Need a quick virus check

[Ghot]

I do not know if I need help removing malware, and Here is the thing you need to look at it ..

I'll give you that thing ', so Give me what you have ... And let's start on ... :grin:

 

http://www.mediafire.com/?h57l9hcl7a1qhh5

[Melvin_Deal]

Hi Ghot.

 

Your logs are password protected... please provide the password so that they may be viewed.

 

 

http://forums.iobit.com/attachment.php?attachmentid=10236&d=1343654135

 

 

Sincerely,

-Mel

Live long and prosper!

 

 

P.S. You can also Copy/Paste them into your next post.

[Melvin_Deal]

Hi Ghot.

 

I have forwarded your password to Superdave...:-) He will be assisting you with this as I am not fully trained. He is active on multiple forums, so please be patient.

 

Sincerely,

-Mel

Live long and prosper!

[Superdave]

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

 

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*************************************************************

I can't unlock that file even though Melvin sent me the password. Please do not upload or attach your logs. Copy and paste them in your reply.

[Ghot]

Thank Melvin_Deal.

Melvin_Deal...This is good, let's start working on this thing.

[Ghot]

Superdave ... I am ready! Are you ready? :smile:

[wozofoz]

Post logs

 

Hi Ghot :smile:

Please see post #4 from Superdave

*************************************************************

I can't unlock that file even though Melvin sent me the password. Please do not upload or attach your logs. Copy and paste them in your reply.

 

 

Also, when you copy and paste the logs in your reply remember there is a limit on the amount of text that your post can contain, if you go over the limit nothing is shown.

 

When you paste the log in the text box click Preview Post which is under the text box.

If you do not see a preview of your post but instead see a blank space in the text box you will need to make the post smaller (split the logs into 2 or more posts)

If and when you do see a preview of your post then click Submit Reply

 

All the best, woz of oz

[Ghot]

Hi Ghot :smile:

Please see post #4 from Superdave

 

 

 

Also, when you copy and paste the logs in your reply remember there is a limit on the amount of text that your post can contain, if you go over the limit nothing is shown.

 

When you paste the log in the text box click Preview Post which is under the text box.

If you do not see a preview of your post but instead see a blank space in the text box you will need to make the post smaller (split the logs into 2 or more posts)

If and when you do see a preview of your post then click Submit Reply

 

All the best, woz of oz

 

Thanks for reminding me and giving me that information .. :-)

 

 

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 10.5.1

Run by hp at 6:51:12 on 2012-07-29

Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.503.313 [GMT 3:00]

.

SP: Spy Emergency *Disabled/Updated* {82117492-906E-4b02-A33A-84D42A2DD907}

.

============== Running Processes ===============

.

C:\windows\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\windows\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\windows\system32\spoolsv.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\wscntfy.exe

C:\windows\explorer.exe

C:\windows\system32\imapi.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: UIHost=c:\windows\system32\logonui.exe

mRun: [iObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1342618110859

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{3D647456-1DF3-40B8-9D2F-AC3B8DAA2958} : DhcpNameServer = 192.168.1.1

Notify: igfxcui - igfxdev.dll

SEH: ExecuteHooker Class: {569dac0f-2791-46ab-8efc-a54b77c04c20} - c:\program files\dvd x studios\dvd x utilities 3.0.2\dvdghost\ExecuteHooker.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\hp\application data\mozilla\firefox\profiles\ifjrl8j9.default\

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

FF - prefs.js: network.proxy.http_port - 8118

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_268.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

FF - user.js: network.proxy.type - 0

FF - user.js: network.proxy.http -

user_pref(network.proxy.http_port,);

FF - user.js: network.proxy.no_proxies_on -

.

============= SERVICES / DRIVERS ===============

.

R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2012-7-28 4096]

R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\drivers\clwvd.sys [2012-7-22 27760]

R3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\FileMonitor.sys [2012-7-29 246816]

R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [2012-7-17 17792]

R4 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\RegFilter.sys [2012-7-29 30408]

R4 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\UrlFilter.sys [2012-7-29 16248]

S2 ADExchange;ArcSoft Exchange Service;c:\program files\common files\arcsoft\esinter\bin\eservutil.exe --> c:\program files\common files\arcsoft\esinter\bin\eservutil.exe [?]

S2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2012-7-29 821592]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-28 250056]

S3 MaplomL;MaplomL; [x]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-7-19 113120]

S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2012-7-26 16640]

.

=============== Created Last 30 ================

.

2012-07-29 01:18:09 -------- d-----w- c:\documents and settings\hp\application data\Geek Uninstaller

2012-07-29 01:14:22 -------- d-----w- c:\documents and settings\hp\application data\Runscanner.net

2012-07-28 08:33:24 4608 ----a-w- c:\windows\system32\bbchlp.dll

2012-07-28 08:33:24 4096 ----a-w- c:\windows\system32\drivers\bbcap.sys

2012-07-28 08:33:24 30720 ----a-w- c:\windows\system32\bbcap.dll

2012-07-28 08:33:09 -------- d-----w- c:\program files\common files\Blueberry Software

2012-07-28 08:33:07 -------- d-----w- c:\program files\Blueberry Software

2012-07-27 21:22:16 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-27 21:22:16 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-07-27 05:21:15 -------- d-----w- c:\program files\spotflux

2012-07-26 12:26:31 -------- d-----w- c:\documents and settings\hp\application data\InfraRecorder

2012-07-26 12:26:25 -------- d-----w- c:\program files\Firegraphic 11

2012-07-26 12:25:26 192512 ----a-w- c:\windows\system32\kgen.dll

2012-07-26 12:06:25 16640 ----a-w- c:\windows\system32\drivers\WsAudioDevice_383.sys

2012-07-26 09:53:39 -------- d-----w- c:\program files\WinMend

2012-07-26 08:07:19 -------- d-----w- c:\documents and settings\hp\local settings\application data\Wondershare

2012-07-26 08:07:18 -------- d-----w- c:\program files\common files\Wondershare

2012-07-26 08:07:09 -------- d-----w- c:\program files\Temp

2012-07-26 08:07:08 -------- d-----w- c:\program files\Wondershare

2012-07-25 01:04:11 174592 ----a-w- c:\windows\system32\msisbh32.dll

2012-07-23 02:59:55 -------- d-----w- c:\documents and settings\hp\application data\Iomatic

2012-07-23 02:19:26 -------- d-----w- c:\program files\Registry Medic 2008

2012-07-23 02:10:22 -------- d-----w- c:\program files\FastStone Photo Resizer

2012-07-23 02:04:11 -------- d-----w- c:\program files\FastStone MaxView

2012-07-22 20:56:21 -------- d-----w- c:\program files\Panorado

2012-07-22 20:48:12 -------- d-----w- c:\documents and settings\hp\local settings\application data\ReaViewer

2012-07-22 20:47:52 -------- d-----w- c:\program files\ReaSoft

2012-07-22 20:46:07 -------- d-----w- c:\program files\AhaView

2012-07-22 20:22:55 -------- d-----w- c:\windows\PIF

2012-07-22 20:12:38 -------- d-----w- c:\documents and settings\hp\application data\FastStone

2012-07-22 19:48:06 -------- d-----w- c:\documents and settings\all users\application data\ACD Systems

2012-07-22 02:55:27 -------- d-----w- c:\program files\NETGATE

2012-07-22 02:15:32 5120 -c--a-w- c:\windows\system32\dllcache\dllhost.exe

2012-07-22 02:15:29 69120 ----a-w- c:\windows\system32\notepad.exe

2012-07-22 02:15:16 72704 -c--a-w- c:\windows\system32\dllcache\magnify.exe

2012-07-22 02:15:16 72704 ----a-w- c:\windows\system32\magnify.exe

2012-07-22 01:41:36 -------- d-----w- c:\documents and settings\hp\application data\Anvisoft

2012-07-22 01:40:58 -------- d-----w- c:\documents and settings\all users\application data\Anvisoft

2012-07-22 01:40:53 -------- d-----w- c:\program files\Anvisoft

2012-07-21 21:45:21 -------- d-----w- c:\documents and settings\hp\local settings\application data\CyberLink

2012-07-21 21:43:59 53760 ----a-w- c:\windows\system32\drivers\vfwwdm32.dll

2012-07-21 21:43:44 27760 ----a-w- c:\windows\system32\drivers\clwvd.sys

2012-07-21 21:41:06 -------- d-----w- c:\documents and settings\all users\application data\install_clap

2012-07-21 10:59:26 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0

2012-07-21 09:51:49 -------- d-sh--w- c:\documents and settings\hp\application data\.#

2012-07-21 09:43:56 -------- d-----w- c:\program files\Sim Aquarium 3

2012-07-21 09:43:56 -------- d-----w- c:\documents and settings\all users\application data\SA3

2012-07-21 09:40:19 -------- d-----w- c:\documents and settings\hp\local settings\application data\MP3 Remix

2012-07-21 09:38:25 -------- d-----w- c:\program files\MP3 Remix

2012-07-21 09:38:25 -------- d-----w- c:\documents and settings\all users\application data\MP3 Remix

2012-07-21 08:43:13 -------- d-sha-r- C:\cmdcons

2012-07-21 08:41:32 98816 ----a-w- c:\windows\sed.exe

2012-07-21 08:41:32 518144 ----a-w- c:\windows\SWREG.exe

2012-07-21 08:41:32 256000 ----a-w- c:\windows\PEV.exe

2012-07-21 08:41:32 208896 ----a-w- c:\windows\MBR.exe

2012-07-21 08:41:24 -------- d-----w- C:\ComboFix

2012-07-21 08:35:23 -------- d-----w- c:\documents and settings\hp\application data\Malwarebytes

2012-07-21 08:35:14 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-07-21 07:29:09 -------- d-----w- C:\CCE_Quarantine

2012-07-21 07:08:41 -------- d-----w- c:\documents and settings\hp\local settings\application data\DFX

2012-07-21 07:08:39 -------- d-----w- c:\documents and settings\hp\application data\OpenCandy

2012-07-21 07:07:57 -------- d-----w- c:\documents and settings\all users\application data\DFX

2012-07-21 06:56:35 -------- d-----w- c:\documents and settings\hp\local settings\application data\Alien Skin

2012-07-21 06:56:35 -------- d-----w- c:\documents and settings\all users\application data\Alien Skin

2012-07-21 06:55:24 -------- d-----w- c:\program files\Alien Skin

2012-07-21 03:23:20 -------- d-----w- c:\program files\Alcohol Soft

2012-07-21 03:12:45 477240 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-07-21 01:33:07 974848 ----a-w- c:\windows\system32\mfc70.dll

2012-07-21 01:33:07 487424 ----a-w- c:\windows\system32\msvcp70.dll

2012-07-20 23:56:53 -------- d-----w- c:\documents and settings\all users\application data\AVS4YOU

2012-07-20 23:56:35 -------- d-----w- c:\documents and settings\hp\application data\AVS4YOU

2012-07-20 23:54:18 -------- d-----w- c:\program files\common files\AVSMedia

2012-07-20 23:53:23 24576 ----a-w- c:\windows\system32\msxml3a.dll

2012-07-20 23:53:23 -------- d-----w- c:\program files\AVS4YOU

2012-07-20 22:17:23 -------- d-----w- c:\program files\Copy Protect

2012-07-20 21:51:32 -------- d-----w- c:\documents and settings\all users\application data\USB Block

2012-07-20 10:20:55 -------- d-----w- c:\documents and settings\hp\application data\AVSoftware

2012-07-20 10:18:28 307616 ----a-w- c:\windows\system32\AVLib.dll

2012-07-20 10:18:23 -------- dc----w- c:\documents and settings\all users\application data\{6FA03038-5142-443D-B578-099FAECDC8CE}

2012-07-20 10:18:13 -------- d-----w- c:\program files\Hide The IP

2012-07-20 10:17:45 -------- d-----w- c:\documents and settings\hp\local settings\application data\PackageAware

2012-07-20 09:31:04 364360 ----a-w- c:\windows\system32\EasyRedirect.dll

2012-07-20 09:31:00 -------- d-----w- c:\program files\Easy-Hide-IP

2012-07-20 09:19:59 339320 ----a-w- c:\windows\system32\HMIPCore.dll

2012-07-20 09:19:49 -------- d-----w- c:\program files\Hide My IP

2012-07-20 09:18:54 -------- d-----w- c:\documents and settings\hp\application data\MaskMyIP

2012-07-20 09:18:54 -------- d-----w- c:\documents and settings\all users\application data\MaskMyIP

2012-07-20 09:18:49 -------- d-----w- c:\program files\MaskMyIP

2012-07-20 09:17:06 -------- d-----w- c:\documents and settings\hp\application data\RealHideIP

2012-07-20 09:17:06 -------- d-----w- c:\documents and settings\all users\application data\RealHideIP

2012-07-20 09:16:50 -------- d-----w- c:\program files\Ask.com

2012-07-20 09:16:16 -------- d-----w- c:\program files\RealHideIP

2012-07-20 09:04:42 -------- d-----w- c:\documents and settings\hp\.swt

2012-07-20 09:04:36 -------- d-sh--w- c:\windows\system32\AI_RecycleBin

2012-07-20 09:04:05 -------- d-----w- c:\documents and settings\hp\application data\.spotflux

2012-07-19 22:34:26 10096 ----a-w- c:\windows\system32\drivers\lmpc4.sys

2012-07-19 22:30:56 -------- d-----w- c:\documents and settings\hp\local settings\application data\assembly

2012-07-19 07:45:37 -------- d-----w- c:\program files\Hide Your IP Address

2012-07-18 23:40:49 14 ----a-w- c:\windows\system32\System32.sys

2012-07-18 23:22:19 1645320 ----a-w- c:\windows\system32\gdiplus.dll

2012-07-18 23:22:02 14 ----a-w- c:\windows\system32\SysEngine2.SYS

2012-07-18 23:21:43 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys

2012-07-18 23:21:43 47360 ----a-w- c:\documents and settings\hp\application data\pcouffin.sys

2012-07-18 23:21:19 -------- d-----w- c:\documents and settings\all users\application data\DVDXStudio

2012-07-18 23:21:10 -------- d-----w- c:\program files\DVD X Studios

2012-07-18 20:26:43 -------- d-----w- c:\windows\system32\Hotspot Shield

2012-07-18 20:23:12 -------- d-----w- c:\documents and settings\hp\application data\Uninstaller Tool(Comodo Forums)

2012-07-18 12:54:02 40960 ----a-w- c:\windows\system32\nwsftUninstall.exe

2012-07-18 12:53:55 -------- d-----w- c:\program files\NewSoftware's

2012-07-18 08:45:40 -------- d-----w- c:\documents and settings\hp\local settings\application data\TechSmith

2012-07-18 08:21:31 -------- d-----w- C:\AV_LOGS

2012-07-18 08:20:18 -------- d-----w- c:\program files\AV Vcs 7.0 GOLD

2012-07-18 08:19:51 -------- d-----w- c:\documents and settings\hp\application data\Swhst

2012-07-18 04:59:09 -------- d-----w- c:\documents and settings\all users\application data\{D76294E6-03B8-4971-AF2E-3F846161A690}

2012-07-18 04:59:06 -------- d-----w- c:\documents and settings\all users\application data\{6F2F3866-38AD-4f48-852C-2FF5DE7A7588}

2012-07-18 02:22:55 -------- d-----w- c:\documents and settings\hp\application data\IObit

2012-07-18 01:33:42 -------- d-----w- C:\SMCLpav

2012-07-18 01:06:48 -------- d-----w- c:\program files\1ClickDownload

2012-07-18 00:29:52 -------- d-----w- c:\documents and settings\hp\local settings\application data\CRE

2012-07-18 00:29:42 -------- d-----w- c:\documents and settings\hp\local settings\application data\Temp

2012-07-18 00:28:57 -------- d-----w- c:\program files\uTorrent

2012-07-18 00:02:17 223744 ----a-w- c:\windows\FPContextMenu.dll

2012-07-17 23:31:53 -------- d-----w- c:\documents and settings\all users\application data\IObit

2012-07-17 23:31:52 -------- d-----w- c:\program files\IObit

2012-07-17 19:25:49 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys

2012-07-17 13:13:30 -------- d-----w- C:\temp

2012-07-17 12:58:12 -------- d-----w- c:\documents and settings\hp\application data\Panda Security

2012-07-17 12:56:59 -------- d-----w- c:\documents and settings\hp\application data\Dexpot

2012-07-17 12:56:32 -------- d-----w- c:\program files\Dexpot

2012-07-17 12:55:00 -------- d-----w- c:\documents and settings\all users\application data\Panda Security

2012-07-17 12:54:59 -------- d-----w- c:\program files\Panda Security

2012-07-17 11:15:33 -------- d-----w- c:\documents and settings\hp\application data\VideoCharge Studio

2012-07-17 11:13:45 -------- d-----w- c:\windows\system32\LogFiles

2012-07-17 11:09:15 -------- d-----w- c:\program files\common files\eSellerate

2012-07-17 06:40:14 258352 ----a-w- c:\windows\system32\Unicows.dll

2012-07-17 06:40:14 224016 ----a-w- c:\windows\system32\TABCTL32.OCX

2012-07-17 06:40:14 140288 ----a-w- c:\windows\system32\COMDLG32.OCX

2012-07-17 06:40:10 -------- d-----w- c:\program files\Deskshare

2012-07-17 05:21:19 -------- d-----w- c:\program files\TweakXP 2

2012-07-17 04:32:48 56832 ----a-w- c:\windows\system32\msdvbnp.ax

2012-07-17 04:32:48 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll

2012-07-17 04:32:48 363520 ----a-w- c:\windows\system32\psisdecd.dll

2012-07-17 04:32:48 33280 ----a-w- c:\windows\system32\psisrndr.ax

2012-07-17 04:32:43 -------- d-----w- c:\program files\Aviosoft

2012-07-17 04:32:43 -------- d-----w- c:\documents and settings\all users\application data\DVD X Studios

2012-07-17 04:13:52 -------- d-----w- C:\Logs

2012-07-17 04:13:24 -------- d-----w- c:\program files\SlySoft

2012-07-17 02:40:10 -------- d-----w- c:\documents and settings\hp\application data\Avnex

2012-07-17 02:39:58 17792 ----a-w- c:\windows\system32\drivers\vcsvad.sys

2012-07-17 02:39:49 -------- d-----w- c:\program files\AV Vcs 7.0 DIAMOND

2012-07-17 02:32:40 749568 ----a-w- c:\windows\system32\swfgen.dll

2012-07-17 02:32:30 -------- d-----w- c:\program files\FlashWebKit v2

2012-07-17 02:23:37 -------- d-----w- c:\documents and settings\hp\application data\ImTOO

2012-07-17 02:22:45 -------- d-----w- c:\program files\ImTOO

2012-07-17 02:22:45 -------- d-----w- c:\documents and settings\all users\application data\ImTOO

2012-07-17 02:10:44 -------- d-----w- c:\documents and settings\hp\local settings\application data\Identities

2012-07-17 02:09:38 -------- d-----w- c:\program files\VeryPDF PDFcamp Printer Pro v2.3

2012-07-17 01:52:32 -------- d-----w- c:\program files\Jufsoft

2012-07-17 01:41:27 -------- d-----w- c:\documents and settings\hp\application data\Reallusion

2012-07-17 01:22:49 18688 ----a-w- c:\windows\system32\drivers\afc.sys

2012-07-17 00:58:57 -------- d-----w- c:\documents and settings\all users\application data\ArcSoft

2012-07-17 00:58:55 -------- d-----w- c:\documents and settings\hp\local settings\application data\ArcSoft

2012-07-17 00:58:05 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll

2012-07-17 00:58:05 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll

2012-07-17 00:58:05 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll

2012-07-17 00:58:05 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll

2012-07-17 00:58:01 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe

2012-07-16 23:35:06 -------- d-----w- c:\documents and settings\hp\application data\TuneUp Software

2012-07-16 23:34:52 -------- d-----w- c:\program files\TuneUp Utilities 2012

2012-07-16 23:34:26 -------- d-----w- c:\documents and settings\all users\application data\TuneUp Software

2012-07-16 23:34:18 -------- d-sh--w- c:\documents and settings\all users\application data\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-07-16 23:16:13 -------- d-----w- c:\documents and settings\hp\local settings\application data\ACD Systems

2012-07-16 23:16:10 -------- d-----w- c:\documents and settings\hp\application data\ACD Systems

2012-07-16 23:13:45 -------- d-----w- c:\program files\common files\ACD Systems

2012-07-16 23:13:45 -------- d-----w- c:\program files\ACD Systems

2012-07-16 23:11:49 -------- d-----w- c:\documents and settings\hp\local settings\application data\Downloaded Installations

2012-07-16 11:52:25 -------- d-----w- c:\program files\Folder Guard

2012-07-16 11:40:00 -------- d-----w- c:\program files\PhotoZoom Professional

2012-07-16 11:10:11 -------- d-----w- c:\program files\Innovatools

2012-07-16 04:35:10 290304 ----a-w- C:\subinacl.exe

2012-07-16 04:34:55 -------- d-----w- C:\Reg_Backup

2012-07-16 01:31:45 -------- d-----w- c:\documents and settings\hp\application data\Maxthon3

2012-07-16 01:31:26 -------- d-----w- c:\program files\Maxthon3

2012-07-16 01:21:05 -------- d-----w- c:\program files\Comodo

2012-07-16 01:19:32 1060864 ----a-w- c:\windows\system32\mfc71.dll

2012-07-16 01:01:25 -------- d-----w- c:\program files\iMarkup

2012-07-16 00:59:52 286720 ----a-w- c:\windows\Setup1.exe

2012-07-16 00:59:50 73216 ----a-w- c:\windows\ST6UNST.EXE

2012-07-16 00:59:11 -------- d-----w- c:\windows\Downloaded Installations

2012-07-16 00:38:38 -------- d-----w- c:\program files\SlimBrowser

2012-07-15 23:33:47 -------- d-----w- c:\documents and settings\hp\application data\QuuSoft

2012-07-15 23:33:45 -------- d-----w- c:\program files\QuuSoft Uninstaller

2012-07-15 23:02:26 -------- d-----w- c:\program files\ConvertGenius

2012-07-15 20:48:55 -------- d-----w- c:\documents and settings\hp\local settings\application data\Mozilla

2012-07-15 19:54:58 -------- d-----w- c:\documents and settings\hp\local settings\application data\Google

2012-07-15 07:47:13 -------- d-----w- c:\program files\AVG Secure Search

2012-07-15 07:42:55 -------- d-----w- c:\program files\GRETECH

2012-07-15 07:36:36 -------- d-----w- c:\program files\Hotspot Shield

2012-07-15 06:27:17 87328 ----a-w- c:\windows\system32\bcmwlcoi.dll

2012-07-15 06:27:17 1287552 ----a-w- c:\windows\system32\drivers\BCMWL5.SYS

2012-07-15 06:27:17 -------- d-----w- c:\program files\Broadcom

2012-07-15 06:26:06 -------- d-----w- C:\SWSetup

2012-07-15 06:25:36 172032 ----a-w- c:\windows\system32\igfxres.dll

2012-07-15 06:20:34 6144 ----a-r- c:\windows\system32\kbdinpun.dll

2012-07-15 06:12:52 -------- d-----w- c:\program files\Fahess_Activation

2012-07-15 06:12:41 -------- d-----w- c:\program files\common files\Motive

.

==================== Find3M ====================

.

2012-07-22 02:15:52 69120 ----a-w- c:\windows\notepad.exe

2012-07-13 02:24:22 34016 ----a-w- c:\windows\system32\drivers\tap0901.sys

2012-07-10 02:48:18 39656 ----a-w- c:\windows\system32\drivers\hssdrv.sys

2012-07-06 05:07:08 143872 ----a-w- c:\windows\system32\javacpl.cpl

2012-07-06 05:06:30 772544 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-07-06 05:06:20 687544 ----a-w- c:\windows\system32\deployJava1.dll

2012-06-06 04:06:58 421888 ----a-w- c:\windows\system32\RealMediaSplitter.ax

2012-06-06 04:06:50 2174976 ----a-w- c:\program files\common files\atimpenc.dll

.

============= FINISH: 6:51:48.73 ===============

 

 

 

 

 

 

 

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 7/15/2012 7:16:59 AM

System Uptime: 7/29/2012 6:15:04 AM (0 hours ago)

.

Motherboard: Hewlett-Packard | | 30D5

Processor: Intel® Celeron® M CPU 440 @ 1.86GHz | U10 | 1861/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 39 GiB total, 28.698 GiB free.

D: is FIXED (NTFS) - 35 GiB total, 2.011 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Modem Device on High Definition Audio Bus

Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_5045&SUBSYS_103C30D5&REV_1001\4&102D4CBD&0&0002

Manufacturer:

Name: Modem Device on High Definition Audio Bus

PNP Device ID: HDAUDIO\FUNC_02&VEN_14F1&DEV_5045&SUBSYS_103C30D5&REV_1001\4&102D4CBD&0&0002

Service:

.

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description:

Device ID: ACPI\HPQ0006\2&DABA3FF&0

Manufacturer:

Name:

PNP Device ID: ACPI\HPQ0006\2&DABA3FF&0

Service:

.

==== System Restore Points ===================

.

RP178: 7/28/2012 5:08:05 AM - Before uninstalling Microsoft .NET Framework 2.0

RP179: 7/28/2012 5:33:45 AM - Tweaking.com - Windows Repair

RP180: 7/29/2012 2:19:27 AM - Before uninstalling TuneUp Utilities 2012

RP181: 7/29/2012 2:19:40 AM - Removed TuneUp Utilities 2012

RP182: 7/29/2012 2:19:57 AM - Removed TuneUp Utilities Language Pack (en-US)

RP183: 7/29/2012 6:26:48 AM - Before uninstalling Advanced SystemCare with Antivirus 2013

RP184: 7/29/2012 6:36:50 AM - Before uninstalling IObit Malware Fighter

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

ALTools Update

ALZip 8.51

BB FlashBack Pro 3

Broadcom 802.11 Wireless LAN Adapter

Conexant HD Audio

Final Uninstaller

GOM Player

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections Drivers

IObit Malware Fighter

Java Auto Updater

Java 7 Update 5

JavaFX 2.1.1

Maxthon 3

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

RealUpgrade 1.1

WebFldrs XP

Your Uninstaller! 7

.

==== Event Viewer Messages From Past Week ========

.

7/24/2012 4:53:40 AM, error: Service Control Manager [7000] - The NEWDRIVER service failed to start due to the following error: The system cannot find the file specified.

7/24/2012 4:06:29 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001B38FD5CC2. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

7/24/2012 4:06:20 AM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 001B38FD5CC2 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

7/24/2012 3:59:00 AM, error: Dhcp [1002] - The IP address lease 192.168.1.13 for the Network Card with network address 001B38FD5CC2 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

7/24/2012 3:54:26 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.12 with the system having network hardware address 4C:B1:99:17:7B:BF. Network operations on this system may be disrupted as a result.

7/24/2012 2:25:30 AM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.7 with the system having network hardware address 4C:B1:99:17:7B:BF. Network operations on this system may be disrupted as a result.

7/24/2012 12:43:55 AM, error: Dhcp [1002] - The IP address lease 192.168.1.7 for the Network Card with network address 001A73D3A0B4 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

7/24/2012 11:24:56 PM, error: Dhcp [1002] - The IP address lease 192.168.1.13 for the Network Card with network address 001A73D3A0B4 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

7/24/2012 1:56:06 PM, error: Dhcp [1002] - The IP address lease 10.69.16.4 for the Network Card with network address 00FF343BB3D9 has been denied by the DHCP server 10.71.7.254 (The DHCP Server sent a DHCPNACK message).

7/23/2012 9:58:53 AM, error: Dhcp [1002] - The IP address lease 44.1.113.138 for the Network Card with network address 00FF15790D3E has been denied by the DHCP server 44.1.144.69 (The DHCP Server sent a DHCPNACK message).

7/23/2012 8:48:08 AM, error: Dhcp [1002] - The IP address lease 44.1.96.26 for the Network Card with network address 00FF15790D3E has been denied by the DHCP server 44.1.113.137 (The DHCP Server sent a DHCPNACK message).

7/23/2012 8:35:49 AM, error: System Error [1003] - Error code 00000035, parameter1 82168bc8, parameter2 00000000, parameter3 00000000, parameter4 00000000.

7/23/2012 5:59:58 AM, error: Dhcp [1002] - The IP address lease 192.168.1.15 for the Network Card with network address 001A73D3A0B4 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

7/23/2012 12:22:53 PM, error: Dhcp [1002] - The IP address lease 44.1.144.70 for the Network Card with network address 00FF15790D3E has been denied by the DHCP server 44.1.104.29 (The DHCP Server sent a DHCPNACK message).

7/23/2012 12:20:41 PM, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

7/23/2012 12:19:14 AM, error: Dhcp [1002] - The IP address lease 44.1.168.114 for the Network Card with network address 00FF15790D3E has been denied by the DHCP server 44.1.144.129 (The DHCP Server sent a DHCPNACK message).

7/23/2012 1:16:55 AM, error: Dhcp [1002] - The IP address lease 192.168.1.16 for the Network Card with network address 001B38FD5CC2 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

7/23/2012 1:00:11 AM, error: Dhcp [1002] - The IP address lease 44.1.168.114 for the Network Card with network address 00FF15790D3E has been denied by the DHCP server 44.1.96.25 (The DHCP Server sent a DHCPNACK message).

7/22/2012 9:43:45 PM, error: Dhcp [1002] - The IP address lease 192.168.1.6 for the Network Card with network address 001A73D3A0B4 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

.

==== End Of File ===========================

[Ghot]

IObit Malware Fighter

 

OS: Windows XP

Version: 1.5.0.2

Define Version: 1152

Time Elapsed: 00:02:07

Objects Scanned: 51159

Threats Found: 0

Save Time: 7/29/2012 6:56:44 AM

 

|Name|Type|Description|ID|

[Superdave]

What sort of problems are you experiencing with your computer?

 

Download Security Check by screen317 from one of the following links and save it to your desktop.

 

Link 1

Link 2

 

* Double-click Security Check.bat

* Follow the on-screen instructions inside of the black box.

* A Notepad document should open automatically called checkup.txt

* Post the contents of that document in your next reply.

 

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

*********************************************************

Download CKScanner by askey127 to your desktop.

 

* Double click CKScanner.exe and click Search For Files

* After a very short time, when the cursor hourglass disappears, click Save List To File

* A message box will verify the file saved.

* There will now be a file called CKFiles.txt on your desktop.

* Copy and paste the contents of CKFiles.txt in your next reply.

**********************************************************

Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.

 

There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry.

 

For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.

 

Further reading: XP Fixes Myth #1: Registry Cleaners

***********************************************************

I strongly recommend that you remove Ask from your computer because it;

 

•Promotes its toolbars on sites targeted to kids.

 

•Promotes its toolbars through ads that appear to be part of other companies' sites.

 

•Promotes its toolbars through other companies' spyware.

 

•Installs without any disclosure whatsoever and without any consent whatsoever.

 

•Solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.

 

•Makes confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

 

See Here for more info.

 

If you choose to follow my recommendation then please go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

 

•AskBarDis or anything related to Ask

 

Then please find and delete this folder in bold (if present):

C:\Program Files\AskBarDis. or anything related to Ask.

*******************************************************

SUPERAntiSpyware

 

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

 

Download SuperAntispyware Free Edition (SAS)

* Double-click the icon on your desktop to run the installer.

* When asked to Update the program definitions, click Yes

* If you encounter any problems while downloading the updates, manually download and unzip them from here

* Next click the Preferences button.

 

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts

* Click the Scanning Control tab.

* Under Scanner Options make sure only the following are checked:

 

•Close browsers before scanning

•Scan for tracking cookies

•Terminate memory threats before quarantining

•Please leave the others unchecked

 

•Click the Close button to leave the control center screen.

 

* On the main screen click Scan your computer

* On the left check the box for the drive you are scanning.

* On the right choose Perform Complete Scan

* Click Next to start the scan. Please be patient while it scans your computer.

* After the scan is complete a summary box will appear. Click OK

* Make sure everything in the white box has a check next to it, then click Next

* It will quarantine what it found and if it asks if you want to reboot, click Yes

 

•To retrieve the removal information please do the following:

•After reboot, double-click the SUPERAntiSpyware icon on your desktop.

•Click Preferences. Click the Statistics/Logs tab.

 

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

 

•It will open in your default text editor (preferably Notepad).

•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

 

* Save the log somewhere you can easily find it. (normally the desktop)

* Click close and close again to exit the program.

*Copy and Paste the log in your post.

*********************************************

 

 

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the entire report in your next reply.

Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

[Melvin_Deal]

Hi Dave and Ghot.

 

I believe Ghot is checking this out per my suggestion that follows within this thread starting at post #28 then on. It is an elimination of possibilities. My First suggestion that he post here is in #33

 

My concern arises out of the BSOD's some of which seem false. Ghot has not posted much relevant information on the other thread... so its best to look at some logs.

 

Ghot has also not posted much relevant information concerning system either... from Ghot's member profile:

Date of Birth: April 8, 1991 Age:21 OS + Computer Details xp

Thus by posting the logs... we can see and help might be provided.

 

 

Sincerely,

-Mel

Live long and prosper!

[Ghot]

My problem can be found here.

 

http://forums.iobit.com/showthread.php?p=80322#post80322

 

EDIT: Please see my reply there.

[Ghot]

CKScanner - Additional Security Risks - These are not necessarily bad

scanner sequence 3.MN.11.PAEDWD

----- EOF -----

 

 

 

Malwarebytes Anti-Malware (PRO) 1.62.0.1300

http://www.malwarebytes.org

 

Database version: v2012.07.03.05

 

Windows XP Service Pack 2 x86 NTFS

Internet Explorer 6.0.2900.2180

hp :: HP-BB2DFF6825E7 [administrator]

 

Protection: Enabled

 

7/31/2012 6:28:53 PM

mbam-log-2012-07-31 (18-28-53).txt

 

Scan type: Flash scan

Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: Registry | File System | P2P

Objects scanned: 197931

Time elapsed: 1 minute(s), 53 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 1

C:\Documents and Settings\hp\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Quarantined and deleted successfully.

 

(end)

 

 

 

 

 

 

Results of screen317's Security Check version 0.99.43

Windows XP Service Pack 2 x86

Out of date service pack!!

Internet Explorer 6 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Disabled!

Please wait while WMIC compiles updated MOF files.d

i

s

p

l

a

y

N

a

m

e

ECHO is off.

U

n

T

h

r

e

a

t

ECHO is off.

A

n

t

i

V

i

r

u

s

ECHO is off.

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

SUPERAntiSpyware

Malwarebytes Anti-Malware version 1.62.0.1300

JavaFX 2.1.1

Java 7 Update 5

Adobe Flash Player 11.3.300.268

Mozilla Firefox (14.0.1)

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

UnThreat AntiVirus UnThreat.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 5%

````````````````````End of Log``````````````````````

[Superdave]

1. Download this diagnostics tool MGADiag.ext and save this to your Desktop.

2. Double-click on MGADiag.exe and click Continue

3. When the program has finished, click on Copy

4. Post the results in your next reply.

*******************************************************

•Please download Dial-A-Fix from one of the following mirrors:

 

Primary mirror

Secondary mirror

 

•Extract the zip file to your desktop.

 

•Double click Dial-a-Fix.exe to start the program. Dial-A-Fix might give you a lot errors, just ignore them and Click

http://i424.photobucket.com/albums/pp322/digistar/OK.jpg to continue.

 

•Press the green double checkmark box (Looks like this:

http://i424.photobucket.com/albums/pp322/digistar/checkmark.png

 

UNcheck Empty Temp Folders, as well as Adjust Time/Date in the prep section. The prep section should then look like this:

 

http://i424.photobucket.com/albums/pp322/digistar/ncheck.png

 

http://i424.photobucket.com/albums/pp322/digistar/Window.png

 

•Click on Go

 

•Wait for Dial-A-Fix to finish (All the checks marks will be all gone)

 

•Close Dial-A-Fix.

[Ghot]

Diagnostic Report (1.9.0027.0):

-----------------------------------------

Windows Validation Data-->

Validation Status: Validation Control not Installed

Validation Code: 0

Cached Validation Code: N/A

Windows Product Key: *****-*****-B2PMM-X2CD9-R229J

Windows Product Key Hash: 43XoLf76PtIWCDQk/FWWjsHkAOw=

Windows Product ID: 55274-640-0878633-23837

Windows Product ID Type: 1

Windows License Type: Volume

Windows OS version: 5.1.2600.2.00010100.2.0.pro

ID: {D4235C52-163F-4208-8D63-8A98973BF60F}(3)

Is Admin: Yes

TestCab: 0x0

LegitcheckControl ActiveX: N/A, hr = 0x80070002

Signed By: N/A, hr = 0x80070002

Product Name: N/A

Architecture: N/A

Build lab: N/A

TTS Error: N/A

Validation Diagnostic: 025D1FF3-230-1

Resolution Status: N/A

 

Vista WgaER Data-->

ThreatID(s): N/A

Version: N/A

 

Windows XP Notifications Data-->

Cached Result: N/A, hr = 0x80070002

File Exists: No

Version: N/A, hr = 0x80070002

WgaTray.exe Signed By: N/A, hr = 0x80070002

WgaLogon.dll Signed By: N/A, hr = 0x80070002

 

OGA Notifications Data-->

Cached Result: N/A, hr = 0x80070002

Version: N/A, hr = 0x80070002

OGAExec.exe Signed By: N/A, hr = 0x80070002

OGAAddin.dll Signed By: N/A, hr = 0x80070002

 

OGA Data-->

Office Status: 109 N/A

OGA Version: N/A, 0x80070002

Signed By: N/A, hr = 0x80070002

Office Diagnostics: B4D0AA8B-543-80070002_025D1FF3-230-1

 

Browser Data-->

Proxy settings: N/A

User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)

Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe

Download signed ActiveX controls: Prompt

Download unsigned ActiveX controls: Disabled

Run ActiveX controls and plug-ins: Allowed

Initialize and script ActiveX controls not marked as safe: Disabled

Allow scripting of Internet Explorer Webbrowser control: Disabled

Active scripting: Allowed

Script ActiveX controls marked as safe for scripting: Allowed

 

File Scan Data-->

 

Other data-->

Office Details: <GenuineResults><MachineData><UGUID>

{D4235C52-163F-4208-8D63-8A98973BF60F}</UGUID><

Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.2.0.pro

</OS><Architecture>x32</Architecture><PKey>*****-*****-

*****-*****-R229J</PKey><PID>55274-640-0878633-23837

</PID><PIDType>1</PIDType><SID>S-1-5-21-842925246-

2139871995-682003330</SID><SYSTEM><Manufacturer>

Hewlett-Packard</Manufacturer><Model>HP 530 Notebook PC</

Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</

Manufacturer><Version>68MVU Ver. F.07</Version>

<SMBIOSVersion major="2" minor="4"/><Date>20080318000000.000000+000

</Date></BIOS><HWID>5A0D3607018400DE</HWID><UserLCID>0409</

UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Arab Standard Time(

GMT+03:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/>

<GANotification/></MachineData> <Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

 

Licensing Data-->

N/A

 

Windows Activation Technologies-->

N/A

 

HWID Data-->

N/A

 

OEM Activation 1.0 Data-->

BIOS string matches: yes

Marker string from BIOS: A5CC:Compaq Computer Corporation|1E070:

Compaq Computer Corporation|1FFEA:Compaq Computer Corporation|13AD7:

Compaq Computer Corporation|13AD7:Compaq Computer Corporation|1FFEA:

Hewlett-Packard Company|13AD7:Hewlett-Packard Company

Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

 

OEM Activation 2.0 Data-->

N/A

[Melvin_Deal]

For clarity for all viewers of this thread: you can see the Anagram from post #13 of this thread...

 

read from top to bottom...

 

 

.....................................................d

i

s

p

l

a

y

N

a

m

e

ECHO is off.

U

n

T

h

r

e

a

t

ECHO is off.

A

n

t

i

V

i

r

u

s

[Ghot]

What is this ECHO?

[Superdave]

Did you try dial-a-fix?

[Ghot]

Yes, I have used this dial-a-fix tool, But could not repair Windows updates.

[Superdave]

What happens when you try to get your updates here?

Go to Microsoft Windows Update and get all critical updates.

[Melvin_Deal]

Hi Dave and Ghot.

 

It would appear that Enoskype was correct. Please see the the last posts with the the other thread Dave. They concern the inability to update as support for XP is phasing out... this is why he cannot update. The SP2 that Ghot is running is no longer supported.

 

Why Ghot never updated to the SP3 is apparently a different question.

 

Thank you so much Dave, for your time and energy... you will never know how much it is appreciated! Thank you also for helping me to learn!

 

Sincerely,

-Mel

Live long and prosper!

 

P.S. I must mention that the whole reason I recommended Ghot open a thread here is that he described a blue screen that advised him to shut off his anti-virus. He also described it as appearing difererent from other "BSOD's". That post is also on the other thread.

[Ghot]

Superdave. :-D see here.

 

http://forums.iobit.com/showpost.php?p=81334&postcount=55

[Ghot]

Melvin_Deal & Enoskype

 

All right, I've done everything.

Thanks for the advice instructions and help. For both of you. :grin: