TechSpot

Bsod persists - I am in need of guidance

By Richard Cohen
Jul 23, 2014
Post New Reply
  1. The following critical error occured

    BCCode : d1 BCP1 : 04C084B9 BCP2 : 00000002 BCP3 : 00000000
    BCP4 : B1527C50 OSVer : 5_1_2600 SP : 3_0 Product : 256_1

    COMBOfix reported as follows:
    ComboFix 14-07-22.01 - Richard 07/23/2014 8:23.1.4 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2059 [GMT -4:00]
    Running from: c:\my documents\APPZ\Utilities\Use With Caution\ComboFix.exe
    AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\22A6F36C02.sys
    c:\documents and settings\All Users\Application Data\uninstaller.exe
    c:\documents and settings\Richard\Application Data\inst.exe
    c:\documents and settings\Richard\GoToAssistDownloadHelper.exe
    c:\documents and settings\Richard\Start Menu\Internet Explorer.lnk
    C:\END
    c:\program files\DigiDNA\DiskAid\DiskAid.exe.txt
    C:\serverlist.dat
    C:\Thumbs.db
    c:\windows\125213.dll
    c:\windows\146286.dll
    c:\windows\EventSystem.log
    c:\windows\system32\NEW747.tmp
    c:\windows\system32\NEW755.tmp
    c:\windows\system32\SET1A8.tmp
    c:\windows\system32\SET1B4.tmp
    .
    .
    ((((((((((((((((((((((((( Files Created from 2014-06-23 to 2014-07-23 )))))))))))))))))))))))))))))))
    .
    .
    2014-07-16 18:02 . 2014-07-16 18:02 -------- d-----w- C:\NVIDIA
    2014-07-16 17:52 . 2012-07-03 15:25 28008 ----a-w- c:\windows\system32\nvhdap32.dll
    2014-07-16 17:52 . 2012-07-03 15:25 124264 ----a-w- c:\windows\system32\drivers\nvhda32.sys
    2014-07-16 17:52 . 2012-07-03 07:37 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
    2014-07-16 11:51 . 2014-07-16 11:51 -------- d-----w- c:\program files\AGEIA Technologies
    2014-07-16 11:48 . 2014-05-13 19:18 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
    2014-07-16 11:48 . 2012-02-29 20:30 54272 ----a-w- c:\windows\system32\nvwddi.dll
    2014-07-16 11:47 . 2014-07-16 22:44 293992 ----a-w- c:\windows\system32\nvdrsdb0.bin
    2014-07-16 11:47 . 2014-07-16 22:44 1 ----a-w- c:\windows\system32\nvdrssel.bin
    2014-07-16 11:47 . 2014-07-16 22:42 293992 ----a-w- c:\windows\system32\nvdrsdb1.bin
    2014-07-16 11:46 . 2014-05-20 02:32 9682944 ----a-w- c:\windows\system32\nvopencl.dll
    2014-07-16 11:46 . 2014-05-20 02:32 908744 ----a-w- c:\windows\system32\nvdispgenco32.dll
    2014-07-16 11:46 . 2012-02-29 23:58 5918720 ----a-w- c:\windows\system32\nvcuda.dll
    2014-07-16 11:46 . 2012-02-29 23:58 2291712 ----a-w- c:\windows\system32\nvapi.dll
    2014-07-16 11:46 . 2012-02-29 23:58 17534976 ----a-w- c:\windows\system32\nvcompiler.dll
    2014-07-16 11:46 . 2012-02-29 23:58 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
    2014-07-16 11:46 . 2012-02-29 23:58 18624512 ----a-w- c:\windows\system32\nvoglnt.dll
    2014-07-16 11:46 . 2012-02-29 23:58 2522944 ----a-w- c:\windows\system32\nvcuvid.dll
    2014-07-16 11:46 . 2012-02-29 23:58 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
    2014-07-16 11:33 . 2014-07-16 11:33 -------- d-----w- c:\documents and settings\Richard\Local Settings\Application Data\Nvidia Corporation
    2014-07-16 11:31 . 2014-07-16 11:32 -------- d-----w- c:\documents and settings\Richard\Local Settings\Application Data\NVIDIA
    2014-07-16 09:13 . 2014-02-26 01:59 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
    2014-07-16 09:13 . 2014-02-26 01:59 13312 ------w- c:\windows\system32\xp_eos.exe
    2014-07-15 12:15 . 2014-07-15 12:15 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
    2014-07-14 22:56 . 2014-07-14 22:56 -------- d-----w- c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
    2014-07-14 12:59 . 2014-07-14 12:59 -------- d-----w- c:\documents and settings\LocalService\Application Data\AVG
    2014-07-13 19:42 . 2014-07-13 19:42 -------- d-----w- c:\documents and settings\Richard\Local Settings\Application Data\Macroplant_LLC
    2014-07-13 19:42 . 2012-04-09 20:27 223760 ----a-w- c:\windows\system32\CbFsNetRdr3.dll
    2014-07-13 19:42 . 2012-04-09 20:27 158224 ----a-w- c:\windows\system32\CbFsMntNtf3.dll
    2014-07-13 19:42 . 2012-04-09 20:27 299024 ----a-w- c:\windows\system32\drivers\cbfs3.sys
    2014-07-13 19:42 . 2014-07-13 19:42 -------- d-----w- c:\program files\iExplorer
    2014-07-13 12:51 . 2014-07-13 13:20 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
    2014-07-13 12:46 . 2014-07-13 12:47 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2014
    2014-07-13 12:45 . 2014-07-13 18:49 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Avg2014
    2014-07-13 12:44 . 2014-07-13 18:53 -------- d-----w- c:\documents and settings\Richard\Local Settings\Application Data\Avg2014
    2014-07-13 03:37 . 2014-07-13 03:37 -------- d-----w- c:\windows\system32\wbem\Repository
    2014-07-13 03:16 . 2014-07-13 03:16 -------- d-----w- c:\program files\SearchMe Toolbar
    2014-07-13 03:16 . 2014-07-13 03:16 -------- d-----w- c:\documents and settings\Carol\Application Data\searchresultstb
    2014-07-13 02:58 . 2014-07-13 12:46 -------- d-----w- C:\$AVG
    2014-07-13 02:58 . 2014-07-13 02:58 -------- d-----w- c:\documents and settings\Guest\Application Data\AVG10
    2014-07-13 02:58 . 2014-07-13 02:58 -------- d-----w- c:\documents and settings\Carol\Application Data\AVG10
    2014-07-13 02:55 . 2014-07-13 03:09 -------- d-----w- c:\windows\LastGood(2)
    2014-07-13 02:53 . 2014-07-16 11:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
    2014-07-13 02:48 . 2014-07-13 02:48 -------- d-----w- c:\program files\Canon
    2014-07-13 01:43 . 2014-07-13 01:43 -------- d-----w- c:\documents and settings\Richard\Local Settings\Application Data\MFAData
    2014-07-12 18:28 . 2014-07-13 03:09 -------- d-s---w- c:\documents and settings\Administrator.UPSTAIRS
    2014-07-12 18:00 . 2014-02-23 07:23 896456 ----a-w- c:\windows\system32\nvdispgenco3233504(6).dll
    2014-07-12 18:00 . 2014-02-23 07:23 896456 ----a-w- c:\windows\system32\nvdispgenco3233504(5).dll
    2014-07-12 18:00 . 2014-02-23 07:23 896456 ----a-w- c:\windows\system32\nvdispgenco3233504(4).dll
    2014-07-12 18:00 . 2014-02-23 07:23 896456 ----a-w- c:\windows\system32\nvdispgenco3233504(3).dll
    2014-07-12 18:00 . 2014-02-23 07:23 896456 ----a-w- c:\windows\system32\nvdispgenco3233504(2).dll
    2014-07-12 18:00 . 2014-02-23 07:23 1051080 ----a-w- c:\windows\system32\nvdispco3233504(6).dll
    2014-07-12 18:00 . 2014-02-23 07:23 1051080 ----a-w- c:\windows\system32\nvdispco3233504(5).dll
    2014-07-12 18:00 . 2014-02-23 07:23 1051080 ----a-w- c:\windows\system32\nvdispco3233504(4).dll
    2014-07-12 18:00 . 2014-02-23 07:23 1051080 ----a-w- c:\windows\system32\nvdispco3233504(3).dll
    2014-07-12 18:00 . 2014-02-23 07:23 1051080 ----a-w- c:\windows\system32\nvdispco3233504(2).dll
    2014-07-07 15:42 . 2014-07-07 15:42 -------- d-----w- c:\documents and settings\Richard\.openpgpstudio
    2014-06-27 01:00 . 2014-07-13 03:30 -------- d-----w- c:\program files\Linoma Software(2)
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-07-23 12:09 . 2014-05-23 14:01 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-07-13 05:33 . 2012-07-24 16:27 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2014-07-13 05:33 . 2012-05-28 15:29 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2014-06-30 16:43 . 2014-06-17 20:06 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
    2014-06-17 20:18 . 2014-06-17 20:18 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys
    2014-05-12 11:26 . 2014-05-23 12:37 53208 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-05-12 11:25 . 2012-06-19 02:09 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
    1999-10-31 03:54 . 2012-12-28 17:40 561152 ----a-w- c:\program files\Convert.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"= "mscoree.dll" [2009-11-07 297808]
    .
    [HKEY_CLASSES_ROOT\clsid\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]
    [HKEY_CLASSES_ROOT\agihelper.AGUtils]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]
    2009-11-07 05:07 297808 ----a-w- c:\windows\system32\mscoree.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
    @="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
    [HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
    2012-04-09 20:27 158224 ----a-w- c:\windows\system32\CbFsMntNtf3.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "QuickenScheduledUpdates"="c:\program files\Quicken\bagent.exe" [2014-03-04 77096]
    "Adobe Reader Synchronizer"="c:\program files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe" [2014-05-08 746376]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
    "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-05-24 188416]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
    "RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552]
    "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-13 204136]
    "Ai Nap"="c:\program files\ASUS\Ai Suite\AiNap\AiNap.exe" [2009-05-25 1431040]
    "QFan Help"="c:\program files\ASUS\Ai Suite\QFan3\QFanHelp.exe" [2009-04-30 598528]
    "CPU Power Monitor"="c:\program files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2008-01-09 627200]
    "ASUS Energy Saving"="c:\program files\ASUS\Ai Suite\EnergySaving\PwSave.exe" [2009-01-23 1352704]
    "Cpu Level Up help"="c:\program files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-12-01 881152]
    "ASUS Update Checker"="c:\program files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe" [2008-12-11 114688]
    "Launch Direct Link"="c:\program files\ASUS\AI Direct Link\AsShare.exe" [2008-12-09 1212416]
    "Launch As Cmd Runner"="c:\program files\ASUS\AI Direct Link\AsCmd.exe" [2008-06-17 376832]
    "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-13 43848]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2014-01-17 421888]
    "NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2350880]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 15494464]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-02-29 108352]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "AvgUninstallURL"="start http://www.avg.com/ww.special-unins...tRDM4MUwrNi1JSVNSVEUrMg&prod=94&ver=10.0.1432" [?]
    .
    c:\documents and settings\Richard\Start Menu\Programs\Startup\
    Webshots.lnk - c:\program files\Webshots\3.1.5.7619\Launcher.exe /t [2012-5-28 157088]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "HideSCABattery"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Richard^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]
    backup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnkStartup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickenScheduledUpdates]
    2014-03-04 16:33 77096 ----a-w- c:\program files\Quicken\bagent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snappy Fax Printer virtual printer agent]
    2007-07-19 04:01 94208 ----a-w- c:\program files\Snappy Fax Version 5\sfpagent.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
    "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
    "c:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfcCopy.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpiscnapp.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqgpc01.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqusgm.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqusgh.exe"=
    "c:\\Program Files\\Hewlett-Packard\\HP Software Update\\hpwucli.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
    "c:\\Documents and Settings\\Richard\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
    "c:\\Program Files\\Vuze\\Azureus.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"=
    "c:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"=
    "c:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"=
    .
    R0 vididr;Acronis Virtual Disk;c:\windows\system32\drivers\vididr.sys [5/27/2012 7:40 PM 125472]
    R0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\drivers\vsflt53.sys [5/27/2012 7:40 PM 83392]
    R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [6/17/2014 4:06 PM 121624]
    R2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [2/28/2006 8:00 AM 14336]
    R2 MBAMScheduler;MBAMScheduler;c:\program files\MALWAREBYTES ANTI-MALWARE\mbamscheduler.exe [5/23/2014 8:37 AM 1809720]
    R2 MBAMService;MBAMService;c:\program files\MALWAREBYTES ANTI-MALWARE\mbamservice.exe [5/23/2014 8:37 AM 860472]
    R2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [7/16/2014 7:31 AM 1631008]
    R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\Common Files\Seagate\Schedule2\schedul2.exe [4/29/2011 3:40 PM 845808]
    R2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [3/3/2014 9:55 PM 5037888]
    R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [12/28/2012 9:23 PM 32896]
    R3 cbfs3;EldoS Callback File System driver v3;c:\windows\system32\drivers\cbfs3.sys [7/13/2014 3:42 PM 299024]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/18/2012 10:09 PM 23256]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [5/23/2014 10:01 AM 110296]
    R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [9/17/2010 6:00 AM 599936]
    S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys --> c:\windows\system32\DRIVERS\avgidshx.sys [?]
    S0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [6/17/2014 4:18 PM 241944]
    S1 AVGIDSDriverl;AVGIDSDriverl;c:\windows\system32\DRIVERS\avgidsdriverlx.sys --> c:\windows\system32\DRIVERS\avgidsdriverlx.sys [?]
    S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys --> c:\windows\system32\DRIVERS\avgidsshimx.sys [?]
    S2 AGCoreService;AG Core Services;c:\program files\AGI\core\4.2.0.10754\AGCoreService.exe [5/28/2012 11:32 AM 20480]
    S2 KMService;KMService;c:\windows\system32\srvany.exe [5/23/2013 11:02 PM 8192]
    S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [10/9/2013 11:58 AM 3275136]
    S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [10/23/2013 9:15 AM 172192]
    S3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?]
    S3 PciCon;PciCon;\??\f:\pcicon.sys --> f:\PciCon.sys [?]
    S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [10/17/2012 8:01 AM 47360]
    S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [8/2/2013 9:39 AM 13464]
    S4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [5/9/2014 6:14 PM 807800]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - MBAMSWISSARMY
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    HPService REG_MULTI_SZ HPSLPSVC
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2014-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-24 05:33]
    .
    2014-07-21 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
    .
    2014-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-413027322-1801674531-1003Core.job
    - c:\documents and settings\Richard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-12-03 14:50]
    .
    2014-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1957994488-413027322-1801674531-1003UA.job
    - c:\documents and settings\Richard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-12-03 14:50]
    .
    2014-07-23 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
    - c:\windows\system32\xp_eos.exe [2014-07-16 01:59]
    .
    2014-07-16 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
    - c:\windows\system32\xp_eos.exe [2014-07-16 01:59]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://google.com/
    uInternet Settings,ProxyOverride = *.local
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    Trusted Zone: deaecom.gov
    Trusted Zone: mckesson.com
    Trusted Zone: webex.com
    TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
    DPF: {AFD262A2-9495-44DE-B08A-D721B0D0D767} - hxxps://ftp02.magellanhealth.com/COM/MOVEitUploadWizard7.5.1.ocx
    FF - ProfilePath - c:\documents and settings\Richard\Application Data\Mozilla\Firefox\Profiles\lfzp6pki.default\
    FF - prefs.js: browser.startup.homepage - google.com
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=888596&p=
    FF - ExtSQL: !HIDDEN! 2013-11-22 09:32; smartwebprinting@hp.com; c:\program files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF - user.js: extensions.autoDisableScopes - 0
    FF - user.js: extensions.shownSelectionUI - true
    FF - user.js: extensions.delta.tlbrSrchUrl -
    FF - user.js: extensions.delta.id - 407a9a5d000000000000485b391706dc
    FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    FF - user.js: extensions.delta.instlDay - 15885
    FF - user.js: extensions.delta.vrsn - 1.8.21.5
    FF - user.js: extensions.delta.vrsni - 1.8.21.5
    FF - user.js: extensions.delta.vrsnTs - 1.8.21.59:20
    FF - user.js: extensions.delta.prtnrId - delta
    FF - user.js: extensions.delta.prdct - delta
    FF - user.js: extensions.delta.aflt - babsst
    FF - user.js: extensions.delta.smplGrp - none
    FF - user.js: extensions.delta.tlbrId - base
    FF - user.js: extensions.delta.instlRef - sst
    FF - user.js: extensions.delta.dfltLng - en
    FF - user.js: extensions.delta.excTlbr - false
    FF - user.js: extensions.delta.ffxUnstlRst - true
    FF - user.js: extensions.delta.admin - false
    FF - user.js: extensions.delta_i.babTrack - affID=122471&tt=250613_gr3&tsp=4928
    FF - user.js: extensions.delta_i.babExt -
    FF - user.js: extensions.delta_i.srcExt - ss
    FF - user.js: extensions.delta.autoRvrt - false
    FF - user.js: extensions.delta.rvrt - false
    FF - user.js: extensions.delta.newTab - false
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{05478A66-EDB6-4A22-A870-A5987F80A7DA} - (no file)
    Toolbar-Locked - (no file)
    Toolbar-10 - (no file)
    HKLM-Run-AVG_UI - c:\program files\AVG\AVG2014\avgui.exe
    MSConfigStartUp-RIMBBLaunchAgent - (no file)
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2014-07-23 08:33
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    [HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]
    "value"="?\05\02\1d\16\16\10y"
    .
    Completion time: 2014-07-23 08:36:48
    ComboFix-quarantined-files.txt 2014-07-23 12:36
    .
    Pre-Run: 627,982,831,616 bytes free
    Post-Run: 628,667,838,464 bytes free
    .
    - - End Of File - - 46799B4534D4FE3FBF869AA386DA372A
    8F558EB6672622401DA993E1E865C861
    -------------------------------------------------------------------------

    I have removed AVG
    I have reinstalled Nvidia drivers for GEForce 220 board
    Still BSOD

    Any Help would be appreciated
     
  2. Tmagic650

    Tmagic650 TS Ambassador Posts: 17,244   +234

    How about posting any produced minidumps? Go to C:\windows\minidump. Minidump files have a .dmp extension. Select all the .dmp files. Right-click sending the files to a compressed(zipped)folder. Upload this folder as a file here...
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...