Inactive Relapse or a new one?

[Inactive] Relapse or a new one?

Hi guys, and specially You Broni
... after updating Malwarebytes database today...
I've bearly had time to do much anything... so is there something sitting and hiding and making new reg.keys or is it something "new" (already!)
Installed couple prog. from Filehippo that's all .... no dubious sites or anything "fishy "!
Did I let something "slip trough" The firewall, because of ignorance?

Here is the log.. I dit let the Mbam to quarantine and delited it at once, hope I did right

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5943

Windows 5.0.2195 Service Pack 4
Internet Explorer 6.0.2800.1106

2011-03-03 16:36:36
mbam-log-2011-03-03 (16-36-36).txt

Scan type: Quick scan
Objects scanned: 132486
Time elapsed: 2 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\LKGGOPABUH (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

While waiting for a reply....

While scanning with Mbam (after updating it's database) a dialogue box appeared.
After a short time...., blue screen, memory dump and reboot - f....

Here is what Event viewer says under System in chronological order.
I have no idea if it's all related, but....
There is some "red flags" I've not dealt with jet.... this is a new installation, left standing
alone in about two years, as an "backup" PC...
But as I pointed out before, some strange things still happened after all the cleanups... ???
See if You can get something comprehensible out of this... I sure as H .. don't

I've physically disconnected the drives in question... Maxtor disk was / is a "old" disk, so it may have all been a natural
"death ", but the timing of the event suggest something else, right?
Shifted other disks to primary IDE and left sec. IDE empty...
Boot disk is on SATA..

Event Type: Error
Event Source: ipnathlp
Event Category: None
Event ID: 31012
Date: 2011-03-03
Time: 18:27:41
User: N/A
Computer: BIG
Description:
The DNS proxy agent encountered an error while obtaining the local list of name-resolution servers.
Some DNS or WINS servers may be inaccessible to clients on the local network. The data is the error code.
Data:
0000: e8 00 00 00 è...


Event Type: Error
Event Source: Removable Storage Service
Event Category: None
Event ID: 17
Date: 2011-03-03
Time: 18:27:19
User: N/A
Computer: BIG
Description:
RSM cannot manage library PhysicalDrive8. It encountered an unspecified error.
This can be caused by a number of problems including, but not limited to, database corruption, failure communicating
with the library, or insufficient system resources.

Event Type: Error
Event Source: PolicyAgent
Event Category: None
Event ID: 319
Date: 2011-03-03
Time: 18:26:50
User: N/A
Computer: BIG
Description:
IPSEC PolicyAgent Service couldn't be started: Oakley failed to start.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10005
Date: 2011-03-03
Time: 18:26:49
User: NT AUTHORITY\SYSTEM
Computer: BIG
Description:
DCOM got error "The service database is locked. " attempting to start the service WinMgmt with arguments " "
in order to run the server:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Event Type: Error
Event Source: PolicyAgent
Event Category: None
Event ID: 321
Date: 2011-03-03
Time: 18:26:49
User: N/A
Computer: BIG
Description:
IPSEC PolicyAgent Service: Ipsec Driver failed to start.

Event Type: Error
Event Source: ipnathlp
Event Category: None
Event ID: 31012
Date: 2011-03-03
Time: 18:26:49
User: N/A
Computer: BIG
Description:
The DNS proxy agent encountered an error while obtaining the local list of name-resolution servers.
Some DNS or WINS servers may be inaccessible to clients on the local network. The data is the error code.
Data:
0000: e8 00 00 00 è...

Event Type: Error
Event Source: ipnathlp
Event Category: None
Event ID: 31012
Date: 2011-03-03
Time: 18:26:49
User: N/A
Computer: BIG
Description:
The DNS proxy agent encountered an error while obtaining the local list of name-resolution servers.
Some DNS or WINS servers may be inaccessible to clients on the local network. The data is the error code.
Data:
0000: e8 00 00 00 è...

Event Type: Information
Event Source: nvata
Event Category: None
Event ID: 2
Date: 2011-03-03
Time: 18:25:45
User: N/A
Computer: BIG
Description:
Device identified.
Data:
0000: 1b 00 0c 00 01 00 60 00 ......`.
0008: 00 00 00 00 02 00 de 40 ......Þ@
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 01 00 a6 00 67 02 de 10 ..¦.g.Þ.
0030: 00 00 00 00 ....

Event Type: Information
Event Source: nvata
Event Category: None
Event ID: 2
Date: 2011-03-03
Time: 18:25:45
User: N/A
Computer: BIG
Description:
Device identified.
Data:
0000: 1b 00 0c 00 01 00 60 00 ......`.
0008: 00 00 00 00 02 00 de 40 ......Þ@
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 00 00 a6 00 67 02 de 10 ..¦.g.Þ.
0030: 00 00 00 00 ....

Event Type: Information
Event Source: nvata
Event Category: None
Event ID: 2
Date: 2011-03-03
Time: 18:25:45
User: N/A
Computer: BIG
Description:
Device identified.
Data:
0000: 1b 00 0c 00 01 00 60 00 ......`.
0008: 00 00 00 00 02 00 de 40 ......Þ@
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 01 00 a6 00 66 02 de 10 ..¦.f.Þ.
0030: 00 00 00 00 ....

Event Type: Information
Event Source: nvata
Event Category: None
Event ID: 2
Date: 2011-03-03
Time: 18:25:45
User: N/A
Computer: BIG
Description:
Device identified.
Data:
0000: 1b 00 0c 00 01 00 60 00 ......`.
0008: 00 00 00 00 02 00 de 40 ......Þ@
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 00 00 a6 00 66 02 de 10 ..¦.f.Þ.
0030: 00 00 00 00 ....

Event Type: Information
Event Source: EventLog
Event Category: None
Event ID: 6005
Date: 2011-03-03
Time: 18:26:16
User: N/A
Computer: BIG
Description:
The Event log service was started.

Event Type: Information
Event Source: EventLog
Event Category: None
Event ID: 6009
Date: 2011-03-03
Time: 18:26:16
User: N/A
Computer: BIG
Description:
Microsoft (R) Windows 2000 (R) 5.0 2195 Service Pack 4 Multiprocessor Free.

***************** HERE IS happenings prior to the REBOOT !

Event Type: Information
Event Source: Application Popup
Event Category: None
Event ID: 26
Date: 2011-03-03
Time: 18:15:19
User: N/A
Computer: BIG
Description:
Application popup: Windows - Delayed Write Failed : Windows was unable to save all the data for
the file \Device\HarddiskVolume2\$Mft. The data has been lost. This error may be caused by a failure
of your computer hardware or network connection. Please try to save this file elsewhere.


Event Type: Warning
Event Source: Ftdisk
Event Category: None
Event ID: 50
Date: 2011-03-03
Time: 18:13:10
User: N/A
Computer: BIG
Description:
{Lost Delayed-Write Data} The system was attempting to transfer file data from buffers to \Device\HarddiskVolume1.
The write operation failed, and only some of the data may have been written to the file.
Data:
0000: 00 00 04 00 01 00 5e 00 ......^.
0008: 00 00 00 00 32 00 04 80 ....2..€
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 0e 00 00 c0 ...À

Event Type: Warning
Event Source: Ftdisk
Event Category: None
Event ID: 50
Date: 2011-03-03
Time: 18:13:10
User: N/A
Computer: BIG
Description:
{Lost Delayed-Write Data} The system was attempting to transfer file data from buffers to \Device\HarddiskVolume2.
The write operation failed, and only some of the data may have been written to the file.
Data:
0000: 00 00 04 00 01 00 5e 00 ......^.
0008: 00 00 00 00 32 00 04 80 ....2..€
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 0e 00 00 c0 ...À

Event Type: Information
Event Source: Application Popup
Event Category: None
Event ID: 26
Date: 2011-03-03
Time: 18:03:15
User: N/A
Computer: BIG
Description:
Application popup: Windows - Delayed Write Failed : Windows was unable to save all the data for the file \Device\HarddiskVolume1\$Mft.
The data has been lost. This error may be caused by a failure of your computer hardware or network connection.
Please try to save this file elsewhere.

Event Type: Warning
Event Source: Ftdisk
Event Category: None
Event ID: 50
Date: 2011-03-03
Time: 18:03:15
User: N/A
Computer: BIG
Description:
{Lost Delayed-Write Data} The system was attempting to transfer file data from buffers to \Device\HarddiskVolume2.
The write operation failed, and only some of the data may have been written to the file.
Data:
0000: 00 00 04 00 01 00 5e 00 ......^.
0008: 00 00 00 00 32 00 04 80 ....2..€
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 0e 00 00 c0 ...À

Event Type: Warning
Event Source: Ftdisk
Event Category: None
Event ID: 50
Date: 2011-03-03
Time: 18:03:15
User: N/A
Computer: BIG
Description:
{Lost Delayed-Write Data} The system was attempting to transfer file data from buffers to \Device\HarddiskVolume1.
The write operation failed, and only some of the data may have been written to the file.
Data:
0000: 00 00 04 00 01 00 5e 00 ......^.
0008: 00 00 00 00 32 00 04 80 ....2..€
0010: 00 00 00 00 00 00 00 00 ........
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 0e 00 00 c0 ...À

*********************************************************** THIS MAY BE SOMETHING ?

Event Type: Information
Event Source: Removable Storage Service
Event Category: None
Event ID: 135
Date: 2011-03-03
Time: 18:02:58
User: N/A
Computer: BIG
Description:
Received a device interface REMOVAL notification for device:
\\?\IDE#DiskWDC_WD800BB-00CAA1______________________17.07W17#4457572d41434538353433383138_030_0_0_0_0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
Data:
0000: 38 01 00 00 05 00 00 00 8.......
0008: 00 00 00 00 07 63 f5 53 .....cõS
0010: bf b6 d0 11 94 f2 00 a0 ¿¶Ã.”ò.*
0018: c9 1e fb 8b 5c 00 5c 00 É.û‹\.\.
0020: 3f 00 5c 00 49 00 44 00 ?.\.I.D.
0028: 45 00 23 00 44 00 69 00 E.#.D.i.
0030: 73 00 6b 00 57 00 44 00 s.k.W.D.
0038: 43 00 5f 00 57 00 44 00 C._.W.D.
0040: 38 00 30 00 30 00 42 00 8.0.0.B.
0048: 42 00 2d 00 30 00 30 00 B.-.0.0.
0050: 43 00 41 00 41 00 31 00 C.A.A.1.
0058: 5f 00 5f 00 5f 00 5f 00 _._._._.
0060: 5f 00 5f 00 5f 00 5f 00 _._._._.
0068: 5f 00 5f 00 5f 00 5f 00 _._._._.
0070: 5f 00 5f 00 5f 00 5f 00 _._._._.
0078: 5f 00 5f 00 5f 00 5f 00 _._._._.
0080: 5f 00 5f 00 31 00 37 00 _._.1.7.
0088: 2e 00 30 00 37 00 57 00 ..0.7.W.
0090: 31 00 37 00 23 00 34 00 1.7.#.4.
0098: 34 00 35 00 37 00 35 00 4.5.7.5.
00a0: 37 00 32 00 64 00 34 00 7.2.d.4.
00a8: 31 00 34 00 33 00 34 00 1.4.3.4.
00b0: 35 00 33 00 38 00 33 00 5.3.8.3.
00b8: 35 00 33 00 34 00 33 00 5.3.4.3.
00c0: 33 00 33 00 38 00 33 00 3.3.8.3.
00c8: 31 00 33 00 38 00 5f 00 1.3.8._.
00d0: 30 00 33 00 30 00 5f 00 0.3.0._.
00d8: 30 00 5f 00 30 00 5f 00 0._.0._.
00e0: 30 00 5f 00 30 00 23 00 0._.0.#.
00e8: 7b 00 35 00 33 00 66 00 {.5.3.f.
00f0: 35 00 36 00 33 00 30 00 5.6.3.0.
00f8: 37 00 2d 00 62 00 36 00 7.-.b.6.
0100: 62 00 66 00 2d 00 31 00 b.f.-.1.
0108: 31 00 64 00 30 00 2d 00 1.d.0.-.
0110: 39 00 34 00 66 00 32 00 9.4.f.2.
0118: 2d 00 30 00 30 00 61 00 -.0.0.a.
0120: 30 00 63 00 39 00 31 00 0.c.9.1.
0128: 65 00 66 00 62 00 38 00 e.f.b.8.
0130: 62 00 7d 00 00 00 00 00 b.}.....

Event Type: Information
Event Source: Removable Storage Service
Event Category: None
Event ID: 135
Date: 2011-03-03
Time: 18:02:58
User: N/A
Computer: BIG
Description:
Received a device interface REMOVAL notification for device:
\\?\IDE#DiskMaxtor_2B020H1__________________________WAH21PB0#31424b3852364552202020202020202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
Data:
0000: 38 01 00 00 05 00 00 00 8.......
0008: 00 00 00 00 07 63 f5 53 .....cõS
0010: bf b6 d0 11 94 f2 00 a0 ¿¶Ã.”ò.*
0018: c9 1e fb 8b 5c 00 5c 00 É.û‹\.\.
0020: 3f 00 5c 00 49 00 44 00 ?.\.I.D.
0028: 45 00 23 00 44 00 69 00 E.#.D.i.
0030: 73 00 6b 00 4d 00 61 00 s.k.M.a.
0038: 78 00 74 00 6f 00 72 00 x.t.o.r.
0040: 5f 00 32 00 42 00 30 00 _.2.B.0.
0048: 32 00 30 00 48 00 31 00 2.0.H.1.
0050: 5f 00 5f 00 5f 00 5f 00 _._._._.
0058: 5f 00 5f 00 5f 00 5f 00 _._._._.
0060: 5f 00 5f 00 5f 00 5f 00 _._._._.
0068: 5f 00 5f 00 5f 00 5f 00 _._._._.
0070: 5f 00 5f 00 5f 00 5f 00 _._._._.
0078: 5f 00 5f 00 5f 00 5f 00 _._._._.
0080: 5f 00 5f 00 57 00 41 00 _._.W.A.
0088: 48 00 32 00 31 00 50 00 H.2.1.P.
0090: 42 00 30 00 23 00 33 00 B.0.#.3.
0098: 31 00 34 00 32 00 34 00 1.4.2.4.
00a0: 62 00 33 00 38 00 35 00 b.3.8.5.
00a8: 32 00 33 00 36 00 34 00 2.3.6.4.
00b0: 35 00 35 00 32 00 32 00 5.5.2.2.
00b8: 30 00 32 00 30 00 32 00 0.2.0.2.
00c0: 30 00 32 00 30 00 32 00 0.2.0.2.
00c8: 30 00 32 00 30 00 32 00 0.2.0.2.
00d0: 30 00 32 00 30 00 32 00 0.2.0.2.
00d8: 30 00 32 00 30 00 32 00 0.2.0.2.
00e0: 30 00 32 00 30 00 23 00 0.2.0.#.
00e8: 7b 00 35 00 33 00 66 00 {.5.3.f.
00f0: 35 00 36 00 33 00 30 00 5.6.3.0.
00f8: 37 00 2d 00 62 00 36 00 7.-.b.6.
0100: 62 00 66 00 2d 00 31 00 b.f.-.1.
0108: 31 00 64 00 30 00 2d 00 1.d.0.-.
0110: 39 00 34 00 66 00 32 00 9.4.f.2.
0118: 2d 00 30 00 30 00 61 00 -.0.0.a.
0120: 30 00 63 00 39 00 31 00 0.c.9.1.
0128: 65 00 66 00 62 00 38 00 e.f.b.8.
0130: 62 00 7d 00 00 00 00 00 b.}.....

Event Type: Warning
Event Source: Disk
Event Category: None
Event ID: 51
Date: 2011-03-03
Time: 18:02:58
User: N/A
Computer: BIG
Description:
An error was detected on device \Device\Harddisk0\DR0 during a paging operation.
Data:
0000: 04 00 22 00 01 00 72 00 .. "...r.
0008: 00 00 00 00 33 00 04 80 ....3..€
0010: 2d 01 00 00 0e 00 00 c0 -......À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 00 00 00 00 00 00 00 00 ........
0030: 00 00 00 00 2a 00 00 00 ....*...
0038: 00 08 00 00 00 00 00 00 ........
0040: 2a 00 00 ac f8 27 00 00 *..¬Ã¸'..
0048: 80 00 €.

Event Type: Warning
Event Source: Disk
Event Category: None
Event ID: 51
Date: 2011-03-03
Time: 18:02:58
User: N/A
Computer: BIG
Description:
An error was detected on device \Device\Harddisk0\DR0 during a paging operation.
Data:
0000: 04 00 22 00 01 00 72 00 .. "...r.
0008: 00 00 00 00 33 00 04 80 ....3..€
0010: 2d 01 00 00 0e 00 00 c0 -......À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 00 00 00 00 00 00 00 00 ........
0030: 00 00 00 00 2a 00 00 00 ....*...
0038: 00 08 00 00 00 00 00 00 ........
0040: 2a 00 00 ac f6 07 00 00 *..¬Ã¶...
0048: 80 00 €.

 

Ps. I don't do anything .....just waiting for any instructions, ideas, suggestions Ds.

 

Thanks

Absolutely, I will do that, and in any other case I would not even think of to question that, but as I wrote above, little too "odd" timing... don't You think?
Is that what the Event Viewer says?

 

Ok!

If You all think so... I've disconnected the disks.... so that should not happen agian...Wasn't anything important there anyway.
...but You have to agree that the timing was .....extremely peculiar, right?
Thanks anyway, You've made me nervous, thats all

 

These two that caused the event viewer to give these logs...
There is still some other "disk" trouble....working on that?

Event Source: Removable Storage Service
Event Category: None
Event ID: 135
Date: 2011-03-03
Time: 18:02:58
User: N/A
Computer: BIG
Description:
Received a device interface REMOVAL notification for device:
\\?\IDE#DiskWDC_WD800BB-00CAA1______________________17.07W17#4457572d41434538353433383138_030_0_0_0 _0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
Data:
0000: 38 01 00 00 05 00 00 00 8.......
0008: 00 00 00 00 07 63 f5 53 .....cõS
0010: bf b6 d0 11 94 f2 00 a0 ¿¶Ã.â€Ã².*
0018: c9 1e fb 8b 5c 00 5c 00 É.û‹\.\.
0020: 3f 00 5c 00 49 00 44 00 ?.\.I.D.
0028: 45 00 23 00 44 00 69 00 E.#.D.i.
0030: 73 00 6b 00 57 00 44 00 s.k.W.D.
0038: 43 00 5f 00 57 00 44 00 C._.W.D.
0040: 38 00 30 00 30 00 42 00 8.0.0.B.
0048: 42 00 2d 00 30 00 30 00 B.-.0.0.
0050: 43 00 41 00 41 00 31 00 C.A.A.1.
0058: 5f 00 5f 00 5f 00 5f 00 _._._._.
0060: 5f 00 5f 00 5f 00 5f 00 _._._._.
0068: 5f 00 5f 00 5f 00 5f 00 _._._._.
0070: 5f 00 5f 00 5f 00 5f 00 _._._._.
0078: 5f 00 5f 00 5f 00 5f 00 _._._._.
0080: 5f 00 5f 00 31 00 37 00 _._.1.7.
0088: 2e 00 30 00 37 00 57 00 ..0.7.W.
0090: 31 00 37 00 23 00 34 00 1.7.#.4.
0098: 34 00 35 00 37 00 35 00 4.5.7.5.
00a0: 37 00 32 00 64 00 34 00 7.2.d.4.
00a8: 31 00 34 00 33 00 34 00 1.4.3.4.
00b0: 35 00 33 00 38 00 33 00 5.3.8.3.
00b8: 35 00 33 00 34 00 33 00 5.3.4.3.
00c0: 33 00 33 00 38 00 33 00 3.3.8.3.
00c8: 31 00 33 00 38 00 5f 00 1.3.8._.
00d0: 30 00 33 00 30 00 5f 00 0.3.0._.
00d8: 30 00 5f 00 30 00 5f 00 0._.0._.
00e0: 30 00 5f 00 30 00 23 00 0._.0.#.
00e8: 7b 00 35 00 33 00 66 00 {.5.3.f.
00f0: 35 00 36 00 33 00 30 00 5.6.3.0.
00f8: 37 00 2d 00 62 00 36 00 7.-.b.6.
0100: 62 00 66 00 2d 00 31 00 b.f.-.1.
0108: 31 00 64 00 30 00 2d 00 1.d.0.-.
0110: 39 00 34 00 66 00 32 00 9.4.f.2.
0118: 2d 00 30 00 30 00 61 00 -.0.0.a.
0120: 30 00 63 00 39 00 31 00 0.c.9.1.
0128: 65 00 66 00 62 00 38 00 e.f.b.8.
0130: 62 00 7d 00 00 00 00 00 b.}.....

Event Type: Information
Event Source: Removable Storage Service
Event Category: None
Event ID: 135
Date: 2011-03-03
Time: 18:02:58
User: N/A
Computer: BIG
Description:
Received a device interface REMOVAL notification for device:
\\?\IDE#DiskMaxtor_2B020H1__________________________WAH21PB0#31424b38523645 52202020202020202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
Data:
0000: 38 01 00 00 05 00 00 00 8.......
0008: 00 00 00 00 07 63 f5 53 .....cõS
0010: bf b6 d0 11 94 f2 00 a0 ¿¶Ã.â€Ã².*
0018: c9 1e fb 8b 5c 00 5c 00 É.û‹\.\.
0020: 3f 00 5c 00 49 00 44 00 ?.\.I.D.
0028: 45 00 23 00 44 00 69 00 E.#.D.i.
0030: 73 00 6b 00 4d 00 61 00 s.k.M.a.
0038: 78 00 74 00 6f 00 72 00 x.t.o.r.
0040: 5f 00 32 00 42 00 30 00 _.2.B.0.
0048: 32 00 30 00 48 00 31 00 2.0.H.1.
0050: 5f 00 5f 00 5f 00 5f 00 _._._._.
0058: 5f 00 5f 00 5f 00 5f 00 _._._._.
0060: 5f 00 5f 00 5f 00 5f 00 _._._._.
0068: 5f 00 5f 00 5f 00 5f 00 _._._._.
0070: 5f 00 5f 00 5f 00 5f 00 _._._._.
0078: 5f 00 5f 00 5f 00 5f 00 _._._._.
0080: 5f 00 5f 00 57 00 41 00 _._.W.A.
0088: 48 00 32 00 31 00 50 00 H.2.1.P.
0090: 42 00 30 00 23 00 33 00 B.0.#.3.
0098: 31 00 34 00 32 00 34 00 1.4.2.4.
00a0: 62 00 33 00 38 00 35 00 b.3.8.5.
00a8: 32 00 33 00 36 00 34 00 2.3.6.4.
00b0: 35 00 35 00 32 00 32 00 5.5.2.2.
00b8: 30 00 32 00 30 00 32 00 0.2.0.2.
00c0: 30 00 32 00 30 00 32 00 0.2.0.2.
00c8: 30 00 32 00 30 00 32 00 0.2.0.2.
00d0: 30 00 32 00 30 00 32 00 0.2.0.2.
00d8: 30 00 32 00 30 00 32 00 0.2.0.2.
00e0: 30 00 32 00 30 00 23 00 0.2.0.#.
00e8: 7b 00 35 00 33 00 66 00 {.5.3.f.
00f0: 35 00 36 00 33 00 30 00 5.6.3.0.
00f8: 37 00 2d 00 62 00 36 00 7.-.b.6.
0100: 62 00 66 00 2d 00 31 00 b.f.-.1.
0108: 31 00 64 00 30 00 2d 00 1.d.0.-.
0110: 39 00 34 00 66 00 32 00 9.4.f.2.
0118: 2d 00 30 00 30 00 61 00 -.0.0.a.
0120: 30 00 63 00 39 00 31 00 0.c.9.1.
0128: 65 00 66 00 62 00 38 00 e.f.b.8.
0130: 62 00 7d 00 00 00 00 00 b.}.....

 

I'll test them when I'll start with the second PC...
The files on these are mostly old ones BUT there was couple "bad guys" on one or both of them..... These drivers are not important...

* Only wander if the failure of them wasn't a "natural" one, but was caused by something still hiding.... if You can interpent all the numbers *

I've had trouble with G-mail, outgoing server on Telia.com and the firewall keeps warning me about that everything can be used against me if I click <accept> for that prog.
Well since, as You already know, I don't have any idea what the h.. I'm doing...
You, just made me jumpy and maybe I'm now relating every other issue to these Viruses, Trojans ..etc.
Frankly - I don't know!

 

....and by the way MBRCheck.exe will not run further than D:\ there it stops and so does the computer

 

The same one still.... I told You that MBR didn't run to the end before.... You must have missed that....

 

...Maxtor is / was physical device 10 ...
Why? No good answer to that. Things keep on happening that I neither recognize nor know why.... Mbam scan started this little issue by crashing (it maybe was not the prog. but something happened)

The issue with gmail not working as it should... for example

...and there is an uppload activity that I don’t know where it's going... I have a little prog. from my i-net provider, that keeps count on activity and shows a diagram... usually it's empty when I'm not doing anything, but not now... I understand that the virus prog is working.... but still ???

Gmail may have trouble because my i-net connection is slow and much more slow now.....

I'll keep telling You, it's a brand new world to me

I do hope that I'm learning...

 

Sorry!

None of them. Windows is on a SATA disk...
WDC WD800AAJS-22PSA0
Manufacturer Western Digital
Form Factor GB/3.5-inch
Business Unit/Brand Mobile/WD Scorpio Free Fall Sensor (FFS)
Interface IDE
Capacity 78.15GB
Real size 80*026*361*856 bytes
S.M.A.R.T
01 Read Error Rate 200 (200 worst) Data 0000000000
03 Spin-Up Time 157 (155) Data 0000000C4E
04 Start/Stop Count 100 (100) Data 00000000ED
05 Reallocated Sectors Count 200 (200) Data 0000000000
07 Seek Error Rate 200 (200) Data 0000000000
09 Power-On Hours (POH) 099 (099) Data 00000003EE
0A Spin Retry Count 100 (100) Data 0000000000
0B Recalibration Retries 100 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 00000000BA
C0 Power-off Retract Count 200 (200) Data 0000000040
C1 Load/Unload Cycle Count 200 (200) Data 00000000ED
C2 Temperature 109 (092) Data 0000000022
C4 Reallocation Event Count 200 (200) Data 0000000000
C5 Current Pending Sector Count 200 (200) Data 0000000000
C6 Uncorrectable Sector Count 200 (200) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000004
C8 Write Error Rate / Multi-Zone Error Rate 200 (200) Data 0000000000
Temperature 34 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #2, Partition #0
Disk Letter C:
File System NTFS
Volume Serial Number 30AECB87
Size 74.52GB
Used Space 9.00GB (13%)
Free Space 65.52GB (87%)

Windows is on this Disk.
Questions like that - I do know the answer to

 

Ok....?


So it's "ok" to find some "infected" reg. keys occasionally with the Malware prog. ?
(I'm not sarcastic, only trying to adapt to new things)