Jump to content

Recommended Posts

!!==Summary==!!

Greetings,

I'd noticed my machine was running a bit laggy, so I ran two malwarebytes scans and found the following. I've also attached a hijack this log. I tried to run D.D.S., but after 15 minutes of it running without any progress I decided to kill it. It is actually currently hung on my system, and I cannot end the process via the task manager process lists, so I'll probably have to perform a forced shut-down. This is somewhat odd, I disabled Avast! and my firewall and cannot think of any other script blocking programs that could be interfering. Any assistance that could be provided would be appreciated.

EDIT: I decided to also run a trendmicro root kit scanner. I doubt almost anything in it is actually a rootkit, but in the off chance I missed something I decided to post the contents amidst the other logs included.

!!==Log 1 - Malwarebytes==!!

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.27.12

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 7.0.5730.13

Amun-Ra 13 :: SEKHMET [administrator]

6/27/2012 5:36:58 PM

mbam-log-2012-06-27 (17-36-58).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 73605

Time elapsed: 19 minute(s), 16 second(s) [aborted]

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Documents and Settings\Amun-Ra 13\Local Settings\Temp\IWantThis.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.

(end)

!!==Log 2 - Malwarebytes==!!

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.27.12

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 7.0.5730.13

Amun-Ra 13 :: SEKHMET [administrator]

6/27/2012 6:21:42 PM

mbam-log-2012-06-27 (18-21-42).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 510979

Time elapsed: 3 hour(s), 38 minute(s), 18 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\RECYCLER\S-1-5-21-682003330-1035525444-725345543-1004\Dc56.exe (PUP.AdBundle) -> Quarantined and deleted successfully.

(end)

!!==Log 3 - Hijack This==!!

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 5:43:10 PM, on 6/27/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Program Files\Tablet\Pen\Pen_TouchService.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\IObit\Game Booster 3\gbtray.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe

C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Tablet\Pen\Pen_Tablet.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\RTHDCPL.EXE

C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

C:\Program Files\AutoTask\AutoTask.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\System Explorer\SystemExplorer.exe

C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

C:\Program Files\Sandboxie\SbieCtrl.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\LOLReplay\LOLRecorder.exe

C:\Program Files\NETGEAR\WNA3100\WNA3100.exe

C:\Program Files\MagicDisc\MagicDisc.exe

C:\WINDOWS\system32\taskmgr.exe

C:\WINDOWS\system32\WISPTIS.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Microsoft Office\Office12\EXCEL.EXE

C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe

C:\Documents and Settings\Amun-Ra 13\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\SEARCH~1\BROWSE~1.DLL

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [AutoTask] "C:\Program Files\AutoTask\AutoTask.exe" /STARTUP

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [systemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY

O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart

O4 - HKCU\..\Run: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"

O4 - S-1-5-18 Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (User 'Default user')

O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe

O4 - Global Startup: LOLRecorder.lnk = C:\Program Files\LOLReplay\LOLRecorder.exe

O4 - Global Startup: NETGEAR WNA3100 Smart Wizard.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe

O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe

O23 - Service: WSWNA3100 - Unknown owner - C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe

--

End of file - 12600 bytes

!!==Log 4 - Trend Micro RootkitBuster==!!

+----------------------------------------------------

| Trend Micro RootkitBuster

| Module version: 5.0.0.1061

| Computer Name: SEKHMET

| OS version: 5.1-2600

| User Name: Amun-Ra 13

+----------------------------------------------------

--== Dump Hidden MBR, Hidden Files and Alternate Data Streams on C:\ ==--

MBR unsupported disk type

No hidden files found.

--== Dump Hidden Registry Value on HKLM ==--

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Root : 448b0d8

SubKey : Windows

ValueName : DeviceNotSelectedTimeout

Data : 15

ValueType : 1

AccessType: 0

FullLength: 71

DataSize : 6

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Root : 448b0d8

SubKey : Windows

ValueName : GDIProcessHandleQuota

Data : 10000

ValueType : 4

AccessType: 0

FullLength: 71

DataSize : 4

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Root : 448b0d8

SubKey : Windows

ValueName : Spooler

Data : yes

ValueType : 1

AccessType: 0

FullLength: 71

DataSize : 8

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Root : 448b0d8

SubKey : Windows

ValueName : swapdisk

Data :

ValueType : 1

AccessType: 0

FullLength: 71

DataSize : 2

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Root : 448b0d8

SubKey : Windows

ValueName : TransmissionRetryTimeout

Data : 90

ValueType : 1

AccessType: 0

FullLength: 71

DataSize : 6

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Root : 448b0d8

SubKey : Windows

ValueName : USERProcessHandleQuota

Data : 10000

ValueType : 4

AccessType: 0

FullLength: 71

DataSize : 4

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Root : 448b0d8

SubKey : Windows

ValueName : LoadAppInit_DLLs

Data : 1

ValueType : 4

AccessType: 0

FullLength: 71

DataSize : 4

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Root : 448b0d8

SubKey : Windows

ValueName : AppInit_DLLs

Data : C:\PROGRA~1\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~1\SEARCH~1\SEARCH~1\IEBHO.dll

ValueType : 1

AccessType: 0

FullLength: 71

DataSize : 166

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg

Root : 448bfc0

SubKey : Cfg

ValueName : s1

Data : 771343423

ValueType : 4

AccessType: 0

FullLength: 61

DataSize : 4

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg

Root : 448bfc0

SubKey : Cfg

ValueName : s2

Data : 285507792

ValueType : 4

AccessType: 0

FullLength: 61

DataSize : 4

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg

Root : 448bfc0

SubKey : Cfg

ValueName : g0

Data : 38 23 E8 D0 BF F2 2D 6F ...

ValueType : 3

AccessType: 0

FullLength: 61

DataSize : 32

[HIDDEN_REGISTRY][Hidden Reg Value]:

KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg

Root : 448bfc0

SubKey : Cfg

ValueName : h0

Data : 1

ValueType : 4

AccessType: 0

FullLength: 61

DataSize : 4

[HIDDEN_REGISTRY][Hidden Reg Key]:

KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

SubKey : 0D79C293C1ED61418462E24595C90D04

FullLength: 94

13 hidden registry entries found.

--== Dump Hidden Process ==--

No hidden processes found.

--== Dump Hidden Driver ==--

No hidden drivers found.

--== Service Win32 API Hook List ==--

[HOOKED_SERVICE_API]:

Service API : ZwAddBootEntry

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80616e50

CurrentHandler : 0xb31f1df8

ServiceNumber : 0x9

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwAdjustPrivilegesToken

Image Path : C:\WINDOWS\System32\DRIVERS\cmdguard.sys

OriginalHandler : 0x805ec336

CurrentHandler : 0xb3629824

ServiceNumber : 0xb

ModuleName : cmdguard.sys

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwAllocateVirtualMemory

Image Path : C:\WINDOWS\System32\Drivers\aswSP.SYS

OriginalHandler : 0x805a8ac2

CurrentHandler : 0xb327ea5a

ServiceNumber : 0x11

ModuleName : aswSP.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwAssignProcessToJobObject

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805d66a0

CurrentHandler : 0xb31f285e

ServiceNumber : 0x13

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwClose

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805bc538

CurrentHandler : 0xb321ed5d

ServiceNumber : 0x19

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwConnectPort

Image Path : C:\WINDOWS\System32\DRIVERS\cmdguard.sys

OriginalHandler : 0x805a45d8

CurrentHandler : 0xb3628dd0

ServiceNumber : 0x1f

ModuleName : cmdguard.sys

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateEvent

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x8060ee4c

CurrentHandler : 0xb31f72e4

ServiceNumber : 0x23

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateEventPair

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80617196

CurrentHandler : 0xb31f7330

ServiceNumber : 0x24

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateFile

Image Path : C:\WINDOWS\System32\DRIVERS\cmdguard.sys

OriginalHandler : 0x805790a2

CurrentHandler : 0xb362948a

ServiceNumber : 0x25

ModuleName : cmdguard.sys

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateIoCompletion

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80578a80

CurrentHandler : 0xb31f7422

ServiceNumber : 0x26

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80623fd6

CurrentHandler : 0xb321e711

ServiceNumber : 0x29

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateMutant

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x8061758e

CurrentHandler : 0xb31f7252

ServiceNumber : 0x2b

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateSection

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805ab3d0

CurrentHandler : 0xb31f7374

ServiceNumber : 0x32

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateSemaphore

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80614f4c

CurrentHandler : 0xb31f729a

ServiceNumber : 0x33

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateSymbolicLinkObject

Image Path : C:\WINDOWS\System32\DRIVERS\cmdguard.sys

OriginalHandler : 0x805c3a02

CurrentHandler : 0xb362bfa4

ServiceNumber : 0x34

ModuleName : cmdguard.sys

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateThread

Image Path : C:\WINDOWS\System32\DRIVERS\cmdguard.sys

OriginalHandler : 0x805d1038

CurrentHandler : 0xb36287bc

ServiceNumber : 0x35

ModuleName : cmdguard.sys

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwCreateTimer

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80616e5e

CurrentHandler : 0xb31f73dc

ServiceNumber : 0x36

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwDeleteBootEntry

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805c8678

CurrentHandler : 0xb31f1e44

ServiceNumber : 0x3d

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwDeleteKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80624472

CurrentHandler : 0xb321f423

ServiceNumber : 0x3f

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwDeleteValueKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80624642

CurrentHandler : 0xb321f6d9

ServiceNumber : 0x41

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwDuplicateObject

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805be010

CurrentHandler : 0xb31f49a8

ServiceNumber : 0x44

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwEnumerateKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80624822

CurrentHandler : 0xb321f28e

ServiceNumber : 0x47

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwEnumerateValueKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80624a8c

CurrentHandler : 0xb321f0f9

ServiceNumber : 0x49

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwFreeVirtualMemory

Image Path : C:\WINDOWS\System32\Drivers\aswSP.SYS

OriginalHandler : 0x805b2fba

CurrentHandler : 0xb327eb34

ServiceNumber : 0x53

ModuleName : aswSP.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwLoadDriver

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80584172

CurrentHandler : 0xb31f1ad6

ServiceNumber : 0x61

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwMakeTemporaryObject

Image Path : C:\WINDOWS\System32\DRIVERS\cmdguard.sys

OriginalHandler : 0x805bc5dc

CurrentHandler : 0xb3629098

ServiceNumber : 0x69

ModuleName : cmdguard.sys

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwModifyBootEntry

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805c8678

CurrentHandler : 0xb31f1e90

ServiceNumber : 0x6d

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwNotifyChangeKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x806261c4

CurrentHandler : 0xb31f4d1c

ServiceNumber : 0x6f

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwNotifyChangeMultipleKeys

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80624df8

CurrentHandler : 0xb31f2b02

ServiceNumber : 0x70

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenEvent

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x8060ef4c

CurrentHandler : 0xb31f730e

ServiceNumber : 0x72

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenEventPair

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x8061726e

CurrentHandler : 0xb31f7352

ServiceNumber : 0x73

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenFile

Image Path : C:\WINDOWS\System32\DRIVERS\cmdguard.sys

OriginalHandler : 0x8057a1a0

CurrentHandler : 0xb3629666

ServiceNumber : 0x74

ModuleName : cmdguard.sys

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenIoCompletion

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80578b58

CurrentHandler : 0xb31f7446

ServiceNumber : 0x75

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x806253b4

CurrentHandler : 0xb321ea6d

ServiceNumber : 0x77

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenMutant

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80617666

CurrentHandler : 0xb31f7278

ServiceNumber : 0x78

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenProcess

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805cb456

CurrentHandler : 0xb31f4518

ServiceNumber : 0x7a

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenSection

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805aa3f4

CurrentHandler : 0xb31f73ae

ServiceNumber : 0x7d

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenSemaphore

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80615046

CurrentHandler : 0xb31f72c2

ServiceNumber : 0x7e

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenThread

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805cb6e2

CurrentHandler : 0xb31f474c

ServiceNumber : 0x80

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwOpenTimer

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80616f80

CurrentHandler : 0xb31f7400

ServiceNumber : 0x83

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwProtectVirtualMemory

Image Path : C:\WINDOWS\System32\Drivers\aswSP.SYS

OriginalHandler : 0x805b8426

CurrentHandler : 0xb327eca0

ServiceNumber : 0x89

ModuleName : aswSP.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwQueryKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x806256f6

CurrentHandler : 0xb321ef74

ServiceNumber : 0xa0

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwQueryMultipleValueKey

Image Path : C:\WINDOWS\System32\DRIVERS\cmdguard.sys

OriginalHandler : 0x80623124

CurrentHandler : 0xb362b0e8

ServiceNumber : 0xa1

ModuleName : cmdguard.sys

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwQueryObject

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805c52d4

CurrentHandler : 0xb31f29ce

ServiceNumber : 0xa3

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwQueryValueKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x806221fa

CurrentHandler : 0xb321edc6

ServiceNumber : 0xb1

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwRenameKey

Image Path : C:\WINDOWS\System32\Drivers\aswSP.SYS

OriginalHandler : 0x806239f8

CurrentHandler : 0xb3288b68

ServiceNumber : 0xc0

ModuleName : aswSP.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwRestoreKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x806259b6

CurrentHandler : 0xb321dd84

ServiceNumber : 0xcc

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSetBootEntryOrder

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80616e50

CurrentHandler : 0xb31f1edc

ServiceNumber : 0xd3

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSetBootOptions

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80616e50

CurrentHandler : 0xb31f1f28

ServiceNumber : 0xd4

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSetSecurityObject

Image Path : C:\WINDOWS\System32\DRIVERS\cmdguard.sys

OriginalHandler : 0x805c0636

CurrentHandler : 0xb3629e76

ServiceNumber : 0xed

ModuleName : cmdguard.sys

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSetSystemInformation

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x8060fc04

CurrentHandler : 0xb31f1b46

ServiceNumber : 0xf0

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSetSystemPowerState

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80653e18

CurrentHandler : 0xb31f1cea

ServiceNumber : 0xf1

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSetValueKey

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80622548

CurrentHandler : 0xb321f52a

ServiceNumber : 0xf7

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwShutdownSystem

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80612e8e

CurrentHandler : 0xb31f1c92

ServiceNumber : 0xf9

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwSystemDebugControl

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x80617faa

CurrentHandler : 0xb31f1d5a

ServiceNumber : 0xff

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwTerminateProcess

Image Path : C:\WINDOWS\System32\Drivers\aswSP.SYS

OriginalHandler : 0x805d22d8

CurrentHandler : 0xb327ed60

ServiceNumber : 0x101

ModuleName : aswSP.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwTerminateThread

Image Path : C:\WINDOWS\System32\DRIVERS\cmdguard.sys

OriginalHandler : 0x805d24d2

CurrentHandler : 0xb36289c0

ServiceNumber : 0x102

ModuleName : cmdguard.sys

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwVdmControl

Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS

OriginalHandler : 0x805fba3e

CurrentHandler : 0xb31f1f74

ServiceNumber : 0x10c

ModuleName : aswSnx.SYS

SDTType : 0x0

[HOOKED_SERVICE_API]:

Service API : ZwWriteVirtualMemory

Image Path : C:\WINDOWS\System32\Drivers\aswSP.SYS

OriginalHandler : 0x805b43d4

CurrentHandler : 0xb327ebe0

ServiceNumber : 0x115

ModuleName : aswSP.SYS

SDTType : 0x0

No hidden operating system service hooks found.

--== Dump Hidden Port ==--

No hidden ports found.

--== Dump Kernel Code Patching ==--

No kernel code patching detected.

--== Dump Hidden Services ==--

No hidden services found.

Share this post


Link to post
Share on other sites

1.Click Start > Settings > Control Panel.

2.Next, open Add/Remove Programs and remove either:

IObit\Advanced SystemCare 5

Searchqu Toolbar

SearchCore for Browsers

Bing Bar

Do you use this program?

System Explorer\SystemExplorer.exe

Next:

Next:

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner»

Double-click ATF-Cleaner.exe to run the program.

Under Main choose: Select All

Click the Empty Selected button.

If you use Firefox browser

  • Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

  • Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

Share this post


Link to post
Share on other sites

All items removed, and all cleaning tasks performed. May I ask why I was instructed to remove IObit? I rather enjoyed some of the system tools that came packaged with it.

EDIT:

Also, yes I do use System Explorer.

Share this post


Link to post
Share on other sites

Just trying to get the performance back so anything that's running will make a difference.

Is it running better?

Share this post


Link to post
Share on other sites

You still with me on this?

We've only just started looking at this.

Share this post


Link to post
Share on other sites

My apologies, I am still with you. My reply was delayed by a serious system failure.

A few evenings ago I was playing a game called League of Legends with some friends of mine. While running the program I also had skype up so we could chat with one another while playing said game. During the game my Skype account was disconnected, and the games screen cut to black. I still had audio of the game happening though.

Deciding it best to close the process, I ended the games task in the task manager. While looking through the task manager I noticed several strange entries, attempted to take a screenshot of the events but recieved a blank error message informing me of something while the print screen failed to paste into a paint document. I've attempted to replicate what the screen I saw looked like with the image attached.

Things got progressivly worse. While attempting to restore my Skype password (which was now for some reason inexplicably blank) I noticed that websites wern't fully loading. It got so bad I eventually had to kill the browsers I was using in an effort to get a better view of things. My desktop was acting tempramental, icons were discolored, and some were missing, others had black shadows encompassing them. I attempted to open a folder, and it looked like for a split second a folder was opening before suddenly it abruptly closed and another blank error message was displayed on my screen. I'd had enough of all this, and proceeded to manually shutdown the machine.

I've booted it a few times in safe mode and tried to run malwarebytes, running a full system scan. Since I have alot of files I generally set it up and than leave it be. However, after attempting two full system scans the system seems to shut down in the middle of the scans for reasons I can't imagine. A quick scan revealed no infections, but a full scan might be best.

I've managed to load up the machine in normal mode. Loading times seem slower than I remember them, but so far the strange system failures haven't started up again.

Do these sound like signs that my video card / power supply is going out? I've been having some issues with both in the past, but am uncertain how such things would result in Skype crashing.

Any and all advice you could provide would be helpful,

~Trav

EDIT: I have added the image file mentioned earlier and a collection of event log entries I found suspicious.

post-21615-0-17194600-1341188966.jpg

Suspicious Event Log Entries.txt

Share this post


Link to post
Share on other sites

You can Google those yourself like I did.

Nothing appears to be bad.

It really sounds like a hardware issue to me.

Share this post


Link to post
Share on other sites

I see, what sort of hardware issue do you think it is? A problem with graphics card / power supply / hard drive? I'm doing some searches myself and am having trouble finding what hardware is implicated by the described symptoms.

Share this post


Link to post
Share on other sites

Question.

Is it only when you're on the web you notice issues with picture, etc.?

Have you tried both IE and FireFox?

Share this post


Link to post
Share on other sites

I generally am constantly on the internet in one way or another, so although it has surfaced only while I'm using a browser or playing an online game, I'm not sure if that is a good indicator of a correlation.

The graphics card I'm running with is REALLY old, an Nvidia Geforce 8500, so I'm currently ordering in a newer model with a built in fan. After I get that installed in the next few days I'll be in need of your insight if the problem persists.

EDIT: Also, I think the content loss has been occurring while using both Firefox and Google Chrome, but I never use IE so I have as of yet not seen if it also happens there. The content loss isn't confined to the browsers though, it also eventually results in "The Application Failed To Initialize Properly" errors.

Share this post


Link to post
Share on other sites

"The Application Failed To Initialize Properly"

That could be about anything.

Does it give you a code number like: oxcoooo?

Share this post


Link to post
Share on other sites

It does, but it is hard to make out due to the obscuring of text.

Share this post


Link to post
Share on other sites

OK.

Lets see what happens with the new video card when you get it.

Share this post


Link to post
Share on other sites

Sorry for the delayed response, it has been hectic around here as of late.

After installing the graphics card and fiddling with it's driver set things seem to be doing better. I haven't noticed any of the strange distortions to icons, and the "application failed to initialize properly" errors are no longer occurring. The system does seem to be a bit slower than I recall it being though, especially on boot up. I doubt that is the graphics card's fault though, probably some other system element getting bogged down.

Share this post


Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.