Jump to content

thehulk18

Anti-Spyware Brigade
  • Content count

    6,393
  • Joined

  • Last visited

About thehulk18

  • Rank
    thehulk18
  • Birthday 08/02/1938

Contact Methods

  • Website URL
    http://
  • ICQ
    0
  • Yahoo
    privateeye85@yahoo.com

Profile Information

  • Gender
    Male
  • Location
    Colorado Springs CO
  • Interests
    Golf and Grandkids

Previous Fields

  • Teams:
    Nothing Selected
  1. Apple Tracking Your Every Move

    Maybe they should give all illegals an iPhone when they cross the border....
  2. I've Had It!

    This is what you need Bruce. Get those dangerous ice daggers that are hanging down. Cleans steps and walks real well also. My brother in CT has one. http://www.amazon.com/BP-2512-SVC-Backpack-Propane/dp/B000NI7PQG
  3. I was trying to install Windows 7 on my Toshiba laptop yesterday, on a new, clean, formatted hard drive. On the Expanding Files step it kept hanging up and giving me error messages and stopping Setup. The error messages were: "Windows cannot install required files. The file may be corrupt or missing. Make sure all files required for installation are available, and restart the installation" Error Code: 0x80070017 also E:\Sources\WDSCORE.dll is either not designated to run on Windows, or it contains an error. I Googled both errors and found it was a fairly common happening when trying to install Windows 7. Some of the suggestions to overcome the errors were confusing, and some were as simple as swapping the CD/DVD drive. The one I liked best was found here: http://technet.microsoft.com/en-us/magazine/dd535816.aspx It worked like a charm and installed in less than half the normal time, and now I have Windows 7 Home Premium on a thumb drive for use anytime as long as I have a legitimate OS Key. The only thing not clear in the procedure is that at each Command Prompt, I had to type in the Drive and its number before the command itself. Other than that, it worked great.
  4. By default, XP, Vista and Win7 are supposed to defrage the boot sector when booting. However, it is not always set to do so in the registry. Rather than go into the registry, it can be done manually very easily to help speed up your boot time. As follows: Click on Start/All Programs/Accessories/Right click on Cmd Prompt and select to Run as Administrator. At the Command Prompt: C:\Windows\system32>, type in defrag c: -b It will look like this: C:\Windows\system32>defrag c: -b The window will then look like this: C:\Windows\system32>defrag -b C: Microsoft Disk Defragmenter Copyright © 2007 Microsoft Corp. Invoking boot optimization on (C:)... Pre-Defragmentation Report: Volume Information: Volume size = 49.99 GB Free space = 21.12 GB Total fragmented space = 2% Largest free space size = 4.59 GB Note: File fragments larger than 64MB are not included in the fragmentation statistics. You may not see anything happening at first...let it finish. You see in the last line that File fragments larger than 64MB are not included in the statistics, that's because they are not defragged, but they can be forced to defrag by using the same procedure above to run CMD Prompt as Administrator, then at the Command Prompt type in...defrag c: -v -w (Note spaces before each dash - ) Again...give it time to finish. These two steps significantly reduced the boot time on a laptop I was working on. I found these steps on more than one website, the following being one of them. http://social.answers.microsoft.com/Forums/en-US/vistaperformance/thread/7be9d9da-a7bf-447b-ad66-41d8eb50de54 I was looking for the steps for Vista, but they also work on Windows 7, and XP (Must have Administrator password in XP)
  5. Bios Password

    Problem Solved. Opened the laptop and fortunately the cmos battery was on top of the motherboard instead of on the bottom. Unpluged it for an hour or so while I did other things, with laptop battery out also, and it reset the Bios. Boots to Win98 now without any password requests at all.
  6. Bios Password

    No dice Joe, but thanks. I'll try taking it apart and see what I can find. One guy said he shorted out the batery and reset the bios, but that is dangerous, he lucked out I believe. I may have to replace the bios chip if I can't come up with a Phoenix back door password that works.
  7. Bios Password

    My Doctor gave me an old Sony Vaio laptop he had no further need for. It a Model PCG-Z505R. He said he thinks it has Win98 installed, and the sticker on the palm rest says that is so. When it boots it stops at asking for a Bios Password, and he of course can't remember that far back. It's a Phoenix 4.0 Bios, don't know the version. I tried using phoenix, PHOENIX, and Phoenix as the backdoor password as suggested, but to no avail. I tried booting with a WIN98SE disc, a VAIO recovery disc, and a Windows 98 UBD, but althought the discs all start, the password window still pops up and freezes everything. I also tried removing the battery and holding the power switch in the OFF position to drain it, but most times that doesn't work, or it takes hours. Removing the CMOS/RTC battery in most laptops doesn't do it either, and it usually requires disassembly to find the damn battery, and then it might be soldered in. Any suggestions much appreciated. TIA Hulkster
  8. Tired, Depressed, At Wits End.

    That's exactly what it means Bruce. I went through that when I moved from CT to FL. I taught digital guidance computers for Polaris and Poseidon missiles in the Navy, and when I came to FL and took tests for employment as a technician, I was told that I was overqualified and would jump at the first better offer.....ad nauseum!!!! A former Navy buddy went through the same thing, but he was in a field such as yours. He was a heavy equiment operator in the Seabees. His near 20 years experience got him the overqualified lable also, but the experience also qualified him for other offshoots of the Operator position, and he landed a job as a mechanic for a trucking company because he knew diesel engines, something you might consider if you haven't already. Trucking companies, school buses, city buses, etc. I wish you the best in your quest pal. Maybe tell them you wont leave and are willing to sign an employment contract for "X" amount of years.
  9. Question

    Jules....you can have half of my 64 bits...
  10. Weird Porn Popups

    Jacee...good morning young lady....just getting around to this, been under the weather...a little greener in the gills than normal hulk color...lol thanks for for your patience: DDS (Ver_10-03-17.01) - NTFSX64 Run by Bob at 3:28:51.73 on Sat 06/19/2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1791.833 [GMT -4:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Program Files (x86)\AVG\AVG9\avgchsva.exe C:\Program Files (x86)\AVG\AVG9\avgrsa.exe C:\Windows\system32\lsm.exe C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\lxcycoms.exe C:\ProgramData\Weather Pulse 2.2.4.4\weatherpulse.exe C:\Program Files (x86)\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Microsoft LifeCam\MSCamS64.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Olympus\ib\olycamdetect.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe C:\Program Files (x86)\AVG\AVG9\avgemc.exe C:\Program Files (x86)\AVG\AVG9\avgnsa.exe C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Bob\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.cfnews13.com/ mLocal Page = c:\windows\syswow64\blank.htm BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.5126.1836\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll uRun: [WeatherPulse] c:\programdata\weather pulse 2.2.4.4\weatherpulse.exe uRun: [iE New Window Maximizer] c:\program files (x86)\ie new window maximizer\iemaximizer.exe uRun: [cdloader] "c:\users\bob\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Olympus ib] "c:\program files (x86)\olympus\ib\olycamdetect.exe" /Startup mRun: [AVG9_TRAY] c:\progra~2\avg\avg9\avgtray.exe mRun: [MDS_Menu] "c:\program files (x86)\olympus\ib\muitransfer\muistartmenu.exe" "c:\program files (x86)\olympus\ib" updatewithcreateonce "software\olympus\ib\1.0" mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files (x86)\belarc\advisor\system\BAVoilaX.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg9\avgpp.dll BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files (x86)\avg\avg9\avgssiea.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg64.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll AppInit_DLLs-X64: avgrssta.dll ============= SERVICES / DRIVERS =============== R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2010-4-14 269320] R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2010-4-14 35536] R1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2010-4-14 317520] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 203264] R2 avg9emc;AVG Free E-mail Scanner;c:\program files (x86)\avg\avg9\avgemc.exe [2010-4-14 916760] R2 avg9wd;AVG Free WatchDog;c:\program files (x86)\avg\avg9\avgwdsvc.exe [2010-4-14 308064] R2 lxcy_device;lxcy_device;c:\windows\system32\lxcycoms.exe -service --> c:\windows\system32\lxcycoms.exe -service [?] R2 wwEngineSvc;Window Washer Engine;c:\program files (x86)\webroot\washer\WasherSvc.exe [2010-5-30 598856] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt64win7.sys [2010-3-4 346144] S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-4-14 136176] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-17 1255736] =============== Created Last 30 ================ 2010-06-16 20:53:46 27386256 ----a-w- c:\users\bob\AdbeRdr930_en_US.exe 2010-06-16 20:49:45 56141 ----a-w- c:\users\bob\SOACK_S19487.pdf 2010-05-31 00:19:59 0 d-----w- c:\users\bob\appdata\roaming\Webroot 2010-05-31 00:19:58 0 d-----w- c:\programdata\Webroot 2010-05-31 00:19:58 0 d-----w- c:\program files (x86)\Webroot 2010-05-31 00:19:58 0 d-----w- c:\program files (x86)\common files\Webroot Shared 2010-05-31 00:19:41 194888 ----a-w- c:\windows\Unwash6.exe 2010-05-29 02:37:29 22528 ----a-w- c:\users\bob\Dream Love.doc 2010-05-28 03:42:26 24672 ----a-w- c:\users\bob\me and ski - Copy.jpg 2010-05-28 02:30:13 292999 ----a-w- c:\users\bob\Bobby in the Bus.jpg 2010-05-28 02:26:30 20844 ----a-w- c:\users\bob\Me and Jim.jpg 2010-05-28 02:24:28 204202 ----a-w- c:\users\bob\Linda_Bren_holly.jpg 2010-05-28 02:22:34 159212 ----a-w- c:\users\bob\me and ski.jpg 2010-05-26 14:11:47 20697 ----a-w- c:\users\bob\livepreview.jpg 2010-05-26 04:33:21 2048 ----a-w- c:\windows\syswow64\tzres.dll 2010-05-26 04:33:21 2048 ----a-w- c:\windows\system32\tzres.dll 2010-05-25 11:14:04 153376 ----a-w- c:\windows\syswow64\javaws.exe 2010-05-25 11:14:04 145184 ----a-w- c:\windows\syswow64\javaw.exe 2010-05-25 11:14:04 145184 ----a-w- c:\windows\syswow64\java.exe 2010-05-25 11:11:54 0 d-----w- c:\programdata\Sun 2010-05-25 11:11:24 423656 ----a-w- c:\windows\syswow64\deployJava1.dll 2010-05-23 22:44:32 0 d-----w- c:\users\bob\appdata\roaming\Auslogics 2010-05-23 22:44:19 0 d-----w- c:\program files (x86)\Auslogics 2010-05-23 17:00:20 24664 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-23 17:00:08 0 d-----w- c:\users\bob\appdata\roaming\Malwarebytes 2010-05-23 17:00:03 0 d-----w- c:\programdata\Malwarebytes 2010-05-23 17:00:02 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2010-05-20 11:07:11 97792 --sha-w- c:\users\bob\Thumbs.db ==================== Find3M ==================== 2010-06-02 15:47:32 35536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 2010-06-02 15:47:32 317520 ----a-w- c:\windows\system32\drivers\avgtdia.sys 2010-05-27 07:24:13 34304 ----a-w- c:\windows\syswow64\atmlib.dll 2010-05-27 06:34:09 46080 ----a-w- c:\windows\system32\atmlib.dll 2010-05-27 04:11:32 366080 ----a-w- c:\windows\system32\atmfd.dll 2010-05-27 03:49:37 293888 ----a-w- c:\windows\syswow64\atmfd.dll 2010-05-21 05:52:30 1192960 ----a-w- c:\windows\system32\wininet.dll 2010-05-21 05:18:06 977920 ----a-w- c:\windows\syswow64\wininet.dll 2010-05-21 05:14:50 48128 ----a-w- c:\windows\syswow64\jsproxy.dll 2010-05-06 13:47:20 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2010-05-06 12:42:05 1225216 ----a-w- c:\windows\syswow64\urlmon.dll 2010-05-06 12:41:55 606208 ----a-w- c:\windows\syswow64\mstime.dll 2010-05-06 12:41:53 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll 2010-05-06 12:41:53 5970944 ----a-w- c:\windows\syswow64\mshtml.dll 2010-05-06 12:41:49 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll 2010-05-06 12:41:49 10984448 ----a-w- c:\windows\syswow64\ieframe.dll 2010-05-01 15:07:05 3122176 ----a-w- c:\windows\system32\win32k.sys 2010-04-14 21:19:04 12976 ----a-w- c:\windows\system32\avgrssta.dll 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 3:29:11.73 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 4/14/2010 3:19:34 PM System Uptime: 6/19/2010 3:21:00 AM (0 hours ago) Motherboard: Dell Inc. | | 0F896N Processor: AMD Sempron Processor LE-1300 | AM2 | 2300/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 298 GiB total, 198.033 GiB free. D: is CDROM () G: is Removable H: is Removable ==== Disabled Device Manager Items ============= Class GUID: {36fc9e60-c465-11cf-8056-444553540000} Description: Unknown Device Device ID: USB\VID_0000&PID_0000\6&1C1F09FC&0&1 Manufacturer: (Standard USB Host Controller) Name: Unknown Device PNP Device ID: USB\VID_0000&PID_0000\6&1C1F09FC&0&1 Service: ==== System Restore Points =================== ==== Installed Programs ====================== Acrobat.com Active@ KillDisk FREE Suite Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader 9.3.2 Advanced SystemCare 3 AnswerWorks Runtime Apple Application Support Apple Software Update AusLogics Disk Defrag AVG Free 9.0 Belarc Advisor 8.1 CleanUp! Corel Applications Google Toolbar for Internet Explorer Google Update Helper HijackThis 2.0.2 IE New Window Maximizer 2.4 IrfanView (remove only) Java Auto Updater Java 6 Update 21 Malwarebytes' Anti-Malware Microsoft Corporation Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Word Viewer 2003 Microsoft Reader Microsoft Visual C++ 2005 Redistributable OLYMPUS ib QuickTime Realtek 8136 8168 8169 Ethernet Driver Roxio PhotoSuite 5 Visual C++ 8.0 Runtime Setup Package (x64) Weather Pulse 2.2.4.4 Window Washer Yahoo! Messenger ==== End Of File ===========================
  11. Weird Porn Popups

    Good morning all you Trusted Advisors. Usually in the morning first thing I do on PC is check the AVG results from the overnight scan. This morning when i clicked and removed the screensaver, I was greeted with a bunch of porn pictures and writing in German. They kept coming back at random times while on line. I ran MalwareBytes in safe mode and it found nothing. AVG found two Trojan Downloaders and vaulted them. I ran HJT, and right after it started scanning, this window popped up: Then completed the scan. If I follow the directioon to get into the Hosts, there are no entries from HJT This is the log, and thanks: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:17:23 AM, on 6/7/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\ProgramData\Weather Pulse 2.2.4.4\weatherpulse.exe C:\Program Files (x86)\IE New Window Maximizer\iemaximizer.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Olympus\ib\olycamdetect.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Users\Bob\AppData\Roaming\mjusbsp\magicJack.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\HJT\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cfnews13.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0" O4 - HKCU\..\Run: [WeatherPulse] C:\ProgramData\Weather Pulse 2.2.4.4\weatherpulse.exe O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files (x86)\IE New Window Maximizer\iemaximizer.exe O4 - HKCU\..\Run: [cdloader] "C:\Users\Bob\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe -- End of file - 6950 bytes I also ran HJT in Safe Mode as Administrator and tried removing all the entries with the @ with the same results, i.e., they were still there on the next scan. TIA
  12. Combofix Log

    Maybe I can find a Poltergeist remover on Ebay....lol
  13. Combofix Log

    Hey Jules....I haven't done any on line scans because usually it won't stay on for a full scan. I lucked out with this one. This is still the same machine that starts and stops randomly. A quick historic synopsis if I may: Brought to me because it started up in the middle of the night, and shut down when it felt like it. Replaced broken Power switch Replaced motherboard, CPU,heatsind, and fan. Replaced RAM Replaced Power Supply Added extra case fan for cooling. Removed Vista from SATA HD and installed XP Home Malware Bytes finds nothing wrong AVG also comes up clean Now Combofix looks good also Completely isolated everything from the case on my workbench, and it ran perfectly for about 15 hours. Installed everything in an older case, and it ran perfectly for a number of hours also. I made an insulating gasket of sorts from a new clear back seat floor mat to prevent any arcing from mobo solder points. The board is a combo board, so last night I removed SATA drive and replaced with IDE drive and installed Windows XP Home. All of this and many hours of troubleshooting and it is doing the same thing as the day it was brought to me, while it is in the original case. It shutdown this morning while doing Windows updates on the newly installed IDE drive with fresh XP Home Running out of ideas other than getting a new case, so ran Combofix for a fresh perspective. Every suggestion people make to solve this headbuster is negated by the fact that the hardware is all NEW and tested, and the fact that every action is a repeat of what was happening when it was first brought to me. I've done the piece by piece in and out of the case one at a time, etc, ad naseum, and like I said Jules, I'm about out of ideas. Sorry...didn't mean to ramble on, you know how us Northerners are when ya get us ta yakkin...lol
  14. Combofix Log

    Need to know if all is ok... ComboFix 10-05-22.03 - HB 05/23/2010 13:05:14.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1791.1245 [GMT -4:00] Running from: i:\program files\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((( Files Created from 2010-04-23 to 2010-05-23 ))))))))))))))))))))))))))))))) . 2010-05-23 16:16 . 2010-05-23 16:16 -------- d-----w- c:\program files\Belarc 2010-05-23 16:16 . 2008-03-06 15:51 3840 ----a-w- c:\windows\system32\drivers\BANTExt.sys 2010-05-23 15:41 . 2010-05-23 16:06 -------- d-----w- c:\program files\RegCleaner 2010-05-23 02:21 . 2008-04-13 16:44 2560 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\USMT\iconlib.dll 2010-05-23 02:21 . 2010-05-23 02:21 -------- d-----w- C:\USMT.TMP 2010-05-22 19:27 . 2010-05-22 19:27 -------- d-----w- c:\documents and settings\HB\Application Data\Malwarebytes 2010-05-22 19:27 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-22 19:27 . 2010-05-22 19:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-22 19:27 . 2010-05-22 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-05-22 19:27 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-22 17:56 . 2010-05-22 17:56 -------- d-----w- c:\program files\IObit 2010-05-22 17:56 . 2010-05-22 17:56 -------- d-----w- c:\documents and settings\HB\Application Data\IObit 2010-05-21 04:16 . 2010-03-11 12:38 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2010-05-21 04:16 . 2010-03-11 12:38 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2010-05-21 04:16 . 2010-03-11 12:38 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll 2010-05-21 04:16 . 2010-03-11 12:38 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll 2010-05-21 04:16 . 2010-03-11 12:38 63488 -c----w- c:\windows\system32\dllcache\icardie.dll 2010-05-21 04:16 . 2010-03-11 12:38 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll 2010-05-21 04:16 . 2010-03-10 13:18 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe 2010-05-21 04:16 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat 2010-05-20 22:32 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll 2010-05-20 15:53 . 2010-05-20 15:53 -------- d-----w- c:\windows\system32\scripting 2010-05-20 15:53 . 2010-05-20 15:53 -------- d-----w- c:\windows\system32\en 2010-05-20 15:53 . 2010-05-20 15:53 -------- d-----w- c:\windows\system32\bits 2010-05-20 15:53 . 2010-05-20 15:53 -------- d-----w- c:\windows\l2schemas 2010-05-20 15:47 . 2010-05-20 15:47 -------- d-----w- c:\windows\EHome 2010-05-20 11:11 . 2010-05-20 11:11 -------- d-----w- c:\program files\CleanUp! 2010-05-20 11:10 . 2010-05-20 11:10 -------- d-----w- c:\documents and settings\HB\Application Data\Auslogics 2010-05-20 11:10 . 2010-05-20 11:10 -------- d-----w- c:\program files\Auslogics 2010-05-20 11:03 . 2010-05-20 11:03 -------- d-----w- c:\windows\system32\XPSViewer 2010-05-20 11:03 . 2010-05-20 11:03 -------- d-----w- c:\program files\MSBuild 2010-05-20 11:03 . 2010-05-20 11:03 -------- d-----w- c:\program files\Reference Assemblies 2010-05-20 11:02 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll 2010-05-20 11:02 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2010-05-20 11:02 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2010-05-20 11:02 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2010-05-20 11:02 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2010-05-20 11:02 . 2010-05-20 11:03 -------- d-----w- C:\b2487a92a33ec8f59d2145 2010-05-20 11:02 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2010-05-20 11:02 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2010-05-20 11:02 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2010-05-20 11:02 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2010-05-20 11:01 . 2010-05-20 11:01 -------- d-----w- c:\program files\MSXML 6.0 2010-05-20 10:16 . 2004-08-04 04:29 73216 ------w- c:\windows\system32\drivers\atintuxx.sys 2010-05-20 10:10 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2010-05-20 10:10 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2010-05-20 10:10 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys 2010-05-20 10:10 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll 2010-05-20 10:10 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll 2010-05-20 10:09 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-05-20 10:09 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2010-05-20 10:06 . 2010-05-22 04:14 -------- d--h--w- c:\windows\$hf_mig$ 2010-05-20 09:58 . 2010-05-20 09:58 -------- d-s---w- c:\documents and settings\HB\UserData 2010-05-20 09:51 . 2010-05-20 09:51 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-05-20 09:51 . 2010-05-20 09:51 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-05-20 09:51 . 2010-05-20 09:51 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-05-20 09:51 . 2010-05-20 09:51 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-05-20 09:51 . 2010-05-22 23:46 -------- d-----w- c:\windows\system32\drivers\Avg 2010-05-20 09:51 . 2010-05-20 09:51 -------- d-----w- c:\program files\AVG 2010-05-20 09:51 . 2010-05-20 09:51 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2010-05-20 09:43 . 2010-05-20 09:43 0 ----a-w- c:\windows\ativpsrm.bin 2010-05-20 09:40 . 2009-07-31 05:27 311296 ----a-r- c:\windows\system32\atiiiexx.dll 2010-05-20 09:40 . 2009-07-31 05:42 446464 ----a-r- c:\windows\system32\ATIDEMGX.dll 2010-05-20 09:40 . 2009-07-31 05:02 887724 ----a-r- c:\windows\system32\ativva6x.dat 2010-05-20 09:40 . 2009-07-31 05:02 3 ----a-r- c:\windows\system32\ativva5x.dat 2010-05-20 09:40 . 2009-06-11 16:54 197655 ----a-r- c:\windows\system32\atiicdxx.dat 2010-05-20 09:40 . 2010-05-20 09:40 -------- d-----w- c:\program files\ATI Technologies 2010-05-20 09:40 . 2008-04-13 18:45 6272 ----a-w- c:\windows\system32\drivers\splitter.sys 2010-05-20 09:40 . 2008-04-13 19:17 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys 2010-05-20 09:40 . 2008-04-13 18:45 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys 2010-05-20 09:37 . 2010-03-08 14:41 220112 ----a-w- c:\windows\system32\drivers\Rtenicxp.sys 2010-05-20 09:37 . 2010-01-12 09:35 80416 ----a-w- c:\windows\system32\RtNicProp32.dll 2010-05-20 09:37 . 2010-05-20 09:37 -------- d-----w- c:\program files\Realtek 2010-05-20 09:37 . 2010-05-20 09:40 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-05-20 09:36 . 2004-08-13 18:56 5810 ----a-r- c:\windows\system32\drivers\ASACPI.sys 2010-05-20 09:36 . 2009-04-03 12:30 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-20 15:55 . 2010-05-20 08:59 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-05-20 09:39 . 2010-05-20 09:38 -------- d-----w- c:\program files\Common Files\InstallShield 2010-05-20 09:39 . 2010-05-20 09:39 -------- d-----w- c:\program files\VIA 2010-05-20 08:59 . 2010-05-20 08:59 -------- d-----w- c:\program files\microsoft frontpage 2010-05-20 08:57 . 2010-05-20 08:57 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2010-03-11 12:38 . 2004-08-04 12:00 832512 ----a-w- c:\windows\system32\wininet.dll 2010-03-11 12:38 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-03-11 12:38 . 2004-08-04 12:00 17408 ----a-w- c:\windows\system32\corpol.dll 2010-03-09 11:09 . 2004-08-04 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll 2010-02-24 13:11 . 2004-08-04 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-08-28 33673216] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-05-20 09:51 12464 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/20/2010 5:51 AM 216200] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/20/2010 5:51 AM 242896] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [5/20/2010 5:51 AM 916760] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [5/20/2010 5:51 AM 308064] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [5/20/2010 5:39 AM 1390976] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.cfnews13.com/ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-23 13:06 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1???????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(660) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3868) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll . Completion time: 2010-05-23 13:07:21 ComboFix-quarantined-files.txt 2010-05-23 17:07 Pre-Run: 301,078,396,928 bytes free Post-Run: 301,097,476,096 bytes free WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - 6FA5A3BCD704D1951BAC4BAAE32254F6
  15. My Most Perplexing Problem Ever

    When last we left our floundering hero: things hadn't changed....lol Out of case test was 100% ok...ran for about 15 hours with no problems at all. When reinstalled...immediate pulsating fans, shutdowns, startups, etc. Sprayed with "Poltergeist Go Away Spray" no changes... Reinstalled components one at a time...no change It's been running for about an hour...running Memtest86 presently Might get another case to try today......how very frustrating. One of my friends that has his own PC repair business, is of the idea that somehow a power surge of some kind hit the PSU, then MainBoard, CPU, etc., i.e., the Domino Effect that we have all run into now and then, especially here in Central FL, the lightning capital....i tend to agree, but he cannot explain why with all new hardware it would still act the same, and he closely examined the case and found nothing obvious, such as any marks indicating arcing, or excessive grounding, and the case was stripped of all wiring and examined very closely. It's gonna be another Advil day.....LOL
×