Link to my previous posted thread: http://forums.spybot.info/showthread.php?p=416838#post416838

:oops: sorry, was having some difficulties logging on to the internet previously.

====================================================

removed: Ad-Aware ( partially, cant seem to remove fully ) & ccleaner.
p.s. List of installed programmes unable to show up in the 'Add & Remove Program' in the Control Panel.

====================================================

CheckHD:

The type of the file system is NTFS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
CHKDSK is verifying indexes (stage 2 of 3)...

Errors found. CHKDSK cannot continue in read-only mode.

====================================================

DDS log ( Dec 10 ):

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Ethylis Liew at 8:21:36 on 2011-12-10
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3326.2540 [GMT 8:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Vtune\TBPanel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Ethylis Liew\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Ethylis Liew\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ethylis Liew\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ethylis Liew\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ethylis Liew\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ethylis Liew\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ethylis Liew\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: DeviceVM Url Search Hook: {0063bf63-bfff-4b8f-9d26-4267df7f17dd} - c:\windows\system32\dvmurl.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RewardsArcade: {597a9974-8cb0-4f41-b61f-ed065738a397} - c:\program files\rewardsarcade\RewardsArcade.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [TBPanel] c:\program files\vtune\TBPanel.exe /A
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\ethylis liew\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [GEST]
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1307185602140
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E1AC9563-A1E3-45B8-A5CE-5C19E34EC6AC} - hxxp://www.arirang.co.kr/AlwaysTop.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{9F4BCEBA-32BB-451E-A46A-1708AFE55613} : DhcpNameServer = 192.168.1.254
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-4 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-6-4 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-6-4 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-6-4 44768]
R2 GEST Service;GEST Service for program management.;c:\program files\gigabyte\energysaver\GSvr.exe [2011-6-4 80392]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2011-3-15 428384]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-5-25 2152152]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-5-25 15232]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [2011-6-18 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [2011-6-18 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [2011-6-18 123648]
S3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\drivers\ssceserd.sys [2011-6-18 100352]
.
=============== Created Last 30 ================
.
2011-11-27 09:20:57 -------- d-----w- c:\documents and settings\ethylis liew\application data\Malwarebytes
2011-11-27 09:20:46 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-11-27 09:20:43 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-27 09:20:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-21 11:42:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-11-21 11:42:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-11-21 11:42:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-11-21 11:42:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-11-21 11:42:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-11-21 11:42:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-11-21 11:42:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-11-21 11:40:09 -------- d-----w- c:\program files\iPod
.
==================== Find3M ====================
.
2011-12-10 00:15:27 16608 ----a-w- c:\windows\gdrv.sys
2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-21 11:02:03 414368 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 06:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 06:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-02 21:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-02 18:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 03:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 03:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 03:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-16 03:55:10 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-09-16 03:54:48 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-09-16 03:54:48 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-09-16 03:54:48 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-09-16 03:54:40 821824 ----a-w- c:\windows\system32\dgderapi.dll
2011-09-16 03:54:40 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2011-09-16 03:54:40 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
.
============= FINISH: 8:22:21.79 ===============

*managed to remove Ad-Aware through control panel. :)

Hello and welcome to Safer Networking.

I am currently assessing your situation and will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this, click Thread Tools, then click Subscribe to this Thread. Under the Notification Type: title, make sure it is set to Instant notification by email, then click Add Subscription.

Please be patient with me during this time.

Meanwhile, please make a reply to this topic to acknowledge that you have read this and is still with me to tackle the problem until the end. If I do not get any response within 3 days, this topic will be closed.

Noted & thank you.

by the way, have deleted all the zzz folders manually. The issue of hanging and reboot and unable to start up still persist.

Hello darkduskie :),

Welcome to Safer Networking. I am Jack&Jill, and I will be helping you out.

Before we go further, there are a few things that I would like to make clear so that we are share the same understanding.

Please observe and follow these Forum Rules (http://forums.spybot.info/showthread.php?t=288).
Any advice is for your computer only and is taken at your own risk. Fixes sometimes will cause unexpected results, but I will do my best to assist you.
Please read the instructions carefully and follow them closely, in the order they are presented to you.
If you have any doubts or problems during the fix, please stop and ask.
All the tools that I will ask you to download and use are safe. Please allow if prompted by any of your security softwares.
Do not use or run any malware cleaning tools without supervision as they may cause more harm if improperly used.
Refrain from installing any new programs except those that I request during the fix to prevent interference to my diagnosis of the problem.
Lack of malware symptoms does not mean your computer is clean. Stick to this topic until I give the All Clear.
If you do not reply within 3 days, this topic will be closed.
If you are agreeable to the above, then everything should go smoothly :) . We may begin.

--------------------

Please download MiniToolBox© by farbar and save it to your desktop. Click here. (http://download.bleepingcomputer.com/farbar/MiniToolBox.exe)

Double click on MiniToolBox.exe to run it.
Please check (tick) the following options:
List last 10 Event Viewer Errors
List Users, Partitions and Memory size.
List Minidump Files
Click on the GO button. A log will open.
Please post the contents of this log. It can also be found on the desktop as Result.txt.

--------------------

Repair your hard disk with Chkdsk

Go to Start > Run.... Copy and paste the following text into the white box:

cmd /c chkdsk c: /f
Click OK. You will be prompted to schedule the scan on the next reboot, type Y and press Enter.
The command prompt window will close quickly.
Reboot your computer and Chkdsk will perform the repair tasks accordingly.
If you need help, please take a look at this Chkdsk tutorial (http://forums.whatthetech.com/How_run_CHKDSK_Windows_XP_t102348.html).

--------------------

Please download aswMBR and save it to your desktop. Click here. (http://public.avast.com/~gmerek/aswMBR.exe)

Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
If you need help to disable your protection programs see here (http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/490111-how-disable-your-security-applications.html) and here (http://www.bleepingcomputer.com/forums/topic114351.html).
Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.
When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.
Please post the contents of the log in your next reply.

--------------------

Please post back:
1. MiniToolBox result
2. chkdsk result
3. aswMBR log

What results should be posted for chkdsk ?

The other two logs are below:
====================

MiniToolBox by Farbar
Ran by Ethylis Liew (administrator) on 10-01-2012 at 20:33:36
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/01/2012 08:13:51 PM) (Source: Application Error) (User: )
Description: Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]

Error: (01/01/2012 06:29:36 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (01/01/2012 06:29:32 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/31/2011 08:31:07 PM) (Source: Application Error) (User: )
Description: Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]

Error: (12/29/2011 11:12:47 PM) (Source: Application Error) (User: )
Description: Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]

Error: (12/29/2011 11:06:49 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/28/2011 03:55:06 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/15/2011 09:32:03 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/30/2011 08:14:52 PM) (Source: Application Error) (User: )
Description: Faulting application acrord32.exe, version 10.1.1.33, faulting module acrord32.dll, version 10.1.1.33, fault address 0x0020ea91.
Processing media-specific event for [acrord32.exe!ws!]

Error: (11/27/2011 07:25:14 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.51.0.1118, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (01/10/2012 07:44:25 PM) (Source: Service Control Manager) (User: )
Description: The Cardex service failed to start due to the following error:
%%183

Error: (01/10/2012 07:44:19 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (01/08/2012 06:37:56 PM) (Source: Service Control Manager) (User: )
Description: The Cardex service failed to start due to the following error:
%%183

Error: (01/08/2012 06:37:53 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (01/07/2012 06:41:42 PM) (Source: Service Control Manager) (User: )
Description: The Cardex service failed to start due to the following error:
%%183

Error: (01/07/2012 06:41:39 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (01/07/2012 01:21:05 PM) (Source: Service Control Manager) (User: )
Description: The Cardex service failed to start due to the following error:
%%183

Error: (01/07/2012 07:46:25 AM) (Source: Service Control Manager) (User: )
Description: The Cardex service failed to start due to the following error:
%%183

Error: (01/07/2012 07:46:19 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (01/02/2012 01:36:19 PM) (Source: Service Control Manager) (User: )
Description: The Cardex service failed to start due to the following error:
%%183


Microsoft Office Sessions:
=========================

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 3326.42 MB
Available physical RAM: 2635.82 MB
Total Pagefile: 5210.71 MB
Available Pagefile: 4699.4 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.73 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:97.65 GB) (Free:81.77 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:368.1 GB) (Free:367.11 GB) NTFS
4 Drive f: (Marxie) (Fixed) (Total:298.09 GB) (Free:33.98 GB) NTFS

========================= Users: ========================================

User accounts for \\ETHYLIS-T2IL48H

Administrator Ethylis Liew Guest
HelpAssistant SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****
==========================

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-10 20:58:25
-----------------------------
20:58:25.265 OS Version: Windows 5.1.2600 Service Pack 3
20:58:25.265 Number of processors: 4 586 0x1707
20:58:25.265 ComputerName: ETHYLIS-T2IL48H UserName: Ethylis Liew
20:58:25.625 Initialize success
20:58:25.718 AVAST engine defs: 12011000
20:58:44.312 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-10
20:58:44.312 Disk 0 Vendor: WDC_WD5002AALX-00J37A0 15.01H15 Size: 476938MB BusType: 3
20:58:44.328 Disk 0 MBR read successfully
20:58:44.328 Disk 0 MBR scan
20:58:44.328 Disk 0 Windows XP default MBR code
20:58:44.343 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 99998 MB offset 63
20:58:44.359 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 376939 MB offset 204796620
20:58:44.359 Disk 0 scanning sectors +976768065
20:58:44.421 Disk 0 scanning C:\WINDOWS\system32\drivers
20:58:48.171 Service scanning
20:58:48.937 Modules scanning
20:58:51.265 Disk 0 trace - called modules:
20:58:51.281 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
20:58:51.281 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8af0d9c0]
20:58:51.296 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\00000066[0x8af129e8]
20:58:51.296 5 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-10[0x8aef1940]
20:58:51.515 AVAST engine scan C:\WINDOWS
20:58:54.984 AVAST engine scan C:\WINDOWS\system32
20:59:46.453 AVAST engine scan C:\WINDOWS\system32\drivers
20:59:53.484 AVAST engine scan C:\Documents and Settings\Ethylis Liew
21:00:12.828 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Ethylis Liew\Desktop\zzz folders\2012 January 10\MBR.dat"
21:00:12.843 The log file has been saved successfully to "C:\Documents and Settings\Ethylis Liew\Desktop\zzz folders\2012 January 10\aswMBR (Jan 10).txt"

============================

Hello darkduskie :),

Please uninstall this:
RewardsArcade

--------------------

Lets configure the computer to show a BSOD whenever there is any failure.

Reboot your computer and tap on the F8 key repeatedly during startup. A menu will appear.

Select Disable automatic restart on system failure by using the arrow keys and Enter.

http://farm3.static.flickr.com/2606/3991862673_6067380837.jpg


Please provide the error message information as shown in the picture:

http://farm3.static.flickr.com/2591/3981961429_ac95cb27b5.jpg

The stop error will be always be displayed, but the other information may or may not be available. Just provide whatever is available.

--------------------

My apologies for not making it clear. I was asking for an indication of how did the chkdsk scan go. There is no log, so let do another step that could provide one.

Check your hard disk for error

Go to Start > Run.... Copy and paste the following text into the white box:

cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
Click OK. A command prompt window will appear for a while. Please wait until it closes.
Post the contents of checkhd.txt. It is found on your desktop.

--------------------

When did the problems start? Could you remember any date?

Check for device/driver conflict

To access the Device Manager, go to Start > Run.... Copy and paste the following text into the white box:

devmgmt.msc
Click OK. The Device Manager dialog will open.
Look through the list of devices and see if there is any symbol that indicates a problem according to this Microsoft article; Troubleshooting Device Conflicts with Device Manager (http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q310126&ID=KB;EN-US;Q310126).
If you spot any, please note down all the information. You may need to right click on the item and select Properties.
Please include any findings in your reply.

--------------------

Please post back:
1. if BSOD occur, information about it
2. chkdsk result
3. the answers to my questions
4. Device Manager check result

hihi ~

RewardsArcade uninstalled.
No driver/device conflict.

The problem has been around for more than a year. It is more prominent when the pc is not switched on for few days or more; will only boot up after several attempts to switch it on.

Will disable auto restart and post the error details in the next encounter.

chkdsk:
==========

The type of the file system is NTFS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
CHKDSK is verifying indexes (stage 2 of 3)...
Deleting index entry PREFER~1 in index $I30 of file 44847.

Errors found. CHKDSK cannot continue in read-only mode.
==========

Hello darkduskie :),

You should always keep your Java updated to the latest version too.

To set for automatic updates of Java, Go to Start > Control Panel.
Double click on the Java icon to open the Java Control Panel.
Click on the Update tab.
Make sure the option Check for Updates Automatically is ticked.
You can also update Java manually via the Update Now button, then continue accordingly.
Click on OK when you are done.

--------------------

Repair with Chkdsk

Go to Start > Run.... Copy and paste the following text into the white box:

cmd /c chkdsk c: /f
Click OK. You will be prompted to schedule the scan on the next reboot, type Y and press Enter.
The command prompt window will close quickly.
Reboot your computer and Chkdsk will perform the repair tasks accordingly.

You may need to do chkdsk more than one time to resolve all the errors found.

--------------------

Based on your explanation and all the logs so far, it appears that your problem is not malware related.

My suggestion for your next step is to ask for tech help over at one of these sites:
http://forums.whatthetech.com/index.php?
http://www.geekstogo.com/forum/
http://www.bleepingcomputer.com/forums/

Thank you for your advice so far.

My Java is on automatic update. Has also done the chkdsk & will run it a few more times as advised.

Thank you for the recommended sites too.

You are most welcome darkduskie :).

As we reach a point where we could not proceed further and you need to seek help from alternative sources, this topic is now closed.

We are glad to be of help up to this point. If you are satisfied with our assistance and wish to donate to help with the costs of this volunteer site, please read :
Your donation helps in improving Spybot-S&D! (http://www.safer-networking.org/en/donate/index.html)