox, detected as system default
[19:18.08][INFO] CConnection::Open, Connecting to server
[19:18.08][INFO] CDownloader::GetSession, Quering FireFox configuration settings...
[19:18.08][INFO] CDownloader::GetSession, Completed. The following: '' proxy server has been detected.
[19:18.08][INFO] CDownloader::GetSession, Creating session with dirrect connection.
[19:18.08][INFO] CDownloader::GetSession, Completed.
[19:18.08][INFO] CDownloader:Connecting to server
[19:18.08][INFO] CConnection::Open, Connecting to server
[19:18.08][INFO] CConnection::Open, complete
[19:18.08][INFO] CDownloader:File Name:
[19:18.08][INFO] CDownloader:{8D3FC8CB-F059-453D-A205-E3235FCCA20F}.png
[19:18.08][INFO] CDownloader:Testing Connection
[19:18.08][INFO] CDownloader:Starting download
[19:18.08][INFO] CDownloader:Runnig 1 segments...

[19:18.08][INFO] CSegment:#1:starting...
[19:18.08][INFO] CSegment:#1::Open, Connecting to server
[19:18.08][INFO] CConnection::Open, complete
[19:18.08][INFO] CDownloader:File Name:
[19:18.08][INFO] CDownloader:{2BD2AAB2-1BC9-4A22-ABDC-A4E23C5BB4B5}.png
[19:18.08][INFO] CDownloader:Testing Connection
[19:18.08][INFO] CDownloader:Starting download
[19:18.08][INFO] CDownloader:Runnig 1 segments...

[19:18.08][INFO] CSegment:#1:starting...
[19:18.08][INFO] CSegment:#1::Open, Connecting to server
[19:18.08][INFO] CConnection::Open, complete
[19:18.08][INFO] CDownloader:File Name:
[19:18.08][INFO] CDownloader:{F625BDBC-A584-4CDF-99BF-3B6B79AA9A29}.png
[19:18.08][INFO] CDownloader:Testing Connection
[19:18.08][INFO] CDownloader:Starting download
[19:18.08][INFO] CDownloader:Runnig 1 segments...

[19:18.08][INFO] CSegment:#1:starting...
[19:18.08][INFO] CSegment:#1::Open, Connecting to server
[19:18.08][INFO] CSegment:#1:starting download...
[19:18.08][INFO] CDownloader:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{41D7D6B5-FA63-4D7C-82E7-9E99B0981D2C}.exe
[19:18.08][INFO] CDownloader:Finish execute
[19:18.08][INFO] CSegment:#1:starting download...
[19:18.08][INFO] CSegment:#1:starting download...
[19:18.08][INFO] CSegment:#1:download complete, 0s left.
[19:18.08][INFO] CDownloader:WaitAll, removing succed #1 segment
[19:18.08][INFO] CSegment:#1:Dispose, starting
[19:18.08][INFO] CSegment:#1:Dispose, complete
[19:18.08][INFO] CDownloader:Download complete successfully
[19:18.08][INFO] CSegment:#1:download complete, 0s left.
[19:18.08][INFO] CDownloader:WaitAll, removing succed #1 segment
[19:18.08][INFO] CSegment:#1:Dispose, starting
[19:18.08][INFO] CSegment:#1:Dispose, complete
[19:18.08][INFO] CDownloader:Download complete successfully
[19:18.08][INFO] CSegment:#1:download complete, 0s left.
[19:18.08][INFO] CDownloader:WaitAll, removing succed #1 segment
[19:18.08][INFO] CSegment:#1:Dispose, starting
[19:18.08][INFO] CSegment:#1:Dispose, complete
[19:18.08][INFO] CDownloader:Download complete successfully
[19:18.23][INFO] CRequest::SetConnectionTimeout(500)
[19:18.23][INFO] CRequest::SetConnectionTimeout(500), succeed
[19:18.23][INFO] CRequest::SetConnectionTimeout(500)

#2 Broni Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 04:46 AM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 10h 30m 28s

Posted 04 November 2011 - 02:58 PM

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running tools or applying updates other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

============================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: http://www.appremover.com/
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode (How to...)

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
Do not reboot until instructed.
If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

#3 ProblemsRBad Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 04 November 2011 - 06:48 PM

ComboFix 11-11-04.02 - Administrator 11/04/2011 13:28:02.4.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.346 [GMT -4:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11\Check out Previous Winners.lnk
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11\Frequently Asked Questions.lnk
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11\How can I win $100,000.lnk
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11\How can I win $500 Today.lnk
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11\Shop To Win Privacy Policy.lnk
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11\Shop to Win Terms and Conditions.lnk
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11\Sweepstakes Official Rules.lnk
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11\Uninstall.lnk
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11\View My Shop to Win Account.lnk
c:\documents and settings\NetworkService\Start Menu\Programs\Shop to Win 11\Visit the Shop to Win Mall.lnk
c:\windows\system32\_000005_.tmp.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-10-04 to 2011-11-04 )))))))))))))))))))))))))))))))
.
.
2011-11-04 00:17 . 2011-11-04 00:17 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2011-11-03 21:55 . 2011-11-03 21:55 -------- d-----w- C:\temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-22 13:35 . 2010-02-24 23:09 114688 ----a-w- c:\windows\DUMP4c3b.tmp
2011-09-08 19:26 . 2010-02-24 23:09 106496 ----a-w- c:\windows\DUMP4863.tmp
2011-09-08 19:24 . 2010-02-24 23:09 106496 ----a-w- c:\windows\DUMP4a76.tmp
2011-09-06 13:20 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-03 17:08 . 2010-02-24 23:09 114688 ----a-w- c:\windows\DUMP51b9.tmp
2011-09-01 14:59 . 2010-02-24 23:09 114688 ----a-w- c:\windows\DUMP46ad.tmp
2011-08-31 21:00 . 2011-07-03 12:08 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-17 13:49 . 2008-04-14 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-15 16:09 . 2011-08-14 21:58 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-30 22:59 . 2011-07-18 18:50 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-10-14 19:46 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-10-14 19:50 114688 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-10-14 19:49 94208 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2011-06-16 11:55 6276408 ----a-w- e:\docume~1\fabz\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2004-10-14 19:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2010-06-14 23:10 153672 ----a-w- c:\program files\Logitech\Gaming Software\LWEMon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2010-11-11 18:55 159472 ----a-w- c:\program files\Zune\ZuneLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ZuneWlanCfgSvc"=3 (0x3)
"ZuneNetworkSvc"=3 (0x3)
"ZuneBusEnum"=2 (0x2)
"WMZuneComm"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"TomTomHOMEService"=2 (0x2)
"Secunia Update Agent"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"iPod Service"=3 (0x3)
"FlipShareServer"=2 (0x2)
"FlipShare Service"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\Documents and Settings\\fabz\\Messenger\\YahooMessenger.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"24726:TCP"= 24726:TCP:FlipShareServer
"24727:TCP"= 24727:TCP:FlipShareServer
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [7/17/2011 6:06 PM 218688]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [12/27/2010 12:19 AM 547744]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7/17/2011 9:20 PM 691696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/3/2011 8:09 AM 366152]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys --> c:\windows\system32\DRIVERS\avfwim.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/3/2011 8:08 AM 22216]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [4/14/2008 8:00 AM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504]
S4 FlipShareServer;FlipShare Server;c:\program files\Flip Video\FlipShareServer\FlipShareServer.exe [12/15/2010 1:22 PM 1085440]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/6/2011 1:25 AM 136176]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/6/2011 1:25 AM 136176]
S4 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [8/24/2010 5:38 AM 92008]
S4 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [11/11/2010 2:57 PM 268528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
bthsvc REG_MULTI_SZ btwdlns
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:50]
.
2011-11-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-06 05:25]
.
2011-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-06 05:25]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
TCP: DhcpNameServer = 192.168.69.1
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\yain7pud.default\
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-DAEMON Tools Pro Agent - c:\documents and settings\Amy\Desktop\DAEMON Tools Pro\DTProAgent.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\qttask.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-04 13:34
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1645522239-1682526488-1644491937-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1a,e0,fc,44,71,59,d9,45,a8,f9,39,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1a,e0,fc,44,71,59,d9,45,a8,f9,39,\
.
Completion time: 2011-11-04 13:37:50
ComboFix-quarantined-files.txt 2011-11-04 17:37
.
Pre-Run: 9,843,744,768 bytes free
Post-Run: 9,960,517,632 bytes free
.
- - End Of File - - 12A8A7803F9062C4E9EAC7D0D3E6469B

#4 Broni Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 04:46 AM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 10h 30m 28s

Posted 04 November 2011 - 06:56 PM

Looks good now.

Any current issues?

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Scan All Users checkbox.
Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

#5 ProblemsRBad Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 04 November 2011 - 08:09 PM

ok, well i have been doing all this scanning in safe mode, when it reboots i put into safe mode, because in reg. mode it still reboots. i have not try yet after this custom otl fix yet though but here the logs and im going to reboot into normal mode now and see how things are.

OTL logfile created on: 11/4/2011 3:59:48 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.07 Mb Total Physical Memory | 161.22 Mb Available Physical Memory | 32.11% Memory free
1.20 Gb Paging File | 0.99 Gb Available in Paging File | 82.42% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 9.30 Gb Free Space | 12.48% Space Free | Partition Type: NTFS
Drive E: | 152.66 Gb Total Space | 15.56 Gb Free Space | 10.19% Space Free | Partition Type: NTFS

Computer Name: AMYS | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/04 15:58:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2011/08/30 18:59:04 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2011/08/30 18:59:04 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2009/05/02 17:59:51 | 000,139,776 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/12/15 13:31:20 | 000,460,144 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/12/15 13:22:42 | 001,085,440 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2010/11/11 14:57:04 | 000,268,528 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2010/11/11 14:57:02 | 000,444,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/11/11 14:55:56 | 006,351,600 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010/11/11 14:55:56 | 000,057,072 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2010/08/24 05:38:18 | 000,092,008 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

========== Driver Services (SafeList) ==========

DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/17 21:20:47 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/07/17 18:06:51 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/04/27 19:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010/04/27 19:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010/04/27 19:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2007/05/23 05:15:00 | 000,547,744 | ---- | M] (D-Link Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\A3AB.sys -- (A3AB) D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB)
DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/07/14 11:45:20 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 8\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 8\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/01 11:20:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/18 14:50:16 | 000,000,000 | ---D | M]

[2011/06/30 19:04:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2011/11/03 17:10:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\yain7pud.default\extensions
[2011/09/01 11:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/07 01:12:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YAIN7PUD.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2011/07/07 01:11:44 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/12/27 01:42:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/08/30 18:59:04 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/07/07 01:11:43 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/30 15:41:02 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/11/04 13:34:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1309968471750 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB (DellSystem.Scanner)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.69.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{015CD00F-CAF9-40F5-8B1F-EC72337BF308}: DhcpNameServer = 68.87.77.134 68.87.72.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8CF6FB7-8BA8-4999-9DF2-43F5E069E8CA}: DhcpNameServer = 192.168.69.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/25 00:47:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/12/26 17:36:09 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/23 01:55:11 | 000,054,544 | ---- | M] (Electronic Arts) - E:\Autorun.exe -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/11/04 15:58:43 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/11/04 13:37:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/11/04 13:26:09 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/11/04 13:26:09 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/11/04 13:26:09 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/11/04 13:26:09 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/11/04 13:24:07 | 004,283,503 | R--- | C] (Swearware) -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2011/11/04 12:08:54 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/11/03 20:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2011/11/03 17:55:33 | 000,000,000 | ---D | C] -- C:\temp
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/04 15:58:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/11/04 13:34:52 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/11/04 13:25:31 | 004,283,503 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2011/11/04 13:09:52 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/04 13:06:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/04 12:10:23 | 000,502,986 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/04 12:10:23 | 000,086,878 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/04 12:04:22 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/04 12:00:42 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to iexplore.lnk
[2011/11/04 09:13:16 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MBR.dat
[2011/11/03 20:19:59 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/03 20:19:59 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/03 20:11:33 | 000,099,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/03 20:05:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/03 17:09:56 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/03 17:03:27 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2011/10/22 09:40:12 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/04 13:26:09 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/11/04 13:26:09 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/11/04 13:26:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/11/04 13:26:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/11/04 13:26:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/04 12:00:42 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Shortcut to iexplore.lnk
[2011/11/04 09:13:16 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MBR.dat
[2011/11/03 20:19:59 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/11/03 20:05:34 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/06/30 18:58:59 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/30 18:30:52 | 000,013,154 | -HS- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\7727v7t7ol15v
[2011/06/10 09:16:48 | 000,005,303 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/05/25 15:16:27 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011/03/28 18:21:55 | 000,318,456 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1645522239-1682526488-1644491937-1003-0.dat
[2011/03/28 18:21:51 | 000,089,914 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/02/18 23:40:13 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/01/15 14:31:56 | 000,000,000 | ---- | C] () -- C:\Program Files\temp01
[2011/01/11 14:51:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/01/02 04:23:32 | 000,014,188 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/28 22:03:03 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010/02/26 18:56:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/25 00:51:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/02/25 00:42:47 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/02/24 19:28:21 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/02/24 19:26:13 | 000,099,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 08:00:00 | 000,502,986 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 08:00:00 | 000,086,878 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/08/30 00:00:00 | 000,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll
[2005/08/30 00:00:00 | 000,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll
[2005/08/30 00:00:00 | 000,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll

========== LOP Check ==========

[2011/06/30 18:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search
[2011/07/09 02:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2011/01/26 09:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2011/11/03 17:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/07/17 18:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/07/17 21:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2011/07/17 11:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/12/25 11:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy2
[2011/04/29 20:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2010/03/29 18:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2010/12/27 11:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
[2011/02/15 23:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MTexturedStyles
[2010/12/13 14:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2010/12/28 02:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2011/01/02 04:19:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/26 23:23:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2010/02/25 00:47:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/06/30 19:17:19 | 000,000,245 | ---- | M] () -- C:\Boot.bak
[2011/11/03 17:03:27 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2011/11/04 13:37:51 | 000,011,334 | ---- | M] () -- C:\ComboFix.txt
[2010/02/25 00:47:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/04/29 21:32:16 | 000,000,000 | ---- | M] () -- C:\foo.txt
[2010/02/25 00:47:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/07/03 14:14:11 | 000,024,138 | ---- | M] () -- C:\JavaRa.log
[2011/04/29 20:56:12 | 000,001,015 | R--- | M] () -- C:\logFile.xsl
[2010/02/25 00:47:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 08:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/11/04 13:06:16 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2011/08/04 21:13:07 | 000,001,396 | ---- | M] () -- C:\SpnrLE.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2010/02/25 00:46:34 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2011/01/15 14:31:56 | 000,000,000 | ---- | M] () -- C:\Program Files\temp01

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2010/02/24 19:25:42 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010/02/24 19:25:42 | 001,089,536 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010/02/24 19:25:42 | 000,921,600 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/02/25 00:47:09 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/11/04 13:25:31 | 004,283,503 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
[2011/11/04 15:58:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
No captured output from command...

< dir /b "%systemroot%\*.exe" | find /i " " /c >
No captured output from command...

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011/11/04 14:47:21 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Administrator\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 23:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-24 23:00:41

========== Files - Unicode (All) ==========
[2008/04/14 08:00:00 | 000,000,000 | ---- | M] ()(C:\WINDOWS\System32\dllcache\win?sd.?xe) -- C:\WINDOWS\System32\dllcache\win♭sd.ɥxe
[2008/04/14 08:00:00 | 000,000,000 | ---- | C] ()(C:\WINDOWS\System32\dllcache\win?sd.?xe) -- C:\WINDOWS\System32\dllcache\win♭sd.ɥxe

< End of report >

-------------------------------------------------------------------------------------------------------------------------------------------------------------------

OTL Extras logfile created on: 11/4/2011 3:59:48 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.07 Mb Total Physical Memory | 161.22 Mb Available Physical Memory | 32.11% Memory free
1.20 Gb Paging File | 0.99 Gb Available in Paging File | 82.42% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 9.30 Gb Free Space | 12.48% Space Free | Partition Type: NTFS
Drive E: | 152.66 Gb Total Space | 15.56 Gb Free Space | 10.19% Space Free | Partition Type: NTFS

Computer Name: AMYS | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"24726:TCP" = 24726:TCP:*:Enabled:FlipShareServer
"24727:TCP" = 24727:TCP:*:Enabled:FlipShareServer

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"E:\Documents and Settings\fabz\Messenger\YahooMessenger.exe" = E:\Documents and Settings\fabz\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = The Sims 2 University
"{06B4468E-BFCE-49F2-94C1-F84219E8ED6E}" = Color Scheme Editor
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = The Sims™ 2 Mansion and Garden Stuff
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{297360EC-FAD7-4031-8FB5-3A7981BCA30B}_is1" = IMEA Sequencer version 1.4
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3BC8D2F1-8CA2-4AF9-99C7-8598AFFDEF8F}" = Thrillville™: '07
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{420DFB63-8AE7-F7D6-E4B4-AB6D140221F4}" = FlipShare
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{537575D6-3B96-474C-BD8F-DFF667363DBD}" = Naviextras Toolbox Prerequesities
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Teen Style Stuff
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{60D32CDC-E3BE-4578-BA10-29322307CDDC}" = Logitech Gaming Software 5.10
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Family Fun Stuff
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6CB35178-9E25-48fb-9F86-E40ADC7043B6}" = The Sims™ 2 Best of Business Collection
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Home Stuff
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 FreeTime
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8E7D0A7F-B85F-44DC-8C1C-2A2C27BAEA0B}_is1" = Psycle 1.8.8
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims 2 Glamour Life Stuff
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D77A09-10EA-4574-8C09-9B6E1A21C95F}" = Virus Guard - powered by BitDefender
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Apartment Life
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C22E50B4-B9D0-4a07-B1F3-12362514FEA7}" = The Sims™ 2 Double Deluxe
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"BitTorrent" = BitTorrent
"Buzz_is1" = Buzz
"CCleaner" = CCleaner
"Cooking Academy 2 World Cuisine1.0.1" = Cooking Academy 2 World Cuisine
"County Fair1.0.10" = County Fair
"daHornet VSTi V1.34_is1" = daHornet Version 1.34
"DarkWave Studio" = DarkWave Studio 3.2.7
"DDDP_is1" = discoDSP Discovery Pro
"EADM" = EA Download Manager
"ES DGenR8 VST" = ES DGenR8 VST 2.9.5
"ESET Online Scanner" = ESET Online Scanner v3
"Frohmage VST2" = OhmForce Frohmage VST2
"Hamster Free Video Converter_is1" = HamsterFreeVideoConverter
"HospitalTycoon" = Hospital Tycoon
"ie8" = Windows Internet Explorer 8
"InstallShield_{3BC8D2F1-8CA2-4AF9-99C7-8598AFFDEF8F}" = Thrillville™: '07
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"Live 8.2.1" = Live 8.2.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MeldaProduction Free VST Effects" = MeldaProduction Free VST Effects
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"mmssetup_is1" = MixMeister Studio Demo 7.4.4
"Mozilla Firefox 6.0.1 (x86 en-US)" = Mozilla Firefox 6.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Naviextras Toolbox" = Naviextras Toolbox
"TomTom HOME" = TomTom HOME 2.7.6.2056
"TRIP LiveSticks1.0.6" = LiveSticks1.0.6
"Unlocker" = Unlocker 1.8.8
"VLC media player" = VLC media player 1.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"Yahoo! Messenger" = Yahoo! Messenger
"Zune" = Zune

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:41 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3015
Description = The transaction file cannot be read. Context: Application, SystemIndex
Catalog Details: Unable to complete the requested operation because of either a catastrophic
media failure or a data structure corruption on the disk. (0x8007054e)

Error - 11/3/2011 8:08:41 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3025
Description = Critical error 9 occurred, and the index was shut down. The system
is probably low on resources. Free up resources and restart the service. Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

[ Application Events ]
Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:41 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3015
Description = The transaction file cannot be read. Context: Application, SystemIndex
Catalog Details: Unable to complete the requested operation because of either a catastrophic
media failure or a data structure corruption on the disk. (0x8007054e)

Error - 11/3/2011 8:08:41 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3025
Description = Critical error 9 occurred, and the index was shut down. The system
is probably low on resources. Free up resources and restart the service. Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

[ Application Events ]
Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:38 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3011
Description = The transaction cannot be updated in the queue. File: C:\Documents
and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy8.gthr.

Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

Error - 11/3/2011 8:08:41 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3015
Description = The transaction file cannot be read. Context: Application, SystemIndex
Catalog Details: Unable to complete the requested operation because of either a catastrophic
media failure or a data structure corruption on the disk. (0x8007054e)

Error - 11/3/2011 8:08:41 PM | Computer Name = AMYS | Source = Windows Search Service | ID = 3025
Description = Critical error 9 occurred, and the index was shut down. The system
is probably low on resources. Free up resources and restart the service. Context:
Application, SystemIndex Catalog Details: Unable to complete the requested operation
because of either a catastrophic media failure or a data structure corruption on
the disk. (0x8007054e)

[ System Events ]
Error - 11/3/2011 8:32:29 PM | Computer Name = AMYS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm PCIIde sptd ssmdrv

Error - 11/3/2011 8:32:57 PM | Computer Name = AMYS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/3/2011 9:14:09 PM | Computer Name = AMYS | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 11/4/2011 12:03:13 PM | Computer Name = AMYS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/4/2011 12:05:10 PM | Computer Name = AMYS | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 80593a2f, parameter3
a986e8a0, parameter4 00000000.

Error - 11/4/2011 12:21:32 PM | Computer Name = AMYS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 11/4/2011 1:03:32 PM | Computer Name = AMYS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 11/4/2011 1:06:38 PM | Computer Name = AMYS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 11/4/2011 1:08:01 PM | Computer Name = AMYS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm sptd ssmdrv

Error - 11/4/2011 1:10:10 PM | Computer Name = AMYS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

[ System Events ]
Error - 11/3/2011 8:32:29 PM | Computer Name = AMYS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm PCIIde sptd ssmdrv

Error - 11/3/2011 8:32:57 PM | Computer Name = AMYS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/3/2011 9:14:09 PM | Computer Name = AMYS | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 11/4/2011 12:03:13 PM | Computer Name = AMYS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/4/2011 12:05:10 PM | Computer Name = AMYS | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 80593a2f, parameter3
a986e8a0, parameter4 00000000.

Error - 11/4/2011 12:21:32 PM | Computer Name = AMYS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 11/4/2011 1:03:32 PM | Computer Name = AMYS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 11/4/2011 1:06:38 PM | Computer Name = AMYS | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .

Error - 11/4/2011 1:08:01 PM | Computer Name = AMYS | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm sptd ssmdrv

Error - 11/4/2011 1:10:10 PM | Computer Name = AMYS | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

< End of report >

#6 ProblemsRBad Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 04 November 2011 - 08:56 PM

I rebooted in reg. mode in the only user account Amy and still rebooting loop after desktop loads. I have been doing all this scans and posting in safe mode as administrator.

#7 Broni Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 04:46 AM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 10h 30m 28s

Posted 04 November 2011 - 09:31 PM

At this point I don't see anything malicious anymore.
In fact not much has been found so far.

When you boot to normal mode how far does it go?
If it boots all the way how soon will it reboot?

Is it desktop, or laptop?
If desktop when was the very last time you cleaned inside the case using a can of compressed air?

#8 ProblemsRBad Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 04 November 2011 - 09:40 PM

it go's all the way. everything loads on the desktop then it just reboots about 2 min. later. i can use the fierfox or other programs like normal it just reboots. its a dell desktop i think it has not been cleaned for a while. when i boot into safe mode should i pick the user account amy or the administrator account? i been using the administrator, when i load into reg. mode there is no choice to pick administrator just 1 user amy

#9 Broni Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 04:46 AM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 10h 30m 28s

Posted 04 November 2011 - 10:43 PM

Those accounts don't matter at this point.
I'm 99% sure we're not dealing with any infection anymore.

I suspect the computer is either overheating, or you have some other hardware issue.

Since we have to start somewhere I suggest you get a can of compressed air (do NOT use anything else!).
Turn the computer off, open the case and clean it well inside paying special attention to cleaning all fans and CPU housing.
When done, with the case still open, turn the computer on and see if all fans are running.

#10 ProblemsRBad Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 04 November 2011 - 10:53 PM

ok thanks i will do that, need to get a can of duster will let you know how it go's tomorrow

#11 Broni Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 04:46 AM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 10h 30m 28s

Posted 04 November 2011 - 10:54 PM

I'll be around :)

#12 ProblemsRBad Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 05 November 2011 - 12:34 AM

well i managed to get a windows error report that contains this files:

C:\DOCUME~1\Amy\LOCALS~1\Temp\WERa530.dir00\Mini110311-11.dmp
C:\DOCUME~1\Amy\LOCALS~1\Temp\WERa530.dir00\sysdata.xml

i noticed that when i send the error report the machine would reboot. so i clicked dont send and the machine did not reboot but then the error report still popped up with the same file content about 3-4 times.

this a different software error report poped up about .netframework 2.0

im not sure whats going on but if i send the error report the machine reboots and if i dont send it dont reboot.

#13 Broni Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 04:46 AM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 10h 30m 28s

Posted 05 November 2011 - 12:37 AM

You can do the following from Safe Mode with Networking....

Download BlueScreenView (in Zip file)
No installation required.
Unzip downloaded file and double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit>Select All.
Go File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

#14 ProblemsRBad Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 05 November 2011 - 01:12 AM

==================================================
Dump File : Mini110411-09.dmp
Crash Time : 11/4/2011 9:05:35 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xa99904d8
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0xa99904d8
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+7058
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address :
Stack Address 1 : tcpip.sys+7058
Stack Address 2 : tcpip.sys+a0e
Stack Address 3 : tcpip.sys+955
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-09.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-08.dmp
Crash Time : 11/4/2011 8:50:28 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x0000001c
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80540585
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+69585
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+69585
Stack Address 1 : ntoskrnl.exe+5312a
Stack Address 2 : ntoskrnl.exe+1a353
Stack Address 3 : ntoskrnl.exe+1f2f9
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-08.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-07.dmp
Crash Time : 11/4/2011 7:56:02 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc000001d
Parameter 2 : 0xaa6a2252
Parameter 3 : 0xf89d7bf8
Parameter 4 : 0xf89d78f4
Caused By Driver : netbt.sys
Caused By Address : netbt.sys+c252
File Description : MBT Transport driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Processor : 32-bit
Crash Address : netbt.sys+c252
Stack Address 1 : netbt.sys+6197
Stack Address 2 : netbt.sys+8677
Stack Address 3 : netbt.sys+1d56c
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-07.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-06.dmp
Crash Time : 11/4/2011 7:45:58 PM
Bug Check String : NTFS_FILE_SYSTEM
Bug Check Code : 0x00000024
Parameter 1 : 0x001902fe
Parameter 2 : 0xf89eb9a4
Parameter 3 : 0xf89eb6a0
Parameter 4 : 0x804f5d09
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+dff0
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : Ntfs.sys+dff0
Stack Address 2 : Ntfs.sys+546d4
Stack Address 3 : ntoskrnl.exe+a3eb
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-05.dmp
Crash Time : 11/4/2011 7:18:24 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 0x00000003
Parameter 2 : 0x82117020
Parameter 3 : 0x82117194
Parameter 4 : 0x8060577e
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+15f10d
Stack Address 2 : ntoskrnl.exe+12e73c
Stack Address 3 : ntoskrnl.exe+699f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-04.dmp
Crash Time : 11/4/2011 7:15:45 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xaa60c081
Parameter 3 : 0xa9b51b5e
Parameter 4 : 0x00000000
Caused By Driver : mrxsmb.sys
Caused By Address : mrxsmb.sys+33081
File Description : Windows NT SMB Minirdr
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6133 (xpsp_sp3_gdr.110715-1625)
Processor : 32-bit
Crash Address : mrxsmb.sys+33081
Stack Address 1 : mrxsmb.sys+66d11
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-03.dmp
Crash Time : 11/4/2011 4:13:58 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x3f3f3f3f
Parameter 3 : 0xf89d3b80
Parameter 4 : 0xf89d387c
Caused By Driver : srv.sys
Caused By Address : srv.sys+50f81
File Description : Server driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6082 (xpsp_sp3_gdr.110217-1622)
Processor : 32-bit
Crash Address :
Stack Address 1 : srv.sys+50d21
Stack Address 2 : ntoskrnl.exe+d1489
Stack Address 3 : ntoskrnl.exe+de3d9
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-02.dmp
Crash Time : 11/4/2011 1:05:10 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x804e1b15
Caused By Driver : psched.sys
Caused By Address : psched.sys+40a
File Description : MS QoS Packet Scheduler
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Processor : 32-bit
Crash Address : ntoskrnl.exe+ab15
Stack Address 1 : psched.sys+797c
Stack Address 2 : psched.sys+7c10
Stack Address 3 : NDIS.sys+19c6a
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 106,496
==================================================

==================================================
Dump File : Mini110411-01.dmp
Crash Time : 11/4/2011 12:20:42 PM
Bug Check String : PFN_LIST_CORRUPT
Bug Check Code : 0x0000004e
Parameter 1 : 0x00000099
Parameter 2 : 0x0001bdf1
Parameter 3 : 0x00000001
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+52c91
Stack Address 2 : ntoskrnl.exe+29489
Stack Address 3 : ntoskrnl.exe+b7c50
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-11.dmp
Crash Time : 11/3/2011 8:14:09 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x0000001c
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80540585
Caused By Driver : hal.dll
Caused By Address : hal.dll+2106
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+69585
Stack Address 1 : ntoskrnl.exe+5312a
Stack Address 2 : ntoskrnl.exe+1a353
Stack Address 3 : ntoskrnl.exe+1f2f9
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-11.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-10.dmp
Crash Time : 11/3/2011 8:11:30 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x80593a2f
Parameter 3 : 0xa986e8a0
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+bca2f
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bca2f
Stack Address 1 : ntoskrnl.exe+bcc91
Stack Address 2 : ntoskrnl.exe+bce16
Stack Address 3 : ntoskrnl.exe+bcb54
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-10.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-09.dmp
Crash Time : 11/3/2011 8:02:05 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x4759336d
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0xaa7145e1
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+85e1
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : tcpip.sys+85e1
Stack Address 1 : tcpip.sys+1c9c4
Stack Address 2 : tcpip.sys+1ca71
Stack Address 3 : tcpip.sys+6768
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-09.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-08.dmp
Crash Time : 11/3/2011 5:19:44 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x0000db75
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80702a16
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a16
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+2a16
Stack Address 1 : Ntfs.sys+849
Stack Address 2 : Ntfs.sys+207b1
Stack Address 3 : Ntfs.sys+2482e
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-08.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-07.dmp
Crash Time : 11/3/2011 5:16:23 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x80593341
Parameter 3 : 0xa9ac16dc
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+bc341
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bc341
Stack Address 1 : ntoskrnl.exe+bc38f
Stack Address 2 : ntoskrnl.exe+bc433
Stack Address 3 : ntoskrnl.exe+9b7d6
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-07.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-06.dmp
Crash Time : 11/3/2011 5:07:40 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x0000303b
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804e1af6
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+41ee
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+aaf6
Stack Address 1 : ntoskrnl.exe+f634
Stack Address 2 : tcpip.sys+41ee
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-05.dmp
Crash Time : 11/3/2011 5:05:34 PM
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 0x00000020
Parameter 2 : 0xe304faf0
Parameter 3 : 0xe304faf0
Parameter 4 : 0x0c000001
Caused By Driver : aswSnx.SYS
Caused By Address : aswSnx.SYS+5f510
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+7afc5
Stack Address 2 : aswSnx.SYS+36b8e
Stack Address 3 : aswSnx.SYS+36c53
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-04.dmp
Crash Time : 11/3/2011 4:58:24 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x89f39e03
Parameter 2 : 0x00000001
Parameter 3 : 0xf876564d
Parameter 4 : 0x00000000
Caused By Driver : HIDCLASS.SYS
Caused By Address : HIDCLASS.SYS+164d
File Description : Hid Class Library
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Crash Address : HIDCLASS.SYS+164d
Stack Address 1 : HIDCLASS.SYS+1957
Stack Address 2 : ntoskrnl.exe+a3eb
Stack Address 3 : ntoskrnl.exe+abad7
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-03.dmp
Crash Time : 11/3/2011 4:57:08 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xaa59baa8
Parameter 3 : 0xf5beacc0
Parameter 4 : 0xf5bea9bc
Caused By Driver : aswSP.SYS
Caused By Address : aswSP.SYS+caa8
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSP.SYS+caa8
Stack Address 1 : ntoskrnl.exe+9f316
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-02.dmp
Crash Time : 11/3/2011 4:20:19 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xaa554e85
Parameter 3 : 0xaa3a6ca0
Parameter 4 : 0x00000000
Caused By Driver : aswSnx.SYS
Caused By Address : aswSnx.SYS+35e85
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSnx.SYS+35e85
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-01.dmp
Crash Time : 11/3/2011 4:07:47 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa210a6b8
Parameter 2 : 0x00000000
Parameter 3 : 0xf861b408
Parameter 4 : 0x00000000
Caused By Driver : imapi.sys
Caused By Address : imapi.sys+7408
File Description : IMAPI Kernel Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Crash Address : imapi.sys+7408
Stack Address 1 : ntoskrnl.exe+a3eb
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini102211-01.dmp
Crash Time : 10/22/2011 9:38:37 AM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 0x00000003
Parameter 2 : 0x8213e268
Parameter 3 : 0x8213e3dc
Parameter 4 : 0x8060577e
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+15f10d
Stack Address 2 : ntoskrnl.exe+12e73c
Stack Address 3 : ntoskrnl.exe+699f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini102211-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090811-02.dmp
Crash Time : 9/8/2011 3:36:09 PM
Bug Check String : CONFIG_LIST_FAILED
Bug Check Code : 0x00000073
Parameter 1 : 0x00000001
Parameter 2 : 0xc000017d
Parameter 3 : 0x00000004
Parameter 4 : 0xf8a43bb8
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+140046
Stack Address 2 : ntoskrnl.exe+f1c94
Stack Address 3 : ntoskrnl.exe+f1cdd
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090811-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 106,496
==================================================

==================================================
Dump File : Mini090811-01.dmp
Crash Time : 9/8/2011 3:19:00 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x805515a1
Parameter 3 : 0xaa495b28
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7a5a1
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+7a5a1
Stack Address 1 : ntoskrnl.exe+b9550
Stack Address 2 : ntoskrnl.exe+b97c8
Stack Address 3 : ntoskrnl.exe+b9809
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090811-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-10.dmp
Crash Time : 9/5/2011 5:56:49 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xaa5b1eb0
Parameter 3 : 0xf872388c
Parameter 4 : 0x00000000
Caused By Driver : aswSP.SYS
Caused By Address : aswSP.SYS+22eb0
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSP.SYS+22eb0
Stack Address 1 : aswMon2.SYS+861f
Stack Address 2 : aswMon2.SYS+6780
Stack Address 3 : aswMon2.SYS+6ba2
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-10.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-09.dmp
Crash Time : 9/5/2011 5:36:52 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00008300
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80702a2a
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a2a
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+2a2a
Stack Address 1 : mrxsmb.sys+3691d
Stack Address 2 : mrxsmb.sys+3783e
Stack Address 3 : mrxsmb.sys+386b6
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-09.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-08.dmp
Crash Time : 9/5/2011 5:34:57 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x00001382
Parameter 3 : 0xaa17a9dc
Parameter 4 : 0x00000000
Caused By Driver : mrxsmb.sys
Caused By Address : mrxsmb.sys+33cf5
File Description : Windows NT SMB Minirdr
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6133 (xpsp_sp3_gdr.110715-1625)
Processor : 32-bit
Crash Address :
Stack Address 1 : ntoskrnl.exe+a3eb
Stack Address 2 : ntoskrnl.exe+9603b
Stack Address 3 : ntoskrnl.exe+991e7
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-08.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-07.dmp
Crash Time : 9/5/2011 5:34:00 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000070
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804d804f
Caused By Driver : aswSP.SYS
Caused By Address : aswSP.SYS+9f01
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : ntoskrnl.exe+104f
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-07.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-06.dmp
Crash Time : 9/5/2011 5:30:37 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0xffbb672c
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80702a16
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a16
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+2a16
Stack Address 1 : Ntfs.sys+849
Stack Address 2 : Ntfs.sys+207b1
Stack Address 3 : Ntfs.sys+2482e
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-05.dmp
Crash Time : 9/5/2011 5:23:38 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 0x00000003
Parameter 2 : 0x8213ec00
Parameter 3 : 0x8213ed74
Parameter 4 : 0x8060577e
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+15f10d
Stack Address 2 : ntoskrnl.exe+12e73c
Stack Address 3 : ntoskrnl.exe+699f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-04.dmp
Crash Time : 9/5/2011 5:09:14 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xaa5d4c7f
Parameter 2 : 0x00000000
Parameter 3 : 0xaa5d4c7f
Parameter 4 : 0x00000000
Caused By Driver : aswSP.SYS
Caused By Address : aswSP.SYS+45c7f
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSP.SYS+45c7f
Stack Address 1 : mrxsmb.sys+3161e
Stack Address 2 : mrxsmb.sys+31855
Stack Address 3 : ntoskrnl.exe+a3eb
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-03.dmp
Crash Time : 9/5/2011 5:07:21 PM
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 0x00041284
Parameter 2 : 0x7ffd7001
Parameter 3 : 0x000004df
Parameter 4 : 0xc0503000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+52ea2
Stack Address 2 : ntoskrnl.exe+1a150
Stack Address 3 : ntoskrnl.exe+1a353
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-02.dmp
Crash Time : 9/5/2011 5:02:21 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x005c0066
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80702a16
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a16
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+2a16
Stack Address 1 : Ntfs.sys+20a58
Stack Address 2 : ntoskrnl.exe+a56be
Stack Address 3 : ntoskrnl.exe+a585a
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-01.dmp
Crash Time : 9/5/2011 4:55:10 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xf8888784
Parameter 3 : 0xa9fe7be3
Parameter 4 : 0x00000000
Caused By Driver : Npfs.SYS
Caused By Address : Npfs.SYS+4784
File Description : NPFS Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : Npfs.SYS+4784
Stack Address 1 : ntoskrnl.exe+a3eb
Stack Address 2 : ntoskrnl.exe+a43d7
Stack Address 3 : ntoskrnl.exe+699f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090311-03.dmp
Crash Time : 9/3/2011 1:10:11 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x4e61c580
Parameter 3 : 0xf5ba28e4
Parameter 4 : 0x00000000
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+49eed
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address :
Stack Address 1 : tcpip.sys+a4b4
Stack Address 2 : ntoskrnl.exe+a3eb
Stack Address 3 : aswTdi.SYS+f62
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090311-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090311-01.dmp
Crash Time : 9/3/2011 1:06:30 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x18000004
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804dfcbe
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+8cbe
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+8cbe
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090311-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090211-03.dmp
Crash Time : 9/2/2011 2:09:20 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0x80000003
Parameter 2 : 0xaa594c46
Parameter 3 : 0xaa0cbb8c
Parameter 4 : 0x00000000
Caused By Driver : aswSP.SYS
Caused By Address : aswSP.SYS+5c47
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSP.SYS+5c47
Stack Address 1 : aswSP.SYS+668d
Stack Address 2 : ntoskrnl.exe+a3eb
Stack Address 3 : ntoskrnl.exe+abad7
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090211-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090211-02.dmp
Crash Time : 9/2/2011 2:00:20 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x80593341
Parameter 3 : 0xf8803bf4
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+bc341
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bc341
Stack Address 1 : ntoskrnl.exe+bc38f
Stack Address 2 : ntoskrnl.exe+18657b
Stack Address 3 : ntoskrnl.exe+185967
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090211-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090211-01.dmp
Crash Time : 9/2/2011 1:40:11 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x88007000
Parameter 2 : 0x00000001
Parameter 3 : 0xffa95937
Parameter 4 : 0x00000000
Caused By Driver : aswSnx.SYS
Caused By Address : aswSnx.SYS+4e2b
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address :
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090211-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 106,496
==================================================

==================================================
Dump File : Mini090111-06.dmp
Crash Time : 9/1/2011 3:30:24 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000001
Parameter 4 : 0x804ddf4d
Caused By Driver : USBPORT.SYS
Caused By Address : USBPORT.SYS+6fc2
File Description : USB 1.1 & 2.0 Port Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Crash Address : ntoskrnl.exe+6f4d
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090111-05.dmp
Crash Time : 9/1/2011 11:42:36 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc000001d
Parameter 2 : 0xaa64d6f0
Parameter 3 : 0xf7e81c78
Parameter 4 : 0xf7e81974
Caused By Driver : rdbss.sys
Caused By Address : rdbss.sys+46f0
File Description : Redirected Drive Buffering SubSystem Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : rdbss.sys+46f0
Stack Address 1 : mrxsmb.sys+7e8
Stack Address 2 : rdbss.sys+4b1
Stack Address 3 : rdbss.sys+17526
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090111-04.dmp
Crash Time : 9/1/2011 11:41:02 AM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xf888a014
Parameter 3 : 0xa9dfdb10
Parameter 4 : 0x00000000
Caused By Driver : Npfs.SYS
Caused By Address : Npfs.SYS+6014
File Description : NPFS Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : Npfs.SYS+6014
Stack Address 1 : Npfs.SYS+5cd3
Stack Address 2 : Npfs.SYS+5dd3
Stack Address 3 : ntoskrnl.exe+a3eb
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090111-03.dmp
Crash Time : 9/1/2011 10:51:50 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xfbe6f2a1
Parameter 2 : 0x00000000
Parameter 3 : 0xaa52a7b8
Parameter 4 : 0x00000000
Caused By Driver : aswSnx.SYS
Caused By Address : aswSnx.SYS+b7b8
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSnx.SYS+b7b8
Stack Address 1 : aswSnx.SYS+26ab9
Stack Address 2 : aswSnx.SYS+7891
Stack Address 3 : aswSnx.SYS+154f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090111-02.dmp
Crash Time : 9/1/2011 10:49:12 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xcd26ec76
Parameter 2 : 0x00000000
Parameter 3 : 0xcd26ec76
Parameter 4 : 0x00000000
Caused By Driver :
Caused By Address :
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address :
Stack Address 1 : ntoskrnl.exe+b7e2e
Stack Address 2 : ntoskrnl.exe+b766a
Stack Address 3 : ntoskrnl.exe+b7dda
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090111-01.dmp
Crash Time : 9/1/2011 10:37:05 AM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0x80000004
Parameter 2 : 0x804dca60
Parameter 3 : 0xaa10dc04
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+5a60
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+5a60
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini083111-01.dmp
Crash Time : 8/31/2011 3:47:41 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x900c5cc6
Parameter 2 : 0x00000000
Parameter 3 : 0x80579a98
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+a2a98
Stack Address 1 : Ntfs.sys+24f2d
Stack Address 2 : Ntfs.sys+24cd8
Stack Address 3 : Ntfs.sys+2403f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini083111-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 106,496
==================================================

#15 Broni Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 04:46 AM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 10h 30m 28s

Posted 05 November 2011 - 01:25 AM

It's very inconclusive.
We're various type of errors and various system files involved.
My previous assessment stands.
That kind of variety can be caused by an overheating or other hardware issues.

I'll wait for your cleaning results.

#16 ProblemsRBad Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 05 November 2011 - 01:42 AM

okay i will get that done tomorrow :) thanks

#17 ProblemsRBad Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 05 November 2011 - 06:38 PM

ok i opened it up and cleaned the massive amouts of dust out, the fans all work. booted up into reg. windows got windows error report did not send it but after about 10 min. the system rebooted again.

#18 Broni Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 04:46 AM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 10h 30m 28s

Posted 05 November 2011 - 10:03 PM

Post new BlueScreenView report.

Then....

Download and install SIW Multilanguage With Installer (SIW free version) (bottom of the screen)

Run the tool.
After it scans your computer, navigate to Hardware>Sensors and post all info from there.

Posted Image

#19 ProblemsRBad Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Member

161 posts
Joined: June 23, 2011
15 topics
Skin: IP.Board
Local time: 06:46 AM

Zodiac:Aries
OS:Windows 7
Country:

Offline

Time Online: 3d 20h 16m 27s

Posted 06 November 2011 - 12:51 AM

well i did the scan but in safe mode and it dont show the cpu temp. check in reg. mode and its the same thing.

==================================================
Dump File : Mini110511-01.dmp
Crash Time : 11/5/2011 2:11:25 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0xa9bc6ffc
Parameter 2 : 0x000000ff
Parameter 3 : 0x00000000
Parameter 4 : 0x804dc9b1
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+59b1
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+59b1
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110511-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-09.dmp
Crash Time : 11/4/2011 9:05:35 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xa99904d8
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0xa99904d8
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+7058
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address :
Stack Address 1 : tcpip.sys+7058
Stack Address 2 : tcpip.sys+a0e
Stack Address 3 : tcpip.sys+955
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-09.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-08.dmp
Crash Time : 11/4/2011 8:50:28 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x0000001c
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80540585
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+69585
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+69585
Stack Address 1 : ntoskrnl.exe+5312a
Stack Address 2 : ntoskrnl.exe+1a353
Stack Address 3 : ntoskrnl.exe+1f2f9
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-08.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-07.dmp
Crash Time : 11/4/2011 7:56:02 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc000001d
Parameter 2 : 0xaa6a2252
Parameter 3 : 0xf89d7bf8
Parameter 4 : 0xf89d78f4
Caused By Driver : netbt.sys
Caused By Address : netbt.sys+c252
File Description : MBT Transport driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Processor : 32-bit
Crash Address : netbt.sys+c252
Stack Address 1 : netbt.sys+6197
Stack Address 2 : netbt.sys+8677
Stack Address 3 : netbt.sys+1d56c
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-07.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-06.dmp
Crash Time : 11/4/2011 7:45:58 PM
Bug Check String : NTFS_FILE_SYSTEM
Bug Check Code : 0x00000024
Parameter 1 : 0x001902fe
Parameter 2 : 0xf89eb9a4
Parameter 3 : 0xf89eb6a0
Parameter 4 : 0x804f5d09
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+dff0
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : Ntfs.sys+dff0
Stack Address 2 : Ntfs.sys+546d4
Stack Address 3 : ntoskrnl.exe+a3eb
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-05.dmp
Crash Time : 11/4/2011 7:18:24 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 0x00000003
Parameter 2 : 0x82117020
Parameter 3 : 0x82117194
Parameter 4 : 0x8060577e
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+15f10d
Stack Address 2 : ntoskrnl.exe+12e73c
Stack Address 3 : ntoskrnl.exe+699f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-04.dmp
Crash Time : 11/4/2011 7:15:45 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xaa60c081
Parameter 3 : 0xa9b51b5e
Parameter 4 : 0x00000000
Caused By Driver : mrxsmb.sys
Caused By Address : mrxsmb.sys+33081
File Description : Windows NT SMB Minirdr
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6133 (xpsp_sp3_gdr.110715-1625)
Processor : 32-bit
Crash Address : mrxsmb.sys+33081
Stack Address 1 : mrxsmb.sys+66d11
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-03.dmp
Crash Time : 11/4/2011 4:13:58 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x3f3f3f3f
Parameter 3 : 0xf89d3b80
Parameter 4 : 0xf89d387c
Caused By Driver : srv.sys
Caused By Address : srv.sys+50f81
File Description : Server driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6082 (xpsp_sp3_gdr.110217-1622)
Processor : 32-bit
Crash Address :
Stack Address 1 : srv.sys+50d21
Stack Address 2 : ntoskrnl.exe+d1489
Stack Address 3 : ntoskrnl.exe+de3d9
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110411-02.dmp
Crash Time : 11/4/2011 1:05:10 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x804e1b15
Caused By Driver : psched.sys
Caused By Address : psched.sys+40a
File Description : MS QoS Packet Scheduler
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Processor : 32-bit
Crash Address : ntoskrnl.exe+ab15
Stack Address 1 : psched.sys+797c
Stack Address 2 : psched.sys+7c10
Stack Address 3 : NDIS.sys+19c6a
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 106,496
==================================================

==================================================
Dump File : Mini110411-01.dmp
Crash Time : 11/4/2011 12:20:42 PM
Bug Check String : PFN_LIST_CORRUPT
Bug Check Code : 0x0000004e
Parameter 1 : 0x00000099
Parameter 2 : 0x0001bdf1
Parameter 3 : 0x00000001
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+52c91
Stack Address 2 : ntoskrnl.exe+29489
Stack Address 3 : ntoskrnl.exe+b7c50
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110411-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-11.dmp
Crash Time : 11/3/2011 8:14:09 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x0000001c
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80540585
Caused By Driver : hal.dll
Caused By Address : hal.dll+2106
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+69585
Stack Address 1 : ntoskrnl.exe+5312a
Stack Address 2 : ntoskrnl.exe+1a353
Stack Address 3 : ntoskrnl.exe+1f2f9
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-11.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-10.dmp
Crash Time : 11/3/2011 8:11:30 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x80593a2f
Parameter 3 : 0xa986e8a0
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+bca2f
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bca2f
Stack Address 1 : ntoskrnl.exe+bcc91
Stack Address 2 : ntoskrnl.exe+bce16
Stack Address 3 : ntoskrnl.exe+bcb54
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-10.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-09.dmp
Crash Time : 11/3/2011 8:02:05 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x4759336d
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0xaa7145e1
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+85e1
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : tcpip.sys+85e1
Stack Address 1 : tcpip.sys+1c9c4
Stack Address 2 : tcpip.sys+1ca71
Stack Address 3 : tcpip.sys+6768
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-09.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-08.dmp
Crash Time : 11/3/2011 5:19:44 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x0000db75
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80702a16
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a16
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+2a16
Stack Address 1 : Ntfs.sys+849
Stack Address 2 : Ntfs.sys+207b1
Stack Address 3 : Ntfs.sys+2482e
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-08.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-07.dmp
Crash Time : 11/3/2011 5:16:23 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x80593341
Parameter 3 : 0xa9ac16dc
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+bc341
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bc341
Stack Address 1 : ntoskrnl.exe+bc38f
Stack Address 2 : ntoskrnl.exe+bc433
Stack Address 3 : ntoskrnl.exe+9b7d6
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-07.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-06.dmp
Crash Time : 11/3/2011 5:07:40 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x0000303b
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804e1af6
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+41ee
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : ntoskrnl.exe+aaf6
Stack Address 1 : ntoskrnl.exe+f634
Stack Address 2 : tcpip.sys+41ee
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-05.dmp
Crash Time : 11/3/2011 5:05:34 PM
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 0x00000020
Parameter 2 : 0xe304faf0
Parameter 3 : 0xe304faf0
Parameter 4 : 0x0c000001
Caused By Driver : aswSnx.SYS
Caused By Address : aswSnx.SYS+5f510
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+7afc5
Stack Address 2 : aswSnx.SYS+36b8e
Stack Address 3 : aswSnx.SYS+36c53
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-04.dmp
Crash Time : 11/3/2011 4:58:24 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x89f39e03
Parameter 2 : 0x00000001
Parameter 3 : 0xf876564d
Parameter 4 : 0x00000000
Caused By Driver : HIDCLASS.SYS
Caused By Address : HIDCLASS.SYS+164d
File Description : Hid Class Library
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Crash Address : HIDCLASS.SYS+164d
Stack Address 1 : HIDCLASS.SYS+1957
Stack Address 2 : ntoskrnl.exe+a3eb
Stack Address 3 : ntoskrnl.exe+abad7
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-03.dmp
Crash Time : 11/3/2011 4:57:08 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xaa59baa8
Parameter 3 : 0xf5beacc0
Parameter 4 : 0xf5bea9bc
Caused By Driver : aswSP.SYS
Caused By Address : aswSP.SYS+caa8
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSP.SYS+caa8
Stack Address 1 : ntoskrnl.exe+9f316
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-02.dmp
Crash Time : 11/3/2011 4:20:19 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xaa554e85
Parameter 3 : 0xaa3a6ca0
Parameter 4 : 0x00000000
Caused By Driver : aswSnx.SYS
Caused By Address : aswSnx.SYS+35e85
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSnx.SYS+35e85
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini110311-01.dmp
Crash Time : 11/3/2011 4:07:47 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa210a6b8
Parameter 2 : 0x00000000
Parameter 3 : 0xf861b408
Parameter 4 : 0x00000000
Caused By Driver : imapi.sys
Caused By Address : imapi.sys+7408
File Description : IMAPI Kernel Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Crash Address : imapi.sys+7408
Stack Address 1 : ntoskrnl.exe+a3eb
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini110311-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini102211-01.dmp
Crash Time : 10/22/2011 9:38:37 AM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 0x00000003
Parameter 2 : 0x8213e268
Parameter 3 : 0x8213e3dc
Parameter 4 : 0x8060577e
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+15f10d
Stack Address 2 : ntoskrnl.exe+12e73c
Stack Address 3 : ntoskrnl.exe+699f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini102211-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090811-02.dmp
Crash Time : 9/8/2011 3:36:09 PM
Bug Check String : CONFIG_LIST_FAILED
Bug Check Code : 0x00000073
Parameter 1 : 0x00000001
Parameter 2 : 0xc000017d
Parameter 3 : 0x00000004
Parameter 4 : 0xf8a43bb8
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+140046
Stack Address 2 : ntoskrnl.exe+f1c94
Stack Address 3 : ntoskrnl.exe+f1cdd
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090811-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 106,496
==================================================

==================================================
Dump File : Mini090811-01.dmp
Crash Time : 9/8/2011 3:19:00 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x805515a1
Parameter 3 : 0xaa495b28
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7a5a1
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+7a5a1
Stack Address 1 : ntoskrnl.exe+b9550
Stack Address 2 : ntoskrnl.exe+b97c8
Stack Address 3 : ntoskrnl.exe+b9809
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090811-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-10.dmp
Crash Time : 9/5/2011 5:56:49 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xaa5b1eb0
Parameter 3 : 0xf872388c
Parameter 4 : 0x00000000
Caused By Driver : aswSP.SYS
Caused By Address : aswSP.SYS+22eb0
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSP.SYS+22eb0
Stack Address 1 : aswMon2.SYS+861f
Stack Address 2 : aswMon2.SYS+6780
Stack Address 3 : aswMon2.SYS+6ba2
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-10.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-09.dmp
Crash Time : 9/5/2011 5:36:52 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00008300
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80702a2a
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a2a
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+2a2a
Stack Address 1 : mrxsmb.sys+3691d
Stack Address 2 : mrxsmb.sys+3783e
Stack Address 3 : mrxsmb.sys+386b6
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-09.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-08.dmp
Crash Time : 9/5/2011 5:34:57 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x00001382
Parameter 3 : 0xaa17a9dc
Parameter 4 : 0x00000000
Caused By Driver : mrxsmb.sys
Caused By Address : mrxsmb.sys+33cf5
File Description : Windows NT SMB Minirdr
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6133 (xpsp_sp3_gdr.110715-1625)
Processor : 32-bit
Crash Address :
Stack Address 1 : ntoskrnl.exe+a3eb
Stack Address 2 : ntoskrnl.exe+9603b
Stack Address 3 : ntoskrnl.exe+991e7
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-08.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-07.dmp
Crash Time : 9/5/2011 5:34:00 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000070
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804d804f
Caused By Driver : aswSP.SYS
Caused By Address : aswSP.SYS+9f01
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : ntoskrnl.exe+104f
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-07.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-06.dmp
Crash Time : 9/5/2011 5:30:37 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0xffbb672c
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80702a16
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a16
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+2a16
Stack Address 1 : Ntfs.sys+849
Stack Address 2 : Ntfs.sys+207b1
Stack Address 3 : Ntfs.sys+2482e
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-05.dmp
Crash Time : 9/5/2011 5:23:38 PM
Bug Check String : CRITICAL_OBJECT_TERMINATION
Bug Check Code : 0x000000f4
Parameter 1 : 0x00000003
Parameter 2 : 0x8213ec00
Parameter 3 : 0x8213ed74
Parameter 4 : 0x8060577e
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+15f10d
Stack Address 2 : ntoskrnl.exe+12e73c
Stack Address 3 : ntoskrnl.exe+699f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-04.dmp
Crash Time : 9/5/2011 5:09:14 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xaa5d4c7f
Parameter 2 : 0x00000000
Parameter 3 : 0xaa5d4c7f
Parameter 4 : 0x00000000
Caused By Driver : aswSP.SYS
Caused By Address : aswSP.SYS+45c7f
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSP.SYS+45c7f
Stack Address 1 : mrxsmb.sys+3161e
Stack Address 2 : mrxsmb.sys+31855
Stack Address 3 : ntoskrnl.exe+a3eb
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-03.dmp
Crash Time : 9/5/2011 5:07:21 PM
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 0x00041284
Parameter 2 : 0x7ffd7001
Parameter 3 : 0x000004df
Parameter 4 : 0xc0503000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+606ba
Stack Address 1 : ntoskrnl.exe+52ea2
Stack Address 2 : ntoskrnl.exe+1a150
Stack Address 3 : ntoskrnl.exe+1a353
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-02.dmp
Crash Time : 9/5/2011 5:02:21 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x005c0066
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x80702a16
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a16
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+2a16
Stack Address 1 : Ntfs.sys+20a58
Stack Address 2 : ntoskrnl.exe+a56be
Stack Address 3 : ntoskrnl.exe+a585a
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090511-01.dmp
Crash Time : 9/5/2011 4:55:10 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xf8888784
Parameter 3 : 0xa9fe7be3
Parameter 4 : 0x00000000
Caused By Driver : Npfs.SYS
Caused By Address : Npfs.SYS+4784
File Description : NPFS Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : Npfs.SYS+4784
Stack Address 1 : ntoskrnl.exe+a3eb
Stack Address 2 : ntoskrnl.exe+a43d7
Stack Address 3 : ntoskrnl.exe+699f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090511-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090311-03.dmp
Crash Time : 9/3/2011 1:10:11 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x4e61c580
Parameter 3 : 0xf5ba28e4
Parameter 4 : 0x00000000
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+49eed
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address :
Stack Address 1 : tcpip.sys+a4b4
Stack Address 2 : ntoskrnl.exe+a3eb
Stack Address 3 : aswTdi.SYS+f62
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090311-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090311-01.dmp
Crash Time : 9/3/2011 1:06:30 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x18000004
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x804dfcbe
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+8cbe
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+8cbe
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090311-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090211-03.dmp
Crash Time : 9/2/2011 2:09:20 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0x80000003
Parameter 2 : 0xaa594c46
Parameter 3 : 0xaa0cbb8c
Parameter 4 : 0x00000000
Caused By Driver : aswSP.SYS
Caused By Address : aswSP.SYS+5c47
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSP.SYS+5c47
Stack Address 1 : aswSP.SYS+668d
Stack Address 2 : ntoskrnl.exe+a3eb
Stack Address 3 : ntoskrnl.exe+abad7
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090211-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090211-02.dmp
Crash Time : 9/2/2011 2:00:20 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x80593341
Parameter 3 : 0xf8803bf4
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+bc341
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bc341
Stack Address 1 : ntoskrnl.exe+bc38f
Stack Address 2 : ntoskrnl.exe+18657b
Stack Address 3 : ntoskrnl.exe+185967
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090211-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090211-01.dmp
Crash Time : 9/2/2011 1:40:11 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x88007000
Parameter 2 : 0x00000001
Parameter 3 : 0xffa95937
Parameter 4 : 0x00000000
Caused By Driver : aswSnx.SYS
Caused By Address : aswSnx.SYS+4e2b
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address :
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090211-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 106,496
==================================================

==================================================
Dump File : Mini090111-06.dmp
Crash Time : 9/1/2011 3:30:24 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000001
Parameter 4 : 0x804ddf4d
Caused By Driver : USBPORT.SYS
Caused By Address : USBPORT.SYS+6fc2
File Description : USB 1.1 & 2.0 Port Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Crash Address : ntoskrnl.exe+6f4d
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090111-05.dmp
Crash Time : 9/1/2011 11:42:36 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc000001d
Parameter 2 : 0xaa64d6f0
Parameter 3 : 0xf7e81c78
Parameter 4 : 0xf7e81974
Caused By Driver : rdbss.sys
Caused By Address : rdbss.sys+46f0
File Description : Redirected Drive Buffering SubSystem Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : rdbss.sys+46f0
Stack Address 1 : mrxsmb.sys+7e8
Stack Address 2 : rdbss.sys+4b1
Stack Address 3 : rdbss.sys+17526
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090111-04.dmp
Crash Time : 9/1/2011 11:41:02 AM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xf888a014
Parameter 3 : 0xa9dfdb10
Parameter 4 : 0x00000000
Caused By Driver : Npfs.SYS
Caused By Address : Npfs.SYS+6014
File Description : NPFS Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : Npfs.SYS+6014
Stack Address 1 : Npfs.SYS+5cd3
Stack Address 2 : Npfs.SYS+5dd3
Stack Address 3 : ntoskrnl.exe+a3eb
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090111-03.dmp
Crash Time : 9/1/2011 10:51:50 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xfbe6f2a1
Parameter 2 : 0x00000000
Parameter 3 : 0xaa52a7b8
Parameter 4 : 0x00000000
Caused By Driver : aswSnx.SYS
Caused By Address : aswSnx.SYS+b7b8
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : aswSnx.SYS+b7b8
Stack Address 1 : aswSnx.SYS+26ab9
Stack Address 2 : aswSnx.SYS+7891
Stack Address 3 : aswSnx.SYS+154f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090111-02.dmp
Crash Time : 9/1/2011 10:49:12 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xcd26ec76
Parameter 2 : 0x00000000
Parameter 3 : 0xcd26ec76
Parameter 4 : 0x00000000
Caused By Driver :
Caused By Address :
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address :
Stack Address 1 : ntoskrnl.exe+b7e2e
Stack Address 2 : ntoskrnl.exe+b766a
Stack Address 3 : ntoskrnl.exe+b7dda
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini090111-01.dmp
Crash Time : 9/1/2011 10:37:05 AM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0x80000004
Parameter 2 : 0x804dca60
Parameter 3 : 0xaa10dc04
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+5a60
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)
Processor : 32-bit
Crash Address : ntoskrnl.exe+5a60
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini090111-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 114,688
==================================================

==================================================
Dump File : Mini083111-01.dmp
Crash Time : 8/31/2011 3:47:41 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x900c5cc6
Parameter 2 : 0x00000000
Parameter 3 : 0x80579a98
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : ntoskrnl.exe+a2a98
Stack Address 1 : Ntfs.sys+24f2d
Stack Address 2 : Ntfs.sys+24cd8
Stack Address 3 : Ntfs.sys+2403f
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini083111-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 106,496
==================================================

Posted Image

http://imageshack.us...01/image1ex.jpg

#20 Broni Re: [Inactive] hello, my sister win xp desktop pc have a trojan

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 04:46 AM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Offline

Time Online: 57d 10h 30m 28s

Posted 06 November 2011 - 01:04 AM

It doesn't show CPU temperature.
Let's try something else.

Download, and install SpeedFan: http://www.almico.com/sfdownload.php
Post your computer temperatures:

Posted Image