Author Topic: [Resolved] Blue screen and computer locked  (Read 5860 times)

0 Members and 1 Guest are viewing this topic.

Offline PGB

  • Bronze Member
  • Posts: 335
[Resolved] Blue screen and computer locked
« on: August 20, 2011, 05:46:01 pm »
Hoov has helped me before with the computer that's having problem.  I was reading an article on-line and the computer shut itself off. I re-booted and it went through a check of itself. I ran hijack this and shut off the computer (by mistake!)  and while I was at it I disconnected the computer from the internet. Then I rebooted-- but instead it opens automatically to this same screen and the Windows box that says "This computer is in use and has been locked. Only UPSTAIRS WINDOW\Administrator or an administrator can unlock this computer."

UPSTAIRSWINDOW is the name of my computer and it looks like my usual log-in box.  When I put in my password all I get is the same blue screen with the picture in the middle that is always there before it opens to my desktop with icons.  It doesn't let me do anything else.  

What do I do?

PGB
« Last Edit: August 20, 2011, 05:54:48 pm by Hoov »



Offline Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25317
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Blue screen and computer locked
« Reply #1 on: August 20, 2011, 05:57:32 pm »
Its me again. It is possible that this is a settings issue with your screensaver.

According to Microsoft,

    Press CTRL+ALT+DELETE to unlock the computer.
    Type the logon information for the last logged on user, and then click OK.
    When the Unlock Computer dialog box disappears, press CTRL+ALT+DELETE and log on normally.

If you are able to logon using these instructions, go to the screensaver settings and turn off the screensaver.

Let me know how it goes.

Consumer Security

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline PGB

  • Bronze Member
  • Posts: 335
Re: [In Progress] Blue screen and computer locked
« Reply #2 on: August 20, 2011, 06:14:45 pm »
I pressed CTRL+ALT+DELETE and the usual box comes up when you do that.  I don't know how to access screensaver -- so I logged off.  Will try to log on again.

Logged on normally.  WHY did this happen?  I have a feeling there's something going on with this machine.  Yesterday I was trying to copy a CD for my personal use and the program wouldn;t run; the computer locked up and when I CONTROL+ALT+DELETEd to shut it down.  When I rebooted it went through a program to verify the integrity of my sdisks -- or something like that; I really didn't understand.  Then it seemed fine until today, when I was reading an article and the computer was shut down to protect itself.

« Last Edit: August 20, 2011, 06:19:15 pm by PGB »

Offline Hoov

  • Malware Removal Mentors
  • Global Moderator
  • Diamond Member
  • Posts: 25317
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] Blue screen and computer locked
« Reply #3 on: August 20, 2011, 06:26:41 pm »
I am not sure why this happened. According to Microsoft it is when your computer is suppose to run a non existent screensaver. We can change that, but first I need to know what version of windows you are using.

We need to see some information about what is happening in your machine.  Please perform the following scan:
  • Download DDS by sUBs from one of the following links.  Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool.  No input is needed, the scan is running.
  • Notepad will open with the results.
  • Please copy and paste both logs into your next response. You may need more than one response.
  • Close the program window, and delete the program from your desktop.
Please note:  You may have to disable any script protection running if the scan fails to run.  After downloading the tool, disconnect from the internet and disable all antivirus protection.  Run the scan, enable your A/V and reconnect to the internet. 

Information on A/V control HERE


Also I am going to have you run a few scans.

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.





  • If an infected file is detected, the default action will be Cure, click on Continue.





  • If a suspicious file is detected, the default action will be Skip, click on Continue.





  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.





  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
    • Then click Finish.
    MBAM will automatically start and you will be asked to update the program before performing a scan.
    • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
    On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
    • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
    • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
    • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    • Click OK to close the message box and continue with the removal process.
    Back at the main Scanner screen:
    • Click on the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked, and click Remove Selected.
    • When removal is completed, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
    • Exit MBAM when done.
    Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

    Consumer Security

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline PGB

    • Bronze Member
    • Posts: 335
    Re: [In Progress] Blue screen and computer locked
    « Reply #4 on: August 20, 2011, 06:34:10 pm »
    .
    DDS (Ver_2011-06-23.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 1.6.0_22
    Run by Administrator at 20:29:38 on 2011-08-20
    Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3583.2635 [GMT -4:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
    FW: ZoneAlarm Firewall *Enabled*
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\System32\svchost.exe -k Cognizance
    C:\Program Files\Intel\AMT\atchksrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\IFXSPMGT.exe
    C:\WINDOWS\system32\IFXTCS.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\PDF Complete\pdfsvc.exe
    C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
    C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\HPQ\IAM\bin\asghost.exe
    C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\SMINST\Scheduler.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
    C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
    C:\Program Files\PDF Complete\pdfsty.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Intel\AMT\atchk.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uStart Page = hxxp://www.stevebrownsellshomes.com/
    uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\tbZone.dll
    mURLSearchHooks: H - No File
    BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    BHO: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\tbZone.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - c:\program files\zonealarm_security\tbZone.dll
    TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
    uRun: [eFax 4.4] "c:\program files\efax messenger 4.4\J2GDllCmd.exe" /R
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe"  -osboot
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [SetRefresh] c:\program files\compaq\setrefresh\SetRefresh.exe
    mRun: [Seagate Dashboard] c:\program files\seagate\seagate dashboard\MemeoLauncher.exe --silent --no_ui
    mRun: [SDMSSplash] "c:\program files\hp_sdms\sdmssplash\launcher.exe" "launchdir=c:\program files\hp_sdms\SDMSSplash"
    mRun: [Scheduler] c:\windows\sminst\Scheduler.exe
    mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Recguard] c:\windows\sminst\Recguard.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start
    mRun: [PDF Complete] "c:\program files\pdf complete\pdfsty.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [CognizanceTS] rundll32.exe c:\progra~1\hpq\iam\bin\AsTsVcc.dll,RegisterModule
    mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
    mRun: [atchk] "c:\program files\intel\amt\atchk.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
    mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
    mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
    mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVw"&"inst=NwA3AC0ANAAw
    ADYAMwA2ADcANQAyADUALQBUADEAOAAtAFUAOAA1ACsAMQAtAEIAQQArADEALQBLAFYAMwArADc
    ALQBYAEwAKwAx"&"prod=90"&"ver=9.0.864
    StartupFolder: c:\documents and settings\administrator\start menu\programs\startup\login.bat
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    Trusted Zone: nnerenmls.com\www
    Trusted Zone: topproducer8i.com\www
    Trusted Zone: vectorvest.com\www
    DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
    DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
    DPF: {475E5A2B-6EAC-4EA3-880A-55207CB012B5} - hxxp://wucma.wyldfyre.com/xbin/CMAX.dll
    DPF: {4D054067-DE3A-48F9-B19B-BCD229B9AE8D} - hxxp://www.samsungdp.com/printerhelp/ActiveX/DrPrinter.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180889120859
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} - hxxps://www.topproduceronline.com/Downloads/arview2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} - hxxps://www1.gotomeeting.com/default/applets/g2mdlax.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} - hxxp://ak.imgag.com/imgag/cp/install/Crusher.cab
    DPF: {C269D811-8511-44CF-B310-28CDDFFB1B74} - hxxp://www.nnerenmls.com/nne/valid/osi_valid9m.ocx
    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://www.adobe.com/products/acrobat/nos/gp.cab
    DPF: {D6E0B119-DCF2-4CD6-8DFB-7CFF1B70F7FF} - hxxps://bis.na.blackberry.com/html/web/client_tools/TOImport.cab
    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://oxps.webex.com/client/T27L/nbr/ieatgpc.cab
    DPF: {F7A05BAC-9778-410A-9CDE-BFBD4D5D2B7F} - hxxp://216.249.24.62/code/iPIX-ImageWell-ipix.cab
    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{CD3A61DD-B162-44E8-A3CB-76B393B8B698} : DhcpNameServer = 192.168.1.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
    Notify: AtiExtEvent - Ati2evxx.dll
    Notify: IfxWlxEN - IfxWlxEN.dll
    Notify: OneCard - c:\program files\hpq\iam\bin\AsWlnPkg.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    mASetup: {B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC} - c:\program files\pixiepack codec pack\InstallerHelper.exe
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.topproducer8i.com
    FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
    FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\ckoaln71.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko19.dll
    FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
    FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\TrustCheckerMozillaPlugin.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
    FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
    FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdbplug.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npxsciter.dll
    FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165648]
    R1 MpKsl1681d584;MpKsl1681d584;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5517b2f9-6528-4aaa-95ad-5d65521179d0}\MpKsl1681d584.sys [2011-8-20 28752]
    R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2006-4-7 31104]
    R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2011-1-14 532224]
    R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2006-2-27 14336]
    R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2010-11-5 26872]
    R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2010-11-5 488952]
    R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2007-5-6 540448]
    R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088]
    R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
    R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-5-6 36608]
    R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
    S1 MpKsl723e5503;MpKsl723e5503;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6bd347bf-3604-469b-977b-27b528dd15e3}\mpksl723e5503.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6bd347bf-3604-469b-977b-27b528dd15e3}\MpKsl723e5503.sys [?]
    S1 MpKslafe5f4af;MpKslafe5f4af;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a65f8407-86be-4be9-b538-fd7b5ef6b499}\mpkslafe5f4af.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a65f8407-86be-4be9-b538-fd7b5ef6b499}\MpKslafe5f4af.sys [?]
    S1 MpKsld58ef48a;MpKsld58ef48a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e5cc13dd-dd80-4fed-b4c9-37e794dfa58a}\mpksld58ef48a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e5cc13dd-dd80-4fed-b4c9-37e794dfa58a}\MpKsld58ef48a.sys [?]
    S1 MpKslf2910119;MpKslf2910119;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{56aae25d-9746-4b48-ac7f-c99142cdf59f}\mpkslf2910119.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{56aae25d-9746-4b48-ac7f-c99142cdf59f}\MpKslf2910119.sys [?]
    S2 Apache2.2;Apache2.2;c:\appserv\apache2.2\bin\httpd.exe [2007-1-9 20539]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-7 136176]
    S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2008-2-7 309744]
    S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2008-2-7 166384]
    S2 SessionLauncher;SessionLauncher;c:\docume~1\admini~1\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\admini~1\locals~1\temp\dx9\SessionLauncher.exe [?]
    S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
    S3 DirectUpdate;DirectUpdate engine;c:\program files\directupdate v4\DUEngine.exe [2007-6-8 286928]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-7 136176]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
    S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
    S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-2-7 1112560]
    S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?]
    S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-27 14336]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2011-08-21 00:14:18   28752   ----a-w-   c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5517b2f9-6528-4aaa-95ad-5d65521179d0}\MpKsl1681d584.sys
    2011-08-20 20:57:23   388096   ----a-r-   c:\documents and settings\administrator\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-08-20 08:13:09   7152464   ----a-w-   c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{5517b2f9-6528-4aaa-95ad-5d65521179d0}\mpengine.dll
    2011-08-18 05:00:49   6881616   ----a-w-   c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
    2011-08-11 13:23:24   139656   ------w-   c:\windows\system32\dllcache\rdpwd.sys
    2011-08-11 13:22:48   10496   ------w-   c:\windows\system32\dllcache\ndistapi.sys
    2011-08-08 02:45:00   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\Temp
    .
    ==================== Find3M  ====================
    .
    2011-08-08 02:40:28   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-07-15 13:29:31   456320   ----a-w-   c:\windows\system32\drivers\mrxsmb.sys
    2011-07-08 14:02:00   10496   ------w-   c:\windows\system32\drivers\ndistapi.sys
    2011-07-06 23:52:42   41272   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
    2011-07-06 23:52:42   22712   ----a-w-   c:\windows\system32\drivers\mbam.sys
    2011-06-24 14:10:36   139656   ------w-   c:\windows\system32\drivers\rdpwd.sys
    2011-06-23 18:36:30   916480   ----a-w-   c:\windows\system32\wininet.dll
    2011-06-23 18:36:30   43520   ------w-   c:\windows\system32\licmgr10.dll
    2011-06-23 18:36:30   1469440   ------w-   c:\windows\system32\inetcpl.cpl
    2011-06-23 12:05:13   385024   ----a-w-   c:\windows\system32\html.iec
    2011-06-20 17:44:52   293376   ----a-w-   c:\windows\system32\winsrv.dll
    2011-06-02 14:02:05   1858944   ------w-   c:\windows\system32\win32k.sys
    2011-03-31 22:28:03   3452416   ----a-w-   c:\program files\PortfolioProphet_Setup.msi
    2011-01-14 20:28:52   46947840   ----a-w-   c:\program files\zaSetup_92_102_000_en.exe
    2010-12-16 14:12:27   8582536   ----a-w-   c:\program files\Firefox Setup 3.6.13.exe
    2010-12-15 17:30:44   3895296   ----a-w-   c:\program files\ARGALIWYSETUP.EXE
    2010-11-04 15:36:12   8048805   ----a-w-   c:\program files\FPM_Trade_Alert_Setup.exe
    2009-12-27 16:51:25   16883056   ----a-w-   c:\program files\IE8-WindowsXP-x86-ENU.exe
    2009-12-11 14:51:30   2131832   ----a-w-   c:\program files\Top Producer Editor.exe
    2009-10-30 20:34:31   1925024   ----a-w-   c:\program files\install_flash_player.exe
    2009-03-07 12:31:23   13112552   ----a-w-   c:\program files\Quicken_WillMaker_Plus_2009.exe
    2008-10-06 18:57:29   3407848   ----a-w-   c:\program files\YouSendItExpressSetup1_7_3.exe
    2008-09-22 12:37:59   13596936   ----a-w-   c:\program files\sdsetup.exe
    2008-07-10 22:27:38   1058886   ----a-w-   c:\program files\anytv_setup.exe
    2007-09-01 19:06:20   5872077   ----a-w-   c:\program files\netscape-navigator-9.0b3.exe
    2007-06-23 23:09:17   935638   ----a-w-   c:\program files\pdfcomp.exe
    2007-06-06 13:47:11   3115949   ----a-w-   c:\program files\DigestViewerSetup.exe
    2007-06-06 12:10:25   38347264   ----a-w-   c:\program files\RolEDX2006Setup.exe
    .
    ============= FINISH: 20:32:35.12 ===============
    « Last Edit: August 20, 2011, 07:12:06 pm by Hoov »

    Offline PGB

    • Bronze Member
    • Posts: 335
    Re: [In Progress] Blue screen and computer locked
    « Reply #5 on: August 20, 2011, 06:37:45 pm »
    It said  no infection found:

    2011/08/20 20:36:20.0984 5180   TDSS rootkit removing tool 2.5.16.0 Aug 19 2011 17:48:17
    2011/08/20 20:36:21.0640 5180   ================================================================================
    2011/08/20 20:36:21.0640 5180   SystemInfo:
    2011/08/20 20:36:21.0640 5180   
    2011/08/20 20:36:21.0640 5180   OS Version: 5.1.2600 ServicePack: 3.0
    2011/08/20 20:36:21.0640 5180   Product type: Workstation
    2011/08/20 20:36:21.0640 5180   ComputerName: UPSTAIRSWINDOW
    2011/08/20 20:36:21.0640 5180   UserName: Administrator
    2011/08/20 20:36:21.0640 5180   Windows directory: C:\WINDOWS
    2011/08/20 20:36:21.0640 5180   System windows directory: C:\WINDOWS
    2011/08/20 20:36:21.0640 5180   Processor architecture: Intel x86
    2011/08/20 20:36:21.0640 5180   Number of processors: 2
    2011/08/20 20:36:21.0640 5180   Page size: 0x1000
    2011/08/20 20:36:21.0640 5180   Boot type: Normal boot
    2011/08/20 20:36:21.0656 5180   ================================================================================
    2011/08/20 20:36:22.0828 5180   Initialize success
    2011/08/20 20:36:24.0703 5304   ================================================================================
    2011/08/20 20:36:24.0703 5304   Scan started
    2011/08/20 20:36:24.0703 5304   Mode: Manual;
    2011/08/20 20:36:24.0703 5304   ================================================================================
    2011/08/20 20:36:25.0796 5304   ac97intc        (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
    2011/08/20 20:36:25.0828 5304   ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    2011/08/20 20:36:25.0859 5304   ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    2011/08/20 20:36:25.0890 5304   adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
    2011/08/20 20:36:25.0921 5304   adpu320         (0ea9b1f0c6c90a509c8603775366adb7) C:\WINDOWS\system32\DRIVERS\adpu320.sys
    2011/08/20 20:36:25.0953 5304   aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    2011/08/20 20:36:26.0000 5304   AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
    2011/08/20 20:36:26.0046 5304   aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
    2011/08/20 20:36:26.0062 5304   aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
    2011/08/20 20:36:26.0203 5304   AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    2011/08/20 20:36:26.0218 5304   atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    2011/08/20 20:36:26.0312 5304   ati2mtag        (92e6e84d152d2acc44936c1c89ff26c4) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
    2011/08/20 20:36:26.0406 5304   Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    2011/08/20 20:36:26.0437 5304   audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    2011/08/20 20:36:26.0484 5304   Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    2011/08/20 20:36:26.0531 5304   BrPar           (2fe6d5be0629f706197b30c0aa05de30) C:\WINDOWS\System32\drivers\BrPar.sys
    2011/08/20 20:36:26.0578 5304   cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    2011/08/20 20:36:26.0609 5304   Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    2011/08/20 20:36:26.0656 5304   Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    2011/08/20 20:36:26.0671 5304   Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    2011/08/20 20:36:26.0812 5304   DgiVecp         (770471de2550820feeb7e5d24bf2e273) C:\WINDOWS\system32\Drivers\DgiVecp.sys
    2011/08/20 20:36:26.0828 5304   Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    2011/08/20 20:36:26.0890 5304   dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    2011/08/20 20:36:26.0984 5304   dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    2011/08/20 20:36:27.0000 5304   dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    2011/08/20 20:36:27.0046 5304   DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    2011/08/20 20:36:27.0093 5304   dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
    2011/08/20 20:36:27.0109 5304   drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    2011/08/20 20:36:27.0140 5304   E100B           (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
    2011/08/20 20:36:27.0203 5304   e1express       (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
    2011/08/20 20:36:27.0250 5304   Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    2011/08/20 20:36:27.0296 5304   Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    2011/08/20 20:36:27.0343 5304   Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    2011/08/20 20:36:27.0359 5304   Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    2011/08/20 20:36:27.0406 5304   FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    2011/08/20 20:36:27.0515 5304   Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    2011/08/20 20:36:27.0546 5304   Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    2011/08/20 20:36:27.0562 5304   GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
    2011/08/20 20:36:27.0609 5304   Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    2011/08/20 20:36:27.0656 5304   HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    2011/08/20 20:36:27.0703 5304   HECI            (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys
    2011/08/20 20:36:27.0734 5304   HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    2011/08/20 20:36:27.0796 5304   HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    2011/08/20 20:36:27.0859 5304   i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    2011/08/20 20:36:27.0890 5304   i81x            (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
    2011/08/20 20:36:27.0984 5304   iAimFP0         (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
    2011/08/20 20:36:28.0000 5304   iAimFP1         (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
    2011/08/20 20:36:28.0015 5304   iAimFP2         (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
    2011/08/20 20:36:28.0031 5304   iAimFP3         (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
    2011/08/20 20:36:28.0046 5304   iAimFP4         (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
    2011/08/20 20:36:28.0093 5304   iAimFP5         (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
    2011/08/20 20:36:28.0109 5304   iAimFP6         (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
    2011/08/20 20:36:28.0125 5304   iAimFP7         (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
    2011/08/20 20:36:28.0140 5304   iAimTV0         (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
    2011/08/20 20:36:28.0171 5304   iAimTV1         (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
    2011/08/20 20:36:28.0187 5304   iAimTV3         (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
    2011/08/20 20:36:28.0203 5304   iAimTV4         (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
    2011/08/20 20:36:28.0218 5304   iAimTV5         (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
    2011/08/20 20:36:28.0250 5304   iAimTV6         (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
    2011/08/20 20:36:28.0328 5304   iaStor          (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\DRIVERS\iaStor.sys
    2011/08/20 20:36:28.0390 5304   IFXTPM          (f67554da27d5b55efcb6c7cb4818fbfd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
    2011/08/20 20:36:28.0421 5304   Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    2011/08/20 20:36:28.0593 5304   IntcAzAudAddService (418fe3a08346ccca61bc9a04457f46cf) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    2011/08/20 20:36:28.0656 5304   IntelIde        (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
    2011/08/20 20:36:28.0671 5304   intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    2011/08/20 20:36:28.0703 5304   Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    2011/08/20 20:36:28.0750 5304   IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    2011/08/20 20:36:28.0781 5304   IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    2011/08/20 20:36:28.0812 5304   IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    2011/08/20 20:36:28.0890 5304   IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    2011/08/20 20:36:28.0921 5304   IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    2011/08/20 20:36:28.0953 5304   isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    2011/08/20 20:36:29.0015 5304   ISWKL           (5c7c9ea45700f5187f71eb7b0dab18c5) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
    2011/08/20 20:36:29.0078 5304   Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    2011/08/20 20:36:29.0093 5304   kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    2011/08/20 20:36:29.0109 5304   KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    2011/08/20 20:36:29.0218 5304   mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    2011/08/20 20:36:29.0250 5304   Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    2011/08/20 20:36:29.0265 5304   Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    2011/08/20 20:36:29.0296 5304   mouhid          (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    2011/08/20 20:36:29.0390 5304   MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    2011/08/20 20:36:29.0437 5304   MpFilter        (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
    2011/08/20 20:36:29.0546 5304   MpKsl1681d584   (5f53edfead46fa7adb78eee9ecce8fdf) C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5517B2F9-6528-4AAA-95AD-5D65521179D0}\MpKsl1681d584.sys
    2011/08/20 20:36:29.0703 5304   MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    2011/08/20 20:36:29.0750 5304   MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    2011/08/20 20:36:29.0796 5304   Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    2011/08/20 20:36:29.0812 5304   MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2011/08/20 20:36:29.0890 5304   MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2011/08/20 20:36:29.0906 5304   MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    2011/08/20 20:36:29.0937 5304   mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    2011/08/20 20:36:29.0968 5304   Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    2011/08/20 20:36:30.0015 5304   NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    2011/08/20 20:36:30.0062 5304   NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    2011/08/20 20:36:30.0093 5304   Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    2011/08/20 20:36:30.0109 5304   NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    2011/08/20 20:36:30.0140 5304   NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    2011/08/20 20:36:30.0171 5304   NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    2011/08/20 20:36:30.0218 5304   NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    2011/08/20 20:36:30.0281 5304   nm              (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
    2011/08/20 20:36:30.0312 5304   NPF             (6623e51595c0076755c29c00846c4eb2) C:\WINDOWS\system32\drivers\npf.sys
    2011/08/20 20:36:30.0375 5304   Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    2011/08/20 20:36:30.0421 5304   Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    2011/08/20 20:36:30.0468 5304   Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    2011/08/20 20:36:30.0515 5304   NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    2011/08/20 20:36:30.0531 5304   NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    2011/08/20 20:36:30.0578 5304   P3              (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
    2011/08/20 20:36:30.0640 5304   Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    2011/08/20 20:36:30.0671 5304   PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    2011/08/20 20:36:30.0718 5304   ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    2011/08/20 20:36:30.0828 5304   PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    2011/08/20 20:36:30.0953 5304   PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    2011/08/20 20:36:30.0984 5304   Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
    2011/08/20 20:36:31.0125 5304   PersonalSecureDrive (9abf51856b69b6a343988bc7d74840c4) C:\WINDOWS\System32\drivers\psd.sys
    2011/08/20 20:36:31.0156 5304   PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    2011/08/20 20:36:31.0171 5304   PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    2011/08/20 20:36:31.0203 5304   Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    2011/08/20 20:36:31.0218 5304   PxHelp20        (d970470f8f39470bdae94d313a1ccdce) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    2011/08/20 20:36:31.0312 5304   RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    2011/08/20 20:36:31.0343 5304   Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    2011/08/20 20:36:31.0359 5304   RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    2011/08/20 20:36:31.0375 5304   Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    2011/08/20 20:36:31.0406 5304   Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    2011/08/20 20:36:31.0421 5304   RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    2011/08/20 20:36:31.0453 5304   rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    2011/08/20 20:36:31.0484 5304   RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
    2011/08/20 20:36:31.0531 5304   redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    2011/08/20 20:36:31.0578 5304   RimUsb          (92d33f76769a028ddc54a863eb7de4a2) C:\WINDOWS\system32\Drivers\RimUsb.sys
    2011/08/20 20:36:31.0671 5304   RimVSerPort     (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
    2011/08/20 20:36:31.0703 5304   ROOTMODEM       (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
    2011/08/20 20:36:31.0796 5304   Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    2011/08/20 20:36:31.0843 5304   serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    2011/08/20 20:36:31.0890 5304   Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
    2011/08/20 20:36:31.0968 5304   Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    2011/08/20 20:36:32.0062 5304   splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    2011/08/20 20:36:32.0093 5304   sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    2011/08/20 20:36:32.0125 5304   Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    2011/08/20 20:36:32.0171 5304   swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    2011/08/20 20:36:32.0250 5304   swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    2011/08/20 20:36:32.0312 5304   symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
    2011/08/20 20:36:32.0328 5304   symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
    2011/08/20 20:36:32.0343 5304   Symmpi          (f2b7e8416f508368ac6730e2ae1c614f) C:\WINDOWS\system32\DRIVERS\symmpi.sys
    2011/08/20 20:36:32.0359 5304   sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
    2011/08/20 20:36:32.0375 5304   sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
    2011/08/20 20:36:32.0406 5304   sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    2011/08/20 20:36:32.0453 5304   tbhsd           (c26c6dff638d9e51dc5cc60a7785d057) C:\WINDOWS\system32\drivers\tbhsd.sys
    2011/08/20 20:36:32.0515 5304   Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    2011/08/20 20:36:32.0546 5304   TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    2011/08/20 20:36:32.0578 5304   TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    2011/08/20 20:36:32.0609 5304   TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    2011/08/20 20:36:32.0687 5304   Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    2011/08/20 20:36:32.0765 5304   usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    2011/08/20 20:36:32.0812 5304   usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    2011/08/20 20:36:32.0906 5304   usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    2011/08/20 20:36:32.0968 5304   usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    2011/08/20 20:36:33.0000 5304   usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    2011/08/20 20:36:33.0031 5304   USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    2011/08/20 20:36:33.0062 5304   usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    2011/08/20 20:36:33.0109 5304   VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    2011/08/20 20:36:33.0140 5304   ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
    2011/08/20 20:36:33.0171 5304   VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    2011/08/20 20:36:33.0234 5304   vsdatant        (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
    2011/08/20 20:36:33.0328 5304   Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    2011/08/20 20:36:33.0390 5304   Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
    2011/08/20 20:36:33.0468 5304   wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    2011/08/20 20:36:33.0531 5304   WmiAcpi         (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
    2011/08/20 20:36:33.0578 5304   WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
    2011/08/20 20:36:33.0656 5304   WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    2011/08/20 20:36:33.0703 5304   WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    2011/08/20 20:36:33.0734 5304   MBR (0x1B8)     (0c808e7238c810543120b2dc771ed1ba) \Device\Harddisk0\DR0
    2011/08/20 20:36:33.0859 5304   MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
    2011/08/20 20:36:33.0875 5304   Boot (0x1200)   (10eafce9fef32830f3c0db8d6a6a5f3b) \Device\Harddisk0\DR0\Partition0
    2011/08/20 20:36:33.0875 5304   Boot (0x1200)   (1e36ef097443eaf7d29b77f33848eb60) \Device\Harddisk0\DR0\Partition1
    2011/08/20 20:36:33.0890 5304   Boot (0x1200)   (690a250c5d6e83a2549e1e8bc0d45d25) \Device\Harddisk1\DR1\Partition0
    2011/08/20 20:36:33.0906 5304   ================================================================================
    2011/08/20 20:36:33.0906 5304   Scan finished
    2011/08/20 20:36:33.0906 5304   ================================================================================
    2011/08/20 20:36:33.0906 2740   Detected object count: 0
    2011/08/20 20:36:33.0906 2740   Actual detected object count: 0

    Offline PGB

    • Bronze Member
    • Posts: 335
    Re: [In Progress] Blue screen and computer locked
    « Reply #6 on: August 20, 2011, 06:49:23 pm »
    Anm using Windows XP. 
    I had also run malwarebytes yesterday after the incident, and it came up with nothno malicious items found.
    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Database version: 7523

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    8/20/2011 8:46:47 PM
    mbam-log-2011-08-20 (20-46-47).txt

    Scan type: Quick scan
    Objects scanned: 215706
    Time elapsed: 8 minute(s), 3 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)


    Offline PGB

    • Bronze Member
    • Posts: 335
    Re: [In Progress] Blue screen and computer locked
    « Reply #7 on: August 20, 2011, 06:57:19 pm »
    Zone Alarm did not interfere with any of the scans.  I just tried to open the ZoneAlarm window and it does not open.  The icon that shows that something will open comes ip and then disappears and the ZoneAlarm window doesn't open!
    When I hover over the ZA icon inthe lower right tray, it says "Protection is up, UI is initializing".

    Should I do a Clean Uninstall of ZoneAlarm with Windows ADD/Remove then Down load a Fresh Copy of zoneAlarm with iWindows internet Explorer?
    « Last Edit: August 20, 2011, 07:07:06 pm by PGB »

    Offline Hoov

    • Malware Removal Mentors
    • Global Moderator
    • Diamond Member
    • Posts: 25317
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] Blue screen and computer locked
    « Reply #8 on: August 20, 2011, 07:14:38 pm »
    Go ahead and do the uninstall of ZoneAlarm and then the reinstall.

    Also I would like you to attach copies of your event viewer logs using the instructions below. And can you tell me, have you been having any problems with this computer lately?

    I need you to go to the administration tools in XP. They are in the Control Panel. Open the Admin tools, then open the event viewer. Over on the left hand side and click on System. Then up at the top click on Action and then click on Save Events As, type in system as the file name,  make sure file type EVT is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side and click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name,  make sure file type EVT is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.

    Consumer Security

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline PGB

    • Bronze Member
    • Posts: 335
    Re: [In Progress] Blue screen and computer locked
    « Reply #9 on: August 20, 2011, 07:24:34 pm »
    Sometimes computer has been a bit slow -- but I run scans and it doesn't find anything.   Simetimes I'm on Tradestation and have that window minimized, so it might just be using a lot of resources (That's what my husband says).  The only other thing was the other day I wanted to some mps3 to a CD using my Roxio Music Disk Creator program and that;s when the computer froze.  It didn't operate properly, so I shut it down -- was on my way out the door. 

    I'll try uninstall and reinstall of ZA now.  Where do I find the link to install it?

    Offline PGB

    • Bronze Member
    • Posts: 335
    Re: [In Progress] Blue screen and computer locked
    « Reply #10 on: August 20, 2011, 07:53:43 pm »
    ZA was reinstalled and seems to be OK now.

    Offline Hoov

    • Malware Removal Mentors
    • Global Moderator
    • Diamond Member
    • Posts: 25317
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] Blue screen and computer locked
    « Reply #11 on: August 20, 2011, 07:54:00 pm »
    You can get any version of ZoneAlarm here.

    Consumer Security

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline Hoov

    • Malware Removal Mentors
    • Global Moderator
    • Diamond Member
    • Posts: 25317
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] Blue screen and computer locked
    « Reply #12 on: August 20, 2011, 08:00:50 pm »
    I have a couple questions. Do you now, or have you had an Apache server installed and MySql installed? Both of those packages are having lots of problems.

    Also do you have a Samsung printer? How about Roxio? Those are the 4 things that are causing the most problems.

    Consumer Security

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline PGB

    • Bronze Member
    • Posts: 335
    Re: [In Progress] Blue screen and computer locked
    « Reply #13 on: August 20, 2011, 08:09:22 pm »
    Do you now, or have you had an Apache server installed and MySql installed?
    Don't know what they are.  No new installations of servers.

    No -- only Sharp and a Brother printer -- have had them both for a number of years -- nothing new.

    Been using Roxio RecordNow 10 Music Lab for several years.  Never had a problem before.

    Offline Hoov

    • Malware Removal Mentors
    • Global Moderator
    • Diamond Member
    • Posts: 25317
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] Blue screen and computer locked
    « Reply #14 on: August 20, 2011, 08:27:13 pm »
    Can you run DDS again, but this time post the log that says attach. Copy and paste into a reply.

    Consumer Security

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!