Jump to content

betamax

Member
 View Profile  See their activity

  • Posts

    114

  • Joined

  • Last visited

  • Donations

    0.00 USD 

  • Country

    United States

 Content Type 

Everything posted by betamax

  1. betamax
    I did rescan but it finds nothing because it already removed it upon it reappearing. What i'm trying to find out is what's causing it to re appear.
  2. betamax
    My virus protection keeps detecting the virus Win32/Saliy.G in C:\windows\system32\winresd32.dll. It deletes the vile and says it's gone, which it is. A few hours later, the file is back again and the virus protection pops up and says it found a virus and removed it. This happens every few hours. I decided to run filemon over night and catch it in the act. This is what I found: The file was opened by process 419478232.tmp. 419478232.tmp was created in executed by explorer.exe. That's the kicker right there. What is making explorer create and execute this process (which is still running in the background?) I can't post my filemon log file because it's 256MB. I can show the part that I'm looking at though. It's kinda tough to read but here it is. I also noted via proc exp that the .tmp process was reading some file index.dat in content.ie5. Is it okay to just boot up in safe mode and blow everything away in my Temporary Internet Files folder? 485272 4:00:57 AM explorer.exe:356 CREATE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: OverwriteIf Access: All 485273 4:00:57 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\ SUCCESS Options: Open Directory Access: 00000000 485274 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 0 Length: 1024 485275 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 1024 Length: 1024 485276 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 2048 Length: 1024 485277 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 3072 Length: 1024 485278 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 4096 Length: 1024 485279 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 5120 Length: 1024 485280 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 6144 Length: 1024 485281 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 7168 Length: 1024 485282 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 8192 Length: 1024 485283 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 9216 Length: 1024 485284 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 10240 Length: 1024 485285 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 11264 Length: 1024 485286 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 12288 Length: 1024 485287 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 13312 Length: 1024 485288 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 14336 Length: 1024 485289 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 15360 Length: 1024 485290 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 16384 Length: 1024 485291 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 17408 Length: 1024 485292 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 18432 Length: 1024 485293 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 19456 Length: 1024 485294 4:00:57 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 20480 Length: 1024 485295 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 21504 Length: 1024 485296 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 22528 Length: 1024 485297 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 23552 Length: 1024 485298 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 24576 Length: 1024 485299 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 25600 Length: 1024 485300 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 26624 Length: 1024 485301 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 27648 Length: 1024 485302 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 28672 Length: 1024 485303 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 29696 Length: 1024 485304 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 30720 Length: 1024 485305 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 31744 Length: 1024 485306 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 32768 Length: 1024 485307 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 33792 Length: 1024 485308 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 34816 Length: 1024 485309 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 35840 Length: 1024 485310 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 36864 Length: 1024 485311 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 37888 Length: 1024 485312 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 38912 Length: 1024 485313 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 39936 Length: 1024 485314 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 40960 Length: 1024 485315 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 41984 Length: 1024 485316 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 43008 Length: 1024 485317 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 44032 Length: 1024 485318 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 45056 Length: 1024 485319 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 46080 Length: 1024 485320 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 47104 Length: 1024 485321 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 48128 Length: 1024 485322 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 49152 Length: 1024 485323 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 50176 Length: 1024 485324 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 51200 Length: 51 485325 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS 485326 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485327 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Length: 51251 485328 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 0 Length: 16384 485329 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 16384 Length: 2048 485330 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 18432 Length: 2048 485331 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 20480 Length: 2048 485332 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 22528 Length: 2048 485333 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 24576 Length: 2048 485334 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 26624 Length: 2048 485335 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 28672 Length: 2048 485336 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 30720 Length: 2048 485337 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 32768 Length: 2048 485338 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 34816 Length: 2048 485339 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 36864 Length: 2048 485340 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 38912 Length: 2048 485341 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 40960 Length: 2048 485342 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 43008 Length: 2048 485343 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 45056 Length: 2048 485344 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 46131 Length: 5120 485345 4:00:58 AM explorer.exe:356 OPEN C:\WINDOWS\CAVTemp\TEMPMON_1652_0 NOT FOUND Options: Open Access: All 485346 4:00:58 AM explorer.exe:356 CREATE C:\WINDOWS\CAVTemp\TEMPMON_1652_0 SUCCESS Options: Create Access: All 485347 4:00:58 AM explorer.exe:356 SET INFORMATION C:\WINDOWS\CAVTemp\TEMPMON_1652_0 SUCCESS Length: 0 485348 4:00:58 AM explorer.exe:356 SET INFORMATION C:\WINDOWS\CAVTemp\TEMPMON_1652_0 SUCCESS Length: 0 485349 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485350 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485351 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Length: 51251 485352 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 0 Length: 16384 485353 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 16384 Length: 2048 485354 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 18432 Length: 2048 485355 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 20480 Length: 2048 485356 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 22528 Length: 2048 485357 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 24576 Length: 2048 485358 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 26624 Length: 2048 485359 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 28672 Length: 2048 485360 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 30720 Length: 2048 485361 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 32768 Length: 2048 485362 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 34816 Length: 2048 485363 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 36864 Length: 2048 485364 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 38912 Length: 2048 485365 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 40960 Length: 2048 485366 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 43008 Length: 2048 485367 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 45056 Length: 2048 485368 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 46131 Length: 5120 485369 4:00:58 AM explorer.exe:356 OPEN C:\WINDOWS\CAVTemp\TEMPMON_1652_0 NOT FOUND Options: Open Access: All 485370 4:00:58 AM explorer.exe:356 CREATE C:\WINDOWS\CAVTemp\TEMPMON_1652_0 SUCCESS Options: Create Access: All 485371 4:00:58 AM explorer.exe:356 SET INFORMATION C:\WINDOWS\CAVTemp\TEMPMON_1652_0 SUCCESS Length: 0 485372 4:00:58 AM explorer.exe:356 SET INFORMATION C:\WINDOWS\CAVTemp\TEMPMON_1652_0 SUCCESS Length: 0 485373 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Length: 51251 485374 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 0 Length: 51251 485375 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS 485376 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485377 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS FileAttributeTagInformation 485378 4:00:58 AM explorer.exe:356 DELETE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS 485379 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS 485380 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: OpenIf Access: All 485381 4:00:58 AM explorer.exe:356 WRITE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 0 Length: 25625 485382 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS 485383 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485384 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Length: 25625 485385 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 0 Length: 16384 485386 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 20505 Length: 5120 485387 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485388 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Attributes: A 485389 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS 485390 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485391 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Attributes: A 485392 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS 485393 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485394 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485395 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Length: 25625 485396 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 0 Length: 16384 485397 4:00:58 AM explorer.exe:356 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 20505 Length: 5120 485398 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Length: 25625 485399 4:00:58 AM explorer.exe:356 OPEN C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS Options: Open Access: All 485400 4:00:58 AM explorer.exe:356 OPEN C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS Options: Open Access: All 485401 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS Length: 1190796 485402 4:00:58 AM explorer.exe:356 READ C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS Offset: 0 Length: 16384 485403 4:00:58 AM explorer.exe:356 READ C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS Offset: 1185676 Length: 5120 485404 4:00:58 AM explorer.exe:356 OPEN C:\WINDOWS\CAVTemp\TEMPMON_1652_0 NOT FOUND Options: Open Access: All 485405 4:00:58 AM explorer.exe:356 CREATE C:\WINDOWS\CAVTemp\TEMPMON_1652_0 SUCCESS Options: Create Access: All 485406 4:00:58 AM explorer.exe:356 SET INFORMATION C:\WINDOWS\CAVTemp\TEMPMON_1652_0 SUCCESS Length: 0 485407 4:00:58 AM explorer.exe:356 SET INFORMATION C:\WINDOWS\CAVTemp\TEMPMON_1652_0 SUCCESS Length: 0 485408 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS Length: 1190796 485409 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS Length: 1190796 485410 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS Length: 1190796 485411 4:00:58 AM explorer.exe:356 OPEN C:\WINDOWS\AppPatch\systest.sdb NOT FOUND Options: Open Access: All 485412 4:00:58 AM explorer.exe:356 OPEN C:\WINDOWS\AppPatch\systest.sdb NOT FOUND Options: Open Access: All 485413 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\ SUCCESS Options: Open Directory Access: All 485414 4:00:58 AM explorer.exe:356 DIRECTORY C:\DOCUME~1\betamax\LOCALS~1\Temp\ SUCCESS FileBothDirectoryInformation: 419478232.tmp 485415 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\ SUCCESS 485416 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485417 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Attributes: A 485418 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS 485419 4:00:58 AM explorer.exe:356 OPEN C:\ SUCCESS Options: Open Directory Access: All 485420 4:00:58 AM explorer.exe:356 DIRECTORY C:\ SUCCESS FileBothDirectoryInformation: DOCUME~1 485421 4:00:58 AM explorer.exe:356 CLOSE C:\ SUCCESS 485422 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\ SUCCESS Options: Open Directory Access: All 485423 4:00:58 AM explorer.exe:356 DIRECTORY C:\DOCUME~1\ SUCCESS FileBothDirectoryInformation: betamax 485424 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\ SUCCESS 485425 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\ SUCCESS Options: Open Directory Access: All 485426 4:00:58 AM explorer.exe:356 DIRECTORY C:\DOCUME~1\betamax\ SUCCESS FileBothDirectoryInformation: LOCALS~1 485427 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\ SUCCESS 485428 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\ SUCCESS Options: Open Directory Access: All 485429 4:00:58 AM explorer.exe:356 DIRECTORY C:\DOCUME~1\betamax\LOCALS~1\ SUCCESS FileBothDirectoryInformation: Temp 485430 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\ SUCCESS 485431 4:00:58 AM explorer.exe:356 CLOSE C:\WINDOWS\AppPatch\sysmain.sdb SUCCESS 485432 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS FileNameInformation 485433 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Options: Open Access: All 485434 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Attributes: A 485435 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS 485436 4:00:58 AM explorer.exe:356 OPEN C:\ SUCCESS Options: Open Directory Access: All 485437 4:00:58 AM explorer.exe:356 DIRECTORY C:\ SUCCESS FileBothDirectoryInformation: DOCUME~1 485438 4:00:58 AM explorer.exe:356 CLOSE C:\ SUCCESS 485439 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\ SUCCESS Options: Open Directory Access: All 485440 4:00:58 AM explorer.exe:356 DIRECTORY C:\DOCUME~1\ SUCCESS FileBothDirectoryInformation: betamax 485441 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\ SUCCESS 485442 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\ SUCCESS Options: Open Directory Access: All 485443 4:00:58 AM explorer.exe:356 DIRECTORY C:\DOCUME~1\betamax\ SUCCESS FileBothDirectoryInformation: LOCALS~1 485444 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\ SUCCESS 485445 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\ SUCCESS Options: Open Directory Access: All 485446 4:00:58 AM explorer.exe:356 DIRECTORY C:\DOCUME~1\betamax\LOCALS~1\ SUCCESS FileBothDirectoryInformation: Temp 485447 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\ SUCCESS 485448 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Length: 25625 485449 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Length: 25625 485450 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp.Manifest NOT FOUND Options: Open Access: All 485451 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp.Manifest NOT FOUND Options: Open Access: All 485452 4:00:58 AM explorer.exe:356 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\ SUCCESS Options: Open Access: All 485453 4:00:58 AM explorer.exe:356 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\ SUCCESS Attributes: D 485454 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\ SUCCESS 485455 4:00:58 AM explorer.exe:356 CLOSE C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS 485456 4:00:58 AM 419478232.tmp:2404 QUERY INFORMATION C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS FileNameInformation 485457 4:00:58 AM 419478232.tmp:2404 OPEN C:\WINDOWS\Prefetch\419478232.TMP-006197D3.pf NOT FOUND Options: Open Access: All 485458 4:00:58 AM 419478232.tmp:2404 OPEN C:\WINDOWS\Prefetch\419478232.TMP-006197D3.pf NOT FOUND Options: Open Access: All 485459 4:00:58 AM 419478232.tmp:2404 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\ SUCCESS Options: Open Directory Access: Traverse 485460 4:00:58 AM 419478232.tmp:2404 OPEN C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp.Local NOT FOUND Options: Open Access: All 485461 4:00:58 AM 419478232.tmp:2404 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 1024 Length: 1024 485462 4:00:58 AM 419478232.tmp:2404 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 10240 Length: 15360 485463 4:00:58 AM 419478232.tmp:2404 OPEN C:\WINDOWS\system32\winresd32.dll SUCCESS Options: OpenIf Access: All 485464 4:00:58 AM winlogon.exe:532 DIRECTORY C:\WINDOWS\system32 SUCCESS Change Notify 485465 4:00:58 AM 419478232.tmp:2404 READ C:\DOCUME~1\betamax\LOCALS~1\Temp\419478232.tmp SUCCESS Offset: 2048 Length: 8192 485466 4:00:58 AM 419478232.tmp:2404 WRITE C:\WINDOWS\system32\winresd32.dll SUCCESS Offset: 0 Length: 23040 485467 4:00:58 AM 419478232.tmp:2404 CLOSE C:\WINDOWS\system32\winresd32.dll SUCCESS 485468 4:00:58 AM winlogon.exe:532 DIRECTORY C:\WINDOWS\system32 SUCCESS Change Notify 485469 4:00:58 AM 419478232.tmp:2404 OPEN C:\WINDOWS\system32\winresd32.dll SUCCESS Options: Open Access: All 485470 4:00:58 AM 419478232.tmp:2404 QUERY INFORMATION C:\WINDOWS\system32\winresd32.dll SUCCESS Length: 23040 485471 4:00:58 AM 419478232.tmp:2404 READ C:\WINDOWS\system32\winresd32.dll SUCCESS Offset: 0 Length: 16384 485472 4:00:58 AM 419478232.tmp:2404 READ C:\WINDOWS\system32\winresd32.dll SUCCESS Offset: 17920 Length: 5120 485473 4:00:58 AM 419478232.tmp:2404 READ C:\WINDOWS\system32\winresd32.dll SUCCESS Offset: 13312 Length: 4096 485474 4:00:58 AM 419478232.tmp:2404 OPEN C:\WINDOWS\system32\winresd32.dll SUCCESS Options: Open Access: All 485475 4:00:58 AM 419478232.tmp:2404 READ C:\$Directory SUCCESS Offset: 16384 Length: 4096 485476 4:00:58 AM svchost.exe:864 DIRECTORY C:\$Extend\$ObjId SUCCESS Change Notify 485477 4:00:58 AM VetMsg.exe:2028 OPEN C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\vete.dll Please NOW, in Microsoft Windows XP section, use [TAGS] in your topic's title. See rules. --Sonic
  3. betamax
    I noticed this file in my C:\windows\system32 directory with a created date of today. I renamed it to olemdb32.dll.bad and restarted my machine. There it was again. A fresh new copy of it. How do I find out which process is creating this file? Is this a legit file?
  4. betamax
    I know I can mix and match different capacities (512mb and 1024mb), but I'm just worried about different densities (64x8 16chip and 128x4 8chip). My 512 stick currently has 16 chips on it, which would suggest that it's low density. I'm looking to buy this bad boy, because the price can't be beat. But it's listed as high density. http://www.linemicro.com/product.php?id=14117 Low density chips cost like 40 bucks more!
  5. betamax
    i already have a 512 stick of samsung in there. i got it a while ago so i think it may be low density. is it okay to mix high density with low density?
  6. betamax
    Hi All, I have an Asus A7V266 motherboard and am looking to buy a Gig stick of PC2100. There are two types I can get, high density for around 60, or low density for around 100. High density is cheaper because it uses higher capacity chips, this less materials and costs less. The problem is, some mobos weren't around long enough to be compatible with that new technology. The low density chips are compatible with everything, but they cost more. My chipset (Via KT266) was listed as one of the chipsets compatable with high density ram, but I'm not sure if that goes for all mobos or not. I'm just wondering if anyone knows if my mobo will support a high density stick of 1gb PC2100 ram (128x4). Thanks!
  7. betamax
    I deleted the files. It still leaves keys in the registry that reference those file.
  8. betamax
    bump. some applications are actually detecting these stail registry keys.
  9. betamax
    Hello, I'm trying to completely wipe out any remnants of a device driver I installed for an FA312 ethernet card. Going to device manager, right clicking the device, and clicking uninstall is not enough. You see, the computer crashed while installing the driver initially, when it restarted, it installed the driver again. Now my ethernet card is always listed as "NETGEAR Ethernet Deivce #2". I went into the registry to search for FA312 and I found quite a few things related to the Netgear card. Alot of the keys were named numerically (000, 001, 002, 003). The netgear stuff was located in 001. Would it be safe to remove an 001 key and leave the rest, or will that screw up some sort of indexing? I'll post the actual locations of the keys later if you need them. I'm just trying to find out what keys I can get rid of.
  10. betamax

    mozilla quits

    betamax replied to betamax's topic in Windows XP

    ty i'll give it a shot
  11. betamax

    mozilla quits

    betamax replied to betamax's topic in Windows XP

    bump
  12. betamax

    mozilla quits

    betamax posted a topic in Windows XP

    Hello all, I just did a fresh install of xp on my machine and installed mozilla firefox as well. The problem I'm having occurs when I'm running with multiple firefox windows open. Sometime, when I close one of the windows (either by clicking the X in the upper right our double clicking the icon in the upper left) all of the other windows close as well. Yes they were other separate windows. No they were not tabs within the same window. This is an intermittent problem. That is, it's a gamble whenever I close a firefox window as to whether or not I'm going to lose all of my other firefox windows. My guess is that firefox is either crashing or exiting for some reason. I don't get any error messages. All the windows just close. It's a fresh install of XP, installed onto a formatted NTFS partition. The rest of the computer works fine. Any troubleshooting ideas?
  13. betamax
    i nearly cooked my mb. my fan started dying and my cpu temp was at 183. i'm sure i probably melted something then. i have a new heat sink and fan and it holds steady at 130 now, still hot but ok. if i fried a cap on my mobo i'm done. good thing it's an older machine.
  14. betamax
    blizzard's bittorrent complains about the driver being too old and warns of instability when running in peer to peer mode. and wouldn't ya know it, the system fails when i try to do it anyway. just shuts the computer off.
  15. betamax
    thanks rjm. you sound like an EE
  16. betamax
    If I'm in windows doing something like copying or extracting a file, or even trying load a game, my system will just turn off. No error, no warning, just a click and it turns off. The power light on my tower is then left blinking on and off. I have to turn off the power supply and turn it back on if i want to power up my computer again. I just reinstalled windows fresh and it's still happening. I have no idea what could be causing this other than my power suppy not putting out enough power. I just hope it's not my drive. My motherboard is an ASUS A7V266 and my hd is a WD2000JB. Any ideas?
  17. betamax
    i also have an i386 right under C:\ does one get created by windows update?
  18. betamax
    hmm. i have an asus266 with the VIA KT-266 chipset. the thing is dam near 4 years old now. i wonder if that's why it's been flakey. would a bios flash help or am i better off breaking it up into two partitions?
  19. betamax
    Windows XP Pro To install on a partition larger than 137GB, windows nees 48bit LBA support. You need sp1 plus a patch I think. According to MS knowledge base 303013, you need at least version 5.1.2600.1135 of atapi.sys and SP1 in order to have support. If atapi.sys isn't that version then you have to install a hotfix. Fine.. My question is: Is this an issue with a SP2 slipstreamed xp cd? Or do I have to slipstream additional patches/hotfixes.
  20. betamax
    Hello, I own a netgear fa312 ethernet card and I'm running windows xp. I'm trying to find new drivers for this device, but apparently netgear doesn't make xp drivers for this card. Am I stuck using the windows drivers? They are pretty old.
  21. betamax
    the boot disk boots me into dos mode. i copy the i386 folder from the CD. i then want to run winnt.exe from the newly created i386 folder on the hdd, and specify an unattended answer file. my question is: in the unattended answer file, what should the MsDosInitiated switch be set to?
  22. betamax
    well all i really want to know is which way is the right way
  23. betamax
    Hello, I was wondering if anyone knew of any bootdisks that will let you boot up in DOS mode with NTFS support (much like xpboot). But, I was also wondering if there was one that supported partitions larger than 137GB. Anyone know?
  24. betamax
    /bump still wondering about this. i hope someone out there knows.
  25. betamax
    Does this just make xpcreate copy the source cd to the harddrive for the purpose of slipstreaming and creating a cd? Or does this make Setup copy the source files to the hdd during Windows installation?
×
×
  • Create New...