[Inactive] [A] Vista System Check and Anti-malware 2012 removal

jcd106 · Jan 8, 2012

==================================================

Dump File : Mini010812-03.dmp

Crash Time : 08/01/2012 13:07:11

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8e16a936

Parameter 3 : 0x8a9c9990

Parameter 4 : 0x00000000

Caused By Driver : atikmdag.sys

Caused By Address : atikmdag.sys+15d936

File Description : ATI Radeon Kernel Mode Driver

Product Name : ATI Radeon Family

Company : ATI Technologies Inc.

File Version : 7.01.01.523

Processor : 32-bit

Crash Address : atikmdag.sys+15d936

Stack Address 1 : atikmdag.sys+35eac

Stack Address 2 : atikmdag.sys+24674

Stack Address 3 : atikmdag.sys+247c6

Computer Name :

Full Path : C:\Windows\Minidump\Mini010812-03.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini010812-01.dmp

Crash Time : 08/01/2012 12:07:41

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8e167936

Parameter 3 : 0x8a923990

Parameter 4 : 0x00000000

Caused By Driver : atikmdag.sys

Caused By Address : atikmdag.sys+15d936

File Description : ATI Radeon Kernel Mode Driver

Product Name : ATI Radeon Family

Company : ATI Technologies Inc.

File Version : 7.01.01.523

Processor : 32-bit

Crash Address : atikmdag.sys+15d936

Stack Address 1 : atikmdag.sys+35eac

Stack Address 2 : atikmdag.sys+24674

Stack Address 3 : atikmdag.sys+247c6

Computer Name :

Full Path : C:\Windows\Minidump\Mini010812-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini010712-02.dmp

Crash Time : 07/01/2012 11:10:10

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8e36a936

Parameter 3 : 0x8c149990

Parameter 4 : 0x00000000

Caused By Driver : atikmdag.sys

Caused By Address : atikmdag.sys+15d936

File Description : ATI Radeon Kernel Mode Driver

Product Name : ATI Radeon Family

Company : ATI Technologies Inc.

File Version : 7.01.01.523

Processor : 32-bit

Crash Address : atikmdag.sys+15d936

Stack Address 1 : atikmdag.sys+35eac

Stack Address 2 : atikmdag.sys+24674

Stack Address 3 : atikmdag.sys+247c6

Computer Name :

Full Path : C:\Windows\Minidump\Mini010712-02.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini010712-01.dmp

Crash Time : 07/01/2012 00:32:14

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8df69936

Parameter 3 : 0x8c34f990

Parameter 4 : 0x00000000

Caused By Driver : atikmdag.sys

Caused By Address : atikmdag.sys+15d936

File Description : ATI Radeon Kernel Mode Driver

Product Name : ATI Radeon Family

Company : ATI Technologies Inc.

File Version : 7.01.01.523

Processor : 32-bit

Crash Address : atikmdag.sys+15d936

Stack Address 1 : atikmdag.sys+35eac

Stack Address 2 : atikmdag.sys+24674

Stack Address 3 : atikmdag.sys+247c6

Computer Name :

Full Path : C:\Windows\Minidump\Mini010712-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini010612-07.dmp

Crash Time : 06/01/2012 23:01:26

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8dd66936

Parameter 3 : 0x95423990

Parameter 4 : 0x00000000

Caused By Driver : atikmdag.sys

Caused By Address : atikmdag.sys+15d936

File Description : ATI Radeon Kernel Mode Driver

Product Name : ATI Radeon Family

Company : ATI Technologies Inc.

File Version : 7.01.01.523

Processor : 32-bit

Crash Address : atikmdag.sys+15d936

Stack Address 1 : atikmdag.sys+35eac

Stack Address 2 : atikmdag.sys+24674

Stack Address 3 : atikmdag.sys+247c6

Computer Name :

Full Path : C:\Windows\Minidump\Mini010612-07.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini010612-06.dmp

Crash Time : 06/01/2012 21:48:44

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8e161936

Parameter 3 : 0x8c29d990

Parameter 4 : 0x00000000

Caused By Driver : atikmdag.sys

Caused By Address : atikmdag.sys+15d936

File Description : ATI Radeon Kernel Mode Driver

Product Name : ATI Radeon Family

Company : ATI Technologies Inc.

File Version : 7.01.01.523

Processor : 32-bit

Crash Address : atikmdag.sys+15d936

Stack Address 1 : atikmdag.sys+35eac

Stack Address 2 : atikmdag.sys+24674

Stack Address 3 : atikmdag.sys+247c6

Computer Name :

Full Path : C:\Windows\Minidump\Mini010612-06.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini010612-04.dmp

Crash Time : 06/01/2012 19:38:57

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8e162936

Parameter 3 : 0x8e8e2990

Parameter 4 : 0x00000000

Caused By Driver : atikmdag.sys

Caused By Address : atikmdag.sys+15d936

File Description : ATI Radeon Kernel Mode Driver

Product Name : ATI Radeon Family

Company : ATI Technologies Inc.

File Version : 7.01.01.523

Processor : 32-bit

Crash Address : atikmdag.sys+15d936

Stack Address 1 : atikmdag.sys+35eac

Stack Address 2 : atikmdag.sys+24674

Stack Address 3 : atikmdag.sys+247c6

Computer Name :

Full Path : C:\Windows\Minidump\Mini010612-04.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini010612-01.dmp

Crash Time : 06/01/2012 12:58:45

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8cf6a936

Parameter 3 : 0x8c371990

Parameter 4 : 0x00000000

Caused By Driver : atikmdag.sys

Caused By Address : atikmdag.sys+15d936

File Description : ATI Radeon Kernel Mode Driver

Product Name : ATI Radeon Family

Company : ATI Technologies Inc.

File Version : 7.01.01.523

Processor : 32-bit

Crash Address : atikmdag.sys+15d936

Stack Address 1 : atikmdag.sys+35eac

Stack Address 2 : atikmdag.sys+24674

Stack Address 3 : atikmdag.sys+247c6

Computer Name :

Full Path : C:\Windows\Minidump\Mini010612-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini123011-01.dmp

Crash Time : 30/12/2011 21:59:40

Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA

Bug Check Code : 0x00000050

Parameter 1 : 0x8f1aff0e

Parameter 2 : 0x00000000

Parameter 3 : 0x86d20640

Parameter 4 : 0x00000002

Caused By Driver : sptd.sys

Caused By Address : sptd.sys+0

File Description : SCSI Pass Through Direct Host

Product Name : SCSI Pass Through Direct

Company : Duplex Secure Ltd.

File Version : 1.62.0.0 built by: WinDDK

Processor : 32-bit

Crash Address : ntkrnlpa.exe+a5195

Stack Address 1 : ntkrnlpa.exe+5abf4

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\Windows\Minidump\Mini123011-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 133,488

==================================================

==================================================

Dump File : Mini121311-01.dmp

Crash Time : 13/12/2011 23:43:02

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x8212e218

Parameter 3 : 0xa2b0472c

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+b78ba

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+ed218

Stack Address 1 : ntkrnlpa.exe+ee6e0

Stack Address 2 : win32k.sys+bae0e

Stack Address 3 : win32k.sys+d4934

Computer Name :

Full Path : C:\Windows\Minidump\Mini121311-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini120511-01.dmp

Crash Time : 05/12/2011 19:35:58

Bug Check String : BAD_POOL_CALLER

Bug Check Code : 0x000000c2

Parameter 1 : 0x00000007

Parameter 2 : 0x0000110b

Parameter 3 : 0x00820022

Parameter 4 : 0xfe4253f8

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+d763f

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd1e3

Stack Address 1 : ntkrnlpa.exe+ee00c

Stack Address 2 : win32k.sys+7089

Stack Address 3 : win32k.sys+6a04

Computer Name :

Full Path : C:\Windows\Minidump\Mini120511-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini120211-01.dmp

Crash Time : 02/12/2011 17:46:47

Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA

Bug Check Code : 0x00000050

Parameter 1 : 0xfe600000

Parameter 2 : 0x00000000

Parameter 3 : 0x94ee6f74

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+6b4f

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+a5195

Stack Address 1 : ntkrnlpa.exe+5abf4

Stack Address 2 : win32k.sys+6f74

Stack Address 3 : win32k.sys+69b0

Computer Name :

Full Path : C:\Windows\Minidump\Mini120211-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini113011-01.dmp

Crash Time : 30/11/2011 18:50:21

Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA

Bug Check Code : 0x00000050

Parameter 1 : 0xfe423004

Parameter 2 : 0x00000000

Parameter 3 : 0x94c56f24

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+6b4f

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+a5195

Stack Address 1 : ntkrnlpa.exe+5abf4

Stack Address 2 : win32k.sys+6f24

Stack Address 3 : win32k.sys+69b0

Computer Name :

Full Path : C:\Windows\Minidump\Mini113011-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini112411-01.dmp

Crash Time : 24/11/2011 22:41:50

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0xff097a9a

Parameter 3 : 0x9f8bacf0

Parameter 4 : 0x00000000

Caused By Driver :

Caused By Address :

File Description :

Product Name :

Company :

File Version :

Processor : 32-bit

Crash Address :

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\Windows\Minidump\Mini112411-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini111211-01.dmp

Crash Time : 12/11/2011 17:06:58

Bug Check String : PFN_LIST_CORRUPT

Bug Check Code : 0x0000004e

Parameter 1 : 0x00000099

Parameter 2 : 0x000ffff7

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : ntkrnlpa.exe

Caused By Address : ntkrnlpa.exe+cd1e3

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6001.18427 (vistasp1_gdr.100218-0019)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd1e3

Stack Address 1 : ntkrnlpa.exe+a398b

Stack Address 2 : ntkrnlpa.exe+1b3d21

Stack Address 3 : ntkrnlpa.exe+1b3dbe

Computer Name :

Full Path : C:\Windows\Minidump\Mini111211-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini101611-01.dmp

Crash Time : 16/10/2011 21:19:08

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x81578448

Parameter 3 : 0x96101c8c

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+c8448

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : win32k.sys+c8448

Stack Address 1 : win32k.sys+c9c15

Stack Address 2 : win32k.sys+c9bcb

Stack Address 3 : ntkrnlpa.exe+57a9a

Computer Name :

Full Path : C:\Windows\Minidump\Mini101611-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini100911-01.dmp

Crash Time : 09/10/2011 12:59:34

Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA

Bug Check Code : 0x00000050

Parameter 1 : 0xfe46504c

Parameter 2 : 0x00000000

Parameter 3 : 0x952c6f74

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+6b4f

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+a5195

Stack Address 1 : ntkrnlpa.exe+5abf4

Stack Address 2 : win32k.sys+6f74

Stack Address 3 : win32k.sys+69b0

Computer Name :

Full Path : C:\Windows\Minidump\Mini100911-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini082911-01.dmp

Crash Time : 29/08/2011 18:58:17

Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA

Bug Check Code : 0x00000050

Parameter 1 : 0xfe600000

Parameter 2 : 0x00000000

Parameter 3 : 0x81806f74

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+936e3

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+a5195

Stack Address 1 : ntkrnlpa.exe+5abf4

Stack Address 2 : win32k.sys+6f74

Stack Address 3 : win32k.sys+69b0

Computer Name :

Full Path : C:\Windows\Minidump\Mini082911-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini081811-01.dmp

Crash Time : 18/08/2011 22:00:03

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x955acff5

Parameter 3 : 0x9ba3bc54

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+ccff5

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : win32k.sys+ccff5

Stack Address 1 : win32k.sys+cd139

Stack Address 2 : ntkrnlpa.exe+57a9a

Stack Address 3 :

Computer Name :

Full Path : C:\Windows\Minidump\Mini081811-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini071711-01.dmp

Crash Time : 17/07/2011 10:05:56

Bug Check String : PFN_LIST_CORRUPT

Bug Check Code : 0x0000004e

Parameter 1 : 0x00000099

Parameter 2 : 0x0003c34a

Parameter 3 : 0x00000002

Parameter 4 : 0x00055619

Caused By Driver : ntkrnlpa.exe

Caused By Address : ntkrnlpa.exe+cd1e3

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6001.18427 (vistasp1_gdr.100218-0019)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd1e3

Stack Address 1 : ntkrnlpa.exe+a398b

Stack Address 2 : ntkrnlpa.exe+9d9ba

Stack Address 3 : ntkrnlpa.exe+efba4

Computer Name :

Full Path : C:\Windows\Minidump\Mini071711-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini061311-01.dmp

Crash Time : 13/06/2011 07:17:40

Bug Check String : IRQL_NOT_LESS_OR_EQUAL

Bug Check Code : 0x0000000a

Parameter 1 : 0x0a1400a0

Parameter 2 : 0x00000002

Parameter 3 : 0x00000000

Parameter 4 : 0x820d403d

Caused By Driver : ntkrnlpa.exe

Caused By Address : ntkrnlpa.exe+5adc4

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6001.18427 (vistasp1_gdr.100218-0019)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+5adc4

Stack Address 1 : ntkrnlpa.exe+8803d

Stack Address 2 : ntkrnlpa.exe+88bf7

Stack Address 3 : ntkrnlpa.exe+87495

Computer Name :

Full Path : C:\Windows\Minidump\Mini061311-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini060811-01.dmp

Crash Time : 08/06/2011 07:03:03

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x948d3801

Parameter 3 : 0x9eff5c14

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+d3801

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : win32k.sys+d3801

Stack Address 1 : win32k.sys+d409f

Stack Address 2 : win32k.sys+d49c1

Stack Address 3 : win32k.sys+d4b0b

Computer Name :

Full Path : C:\Windows\Minidump\Mini060811-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini060711-01.dmp

Crash Time : 07/06/2011 20:09:47

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0x953b8e33

Parameter 3 : 0xa03c5c98

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+c8e33

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : win32k.sys+c8e33

Stack Address 1 : win32k.sys+cd15f

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\Windows\Minidump\Mini060711-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini060611-01.dmp

Crash Time : 06/06/2011 07:42:40

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x85564020

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd1e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini060611-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini071510-01.dmp

Crash Time : 15/07/2010 12:08:28

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0xae872020

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd1e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini071510-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini062810-01.dmp

Crash Time : 28/06/2010 12:43:39

Bug Check String : DRIVER_POWER_STATE_FAILURE

Bug Check Code : 0x0000009f

Parameter 1 : 0x00000003

Parameter 2 : 0x837b76b0

Parameter 3 : 0x853d5030

Parameter 4 : 0x85008c48

Caused By Driver : ntkrnlpa.exe

Caused By Address : ntkrnlpa.exe+cd1e3

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6001.18427 (vistasp1_gdr.100218-0019)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd1e3

Stack Address 1 : ntkrnlpa.exe+33b8c

Stack Address 2 : ntkrnlpa.exe+336dc

Stack Address 3 : ntkrnlpa.exe+b6d20

Computer Name :

Full Path : C:\Windows\Minidump\Mini062810-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini062510-01.dmp

Crash Time : 25/06/2010 06:56:26

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0xa32cdd78

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd1e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini062510-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini062410-01.dmp

Crash Time : 24/06/2010 15:37:30

Bug Check String : DRIVER_POWER_STATE_FAILURE

Bug Check Code : 0x0000009f

Parameter 1 : 0x00000003

Parameter 2 : 0x83b9db70

Parameter 3 : 0x853fe380

Parameter 4 : 0x85072268

Caused By Driver : ntkrnlpa.exe

Caused By Address : ntkrnlpa.exe+cd1e3

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6001.18427 (vistasp1_gdr.100218-0019)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd1e3

Stack Address 1 : ntkrnlpa.exe+33b8c

Stack Address 2 : ntkrnlpa.exe+336dc

Stack Address 3 : ntkrnlpa.exe+b6d20

Computer Name :

Full Path : C:\Windows\Minidump\Mini062410-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini061010-01.dmp

Crash Time : 10/06/2010 14:57:39

Bug Check String : DRIVER_POWER_STATE_FAILURE

Bug Check Code : 0x0000009f

Parameter 1 : 0x00000003

Parameter 2 : 0x833656b0

Parameter 3 : 0x84fcc030

Parameter 4 : 0x849c23e8

Caused By Driver : ntkrnlpa.exe

Caused By Address : ntkrnlpa.exe+cd0e3

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6001.18427 (vistasp1_gdr.100218-0019)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : ntkrnlpa.exe+33b5c

Stack Address 2 : ntkrnlpa.exe+336ac

Stack Address 3 : ntkrnlpa.exe+b6c40

Computer Name :

Full Path : C:\Windows\Minidump\Mini061010-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini060310-01.dmp

Crash Time : 03/06/2010 08:40:58

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0xa7906020

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini060310-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini052610-01.dmp

Crash Time : 26/05/2010 14:48:32

Bug Check String : DRIVER_POWER_STATE_FAILURE

Bug Check Code : 0x0000009f

Parameter 1 : 0x00000003

Parameter 2 : 0x833adb70

Parameter 3 : 0x84fd6030

Parameter 4 : 0x8514c560

Caused By Driver : ntkrnlpa.exe

Caused By Address : ntkrnlpa.exe+cd0e3

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6001.18427 (vistasp1_gdr.100218-0019)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : ntkrnlpa.exe+33b5c

Stack Address 2 : ntkrnlpa.exe+336ac

Stack Address 3 : ntkrnlpa.exe+b6c40

Computer Name :

Full Path : C:\Windows\Minidump\Mini052610-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini033110-01.dmp

Crash Time : 31/03/2010 16:34:52

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x8c91da80

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini033110-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini031010-01.dmp

Crash Time : 10/03/2010 10:14:28

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x84d83a30

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini031010-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini021410-01.dmp

Crash Time : 14/02/2010 10:58:18

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x85522020

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini021410-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini021310-01.dmp

Crash Time : 13/02/2010 16:31:29

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x848b7020

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini021310-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini020510-01.dmp

Crash Time : 05/02/2010 18:11:13

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x85a51738

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini020510-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini020110-01.dmp

Crash Time : 01/02/2010 17:41:18

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x850cf3c0

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini020110-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini012610-01.dmp

Crash Time : 26/01/2010 17:23:12

Bug Check String : DRIVER_POWER_STATE_FAILURE

Bug Check Code : 0x0000009f

Parameter 1 : 0x00000003

Parameter 2 : 0x833b56b0

Parameter 3 : 0x84fc6030

Parameter 4 : 0x8bf2a760

Caused By Driver : ntkrnlpa.exe

Caused By Address : ntkrnlpa.exe+cd0e3

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6001.18427 (vistasp1_gdr.100218-0019)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : ntkrnlpa.exe+33b5c

Stack Address 2 : ntkrnlpa.exe+336ac

Stack Address 3 : ntkrnlpa.exe+b6c40

Computer Name :

Full Path : C:\Windows\Minidump\Mini012610-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini012510-01.dmp

Crash Time : 25/01/2010 21:31:48

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x84d40580

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini012510-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini121109-01.dmp

Crash Time : 11/12/2009 09:58:54

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x833aed78

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini121109-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini120809-01.dmp

Crash Time : 08/12/2009 21:56:03

Bug Check String : DRIVER_POWER_STATE_FAILURE

Bug Check Code : 0x0000009f

Parameter 1 : 0x00000003

Parameter 2 : 0x833656b0

Parameter 3 : 0x84fd4030

Parameter 4 : 0x84053578

Caused By Driver : ntkrnlpa.exe

Caused By Address : ntkrnlpa.exe+cd0e3

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6001.18427 (vistasp1_gdr.100218-0019)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : ntkrnlpa.exe+33b5c

Stack Address 2 : ntkrnlpa.exe+336ac

Stack Address 3 : ntkrnlpa.exe+b6c40

Computer Name :

Full Path : C:\Windows\Minidump\Mini120809-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,352

==================================================

==================================================

Dump File : Mini102609-01.dmp

Crash Time : 26/10/2009 12:35:58

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x831add78

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini102609-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,304

==================================================

==================================================

Dump File : Mini082609-01.dmp

Crash Time : 26/08/2009 03:13:26

Bug Check String : DRIVER_POWER_STATE_FAILURE

Bug Check Code : 0x0000009f

Parameter 1 : 0x00000003

Parameter 2 : 0x83fa0b70

Parameter 3 : 0x84d4f030

Parameter 4 : 0x859d9e28

Caused By Driver : ntkrnlpa.exe

Caused By Address : ntkrnlpa.exe+cd0e3

File Description : NT Kernel & System

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6001.18427 (vistasp1_gdr.100218-0019)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : ntkrnlpa.exe+33b5c

Stack Address 2 : ntkrnlpa.exe+336ac

Stack Address 3 : ntkrnlpa.exe+b6c40

Computer Name :

Full Path : C:\Windows\Minidump\Mini082609-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,304

==================================================

==================================================

Dump File : Mini082309-01.dmp

Crash Time : 23/08/2009 19:05:02

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x855a74c0

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini082309-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,304

==================================================

==================================================

Dump File : Mini081909-01.dmp

Crash Time : 19/08/2009 17:04:12

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x843fd460

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini081909-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,304

==================================================

==================================================

Dump File : Mini081809-01.dmp

Crash Time : 18/08/2009 21:48:48

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x85825bd8

Parameter 2 : 0x00000000

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : dxgkrnl.sys

Caused By Address : dxgkrnl.sys+15b60

File Description : DirectX Graphics Kernel

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 6.0.6000.16386 (vista_rtm.061101-2205)

Processor : 32-bit

Crash Address : ntkrnlpa.exe+cd0e3

Stack Address 1 : dxgkrnl.sys+15b60

Stack Address 2 : dxgkrnl.sys+d6cf

Stack Address 3 : atikmdag.sys+349e2

Computer Name :

Full Path : C:\Windows\Minidump\Mini081809-01.dmp

Processors Count : 1

Major Version : 15

Minor Version : 6001

Dump File Size : 138,304

==================================================

jcd106 · Jan 8, 2012

Ok, the BSOD from atikmdag.sy appears to be a pretty common issue with the catalyst control centre drivers. As a temporary check on that I renamed it to atikmdag.sy.old and tried booting to normal mode and it's booted fine (display settings are pretty borked but I guess that's down to the driver). What are the chances the BSOD was a completely unrelated issue and not caused by system-check? It's been running a few minutes now without system check or anti-malware 2012 popping or the mass of error messages. There is one message about the recycle bin being corrupted for C:\ and do I want to empty it.

Any suggestions for next steps antivirus wise? I'll look into the catalyst control centre issue to see how I can get round that.

Cheers

Broni · Jan 8, 2012

Good investigating job

Your computer was definitely infected.
The infection could have corrupted CCC files, or it was independent issue.
CCC doesn't need to run as a startup, so you can disable it altogether.

Now, when in normal mode, update MBAM, run "Quick scan" and post new log.
Then post fresh OTL log.

P.S. I'm not sure which setting is causing this but all your logs paste with double space, which requires a lot of scrolling. Can you fix it?

jcd106 · Jan 8, 2012

According to msconfig CCC is disabled at start up - not sure what's going on there.

I've tried update MBAM a couple of times but the internet connection on my laptop drops out everytime (including using a wired connection). It claims that I only have local access even though I'm currently using the same connection on the internet fine. After a while the update times out. Confused by that one. When it times out from this attempt I'll run the quick scan without updating.

As for logs I'm not sure but I'll try and fix it. Might be geany doing some strange formatting before I copy and paste.

Broni · Jan 8, 2012

According to msconfig CCC is disabled at start up - not sure what's going on there.

You may want to reinstall your video driver later.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

Make sure the following options are checked:

Internet Services

Windows Firewall

System Restore

Security Center

Windows Update

Press "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.

jcd106 · Jan 8, 2012

Here's the MBAM log. Running OTL scan currently and then will run the farbar one:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2011.12.24.05

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
J_D :: JD [administrator]

08/01/2012 23:06:41
mbam-log-2012-01-08 (23-06-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 169048
Time elapsed: 8 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Broni · Jan 8, 2012

Your MBAM version is very outdated.
That's why I wanted you to run FSS first so we can check what's wrong with your internet connection.
Please follow my instructions.

jcd106 · Jan 8, 2012

OTL log:

OTL logfile created on: 08/01/2012 23:18:15 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\J_D\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.75 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 72.97% Memory free
5.74 Gb Paging File | 5.10 Gb Available in Paging File | 88.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.28 Gb Total Space | 36.93 Gb Free Space | 26.52% Space Free | Partition Type: NTFS
Drive E: | 3.72 Gb Total Space | 3.58 Gb Free Space | 96.13% Space Free | Partition Type: FAT32

Computer Name: JD | User Name: J_D | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/08 12:04:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\J_D\Desktop\OTL.exe
PRC - [2010/10/12 16:28:26 | 000,726,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2010/10/12 16:24:38 | 000,304,568 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2010/06/23 12:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
PRC - [2010/06/23 12:51:30 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/12/02 21:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 21:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/09/09 22:43:19 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\J_D\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2008/10/29 06:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/14 13:05:18 | 006,253,088 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/21 02:33:24 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2007/01/05 02:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

========== Modules (No Company Name) ==========

MOD - [2010/03/24 20:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

========== Win32 Services (SafeList) ==========

SRV - [2010/07/26 15:01:58 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/06/23 12:52:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010/03/25 09:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/12/02 21:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 21:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2008/06/11 18:18:30 | 000,024,576 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2007/01/05 02:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - [2010/07/14 11:51:56 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2010/05/15 15:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2010/03/09 00:18:14 | 000,061,067 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2010/03/09 00:18:14 | 000,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009/12/02 21:23:52 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2009/12/02 21:23:50 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2009/12/02 21:23:48 | 000,195,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2009/12/02 21:23:46 | 000,550,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2009/11/24 22:02:57 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/10/05 08:29:46 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/09/30 06:53:12 | 001,184,768 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/11 09:40:06 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2009/09/11 09:40:06 | 000,090,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2009/09/11 09:40:06 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2009/09/04 10:12:50 | 000,030,240 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2008/06/11 18:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/05/29 00:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008/04/28 13:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2007/04/18 03:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006/11/02 07:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=1008&m=d620

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=1008&m=d620
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0809&s=2&o=vb32&d=1008&m=d620
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.87
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1
FF - prefs.js..extensions.enabledItems: bartap@philikon.de:2.0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/30 00:14:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/20 23:49:07 | 000,000,000 | ---D | M]

[2009/07/10 19:01:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\J_D\AppData\Roaming\Mozilla\Extensions
[2011/12/30 18:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\J_D\AppData\Roaming\Mozilla\Firefox\Profiles\6e54mba6.default\extensions
[2011/07/16 22:58:21 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\J_D\AppData\Roaming\Mozilla\Firefox\Profiles\6e54mba6.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2011/10/03 17:54:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\J_D\AppData\Roaming\Mozilla\Firefox\Profiles\6e54mba6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/08 13:22:43 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\J_D\AppData\Roaming\Mozilla\Firefox\Profiles\6e54mba6.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/11/21 21:15:17 | 000,000,000 | ---D | M] (BarTab) -- C:\Users\J_D\AppData\Roaming\Mozilla\Firefox\Profiles\6e54mba6.default\extensions\bartap@philikon.de
[2011/12/30 18:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/02 20:01:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009/07/20 23:38:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010/10/12 15:33:32 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2010/10/12 15:37:06 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2010/10/12 15:35:42 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2010/10/12 15:34:56 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/12 17:16:54 | 000,484,768 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2010/10/12 15:37:02 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2011/03/16 17:14:58 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/03/16 17:14:58 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/03/16 17:14:58 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/03/16 17:14:58 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31ACEB1F-49A9-4F9A-9E49-A5190977EE7A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9320EF47-532A-4291-998C-C147787C40C9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9832C338-BCF0-44BA-B579-0F4693C7A223}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\J_D\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\J_D\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/08 17:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Free 8.5
[2012/01/08 12:09:39 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\J_D\Desktop\OTL.exe
[2012/01/07 23:44:18 | 000,000,000 | ---D | C] -- C:\Users\J_D\Desktop\bootkit_remover
[2012/01/07 23:39:33 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\J_D\Desktop\TDSSKiller.exe
[2012/01/07 16:05:57 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/07 14:38:47 | 000,000,000 | --SD | C] -- C:\Joe
[2012/01/07 13:07:27 | 004,369,970 | R--- | C] (Swearware) -- C:\Users\J_D\Desktop\Joe.exe
[2012/01/06 21:51:18 | 004,713,472 | ---- | C] (AVAST Software) -- C:\Users\J_D\Desktop\aswMBR.exe
[2012/01/06 17:29:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/06 17:29:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/06 17:29:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/06 17:29:44 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/06 17:29:41 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/06 16:56:02 | 000,000,000 | ---D | C] -- C:\Users\J_D\AV
[2012/01/06 15:53:06 | 000,000,000 | ---D | C] -- C:\Users\J_D\AppData\Roaming\Malwarebytes
[2012/01/06 15:52:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/06 15:52:55 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/01/06 15:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/06 15:52:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/06 13:50:55 | 000,000,000 | ---D | C] -- C:\From_Desktop
[2012/01/06 13:50:00 | 000,000,000 | ---D | C] -- C:\Job Applications CV etc. Joe
[2012/01/06 13:49:14 | 000,000,000 | ---D | C] -- C:\Wedding
[2012/01/06 13:47:41 | 000,000,000 | R--D | C] -- C:\Photos
[3 C:\Users\J_D\Documents\*.tmp files -> C:\Users\J_D\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/08 23:19:42 | 000,610,198 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/08 23:19:42 | 000,110,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/08 22:59:41 | 000,001,356 | ---- | M] () -- C:\Users\J_D\AppData\Local\d3d9caps.dat
[2012/01/08 22:28:04 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 22:28:02 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/08 22:26:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/08 20:28:47 | 160,348,364 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/01/08 12:04:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\J_D\Desktop\OTL.exe
[2012/01/06 21:54:28 | 000,000,512 | ---- | M] () -- C:\Users\J_D\Desktop\MBR.dat
[2012/01/06 21:48:18 | 004,713,472 | ---- | M] (AVAST Software) -- C:\Users\J_D\Desktop\aswMBR.exe
[2012/01/06 17:26:50 | 004,369,970 | R--- | M] (Swearware) -- C:\Users\J_D\Desktop\Joe.exe
[2012/01/06 15:52:57 | 000,000,932 | ---- | M] () -- C:\Users\J_D\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2011/12/30 21:25:27 | 000,000,631 | ---- | M] () -- C:\Users\J_D\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2011/12/23 14:52:26 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\J_D\Desktop\TDSSKiller.exe
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[3 C:\Users\J_D\Documents\*.tmp files -> C:\Users\J_D\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/08 17:52:21 | 000,000,945 | ---- | C] () -- C:\Users\J_D\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/08 17:52:21 | 000,000,940 | ---- | C] () -- C:\Users\J_D\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/01/08 17:52:21 | 000,000,938 | ---- | C] () -- C:\Users\J_D\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/01/08 17:52:21 | 000,000,802 | ---- | C] () -- C:\Users\J_D\Application Data\Microsoft\Internet Explorer\Quick Launch\Programmer's Notepad.lnk
[2012/01/08 17:52:21 | 000,000,631 | ---- | C] () -- C:\Users\J_D\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/01/08 17:52:21 | 000,000,258 | ---- | C] () -- C:\Users\J_D\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/01/08 17:52:21 | 000,000,240 | ---- | C] () -- C:\Users\J_D\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/08 17:52:19 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk
[2012/01/08 17:52:19 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
[2012/01/08 17:52:19 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/01/08 17:52:19 | 000,001,770 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
[2012/01/08 17:52:19 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
[2012/01/08 17:52:19 | 000,001,757 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
[2012/01/08 17:52:19 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/01/08 17:52:19 | 000,001,703 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk
[2012/01/08 17:52:19 | 000,000,948 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2012/01/08 17:52:19 | 000,000,893 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2012/01/06 21:54:28 | 000,000,512 | ---- | C] () -- C:\Users\J_D\Desktop\MBR.dat
[2012/01/06 17:29:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/06 17:29:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/06 17:29:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/06 17:29:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/06 17:29:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/06 15:52:57 | 000,000,932 | ---- | C] () -- C:\Users\J_D\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2010/06/10 18:18:28 | 000,000,221 | ---- | C] () -- C:\Windows\NCLogConfig.ini
[2010/05/05 12:52:20 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/04/26 10:43:51 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/04/26 10:43:51 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/03/09 07:53:06 | 000,188,416 | ---- | C] () -- C:\Windows\System32\ftdiunin.exe
[2010/03/09 07:53:06 | 000,000,133 | ---- | C] () -- C:\Windows\System32\ftdiun2k.ini
[2009/12/17 11:14:17 | 000,228,648 | ---- | C] () -- C:\Windows\OptChecker.exe
[2009/11/27 18:32:35 | 000,130,834 | ---- | C] () -- C:\Windows\hpoins18.dat
[2009/11/27 18:28:19 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2009/11/20 09:16:29 | 000,000,642 | ---- | C] () -- C:\Users\J_D\AppData\Roaming\wklnhst.dat
[2009/11/13 22:58:59 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/10/06 16:49:18 | 000,008,704 | ---- | C] () -- C:\Users\J_D\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/25 01:30:01 | 000,001,356 | ---- | C] () -- C:\Users\J_D\AppData\Local\d3d9caps.dat
[2009/07/20 19:17:58 | 000,122,880 | ---- | C] () -- C:\Windows\System32\AitVirtualComInstall.exe
[2009/07/20 19:10:48 | 000,307,200 | ---- | C] () -- C:\Windows\System32\InstallVCOM.exe
[2009/07/14 18:51:25 | 000,000,138 | ---- | C] () -- C:\Users\J_D\AppData\Roaming\wpstate.ini
[2009/07/10 19:04:55 | 000,011,854 | ---- | C] () -- C:\Program Files\MPLAB_LicenseAgreement.rtf
[2009/07/10 18:38:19 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/07/04 14:30:03 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2009/07/04 14:28:50 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009/07/04 14:28:50 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009/07/04 14:28:50 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009/06/08 05:31:24 | 000,081,920 | ---- | C] () -- C:\Windows\System32\MPMapTrace.dll
[2009/06/08 04:56:40 | 000,364,544 | ---- | C] () -- C:\Windows\System32\mpPathan.dll
[2008/10/25 02:24:22 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/08/27 23:14:28 | 000,001,024 | R--- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/08/27 23:14:28 | 000,001,024 | R--- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/08/27 22:49:15 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/08/27 22:49:15 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2008/08/27 22:49:15 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008/08/27 22:49:15 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2008/08/27 22:48:57 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/08/27 22:48:57 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/08/27 22:48:57 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/08/27 22:46:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/08/15 05:47:01 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/05/04 16:39:34 | 000,002,560 | ---- | C] () -- C:\Windows\System32\ViaClassCoInstaller.dll
[2008/01/21 02:33:53 | 000,100,043 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2006/12/13 15:03:14 | 000,074,240 | ---- | C] () -- C:\Windows\System32\zlibwapi.dll
[2006/11/02 12:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:44:53 | 000,445,056 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 10:33:01 | 000,610,198 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,110,716 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 07:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2001/12/26 23:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 06:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 23:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 05:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

< End of report >

jcd106 · Jan 8, 2012

Farbar:

Farbar Service Scanner
Ran by J_D (administrator) on 08-01-2012 at 23:22:42
Microsoft® Windows Vista Home Basic Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Attempt to access Yahoo IP returend error: Yahoo IP is offline

Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking LEGACY_MpsSvc: Attention! Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.
Checking LEGACY_bfe: Attention! Unable to open LEGACY_bfe\0000 registry key. The key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0

System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: Attention! Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
===========

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll
[2008-01-21 02:33] - [2008-01-21 02:33] - 0204288 ____A (Microsoft Corporation) 43A988A9C10333476CB5FB667CBD629D

C:\Windows\system32\Drivers\afd.sys
[2008-01-21 02:33] - [2008-01-21 02:33] - 0273920 ____A (Microsoft Corporation) 763E172A55177E478CB419F88FD0BA03

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2010-08-08 10:09] - [2010-04-05 17:03] - 0902024 ____A (Microsoft Corporation) A6A02EF5B5E40FBD31A1ADC577DA54BB

C:\Windows\system32\dnsrslvr.dll
[2008-01-21 02:34] - [2008-01-21 02:34] - 0086528 ____A (Microsoft Corporation) F5A0F1DA1ED8B429597E71D27D976E31

C:\Windows\system32\mpssvc.dll
[2008-01-21 02:34] - [2008-01-21 02:34] - 0393216 ____A (Microsoft Corporation) D1639BA315B0D79DEC49A4B0E1FB929B

C:\Windows\system32\bfe.dll
[2010-08-08 10:09] - [2010-04-05 16:28] - 0328704 ____A (Microsoft Corporation) 6A7F9DBFF69A04A05E85119A55BE0991

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe
[2008-01-21 02:33] - [2008-01-21 02:33] - 1054720 ____A (Microsoft Corporation) D5FB73D19C46ADE183F968E13F186B23

C:\Windows\system32\wscsvc.dll
[2008-01-21 02:33] - [2008-01-21 02:33] - 0061440 ____A (Microsoft Corporation) 683DD16B590372F2C9661D277F35E49C

C:\Windows\system32\wbem\WMIsvc.dll
[2008-01-21 02:34] - [2008-01-21 02:34] - 0161792 ____A (Microsoft Corporation) 00B79A7C984678F24CF052E5BEB3A2F5

C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2008-01-21 02:34] - [2008-01-21 02:34] - 0758272 ____A (Microsoft Corporation) 02ED7B4DBC2A3232A389106DA7515C3D

C:\Windows\system32\es.dll
[2009-07-03 20:04] - [2008-04-18 05:48] - 0269312 ____A (Microsoft Corporation) 3CB3343D720168B575133A0A20DC2465

C:\Windows\system32\cryptsvc.dll
[2008-01-21 02:34] - [2008-01-21 02:34] - 0128000 ____A (Microsoft Corporation) 6DE363F9F99334514C46AEC02D3E3678

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2009-07-03 20:05] - [2009-03-03 04:39] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830

**** End of log ****

Broni · Jan 8, 2012

Internet settings seem to be fine in the above log.

It looks like Windows firewall is not working though.
Are you behind a router?

Please download MiniToolBox and run it.

Checkmark following boxes:

Report IE Proxy Settings

Report FF Proxy Settings

List content of Hosts

List IP configuration

List Winsock Entries

List last 10 Event Viewer log

List Devices (do NOT change any settings here)

List Users, Partitions and Memory size

Click Go and post the result.

jcd106 · Jan 8, 2012

Behind a router and zonealarm firewall instead of the windows firewall.

Minitoolbox log:

MiniToolBox by Farbar
Ran by J_D (administrator) on 08-01-2012 at 23:34:55
Microsoft® Windows Vista Home Basic Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection (Connected)
Generic Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : jd
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : dlink.com

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : dlink.com
Description . . . . . . . . . . . : Generic Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-1D-72-DE-65-65
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : dlink.com
Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
Physical Address. . . . . . . . . : 00-23-4D-A4-E0-1F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 08 January 2012 22:28:16
Lease Expires . . . . . . . . . . : 07 February 2012 23:01:58
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 209.85.147.106
209.85.147.99
209.85.147.103
209.85.147.147
209.85.147.105
209.85.147.104

Pinging google.com [209.85.147.106] with 32 bytes of data:

Request timed out.

Request timed out.

Ping statistics for 209.85.147.106:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.137.149.56
98.139.180.149
209.191.122.70
72.30.2.43

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Request timed out.

Request timed out.

Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Request timed out.

Request timed out.

Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 1d 72 de 65 65 ...... Generic Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
10 ...00 23 4d a4 e0 1f ...... Atheros AR5007EG Wireless Network Adapter
1 ........................... Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/08/2012 10:37:17 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0062-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (01/08/2012 10:28:36 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error description: The specified module could not be found. .

Error: (01/08/2012 10:27:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/08/2012 10:27:17 PM) (Source: CVHSVC) (User: )
Description: Information only.
The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (01/08/2012 08:30:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/08/2012 08:30:10 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/08/2012 08:26:41 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (01/08/2012 05:52:28 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/08/2012 05:49:43 PM) (Source: LoadPerf) (User: )
Description: WmiApRplWmiApRpl8

Error: (01/08/2012 05:49:43 PM) (Source: LoadPerf) (User: )
Description: 0098

System errors:
=============
Error: (01/08/2012 10:27:18 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (01/08/2012 10:27:18 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (01/08/2012 10:27:18 PM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (01/08/2012 10:27:18 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (01/08/2012 10:27:01 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (01/08/2012 08:30:46 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (01/08/2012 08:30:30 PM) (Source: Service Control Manager) (User: )
Description: ctxusbm
spldr
sptd
Wanarpv6

Error: (01/08/2012 08:30:30 PM) (Source: Service Control Manager) (User: )
Description: Client Virtualization HandlerApplication Virtualization Client%%1068

Error: (01/08/2012 08:30:30 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (01/08/2012 08:30:30 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Microsoft Office Sessions:
=========================

========================= Devices: ================================

Name: ATI Radeon X1250
Description: ATI Radeon X1250
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: atikmdag
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 2813.37 MB
Available physical RAM: 2041.36 MB
Total Pagefile: 5879.3 MB
Available Pagefile: 5206.26 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.49 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:139.28 GB) (Free:36.93 GB) NTFS
3 Drive e: () (Removable) (Total:3.72 GB) (Free:3.58 GB) FAT32

========================= Users: ========================================

User accounts for \\JD

Administrator Guest J_D

**** End of log ****

Broni · Jan 8, 2012

All settings are correct but there is no connection.

I want you to check two things.

1. If hardwired connection works in normal mode.
2. Restart in Safe Mode with Networking. See if wireless/wired connection works there.

jcd106 · Jan 8, 2012

Nope. Not got any connection with wired or using safe mode

Broni · Jan 8, 2012

I assume that you have some other computer on the same router and it works fine?

If so, try these basic steps....

Make sure, your settings are correct.
1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
4. For a wired network connection, right-click Local Area Connection, and then select Properties.
For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol version 4 (TCP/IPv4), make sure it is checked, and then click Properties
6. Make sure Obtain an IP Address Automatically and Obtain DNS server address Automatically are checked.
7. Click on "Advanced" button and make sure "IP Settings" tab looks like this:

Make sure "DNS" tab looks like this:

Make sure "WINS" tab looks like this:

8. Still in Control Panel double click on "Internet options" then "Connections" tab then "LAN Settings" button. Make sure "Automatically detect settings" is checked.
If you made any changes OK your way out.
Restart computer.

If that doesn't work...
Turn off computer. Disconnect router, and modem from power source for 1 minute. At the same time disconnect ethernet cable as well.
Reconnect everything.
Restart computer.

If that doesn't work, bypass router, and connect computer straight to the modem.

If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"

Restart computer.

If that doesn't work...
Go Start>Run (Start search in Vista and 7), type in:
cmd
Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).

At Command Prompt, type in:
netsh int ip reset reset.log
Hit Enter.
Type in:
netsh winsock reset catalog
Hit Enter.

Apply Fixit from: http://support.microsoft.com/kb/811259/en-us

TechSpot

[Inactive] [A] Vista System Check and Anti-malware 2012 removal

jcd106 Newcomer, in training

jcd106 Newcomer, in training

Broni Malware Annihilator

jcd106 Newcomer, in training

Broni Malware Annihilator

jcd106 Newcomer, in training

Broni Malware Annihilator

jcd106 Newcomer, in training

jcd106 Newcomer, in training

Broni Malware Annihilator

jcd106 Newcomer, in training

Broni Malware Annihilator

jcd106 Newcomer, in training

Broni Malware Annihilator