My Logs...

Well I re-ran the steps like I did a few months back because it worked for me, and I noticed that my computer began to sputter yet again during random events. (even when playing winamp, or any other game it'd still have the same weird sputter/lag for a second)

So I ran the steps.

The only thing notable that I experienced was that Spybot, couldn't fix a problem in Safe Mode Under "SmitFraud" but after I restarted to recheck, it didn't find anything. After the procedures of the "Read and Run me before posting" stuff, I proceeded to teh special removal procedures to maybe find that Smitfraud thing, but to no avail. So now I post my logs.

PandaScan has some bug or something. I tried to click on Local Disks, and it just has an error indication on the lower left hand area in the information bar in the IE browser.

 

The rest of the logs...

 

Download
- Pocket Killbox

<< The installed version of Java on this compter is out-dated. Install Java Runtime Environment (JRE) 5.0 Update 8 available from http://java.sun.com/javase/downloads/index.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

You are using MsConfig to prevent several items from loading at Windows start. MsConfig is a diagnostic tool, and not intended to be used in the manner you are using MsConfig. Enable everthing you used MsConfig to disable. If you are recieving error messages, related to these items, at system start; we can fix this without using MsConfig.

Using Add or Remove Programs in the Control Panel; uninstall the following:

Copy the contents of the below quote box to Notepad; Save As FixReg.reg to your Desktop. DO NOT run it as this time we will do that later in Safe Mode.

Close Notepad.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click Delete Selected Temp Files

Then after it deletes the files click the Exit (Save Settings) button.

NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue..

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Locate FixReg.reg on your Desktop. Double-click on it and answer 'Yes' when asked if you want to merge with the registry.

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post fresh logs from ShowNew, GetRunKeys, and HijackThis.

 

I tried following the steps you instructed me to follow, but the part about "Copy everything in the quote" then File > Paste from Clip Board. Nothing shows up in the "Full Path of File to Delete" so when I click on the X, it has a pop up that says "You have not Specified any File to Delete, You must Specify a File Path in the Yellow Box"
How do I get around this?

Actualy nevermind, I just re-read what you said. Haha

 

Here are the new logs. Hopefully I did everything right. I did double check in msconfig that the "normal boot" was checked, and all the programs were checked for starting up.

If everythings right, do I do the system restore procedure? =D

 

Let's competely remove the registry keys, that I had you fix earlier.

Copy the contents of the below quote box to Notepad; Save As FixReg.reg to your Desktop.

Close Notepad.

Locate FixReg.reg on your Desktop. Double-click on it and answer 'Yes' when asked if you want to merge with the registry.

Don't forget to install the latest version of Java I linked to in my previous post.

REBOOT

How is your computer running?

 

So far my computer is runnin ok. I did change what you asked me, and when I restarted I got an error sayin that somethin' in Win32 encountered a problem and must close. Then I have to manually hit the start button on my tower because I can't click on anything that is on my taskbar.

Sometimes I encounter that problem, sometimes after I restart manually I dont... not sure why.

 

ok, well the problem is still there... i was leavin my winamp on and I heard the stutter...

 

I need to know the exact error messege, word for word.

 

"Generic HOst Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience.

If you are in the middle of something, this information you were working on might be lost."

It freezes the loading process of my computer, and thus I have to manually hit the restart button.
I clicked on the Error Report Contents and the location is...

C:\Docume~1/STEPHE~1/LOCALS~1/Temp/WER9dd7.dir00/scvhos.exe.mdmp
C:\Docume~1/STEPHE~1/LOCALS~1/Temp/WER9dd7.dir00/appcompact.txt

 

Run Pocket Killbox:

Choose Tools -> Delete Temp Files and click Delete Selected Temp Files

Then after it deletes the files click the Exit (Save Settings) button.

NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue..

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Reboot to Normal Mode.

How is your computer running?

 

I did as you said, and I did receive that "Pending operations" error thingy that asked me to reboot, or it would delete on reboot or somethin' like that. I'll let you know if few days if those errors decide to come up again. But so far, 1 reboot after the fix and nothing has occured. I'll report back in about a week to let you know how it goes. Thanks again for your help.

 

It didn't work.

The pop up happens randomly at times again, but this time when I checked the file path name, this part keeps changing.

WER9dd7.dir00

It changed into WER6afadir00 and then the next time it was
WERE9447dir00

There has to be something on my computer generating a different one everytime, any clue? Maybe I should repost logs?

 

Download Blacklight Beta from here:
http://www.majorgeeks.com/F-Secure_BlackLight_d5156.html

• Download blbeta.exe and save it to the Desktop.
• Once saved... double click blbeta.exe to install the program.
• Click accept agreement and Click scan
  This app too may fire off a warning from antivirus. Let the driver load.
  Wait for it to finish.
• If it displays any items...don't do anything with them yet. Just hit exit (close)
• It will drop a log on Desktop that starts with fsbl....big number

Please post contents of log.

 

Here it is.

 

OK, that found no RootKit.

You may want to print these, as you need to do this disconnect fromteh Internet and with all browser windows closed.

Disconnect your Computer from the Internet. Physical unplug the Modem/LAN cable from your computer.

Reboot to Safe Mode.

Open Windows Explorer, and delete the following:
C:\Docume~1/STEPHE~1/LOCALS~1/Temp/ WERE9447.dir00/scvhos.exe.mdmp
C:\Docume~1/STEPHE~1/LOCALS~1/Temp/ WERE9447.dir00/appcompact.txt

Close Windows Explorer.

Now run CCleaner. For Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

Now reach behind the computer and unplug it. Yes, you read that physically unplug your computer. We want to avoid a clean shut down.

Plug your Internet cable back into the computer. Plug your compter in and start the system. You, may need to enter Safe Mode first, before you can boot to Normal Mode.

How is the computer running?