Raid

Please tell me this box has no live internet connection?

The biggest catch was about a year ago. Went to do an onsite, came home with 271 viable malware samples after cleaning several hundred (kid you not) known malware executables.

I don't see anything malicious in your hijackthis log. May want to wait until JeaninMontana or another log expert comes along.

It would be a good idea to let mbam go ahead and Quarantine them.

BugHunter also supports the older OSes, but it should be used in addition to, not as a replacement of the other programs mentioned. as it targets files only and does nothing with the registry.

Okay, no problem. I suspect you have alot of temp files hanging around. Might I suggest ccleaner, cleanup!, or atf-cleaner. Run one of those, let them clean up the temp files, and then quick scan with mbam again. Please report back your results!

Glad it helped you in your time of need. And thanks for letting us know!

Hi Squirrely, What are your system specs, and were you doing a quick scan or a full scan? Also, which version of mbam did you use?

I am a happy registered user of the SandBoxie program listed on spywarewarriors page. imho, it's an excellent sandboxing tool with an active support forum. The author is easy to contact and is quick to issue fixes/security updates as needed. I have nothing whatsoever to do with SandBoxie other than being a happy user.

hehehehehe.... Bad Bruce, we don't all run such high res.

Very glad it worked for you.

How unfortunate. Glad you were able to delete them, but it's a surely missed chance for us to examine those suspect files in closer detail. Jean wants you to do a bit of tidying up with your other accounts, so I'll back out now.

Have had no freezing issues so far. Will conduct more extensive testing.

HI Guys, Swetbak, I'm starting to wonder if you might have a rootkit lingering. I apologize for the smile.gif part; I didn't intend for you to type that. Any possibility you could send a copy of the owe75.sys to uploads.malwarebytes.org? That will give us a chance to examine it.

The SM BUS controller is Intel, as is likely the pci bridge device... You said the new motherboard had an intel chipset? You might want to snag the intel chipset drivers. Then go in cmos, and double check to make sure ethernet is enabled. Once the chipset drivers are loaded, the sm bus controller will disappear for you. If the nic card is a pci device card, installing the chipset drivers should allow the system to properly use it's pci bus, and it should detect the nic card. YOu might even luck out and it install compatable drivers for you. I accidently posted this information to Jean, but I had intended it for yourself: http://wiki.lunarsoft.net/wiki/Dial-a-fix Please download Dial A fix as well. Reboot from the bartpe disc and locate this file: pgjrawnu - H:\WINDOWS\ it may have the hidden andor/system file attribute set, so do a dir /a smile.gif move this file to some other place, such as c:\hold Next, restart the computer, login as you now can, and proceed with the instructions below. I'd like you to have it do a policy scan, and remove any keys it finds. Please let me know if after doing this, you are able to regain some functionality of the control panel, and various areas you seem to be locked out of.

http://wiki.lunarsoft.net/wiki/Dial-a-fix Please download Dial A fix as well. Reboot from the bartpe disc and locate this file: pgjrawnu - H:\WINDOWS\ it may have the hidden andor/system file attribute set, so do a dir /a move this file to some other place, such as c:\hold Next, restart the computer, login as you now can, and proceed with the instructions below. I'd like you to have it do a policy scan, and remove any keys it finds. Please let me know if after doing this, you are able to regain some functionality of the control panel, and various areas you seem to be locked out of.

Windows defender (bleh) is a personal thing. If you like the program, leave it on and installed. If you do not, remove it. AVG, Antivir, AVAST are all decent scanners, however, AntiVir ranks highest in 0day detection. Unfortunatly, their really is no one single best product that will proactively catch everything.

I knew there was a reason I liked you. Good techie skills.

You can also download an installer for the definitions file: (in the event you need to burn it to cd-r and take it to a noninternet enabled computer): http://malwarebytes.gt500.org/database.jsp You can run the mbam setup, and uncheck both boxes on the installer, before pressing finish. Next, run the mbam signature installer you got from the above url, and perform a quick scan. A full scan can be used later if you wish, but a quickscan will usually do the job well for you.

It mentioned a file previously, in the reboot. You should boot from a bartpe disc, and temporarily rename the bad .dll file to .bad, and try booting the machine again. The application or DLL \??\H:\WINDOWS\System32\basetcf32.dll is not a valid windows image. Please check t please rename that file from .dll to bad and try again.

Yay! I toast my m dew!

I've got a few ideas. Your familar with a bartpe disc I see... Good. In the system volume information folder, lies another folder, which contains more folders, in date order. Pick one from a few days before you ran into this problem, and cd into it. Inside that folder is (yes, another one) a snapshot folder, and inside it is a backup of the system registry hive files. Copy these to a temp folder on your hard disk, like c:\work rename them from _REGISTRY_BLAH_BLAHSYSTEM to SYSTEM. and do the same for the others, SAM, HARDWARE, SOFTWARE AND DEFAULT. now, create another folder c:\oldreg, and copy the contents from c:\windows\system32\config to c:\oldreg copy the renamed files from c:\work to the c:\windows\system32\config folder, and select yes to overwrite the older ones. Exit the console prompt and reboot the computer, allow it to try and boot on it's own and report back your results.

Thanks for your comments, they are appreciated! It's always nice to hear someone enjoys the program. It makes the hours spent into developing/researching well worth it.

When you replaced the mainboard, is the chipset still the same? If not, Windows NT family usually won't make it far into the system. The video issue you mentioned, everything greyed out, unable to do anything was a video driver problem. I suspect windows was busily detecting new hardware when you scanned, and when it requested the reboot, it's hanging on the switched chipset. If that's the case. we need more information.