Greetings,
I am having an Issue with Page Fault in Non Paged Area BSOD's.
I am using Windows XP SP3 and read the topic Page Fault in Non Paged Area--Windows XP noticed I was having the same issues so followed the steps on Mflynns post, I followed all the instructions and still could not boot into Regular XP mode(Launches to Desktop then proceeds to BSOD again).
I have followed all the steps in the Techspot 8 Steps guide and alas still nothing has worked.
Please see the attatched logs and try and help me out if you can!
GMER:
GMER 1.0.15.15477 - http://www.gmer.net
Rootkit scan 2010-10-22 10:41:19
Windows 5.1.2600 Service Pack 3
Running: f8v2le6l.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kwpyrfob.sys
---- Kernel code sections - GMER 1.0.15 ----
? ogcjj.sys The system cannot find the file specified. !
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Cdfs \Cdfs B9B7D400
---- EOF - GMER 1.0.15 ----
MBAM
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4914
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 6.0.2900.5512
10/22/2010 10:11:12 AM
mbam-log-2010-10-22 (10-11-12).txt
Scan type: Quick scan
Objects scanned: 143353
Time elapsed: 3 minute(s), 12 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\m8t6_malank_a1t (Rogue.AntiMalwarePro) -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\AntiMalware Pro\AntiMalwarePro.exe (Rogue.AntiMalwarePro) -> No action taken.
C:\Documents and Settings\Administrator\Desktop\anti-malware-pro-v04.exe (Rogue.Installer) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OP8RABCV\anti-malware-pro-v04[1].exe (Rogue.Installer) -> No action taken.
C:\Documents and Settings\All Users\Desktop\AntiMalwarePro.lnk (Rogue.AntiMalwarePro) -> No action taken.
C:\Program Files\AntiMalware Pro\Cl.exe (Rogue.AntiMalwarePro) -> No action taken.
C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiMalwarePro.lnk (Rogue.AntiMalwarePro) -> No action taken.
C:\WINDOWS\system32\VolumeMSPrLam.dll (Rogue.AntiMalwarePro) -> No action taken.
DDS:
DDS (Ver_10-10-21.02) - NTFSx86 NETWORK
Run by Administrator at 10:41:32.71 on Fri 10/22/2010
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1739 [GMT -7:00]
AV: AVG File Server Edition 2011 *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://global.acer.com
uSearch Page = hxxp://au.rd.yahoo.com/customize/ycomp/defaults/sp/*http://au.yahoo.com
uSearch Bar =
mDefault_Page_URL = hxxp://en.au.acer.yahoo.com
mStart Page = hxxp://en.au.acer.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\program files\autocompletepro\AutocompletePro.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [LaunchApp] Alaunch
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [Acer Empowering Technology Monitor] c:\windows\system32\SysMonitor.exe
mRun: [eLockMonitor] c:\acer\empowering technology\elock\monitor\LaunchMonitor.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe 0
mRun: [AdminWorks Tray] "c:\acer\lanscope agent\awtray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\eRAgent.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acerem~1.lnk - c:\acer\empowering technology\Acer.Empowering.Framework.Launcher.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
LSP: c:\windows\system32\lp.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1285890025921
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
================= FIREFOX ===================
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
============= SERVICES / DRIVERS ===============
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 249424]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-9-10 265400]
S2 AWService;AdminWorks Agent X6;c:\acer\lanscope agent\awServ.exe [2007-4-26 75032]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [2006-6-6 90112]
S2 LockServ;LockServ;c:\acer\empowering technology\elock\lockserv.exe -p --> c:\acer\empowering technology\elock\LockServ.exe -p [?]
S2 netlimiter;netlimiter;c:\windows\system32\drivers\NetLimiter.sys [2006-10-3 18072]
S2 netlock;netlock;c:\windows\system32\drivers\NetLock.sys [2007-5-30 14616]
S3 Acer ODDSpeedControl;Acer ODDSpeedControl;c:\acer\empowering technology\eacoustics\oddspeedctl\speedcontrol.exe [2010-9-30 81920]
S3 LP;LP;c:\program files\lowerping\LP.exe [2009-11-26 2375680]
=============== Created Last 30 ================
2010-10-22 17:06:29 -------- d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-10-22 17:06:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-22 17:06:23 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-22 17:06:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-22 17:06:23 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-10-22 16:55:43 -------- d-----w- c:\docume~1\admini~1\applic~1\AVP 2009
2010-10-22 16:55:41 -------- d-----w- c:\program files\AntiMalware Pro
2010-10-22 16:37:56 -------- d-s---w- c:\documents and settings\administrator\UserData
2010-10-22 16:33:03 -------- d-sh--w- c:\documents and settings\administrator\wc
2010-10-22 16:32:59 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\Lowerping
2010-10-22 16:32:54 -------- d-sh--w- c:\docume~1\admini~1\applic~1\wyUpdate AU
2010-10-22 16:14:34 -------- d-----w- c:\docume~1\admini~1\applic~1\KC Softwares
2010-10-22 16:12:58 -------- d-----w- c:\program files\KC Softwares
2010-10-22 16:12:58 -------- d-----w- c:\program files\AutocompletePro
2010-10-22 16:08:58 -------- d-----w- c:\program files\CCleaner
2010-10-22 15:25:19 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-10-22 15:25:19 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-18 07:41:21 -------- d-----w- c:\program files\VideoLAN
2010-10-18 06:36:19 -------- d-----w- c:\program files\uTorrent
2010-10-17 06:09:37 -------- d-----r- c:\program files\Skype
2010-10-13 02:22:55 215016 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-10-13 02:06:01 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-10-13 02:05:37 215016 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-10-13 02:05:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-10-13 02:05:32 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-10-13 02:05:32 -------- d-----w- c:\windows\system32\LogFiles
2010-10-13 01:44:22 -------- d-----w- c:\program files\EA Games
2010-10-11 01:03:45 -------- d-----w- c:\program files\World of Warcraft Public Test
2010-10-11 00:53:17 -------- d-----w- c:\program files\PTR Installer 4.0.0.12824 enUS
2010-10-08 01:40:10 196608 ----a-w- c:\windows\system32\lp.dll
2010-10-08 01:40:03 -------- d-----w- c:\program files\LowerPing
2010-10-07 08:54:09 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-10-07 08:49:34 -------- d-----w- c:\program files\MSXML 6.0
2010-10-04 16:27:59 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-10-04 16:27:59 215920 ----a-w- c:\windows\system32\muweb.dll
2010-10-04 16:27:59 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-10-04 05:02:21 -------- d-----w- c:\docume~1\alluse~1\applic~1\Wowhead
2010-10-03 21:04:26 -------- d-----w- c:\program files\Microsoft
2010-10-03 21:04:10 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-10-03 20:59:53 -------- d-----w- c:\program files\common files\Windows Live
2010-10-03 20:30:28 -------- d-----w- c:\program files\Ventrilo
2010-10-03 20:30:12 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2010-10-02 20:32:11 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-10-02 20:21:39 -------- d-----w- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment
2010-10-02 01:22:10 -------- d-----w- c:\windows\pss
2010-10-01 21:36:53 -------- d--h--w- C:\$AVG
2010-10-01 20:19:03 -------- d-----w- c:\windows\system32\XPSViewer
2010-10-01 20:18:35 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-10-01 20:18:25 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-10-01 20:18:25 117760 ------w- c:\windows\system32\prntvpt.dll
2010-10-01 20:18:24 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-10-01 20:18:24 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-10-01 20:18:24 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-10-01 20:18:24 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-10-01 20:18:23 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-10-01 20:18:23 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-10-01 20:04:12 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-10-01 19:00:10 -------- d-----w- c:\program files\World of Warcraft
2010-10-01 19:00:10 -------- d-----w- c:\program files\common files\Blizzard Entertainment
2010-10-01 18:59:08 -------- d-----w- c:\docume~1\alluse~1\applic~1\Blizzard
2010-10-01 00:58:17 -------- d-----w- c:\program files\JRE
2010-10-01 00:58:15 -------- d-----w- c:\program files\OpenOffice.org 3
2010-10-01 00:57:57 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-10-01 00:57:57 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-01 00:50:59 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2010-10-01 00:50:36 -------- d-----w- c:\windows\system32\drivers\AVG
2010-10-01 00:50:36 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
2010-10-01 00:50:19 -------- d-----w- c:\program files\AVG
2010-10-01 00:49:08 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2010-10-01 00:31:43 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-10-01 00:31:26 354304 -c----w- c:\windows\system32\dllcache\srv.sys
2010-10-01 00:29:57 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-10-01 00:29:23 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-10-01 00:26:47 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-10-01 00:25:25 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-10-01 00:25:23 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-10-01 00:25:13 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-10-01 00:25:13 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-10-01 00:13:04 -------- d-----w- c:\windows\system32\scripting
2010-10-01 00:13:04 -------- d-----w- c:\windows\system32\en
2010-10-01 00:13:04 -------- d-----w- c:\windows\l2schemas
2010-10-01 00:13:03 -------- d-----w- c:\windows\system32\bits
2010-10-01 00:11:26 -------- d-----w- c:\windows\ServicePackFiles
2010-10-01 00:09:34 -------- d-----w- c:\windows\network diagnostic
2010-09-30 23:41:44 -------- d-----w- c:\windows\system32\PreInstall
2010-09-30 23:37:49 -------- d-----w- c:\windows\system32\SoftwareDistribution
2010-09-30 23:24:56 -------- d-----w- c:\program files\commercial
2010-09-30 23:20:51 155648 ----a-w- c:\windows\system32\DetectEIST.dll
2010-09-30 23:19:59 321024 ----a-w- c:\windows\system32\ERUpdateHidden.EXE
2010-09-30 23:19:59 258048 ----a-w- c:\windows\system32\Uninstall_eRecovery.exe
2010-09-30 23:19:59 258048 ----a-w- c:\windows\system32\CheckD2DSystem.exe
2010-09-30 23:19:59 16384 ----a-w- c:\windows\system32\ClearEvent.exe
2010-09-30 23:19:59 159744 ----a-w- c:\windows\system32\CloseProcessWindow.dll
2010-09-30 23:19:43 172032 ----a-w- c:\windows\system32\igfxres.dll
2010-09-30 21:04:54 319456 ----a-w- c:\windows\system32\difxapi.dll
2010-09-30 20:56:04 414 ----a-w- c:\windows\RESNDVD9TO5.REG
2010-09-30 20:56:04 410 ----a-w- c:\windows\RESWVEDIT.REG
2010-09-30 20:56:03 220 ----a-w- c:\windows\ERY-RUN.REG
2010-09-27 21:42:42 1156488 ----a-w- c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
==================== Find3M ====================
2010-09-30 20:56:04 791 ----a-w- c:\windows\CLEANUP.CMD
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
============= FINISH: 10:41:42.23 ===============
DDS Attatch
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-10-21.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/30/2010 4:16:17 PM
System Uptime: 10/22/2010 10:12:02 AM (0 hours ago)
Motherboard: Acer | | G31
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz | CPU 1 | 2327/333mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 146 GiB total, 85.183 GiB free.
D: is FIXED (FAT32) - 146 GiB total, 146.281 GiB free.
E: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 802.11g Network Adapter
Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_04221468&REV_01\4&38D2602C&0&00E1
Manufacturer: Broadcom
Name: Broadcom 802.11g Network Adapter
PNP Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_04221468&REV_01\4&38D2602C&0&00E1
Service: BCM43XX
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/1000 PL Network Connection
Device ID: PCI\VEN_8086&DEV_109A&SUBSYS_0DF5105B&REV_00\4&4C5E15F&0&00E2
Manufacturer: Intel
Name: Intel(R) PRO/1000 PL Network Connection
PNP Device ID: PCI\VEN_8086&DEV_109A&SUBSYS_0DF5105B&REV_00\4&4C5E15F&0&00E2
Service: e1express
==== System Restore Points ===================
RP38: 10/22/2010 8:23:33 AM - Restore Operation
==== Installed Programs ======================
µTorrent
Acer eAcoustics Management
Acer eDataSecurity Management
Acer eDataSecurity Management 2.0.4093
Acer eLock Management
Acer Empowering Technology
Acer ePerformance Management
Acer eProtection
Acer eSettings Management
Acer LANScope Agent
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.0
AntiMalware_Pro 2.1
AutocompletePro
AVG 2011
Battlefield Heroes
Business Contact Manager for Outlook 2007
CCleaner
commercial
eSobi v2
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB981793)
Intel(R) PRO Network Connections Drivers
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
KC Softwares KCleaner
LightScribe 1.4.142.1
LowerPing
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Small Business Connectivity Components
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.10)
MSVCRT
MSXML 6.0 Parser
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
OCA Client history tool install
OpenOffice.org 3.2
PowerDVD
PunkBuster Services
Realtek High Definition Audio Driver
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Segoe UI
Skype Toolbars
Skype™ 5.0
Update for Windows XP (KB2141007)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Ventrilo Client
VLC media player 1.1.4
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows XP Service Pack 3
World of Warcraft
World of Warcraft Public Test
Yahoo! Toolbar
==== Event Viewer Messages From Past Week ========
10/22/2010 9:33:04 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service LP with arguments "-Service" in order to run the server: {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
10/22/2010 9:17:51 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
10/22/2010 9:15:21 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service ntmssvc with arguments "-Service" in order to run the server: {D61A27C6-8F53-11D0-BFA0-00A024151983}
10/22/2010 9:05:19 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service LP with arguments "-Service" in order to run the server: {B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
10/22/2010 9:05:08 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 Fips intelppm
10/22/2010 9:00:14 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
10/22/2010 8:59:45 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx86 Avgmfx86 Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip WS2IFSL
10/22/2010 8:59:45 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
10/22/2010 8:59:45 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/22/2010 8:59:45 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/22/2010 8:59:45 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
10/22/2010 10:12:44 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
10/21/2010 4:06:47 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/21/2010 4:06:37 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
10/21/2010 4:01:22 AM, error: Service Control Manager [7024] - The SQL Server (MSSMLBIZ) service terminated with service-specific error 3417 (0xD59).
==== End Of File ===========================
Thankyou in Advance,
Malessick
I am having an Issue with Page Fault in Non Paged Area BSOD's.
I am using Windows XP SP3 and read the topic Page Fault in Non Paged Area--Windows XP noticed I was having the same issues so followed the steps on Mflynns post, I followed all the instructions and still could not boot into Regular XP mode(Launches to Desktop then proceeds to BSOD again).
I have followed all the steps in the Techspot 8 Steps guide and alas still nothing has worked.
Please see the attatched logs and try and help me out if you can!
GMER:
GMER 1.0.15.15477 - http://www.gmer.net
Rootkit scan 2010-10-22 10:41:19
Windows 5.1.2600 Service Pack 3
Running: f8v2le6l.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kwpyrfob.sys
---- Kernel code sections - GMER 1.0.15 ----
? ogcjj.sys The system cannot find the file specified. !
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Cdfs \Cdfs B9B7D400
---- EOF - GMER 1.0.15 ----
MBAM
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4914
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 6.0.2900.5512
10/22/2010 10:11:12 AM
mbam-log-2010-10-22 (10-11-12).txt
Scan type: Quick scan
Objects scanned: 143353
Time elapsed: 3 minute(s), 12 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\m8t6_malank_a1t (Rogue.AntiMalwarePro) -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\AntiMalware Pro\AntiMalwarePro.exe (Rogue.AntiMalwarePro) -> No action taken.
C:\Documents and Settings\Administrator\Desktop\anti-malware-pro-v04.exe (Rogue.Installer) -> No action taken.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OP8RABCV\anti-malware-pro-v04[1].exe (Rogue.Installer) -> No action taken.
C:\Documents and Settings\All Users\Desktop\AntiMalwarePro.lnk (Rogue.AntiMalwarePro) -> No action taken.
C:\Program Files\AntiMalware Pro\Cl.exe (Rogue.AntiMalwarePro) -> No action taken.
C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiMalwarePro.lnk (Rogue.AntiMalwarePro) -> No action taken.
C:\WINDOWS\system32\VolumeMSPrLam.dll (Rogue.AntiMalwarePro) -> No action taken.
DDS:
DDS (Ver_10-10-21.02) - NTFSx86 NETWORK
Run by Administrator at 10:41:32.71 on Fri 10/22/2010
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1739 [GMT -7:00]
AV: AVG File Server Edition 2011 *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://global.acer.com
uSearch Page = hxxp://au.rd.yahoo.com/customize/ycomp/defaults/sp/*http://au.yahoo.com
uSearch Bar =
mDefault_Page_URL = hxxp://en.au.acer.yahoo.com
mStart Page = hxxp://en.au.acer.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\program files\autocompletepro\AutocompletePro.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [LaunchApp] Alaunch
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [Acer Empowering Technology Monitor] c:\windows\system32\SysMonitor.exe
mRun: [eLockMonitor] c:\acer\empowering technology\elock\monitor\LaunchMonitor.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe 0
mRun: [AdminWorks Tray] "c:\acer\lanscope agent\awtray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\eRAgent.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acerem~1.lnk - c:\acer\empowering technology\Acer.Empowering.Framework.Launcher.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
LSP: c:\windows\system32\lp.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1285890025921
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
================= FIREFOX ===================
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
============= SERVICES / DRIVERS ===============
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 249424]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-9-10 265400]
S2 AWService;AdminWorks Agent X6;c:\acer\lanscope agent\awServ.exe [2007-4-26 75032]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [2006-6-6 90112]
S2 LockServ;LockServ;c:\acer\empowering technology\elock\lockserv.exe -p --> c:\acer\empowering technology\elock\LockServ.exe -p [?]
S2 netlimiter;netlimiter;c:\windows\system32\drivers\NetLimiter.sys [2006-10-3 18072]
S2 netlock;netlock;c:\windows\system32\drivers\NetLock.sys [2007-5-30 14616]
S3 Acer ODDSpeedControl;Acer ODDSpeedControl;c:\acer\empowering technology\eacoustics\oddspeedctl\speedcontrol.exe [2010-9-30 81920]
S3 LP;LP;c:\program files\lowerping\LP.exe [2009-11-26 2375680]
=============== Created Last 30 ================
2010-10-22 17:06:29 -------- d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-10-22 17:06:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-22 17:06:23 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-22 17:06:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-22 17:06:23 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-10-22 16:55:43 -------- d-----w- c:\docume~1\admini~1\applic~1\AVP 2009
2010-10-22 16:55:41 -------- d-----w- c:\program files\AntiMalware Pro
2010-10-22 16:37:56 -------- d-s---w- c:\documents and settings\administrator\UserData
2010-10-22 16:33:03 -------- d-sh--w- c:\documents and settings\administrator\wc
2010-10-22 16:32:59 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\Lowerping
2010-10-22 16:32:54 -------- d-sh--w- c:\docume~1\admini~1\applic~1\wyUpdate AU
2010-10-22 16:14:34 -------- d-----w- c:\docume~1\admini~1\applic~1\KC Softwares
2010-10-22 16:12:58 -------- d-----w- c:\program files\KC Softwares
2010-10-22 16:12:58 -------- d-----w- c:\program files\AutocompletePro
2010-10-22 16:08:58 -------- d-----w- c:\program files\CCleaner
2010-10-22 15:25:19 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-10-22 15:25:19 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-18 07:41:21 -------- d-----w- c:\program files\VideoLAN
2010-10-18 06:36:19 -------- d-----w- c:\program files\uTorrent
2010-10-17 06:09:37 -------- d-----r- c:\program files\Skype
2010-10-13 02:22:55 215016 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-10-13 02:06:01 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-10-13 02:05:37 215016 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-10-13 02:05:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-10-13 02:05:32 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-10-13 02:05:32 -------- d-----w- c:\windows\system32\LogFiles
2010-10-13 01:44:22 -------- d-----w- c:\program files\EA Games
2010-10-11 01:03:45 -------- d-----w- c:\program files\World of Warcraft Public Test
2010-10-11 00:53:17 -------- d-----w- c:\program files\PTR Installer 4.0.0.12824 enUS
2010-10-08 01:40:10 196608 ----a-w- c:\windows\system32\lp.dll
2010-10-08 01:40:03 -------- d-----w- c:\program files\LowerPing
2010-10-07 08:54:09 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-10-07 08:49:34 -------- d-----w- c:\program files\MSXML 6.0
2010-10-04 16:27:59 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-10-04 16:27:59 215920 ----a-w- c:\windows\system32\muweb.dll
2010-10-04 16:27:59 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-10-04 05:02:21 -------- d-----w- c:\docume~1\alluse~1\applic~1\Wowhead
2010-10-03 21:04:26 -------- d-----w- c:\program files\Microsoft
2010-10-03 21:04:10 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-10-03 20:59:53 -------- d-----w- c:\program files\common files\Windows Live
2010-10-03 20:30:28 -------- d-----w- c:\program files\Ventrilo
2010-10-03 20:30:12 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2010-10-02 20:32:11 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2010-10-02 20:21:39 -------- d-----w- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment
2010-10-02 01:22:10 -------- d-----w- c:\windows\pss
2010-10-01 21:36:53 -------- d--h--w- C:\$AVG
2010-10-01 20:19:03 -------- d-----w- c:\windows\system32\XPSViewer
2010-10-01 20:18:35 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-10-01 20:18:25 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-10-01 20:18:25 117760 ------w- c:\windows\system32\prntvpt.dll
2010-10-01 20:18:24 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-10-01 20:18:24 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-10-01 20:18:24 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-10-01 20:18:24 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-10-01 20:18:23 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-10-01 20:18:23 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-10-01 20:04:12 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-10-01 19:00:10 -------- d-----w- c:\program files\World of Warcraft
2010-10-01 19:00:10 -------- d-----w- c:\program files\common files\Blizzard Entertainment
2010-10-01 18:59:08 -------- d-----w- c:\docume~1\alluse~1\applic~1\Blizzard
2010-10-01 00:58:17 -------- d-----w- c:\program files\JRE
2010-10-01 00:58:15 -------- d-----w- c:\program files\OpenOffice.org 3
2010-10-01 00:57:57 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-10-01 00:57:57 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-01 00:50:59 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2010-10-01 00:50:36 -------- d-----w- c:\windows\system32\drivers\AVG
2010-10-01 00:50:36 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
2010-10-01 00:50:19 -------- d-----w- c:\program files\AVG
2010-10-01 00:49:08 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2010-10-01 00:31:43 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-10-01 00:31:26 354304 -c----w- c:\windows\system32\dllcache\srv.sys
2010-10-01 00:29:57 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-10-01 00:29:23 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-10-01 00:26:47 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-10-01 00:25:25 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-10-01 00:25:23 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-10-01 00:25:13 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-10-01 00:25:13 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-10-01 00:13:04 -------- d-----w- c:\windows\system32\scripting
2010-10-01 00:13:04 -------- d-----w- c:\windows\system32\en
2010-10-01 00:13:04 -------- d-----w- c:\windows\l2schemas
2010-10-01 00:13:03 -------- d-----w- c:\windows\system32\bits
2010-10-01 00:11:26 -------- d-----w- c:\windows\ServicePackFiles
2010-10-01 00:09:34 -------- d-----w- c:\windows\network diagnostic
2010-09-30 23:41:44 -------- d-----w- c:\windows\system32\PreInstall
2010-09-30 23:37:49 -------- d-----w- c:\windows\system32\SoftwareDistribution
2010-09-30 23:24:56 -------- d-----w- c:\program files\commercial
2010-09-30 23:20:51 155648 ----a-w- c:\windows\system32\DetectEIST.dll
2010-09-30 23:19:59 321024 ----a-w- c:\windows\system32\ERUpdateHidden.EXE
2010-09-30 23:19:59 258048 ----a-w- c:\windows\system32\Uninstall_eRecovery.exe
2010-09-30 23:19:59 258048 ----a-w- c:\windows\system32\CheckD2DSystem.exe
2010-09-30 23:19:59 16384 ----a-w- c:\windows\system32\ClearEvent.exe
2010-09-30 23:19:59 159744 ----a-w- c:\windows\system32\CloseProcessWindow.dll
2010-09-30 23:19:43 172032 ----a-w- c:\windows\system32\igfxres.dll
2010-09-30 21:04:54 319456 ----a-w- c:\windows\system32\difxapi.dll
2010-09-30 20:56:04 414 ----a-w- c:\windows\RESNDVD9TO5.REG
2010-09-30 20:56:04 410 ----a-w- c:\windows\RESWVEDIT.REG
2010-09-30 20:56:03 220 ----a-w- c:\windows\ERY-RUN.REG
2010-09-27 21:42:42 1156488 ----a-w- c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
==================== Find3M ====================
2010-09-30 20:56:04 791 ----a-w- c:\windows\CLEANUP.CMD
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
============= FINISH: 10:41:42.23 ===============
DDS Attatch
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-10-21.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/30/2010 4:16:17 PM
System Uptime: 10/22/2010 10:12:02 AM (0 hours ago)
Motherboard: Acer | | G31
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz | CPU 1 | 2327/333mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 146 GiB total, 85.183 GiB free.
D: is FIXED (FAT32) - 146 GiB total, 146.281 GiB free.
E: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 802.11g Network Adapter
Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_04221468&REV_01\4&38D2602C&0&00E1
Manufacturer: Broadcom
Name: Broadcom 802.11g Network Adapter
PNP Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_04221468&REV_01\4&38D2602C&0&00E1
Service: BCM43XX
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/1000 PL Network Connection
Device ID: PCI\VEN_8086&DEV_109A&SUBSYS_0DF5105B&REV_00\4&4C5E15F&0&00E2
Manufacturer: Intel
Name: Intel(R) PRO/1000 PL Network Connection
PNP Device ID: PCI\VEN_8086&DEV_109A&SUBSYS_0DF5105B&REV_00\4&4C5E15F&0&00E2
Service: e1express
==== System Restore Points ===================
RP38: 10/22/2010 8:23:33 AM - Restore Operation
==== Installed Programs ======================
µTorrent
Acer eAcoustics Management
Acer eDataSecurity Management
Acer eDataSecurity Management 2.0.4093
Acer eLock Management
Acer Empowering Technology
Acer ePerformance Management
Acer eProtection
Acer eSettings Management
Acer LANScope Agent
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.0
AntiMalware_Pro 2.1
AutocompletePro
AVG 2011
Battlefield Heroes
Business Contact Manager for Outlook 2007
CCleaner
commercial
eSobi v2
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB981793)
Intel(R) PRO Network Connections Drivers
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
KC Softwares KCleaner
LightScribe 1.4.142.1
LowerPing
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Small Business Connectivity Components
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.10)
MSVCRT
MSXML 6.0 Parser
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
OCA Client history tool install
OpenOffice.org 3.2
PowerDVD
PunkBuster Services
Realtek High Definition Audio Driver
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Segoe UI
Skype Toolbars
Skype™ 5.0
Update for Windows XP (KB2141007)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Ventrilo Client
VLC media player 1.1.4
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows XP Service Pack 3
World of Warcraft
World of Warcraft Public Test
Yahoo! Toolbar
==== Event Viewer Messages From Past Week ========
10/22/2010 9:33:04 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service LP with arguments "-Service" in order to run the server: {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
10/22/2010 9:17:51 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
10/22/2010 9:15:21 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service ntmssvc with arguments "-Service" in order to run the server: {D61A27C6-8F53-11D0-BFA0-00A024151983}
10/22/2010 9:05:19 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service LP with arguments "-Service" in order to run the server: {B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
10/22/2010 9:05:08 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 Fips intelppm
10/22/2010 9:00:14 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
10/22/2010 8:59:45 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx86 Avgmfx86 Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip WS2IFSL
10/22/2010 8:59:45 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
10/22/2010 8:59:45 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/22/2010 8:59:45 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/22/2010 8:59:45 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
10/22/2010 10:12:44 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
10/21/2010 4:06:47 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/21/2010 4:06:37 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
10/21/2010 4:01:22 AM, error: Service Control Manager [7024] - The SQL Server (MSSMLBIZ) service terminated with service-specific error 3417 (0xD59).
==== End Of File ===========================
Thankyou in Advance,
Malessick