|
| If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|||||||
|
|
Thread Tools | Display Modes |
|
#16
November 20th 08, 02:35 PM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
BSOD Error 0x000000B8
I have tried that and unfortunately it still isn't finding it. Im not sure why though. -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in 
|
| Ads |
|
#17
November 23rd 08, 03:20 AM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
Can anyone think of anything else I could check to fix this Error? I have already formatted windows once and I was still getting this error, so I looked at the Hard Drive (which had pretty much fallen apart) so I decided to buy a new one and reformatted it with a Long Format but I am still getting this Error? Is there any chance that Reformatting Windows again Will fix this Issue? -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in
|
|
#18
November 29th 08, 07:19 AM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
"CREATIVE" recommends the following procedu
1. Uninstall all drivers (if applicable) in Device Manager. 2. Restart PC and disable "on-board" audio in the BIOS. 3. Reboot. Vista will ask if you want to install missing driver; answer NO. 4. Find the latest driver for your device on the Creative website, save to HDD, and exit all applications (including IE). 5. Install driver manually and reboot when instructed. You should be back and running in NO time! "the white wolf" wrote: Sorry, forgot to mention, the only 2 USB items i have plugged in are the keyboard and mouse, i was getting three different BSOD untill i changed the keyboard and mouse, im now using a different set and still getting the previous error. -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in
|
|
#19
November 29th 08, 08:22 AM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
Ok, ill try that again when I get home tonight, in the mean time I have 4 new Crash Dumps here... Loading Dump File [F:\WINDOWS\Minidump\Mini112108-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Fri Nov 21 19:30:59.593 2008 (GMT+0) System Uptime: 0 days 3:49:19.323 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Loading Kernel Symbols .................................................. .................................................. ........................................ Loading User Symbols Loading unloaded module list ............... ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck B8, {0, 0, 0, 0} *** WARNING: Unable to verify timestamp for mssmbios.sys *** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys ***** Kernel symbols are WRONG. Please fix symbols to do analysis. *** WARNING: Unable to verify timestamp for hal.dll *** ERROR: Module load completed but symbols could not be loaded for hal.dll *** WARNING: Unable to verify timestamp for USBPORT.SYS *** ERROR: Module load completed but symbols could not be loaded for USBPORT.SYS *** WARNING: Unable to verify timestamp for spdj.sys *** ERROR: Module load completed but symbols could not be loaded for spdj.sys ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : spdj.sys ( spdj+11d54 ) Followup: MachineOwner --------- Loading Dump File [F:\WINDOWS\Minidump\Mini112308-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Sun Nov 23 01:29:08.312 2008 (GMT+0) System Uptime: 0 days 7:37:23.038 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Loading Kernel Symbols .................................................. .................................................. ........................................... Loading User Symbols Loading unloaded module list ............ Unable to load image USBPORT.SYS, Win32 error 0n2 *** WARNING: Unable to verify timestamp for USBPORT.SYS *** ERROR: Module load completed but symbols could not be loaded for USBPORT.SYS Unable to load image spis.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for spis.sys *** ERROR: Module load completed but symbols could not be loaded for spis.sys ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck 100000D1, {ff084d9d, 1e, 0, b9f63ed6} *** WARNING: Unable to verify timestamp for mssmbios.sys *** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : spis.sys ( spis+11d54 ) Followup: MachineOwner --------- Loading Dump File [F:\WINDOWS\Minidump\Mini112808-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Fri Nov 28 18:41:38.562 2008 (GMT+0) System Uptime: 0 days 1:29:04.303 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Loading Kernel Symbols .................................................. .................................................. ....................................... Loading User Symbols Loading unloaded module list ........... Unable to load image USBPORT.SYS, Win32 error 0n2 *** WARNING: Unable to verify timestamp for USBPORT.SYS *** ERROR: Module load completed but symbols could not be loaded for USBPORT.SYS Unable to load image spqy.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for spqy.sys *** ERROR: Module load completed but symbols could not be loaded for spqy.sys ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck 100000D1, {ff084d9d, 1e, 0, b9effed6} *** WARNING: Unable to verify timestamp for mssmbios.sys *** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : spqy.sys ( spqy+11d54 ) Followup: MachineOwner --------- Loading Dump File [F:\WINDOWS\Minidump\Mini112908-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Sat Nov 29 03:00:31.718 2008 (GMT+0) System Uptime: 0 days 8:18:22.441 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Loading Kernel Symbols .................................................. .................................................. ........................................ Loading User Symbols Loading unloaded module list ............. ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck B8, {0, 0, 0, 0} *** WARNING: Unable to verify timestamp for mssmbios.sys *** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys ***** Kernel symbols are WRONG. Please fix symbols to do analysis. *** WARNING: Unable to verify timestamp for HIDCLASS.SYS *** ERROR: Module load completed but symbols could not be loaded for HIDCLASS.SYS *** WARNING: Unable to verify timestamp for USBPORT.SYS *** ERROR: Module load completed but symbols could not be loaded for USBPORT.SYS *** WARNING: Unable to verify timestamp for sphy.sys *** ERROR: Module load completed but symbols could not be loaded for sphy.sys ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : HIDCLASS.SYS ( HIDCLASS+2268 ) Followup: MachineOwner --------- Loading Dump File [F:\WINDOWS\MEMORY.DMP] Kernel Complete Dump File: Full address space is available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrpamp.exe - Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 2600.xpsp_sp3_gdr.080814-1236 Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Mon Nov 17 22:27:22.281 2008 (GMT+0) System Uptime: 0 days 22:50:06.887 WARNING: Process directory table base 0B120020 doesn't match CR3 0B120760 WARNING: Process directory table base 0B120020 doesn't match CR3 0B120760 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrpamp.exe - Loading Kernel Symbols .................................................. .................................................. ...................................... Loading User Symbols Loading unloaded module list ............ ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck B8, {0, 0, 0, 0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. *** ERROR: Symbol file could not be found. Defaulted to export symbols for USBPORT.SYS - ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : USBPORT.SYS ( USBPORT+c204 ) Followup: MachineOwner --------- Can anyone think of anything else from these? -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in
|
|
#20
November 29th 08, 10:20 AM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
You have a malware infestation.
http://snipurl.com/6xgkl [translate_google_com] Based on Google search on spdj.sys. Also returns are in languages other than English. This is not something I have personally encountered. Some links ,which may help: Rootkit Revealer http://technet.microsoft.com/en-gb/s.../bb897445.aspx Another Rootkit Revealer http://www.filehippo.com/download_rootkit_revealer/ HijackThis http://www.trendsecure.com/portal/en...ols/hijackthis HijackThis Tutorial http://www.bleepingcomputer.com/tuto...42.html#O4Diag HijackThis Forums http://www.bleepingcomputer.com/forums/forum22.html http://aumha.net/viewforum.php?f=30 Forums tend to have more reported problems than they can quickly resolve so you need to be patient. http://www.elephantboycomputers.com/...moving_Malware -- Hope this helps. Gerry ~~~~ FCA Stourport, England Enquire, plan and execute ~~~~~~~~~~~~~~~~~~~ the white wolf wrote: Ok, ill try that again when I get home tonight, in the mean time I have 4 new Crash Dumps here... Loading Dump File [F:\WINDOWS\Minidump\Mini112108-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Fri Nov 21 19:30:59.593 2008 (GMT+0) System Uptime: 0 days 3:49:19.323 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Loading Kernel Symbols .................................................. .................................................. ....................................... Loading User Symbols Loading unloaded module list .............. ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck B8, {0, 0, 0, 0} *** WARNING: Unable to verify timestamp for mssmbios.sys *** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys ***** Kernel symbols are WRONG. Please fix symbols to do analysis. *** WARNING: Unable to verify timestamp for hal.dll *** ERROR: Module load completed but symbols could not be loaded for hal.dll *** WARNING: Unable to verify timestamp for USBPORT.SYS *** ERROR: Module load completed but symbols could not be loaded for USBPORT.SYS *** WARNING: Unable to verify timestamp for spdj.sys *** ERROR: Module load completed but symbols could not be loaded for spdj.sys ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : spdj.sys ( spdj+11d54 ) Followup: MachineOwner --------- Loading Dump File [F:\WINDOWS\Minidump\Mini112308-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Sun Nov 23 01:29:08.312 2008 (GMT+0) System Uptime: 0 days 7:37:23.038 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Loading Kernel Symbols .................................................. .................................................. .......................................... Loading User Symbols Loading unloaded module list ........... Unable to load image USBPORT.SYS, Win32 error 0n2 *** WARNING: Unable to verify timestamp for USBPORT.SYS *** ERROR: Module load completed but symbols could not be loaded for USBPORT.SYS Unable to load image spis.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for spis.sys *** ERROR: Module load completed but symbols could not be loaded for spis.sys ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck 100000D1, {ff084d9d, 1e, 0, b9f63ed6} *** WARNING: Unable to verify timestamp for mssmbios.sys *** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : spis.sys ( spis+11d54 ) Followup: MachineOwner --------- Loading Dump File [F:\WINDOWS\Minidump\Mini112808-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Fri Nov 28 18:41:38.562 2008 (GMT+0) System Uptime: 0 days 1:29:04.303 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Loading Kernel Symbols .................................................. .................................................. ...................................... Loading User Symbols Loading unloaded module list .......... Unable to load image USBPORT.SYS, Win32 error 0n2 *** WARNING: Unable to verify timestamp for USBPORT.SYS *** ERROR: Module load completed but symbols could not be loaded for USBPORT.SYS Unable to load image spqy.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for spqy.sys *** ERROR: Module load completed but symbols could not be loaded for spqy.sys ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck 100000D1, {ff084d9d, 1e, 0, b9effed6} *** WARNING: Unable to verify timestamp for mssmbios.sys *** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : spqy.sys ( spqy+11d54 ) Followup: MachineOwner --------- Loading Dump File [F:\WINDOWS\Minidump\Mini112908-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Sat Nov 29 03:00:31.718 2008 (GMT+0) System Uptime: 0 days 8:18:22.441 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Loading Kernel Symbols .................................................. .................................................. ....................................... Loading User Symbols Loading unloaded module list ............ ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck B8, {0, 0, 0, 0} *** WARNING: Unable to verify timestamp for mssmbios.sys *** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys ***** Kernel symbols are WRONG. Please fix symbols to do analysis. *** WARNING: Unable to verify timestamp for HIDCLASS.SYS *** ERROR: Module load completed but symbols could not be loaded for HIDCLASS.SYS *** WARNING: Unable to verify timestamp for USBPORT.SYS *** ERROR: Module load completed but symbols could not be loaded for USBPORT.SYS *** WARNING: Unable to verify timestamp for sphy.sys *** ERROR: Module load completed but symbols could not be loaded for sphy.sys ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : HIDCLASS.SYS ( HIDCLASS+2268 ) Followup: MachineOwner --------- Loading Dump File [F:\WINDOWS\MEMORY.DMP] Kernel Complete Dump File: Full address space is available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrpamp.exe - Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 2600.xpsp_sp3_gdr.080814-1236 Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Mon Nov 17 22:27:22.281 2008 (GMT+0) System Uptime: 0 days 22:50:06.887 WARNING: Process directory table base 0B120020 doesn't match CR3 0B120760 WARNING: Process directory table base 0B120020 doesn't match CR3 0B120760 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrpamp.exe - Loading Kernel Symbols .................................................. .................................................. ..................................... Loading User Symbols Loading unloaded module list ........... ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck B8, {0, 0, 0, 0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. *** ERROR: Symbol file could not be found. Defaulted to export symbols for USBPORT.SYS - ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : USBPORT.SYS ( USBPORT+c204 ) Followup: MachineOwner --------- Can anyone think of anything else from these?
|
|
#21
November 29th 08, 06:18 PM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
Ok, i used HijackThis and ran a Startup Log, this is what it found... StartupList report, 29/11/2008, 18:15:20 StartupList version: 1.52.2 Started from : F:\Program Files\Trend Micro\HijackThis\HijackThis.EXE Detected: Windows XP SP3 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP3 (6.00.2900.5512) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\system32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\system32\svchost.exe F:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe F:\Program Files\BitDefender\BitDefender 2009\vsserv.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\system32\spoolsv.exe F:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe F:\Program Files\Bonjour\mDNSResponder.exe F:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe F:\WINDOWS\System32\svchost.exe F:\Program Files\Java\jre6\bin\jqs.exe F:\WINDOWS\system32\nvsvc32.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\system32\SearchIndexer.exe F:\WINDOWS\Explorer.EXE F:\WINDOWS\system32\Rundll32.exe F:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher\CTAPR2.exe F:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe F:\Program Files\BitDefender\BitDefender 2009\bdagent.exe F:\Program Files\UltraMon\UltraMon.exe F:\Program Files\Unlocker\UnlockerAssistant.exe F:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe F:\WINDOWS\system32\RUNDLL32.EXE F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe F:\Program Files\iTunes\iTunesHelper.exe F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe F:\Program Files\UltraMon\UltraMonTaskbar.exe F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe F:\Program Files\Java\jre6\bin\jusched.exe F:\Program Files\DAEMON Tools Lite\daemon.exe F:\FRAPS\FRAPS.EXE F:\Program Files\Windows Media Player\WMPNSCFG.exe F:\Program Files\iPod\bin\iPodService.exe F:\Program Files\BitDefender\BitDefender 2009\seccenter.exe F:\Program Files\Mozilla Firefox\firefox.exe F:\Program Files\Trend Micro\HijackThis\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [F:\Documents and Settings\The White Wolf\Start Menu\Programs\Startup] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [F:\Documents and Settings\All Users\Start Menu\Programs\Startup] *No files* Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = F:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Win logon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Win logon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run SoundMAX = "F:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray SPIRun = Rundll32 SPIRun.dll,RunDLLEntry CTAPR2 = "F:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher\CTAPR2.exe" /r VolPanel = "F:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r NvCplDaemon = RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup nwiz = nwiz.exe /install BDAgent = "F:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" BitDefender Antiphishing Helper = "F:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" UltraMon = "F:\Program Files\UltraMon\UltraMon.exe" /auto UnlockerAssistant = "F:\Program Files\Unlocker\UnlockerAssistant.exe" -H Adobe Photo Downloader = "F:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe" NvMediaCenter = RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit Launch LgDevAgt = "F:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" Launch LCDMon = "F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" Launch LGDCore = "F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE QuickTime Task = "F:\Program Files\QuickTime\QTTask.exe" -atboottime iTunesHelper = "F:\Program Files\iTunes\iTunesHelper.exe" SunJavaUpdateSched = "F:\Program Files\Java\jre6\bin\jusched.exe" -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Once *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run OnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Services *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run ServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run DAEMON Tools Lite = "F:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun WMPNSCFG = F:\Program Files\Windows Media Player\WMPNSCFG.exe Fraps = F:\FRAPS\FRAPS.EXE -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Once *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run OnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Services *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Once *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run OnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Services *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run ServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Once *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run OnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Services *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = F:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = F:\WINDOWS\inf\unregmp2.exe /ShowWMP [{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection F:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser .NT [{4b218e3e-bc98-4770-93d3-2731b9329278}] * StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection F:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection F:\WINDOWS\INF\wmp11.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = F:\WINDOWS\system32\Rundll32.exe F:\WINDOWS\system32\mscories.dll,Install -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from F:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from F:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry key not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: F:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present F:\WINDOWS\Explorer\Explorer.exe: not present F:\WINDOWS\System\Explorer.exe: not present F:\WINDOWS\System32\Explorer.exe: not present F:\WINDOWS\Command\Explorer.exe: not present F:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in F:\WINDOWS - .reg open command is normal (regedit.exe %1) - Company name OK: 'Microsoft Corporation' - Original filename OK: 'REGEDIT.EXE' - File description: 'Registry Editor' Registry check passed -------------------------------------------------- Enumerating Browser Helper Objects: btorbit.com - F:\Program Files\Orbitdownloader\orbitcth.dll - {000123B4-9B42-4900-B3F7-F4B073EFC214} (no name) - F:\Program Files\Java\jre6\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045} (no name) - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6} (no name) - F:\Program Files\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9} JQSIEStartDetectorImpl - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -------------------------------------------------- Enumerating Task Scheduler jobs: AppleSoftwareUpdate.job -------------------------------------------------- Enumerating Download Program Files: [MUWebControl Class] InProcServer32 = F:\WINDOWS\system32\muweb.dll CODEBASE = http://update.microsoft.com/microsof...?1226700813843 [Java Plug-in 1.6.0_10] InProcServer32 = F:\Program Files\Java\jre6\bin\jp2iexp.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [Java Plug-in 1.6.0_10] InProcServer32 = F:\Program Files\Java\jre6\bin\jp2iexp.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [Java Plug-in 1.6.0_10] InProcServer32 = F:\Program Files\Java\jre6\bin\npjpi160_10.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: F:\WINDOWS\System32\mswsock.dll NameSpace #2: F:\WINDOWS\System32\winrnr.dll NameSpace #3: F:\WINDOWS\System32\mswsock.dll NameSpace #4: F:\Program Files\Bonjour\mdnsNSP.dll Protocol #1: F:\WINDOWS\system32\mswsock.dll Protocol #2: F:\WINDOWS\system32\mswsock.dll Protocol #3: F:\WINDOWS\system32\mswsock.dll Protocol #4: F:\WINDOWS\system32\rsvpsp.dll Protocol #5: F:\WINDOWS\system32\rsvpsp.dll Protocol #6: F:\WINDOWS\system32\mswsock.dll Protocol #7: F:\WINDOWS\system32\mswsock.dll Protocol #8: F:\WINDOWS\system32\mswsock.dll Protocol #9: F:\WINDOWS\system32\mswsock.dll Protocol #10: F:\WINDOWS\system32\mswsock.dll Protocol #11: F:\WINDOWS\system32\mswsock.dll Protocol #12: F:\WINDOWS\system32\mswsock.dll Protocol #13: F:\WINDOWS\system32\mswsock.dll Protocol #14: F:\WINDOWS\system32\mswsock.dll Protocol #15: F:\WINDOWS\system32\mswsock.dll Protocol #16: F:\WINDOWS\system32\mswsock.dll Protocol #17: F:\WINDOWS\system32\mswsock.dll Protocol #18: F:\WINDOWS\system32\mswsock.dll Protocol #19: F:\WINDOWS\system32\mswsock.dll Protocol #20: F:\WINDOWS\system32\mswsock.dll Protocol #21: F:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system) ADI UAA Function Driver for High Definition Audio Service: system32\drivers\ADIHdAud.sys (manual start) Adobe Active File Monitor V6: F:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe (autostart) AE Audio Service: system32\drivers\AEAudio.sys (manual start) Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start) AFD: \SystemRoot\System32\drivers\afd.sys (system) Alerter: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start) AMD HwPState Processor Driver: system32\DRIVERS\AmdPPM.sys (system) Apple Mobile Device: "F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" (autostart) Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Atheros Wireless Network Adapter Service: system32\DRIVERS\ar5211.sys (manual start) Atheros AR5008 Wireless Network Adapter Service: system32\DRIVERS\athw.sys (manual start) 1394 ARP Client Protocol: system32\DRIVERS\arp1394.sys (manual start) BitDefender Arrakis Server: "F:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe" (manual start) ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\as pnet_state.exe (manual start) RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start) Standard IDE/ESDI Hard Disk Controller: system32\DRIVERS\atapi.sys (system) ATM ARP Client Protocol: system32\DRIVERS\atmarpc.sys (manual start) Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Audio Stub Driver: system32\DRIVERS\audstub.sys (manual start) BDFM: system32\drivers\bdfm.sys (manual start) bdfsfltr: system32\drivers\bdfsfltr.sys (manual start) bdftdif: \??\F:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (system) BDSelfPr: \??\F:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (manual start) Background Intelligent Transfer Service: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Bonjour Service: "F:\Program Files\Bonjour\mDNSResponder.exe" (autostart) Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) CD-ROM Driver: system32\DRIVERS\cdrom.sys (system) Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start) ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled) .NET Runtime Optimization Service v2.0.50727_X86: F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe (manual start) COM+ System Application: F:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Creative SoundFont Management Device Driver: system32\DRIVERS\ctsfm2k.sys (manual start) Creative SoundFont Synthesizer: system32\drivers\ctusfsyn.sys (manual start) DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Disk Driver: system32\DRIVERS\disk.sys (system) Diskeeper: "F:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe" (autostart) Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) Logical Disk Manager Driver: System32\drivers\dmio.sys (system) dmload: System32\drivers\dmload.sys (system) Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start) DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Wired AutoConfig: %SystemRoot%\System32\svchost.exe -k dot3svc (manual start) Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start) Extensible Authentication Protocol Service: %SystemRoot%\System32\svchost.exe -k eapsvcs (manual start) Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Event Log: %SystemRoot%\system32\services.exe (autostart) COM+ Event System: F:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (manual start) FLEXnet Licensing Service: "F:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" (manual start) Floppy Disk Driver: system32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\drivers\fltmgr.sys (system) Windows Presentation Foundation Font Cache 3.0.0.0: F:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe (manual start) Volume Manager Driver: system32\DRIVERS\ftdisk.sys (system) GEAR ASPI Filter Driver: system32\DRIVERS\GEARAspiWDM.sys (manual start) Generic Packet Classifier: system32\DRIVERS\msgpc.sys (manual start) Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start) Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Microsoft HID Class Driver: system32\DRIVERS\hidusb.sys (manual start) Health Key and Certificate Management Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (system) InstallDriver Table Manager: "F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start) Windows CardSpace: "F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windo ws Communication Foundation\infocard.exe" (manual start) CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system) IMAPI CD-Burning COM Service: F:\WINDOWS\system32\imapi.exe (manual start) IPv6 Windows Firewall Driver: system32\drivers\ip6fw.sys (manual start) IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start) IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start) IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start) iPod Service: "F:\Program Files\iPod\bin\iPodService.exe" (manual start) IPSEC driver: system32\DRIVERS\ipsec.sys (system) IR Enumerator Service: system32\DRIVERS\irenum.sys (manual start) PnP ISA/EISA Bus Driver: system32\DRIVERS\isapnp.sys (system) Java Quick Starter: "F:\Program Files\Java\jre6\bin\jqs.exe" -service -config "F:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" (autostart) Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system) Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (system) Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start) Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) BitDefender Desktop Update Service: "F:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe" /service (autostart) TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Messenger: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) NetMeeting Remote Desktop Sharing: F:\WINDOWS\system32\mnmsrvc.exe (manual start) Mouse Class Driver: system32\DRIVERS\mouclass.sys (system) Mouse HID Driver: system32\DRIVERS\mouhid.sys (manual start) WebDav Client Redirector: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: F:\WINDOWS\system32\msdtc.exe (manual start) Windows Installer: F:\WINDOWS\system32\msiexec.exe /V (manual start) Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start) Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start) Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start) Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start) ATK0110 ACPI UTILITY: system32\DRIVERS\ASACPI.sys (manual start) Network Access Protection Agent: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start) NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start) Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start) NetBIOS Interface: system32\DRIVERS\netbios.sys (system) NetBios over Tcpip: system32\DRIVERS\netbt.sys (system) Network DDE: %SystemRoot%\system32\netdde.exe (disabled) Network DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled) Net Logon: %SystemRoot%\system32\lsass.exe (manual start) Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Net.Tcp Port Sharing Service: "F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windo ws Communication Foundation\SMSvcHost.exe" (disabled) 1394 Net Driver: system32\DRIVERS\nic1394.sys (manual start) Network Location Awareness (NLA): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) NT LM Security Support Provider: %SystemRoot%\system32\lsass.exe (manual start) Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) nv: system32\DRIVERS\nv4_mini.sys (manual start) nvata: system32\DRIVERS\nvata.sys (system) NVIDIA nForce Networking Controller Driver: system32\DRIVERS\NVENETFD.sys (manual start) NVIDIA Network Bus Enumerator: system32\DRIVERS\nvnetbus.sys (manual start) NVIDIA PORT IO Control Driver: \??\F:\WINDOWS\system32\Drivers\nvport.sys (system) NVIDIA Display Driver Service: %SystemRoot%\system32\nvsvc32.exe (autostart) IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start) IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start) Texas Instruments OHCI Compliant IEEE 1394 Host Controller: system32\DRIVERS\ohci1394.sys (system) Office Source Engine: "F:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start) Creative OS Services Driver: system32\DRIVERS\ctoss2k.sys (manual start) Parallel port driver: system32\DRIVERS\parport.sys (manual start) PCI Bus Driver: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) Padus ASPI Shell: system32\drivers\pfc.sys (manual start) PfModNT: \??\F:\WINDOWS\system32\drivers\PfModNT.sys (autostart) Plug and Play: %SystemRoot%\system32\services.exe (autostart) IPSEC Services: %SystemRoot%\system32\lsass.exe (autostart) WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start) Processor Driver: system32\DRIVERS\processr.sys (system) Profos: \??\F:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys (manual start) Protected Storage: %SystemRoot%\system32\lsass.exe (autostart) QoS Packet Scheduler: system32\DRIVERS\psched.sys (manual start) Direct Parallel Link Driver: system32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) Remote Access Auto Connection Driver: system32\DRIVERS\rasacd.sys (system) Remote Access Auto Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Remote Access Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start) Direct Parallel: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Terminal Server Device Redirector Driver: system32\DRIVERS\rdpdr.sys (manual start) Remote Desktop Help Session Manager: F:\WINDOWS\system32\sessmgr.exe (manual start) Digital CD Audio Playback Filter Driver: system32\DRIVERS\redbook.sys (system) Routing and Remote Access: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Remote Procedure Call (RPC) Locator: %SystemRoot%\system32\locator.exe (manual start) Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart) BitDefender Threat Scanner: %SystemRoot%\System32\svchost.exe -kbdx (manual start) Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start) Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (manual start) Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SenFilt Service: system32\drivers\Senfilt.sys (manual start) System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Serenum Filter Driver: system32\DRIVERS\serenum.sys (manual start) Serial port driver: system32\DRIVERS\serial.sys (system) Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start) Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart) sptd: System32\Drivers\sptd.sys (system) System Restore Filter Driver: \SystemRoot\system32\DRIVERS\sr.sys (disabled) System Restore Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) Software Bus Driver: system32\DRIVERS\swenum.sys (manual start) Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: F:\WINDOWS\system32\dllhost.exe /Processid:{014F88B2-E227-42C2-AACB-182AF3D512C2} (manual start) Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start) Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start) Sound Blaster X-Fi Xtreme Audio: system32\drivers\t3.sys (manual start) t3filt: system32\drivers\t3filt.sys (manual start) Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) TCP/IP Protocol Driver: system32\DRIVERS\tcpip.sys (system) Terminal Device Driver: system32\DRIVERS\termdd.sys (system) Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Telnet: F:\WINDOWS\system32\tlntsvr.exe (disabled) Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Trufos: \??\F:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (manual start) UltraMonMirror: system32\DRIVERS\UltraMonMirror.sys (manual start) UltraMon Utility Driver: \??\F:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys (autostart) Microcode Update Driver: system32\DRIVERS\update.sys (manual start) Universal Plug and Play Device Host: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start) Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start) Microsoft USB Standard Hub Driver: system32\DRIVERS\usbhub.sys (manual start) Microsoft USB Open Host Controller Miniport Driver: system32\DRIVERS\usbohci.sys (manual start) Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start) USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start) USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start) Messenger Sharing Folders USN Journal Reader service: "F:\Program Files\Windows Live\Messenger\usnsvc.exe" (manual start) VGA Display Controller.: \SystemRoot\System32\drivers\vga.sys (system) Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start) BitDefender Virus Shield: "F:\Program Files\BitDefender\BitDefender 2009\vsserv.exe" /service (autostart) Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start) Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Live Setup Service: "F:\Program Files\Windows Live\installer\WLSetupSvc.exe" (manual start) Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Windows Management Instrumentation Driver Extensions: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) WMI Performance Adapter: F:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) Windows Media Player Network Sharing Service: "F:\Program Files\Windows Media Player\WMPNetwk.exe" (autostart) WpdUsb: system32\DRIVERS\wpdusb.sys (manual start) Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Windows Search: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart) Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (system) Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start) Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (autostart) Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: F:\WINDOWS\system32\SHELL32.dll CDBurn: F:\WINDOWS\system32\SHELL32.dll WebCheck: F:\WINDOWS\system32\webcheck.dll SysTray: F:\WINDOWS\system32\stobject.dll WPDShServiceObj: F:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\pol icies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\pol icies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 38,662 bytes Report generated in 0.172 seconds Also ran a system scan with it... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:17:51, on 29/11/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\system32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\system32\svchost.exe F:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe F:\Program Files\BitDefender\BitDefender 2009\vsserv.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\system32\spoolsv.exe F:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe F:\Program Files\Bonjour\mDNSResponder.exe F:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe F:\WINDOWS\System32\svchost.exe F:\Program Files\Java\jre6\bin\jqs.exe F:\WINDOWS\system32\nvsvc32.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\system32\SearchIndexer.exe F:\WINDOWS\Explorer.EXE F:\WINDOWS\system32\Rundll32.exe F:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher\CTAPR2.exe F:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe F:\Program Files\BitDefender\BitDefender 2009\bdagent.exe F:\Program Files\UltraMon\UltraMon.exe F:\Program Files\Unlocker\UnlockerAssistant.exe F:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe F:\WINDOWS\system32\RUNDLL32.EXE F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe F:\Program Files\iTunes\iTunesHelper.exe F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe F:\Program Files\UltraMon\UltraMonTaskbar.exe F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe F:\Program Files\Java\jre6\bin\jusched.exe F:\Program Files\DAEMON Tools Lite\daemon.exe F:\FRAPS\FRAPS.EXE F:\Program Files\Windows Media Player\WMPNSCFG.exe F:\Program Files\iPod\bin\iPodService.exe F:\Program Files\BitDefender\BitDefender 2009\seccenter.exe F:\Program Files\Mozilla Firefox\firefox.exe F:\Program Files\Trend Micro\HijackThis\HijackThis.exe F:\Program Files\Steam\Steam.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - F:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - F:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - F:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [SoundMAX] "F:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [SPIRun] Rundll32 SPIRun.dll,RunDLLEntry O4 - HKLM\..\Run: [CTAPR2] "F:\Program Files\Creative\Sound Blaster X-Fi\Console Launcher\CTAPR2.exe" /r O4 - HKLM\..\Run: [VolPanel] "F:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [BDAgent] "F:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "F:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" O4 - HKLM\..\Run: [UltraMon] "F:\Program Files\UltraMon\UltraMon.exe" /auto O4 - HKLM\..\Run: [UnlockerAssistant] "F:\Program Files\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Launch LgDevAgt] "F:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" O4 - HKLM\..\Run: [Launch LCDMon] "F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [Launch LGDCore] "F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "F:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] F:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Fraps] F:\FRAPS\FRAPS.EXE O8 - Extra context menu item: &Download by Orbit - res://F:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://F:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://F:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://F:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1226700813843 O17 - HKLM\System\CCS\Services\Tcpip\..\{FB2766FD-E718-45D0-A548-50555699E3A4}: NameServer = 192.168.0.1 O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - F:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - F:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Diskeeper - Diskeeper Corporation - F:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - F:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - F:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - F:\Program Files\BitDefender\BitDefender 2009\vsserv.exe -- End of file - 8396 bytes Can anyone see anything in this? Thanks for all your help by the way. -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in
|
|
#22
November 30th 08, 01:34 AM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
Ok, just got another BSOD.... Microsoft (R) Windows Debugger Version 6.9.0003.113 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [F:\WINDOWS\Minidump\Mini113008-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: *** Invalid *** ************************************************** ************************** * Symbol loading may be unreliable without a symbol search path. * * Use .symfix to have the debugger choose a symbol path. * * After setting your symbol path, use .reload to refresh symbol locations. * ************************************************** ************************** Executable search path is: ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720 Debug session time: Sun Nov 30 01:24:56.779 2008 (GMT+0) System Uptime: 0 days 7:24:20.665 ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Unable to load image ntoskrnl.exe, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ntoskrnl.exe *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe Loading Kernel Symbols .................................................. .................................................. ............................................ Loading User Symbols Loading unloaded module list ............ ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck FC, {10600, 449ef867, bacd7dfc, 0} *** WARNING: Unable to verify timestamp for mssmbios.sys *** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** *********************** *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************** *********************** ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* ************************************************** ******************* * Symbols can not be loaded because symbol path is not initialized. * * * * The Symbol Path can be set by: * * using the _NT_SYMBOL_PATH environment variable. * * using the -y symbol_path argument when starting the debugger. * * using .sympath and .sympath+ * ************************************************** ******************* Probably caused by : ntoskrnl.exe ( nt+22f43 ) Followup: MachineOwner --------- -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in
|
|
#23
November 30th 08, 11:40 PM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
Would formatting windows fix any of these errors? -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in
|
|
#24
December 5th 08, 09:58 PM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
Ok, after testing out some more I have noticed that playing games in Windowed mode seems to stop it blue screening but if I play any game in full screen mode it will crash, Now to me this sounds a bit odd to be the graphics card as I thought that in windowed mode there is more strain put onto the graphics card than in full screen. Can anyone please help. I have googled this and cant seem to see anything useful. -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in
|
|
#25
December 16th 08, 02:21 AM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
Ok, my pc died completely the other day so I Formatted windows and now the pc is bluescreening with the same errors but it now does it in full screen mode and windowed mode. Has anyone got any ideas on what could be wrong with my machine, this is driving me up the wall. -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in
|
|
#26
December 16th 08, 03:46 PM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
"the white wolf" wrote in message
... Ok, my pc died completely the other day so I Formatted windows and now the pc is bluescreening with the same errors but it now does it in full screen mode and windowed mode. Has anyone got any ideas on what could be wrong with my machine, this is driving me up the wall. In the future, please start a new thread. What do you mean by the phrase "I Formatted windows"? What exactly did you do?
|
|
#27
December 16th 08, 11:16 PM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
I mean I used the widows disk to delete Windows and put a new copy on my Hard Drive, but since doing that I am getting the same errors that I was getting at the beginning of the post. The reason I didn't make a new post is because all teh information I have so far about these errors is on this thread so I thought that it makes more sense to just continue this one. I have discovered that my Screen saver will also cause the PC to BSOD. (I have now disabled the Screen saver). -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in
|
|
#28
December 17th 08, 01:54 AM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
"the white wolf" wrote in message
... The reason I didn't make a new post is because all teh information I have so far about these errors is on this thread so I thought that it makes more sense to just continue this one. Now I understand. The problem is that you were reviving an old thread, a practice normally frowned upon. The posts in my news reader go back to Dec. 5, so I needed to go to Google Groups to see the entire thread. After I finish reading it, I will post back.
|
|
#29
December 17th 08, 02:31 AM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
"Daave" wrote in message
... "the white wolf" wrote in message ... The reason I didn't make a new post is because all teh information I have so far about these errors is on this thread so I thought that it makes more sense to just continue this one. Now I understand. The problem is that you were reviving an old thread, a practice normally frowned upon. The posts in my news reader go back to Dec. 5, so I needed to go to Google Groups to see the entire thread. After I finish reading it, I will post back. Okay. From what I can tell, you are having hardware problems. WORKHARD seemed to offer the best explanation and solution, involving reinstalling the driver for your Creative Labs sound card. Gerry seemed to think you had malware, but if your problem exists after a clean isntall (presuming you performed the clean install correctly), then surely it's hardware. The first thing I would do is try WORKARD's suggestion. This page should be helpful: http://support.creative.com/Products...i+Xtreme+Audio If that doesn't work, you will need to do some hardware troubleshooting: http://www.elephantboycomputers.com/...ardware_Tshoot Also make sure that you are running a barebones system: that is, no peripheral devices (printer, external hard drive, webcam, etc.) at all are to be connected. Just your mouse, keyboard, and monitor. Make sure you install *all* the necessary drivers for your PC's components!
|
|
#30
December 18th 08, 01:26 AM
posted to microsoft.public.windowsxp.help_and_support
|
|||
|
|||
|
BSOD Error 0x000000B8
ok, thanks, im downloading new drivers now, will let you know if I have any luck installing them this time. http://support.creative.com/Products...i+Xtreme+Audio This is the sound Card I have, not sure why you linked me to the other page, may have been a mistake i made in one of the earlier posts, anyhow, I have downloaded the hardware testing programs and will also let you know what is discovered once I have run them. thanks for the help. -- the white wolf ------------------------------------------------------------------------ the white wolf's Profile: http://forums.techarena.in/members/the-white-wolf.htm View this thread: http://forums.techarena.in/windows-x...rt/1073393.htm http://forums.techarena.in
|
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
