Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Vista wont boot beyond log in screen


  • This topic is locked This topic is locked

#1
junew

junew

    New Member

  • Member
  • Pip
  • 9 posts
Hi

My son had left my pc on overnight, and he was using an "autobot" for the game runescape.

When i went to it in the morning, the screen was blank.

I switched off at the power point, and then rebooted after about 5mins.

The monitor was looking like some pixels were missing, and it took ages to get to the login screen. When i did get there, as soon as i logged in the pc restarted itself.
It will start in safe mode.
I ran the installation disc, and used repair computer, the first time it told me there were no problems, and i tried to boot, but again the same problem. I then did the repair again, and it said it was reparing problems. This took quite a while. Again i tried to reboot, but no luck. I ran a avg rescue disk, and it found no viruses, but again the pc wouldnt boot.
I have tried system restore, and restored to about a month ago, no luck, it still wont boot.

I have managed to get into safe mode with networking, and have uploaded my files to a web based file storage thingy.

Any ideas on what i can do would be great. Im considering reformating the hard drive, as there is a lot of crap on the pc, and although i would love to delete, am not sure what is important to keep with a lot of it. Is that a wise thing to do, and if so how do I reformat the drive, just run the installation disc again?

I am started to run a chkdsk, and it was going fine, in stage 2 it showed a lot of "incorrects)". Then it just stopped.

Any help would be great.

Thanks

June
  • 0

Advertisements


#2
junew

junew

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Hey all

I havent had a reply to this one, so those viewing please help. Things are worse!!!!

i finally used the install disk to reformat and reinstall. It did it and saved the current settings as "windows old"
Everything went well, it rebooted while i had the disc in it after installing. I then removed the disk, and after it updated, rebooted to install windows updates.
Now it will only boot in safe mode again! What the... is up with that??!!?!!

Can a virus get so far into the hard drive that it can prevent itself gettng wiped????
Anyway, im now downloading some malware programs, to see if i can find anything. The pc wouldnt load avg, so hopefully i can do get something to download.


PLEASE HELP!!!!!
!
  • 0

#3
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Hi junew,

My name is Salagubang and welcome to Geekstogo. If you still need assistance, I'll be glad helping you with your problem.

I am still a trainee so all my posts will be checked by an Expert. It's your advantage that there are two people looking at your log but responses may be a little delayed so please be patient.

  • Please read all of my response through at least once before attempting to follow the procedures described. I would recommend printing them out, if you can, as you can check off each step as you complete it. If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you
  • English is not my first language, so please do not use slang or idioms, as this makes it difficult to understand for me.

Firstly...

Restart your computer with Automatic Restart on System Failure disabled
  • You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
    Use your up arrow key to highlight "Disable Automatic Restart on System Failure" then hit enter
    .

  • If windows failed to boot, windows will not restart and will show a blue screen indicating the source of the error as shown in the example below

    Posted Image
  • Copy the technical information (as shown in the above example enclosed in red boxes) and post it on your next response.

Next

Perform this scan on safe mode.

Posted ImageOTL
Download OTL to your Desktop
  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:

    netsvcs
    drivers32
    /md5start
    winlogon.exe
    userinit.exe
    explorer.exe
    svchost.exe
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    /md5stop
    c:\windows\system32\*.dll /lockedfiles
    c:\windows\system32\drivers\*.sys /lockedfiles
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and paste them into your reply.


Are you using the built-in video card or is it a discreet videocard (addon)?
  • 0

#4
junew

junew

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
HI and thanks for your reply.

I had given up and ran killdisk, which did what it was supposed to do. I then reloaded vista. All seemed fine, and then it started doing the same thing. Not loading in normal mode, and then rebooting. I think i have a built in video card, I havent added anything to the pc. The only things i have loaded are avast, antispyware, microsoft office (from my disks), and set up my email.(in wondering if there could be something in the email as I did download some mail from server,and getting some email that no matter how many times i send it to the junk folder, it keeps getting back in my inbox).

Anyway, when the pc reboots, it doesnt give me an error screen, even though i have disable automatic reboot. I have run the file you asked me to run, and here it is.

OTL logfile created on: 12/11/2010 10:29:57 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\june\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 77.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 372.61 Gb Total Space | 350.60 Gb Free Space | 94.09% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: june | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/11 22:29:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\june\Desktop\OTL.exe
PRC - [2006/11/02 20:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010/12/11 22:29:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\june\Desktop\OTL.exe
MOD - [2006/11/02 20:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/09/08 01:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/08 01:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/08 01:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2006/11/02 23:34:32 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbstor.sys -- (USBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/09/08 00:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/08 00:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/08 00:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/08 00:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/08 00:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/07/10 05:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/11 05:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/18 05:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2006/11/02 20:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 20:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 20:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 20:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 20:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 20:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 20:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 20:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 20:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 20:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 20:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 20:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 20:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 20:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 20:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 20:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 20:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 20:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 20:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 20:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 20:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 20:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 20:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 20:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 20:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 20:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 20:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 20:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 20:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 20:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 20:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 20:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 20:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 20:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 20:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 19:57:06 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2006/11/02 19:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 19:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 19:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 19:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 19:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 19:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 18:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 18:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2006/11/02 18:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/19 08:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img35.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img35.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 08:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2010/12/12 02:11:42 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/12/12 02:10:39 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010/12/12 02:08:45 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/12/12 02:06:50 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/12/12 01:46:06 | 000,000,000 | ---D | C] -- C:\Windows.old
[2010/12/11 22:29:04 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\june\Desktop\OTL.exe
[2010/12/11 20:27:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/12/11 20:25:46 | 000,000,000 | -HSD | C] -- C:\Boot
[2010/12/11 10:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/12/11 10:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/12/11 10:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/12/11 10:58:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/12/11 10:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/12/11 10:53:32 | 000,000,000 | ---D | C] -- C:\Users\june\AppData\Local\Microsoft Help
[2010/12/11 10:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/12/11 10:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/12/11 10:51:25 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/12/11 05:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/12/11 02:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/12/11 02:49:16 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/12/11 02:39:37 | 000,000,000 | ---D | C] -- C:\Users\june\AppData\Local\Google
[2010/12/11 02:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/12/11 02:39:36 | 000,165,584 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/12/11 02:39:36 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/12/11 02:39:35 | 000,046,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/12/11 02:39:35 | 000,023,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/12/11 02:39:33 | 000,050,768 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/12/11 02:39:13 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/12/11 02:39:09 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/12/11 02:39:08 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/12/11 02:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/12/11 02:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/12/11 02:32:10 | 000,000,000 | ---D | C] -- C:\Users\june\AppData\Roaming\SUPERAntiSpyware.com
[2010/12/11 02:32:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/12/11 02:32:05 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/12/11 02:20:49 | 000,000,000 | R--D | C] -- C:\Users\june\Searches
[2010/12/11 02:20:41 | 000,000,000 | ---D | C] -- C:\Users\june\AppData\Roaming\Identities
[2010/12/11 02:20:39 | 000,000,000 | R--D | C] -- C:\Users\june\Contacts
[2010/12/11 02:20:38 | 000,000,000 | ---D | C] -- C:\Users\june\AppData\Local\VirtualStore
[2010/12/11 02:20:33 | 000,000,000 | --SD | C] -- C:\Users\june\AppData\Roaming\Microsoft
[2010/12/11 02:20:33 | 000,000,000 | R--D | C] -- C:\Users\june\Videos
[2010/12/11 02:20:33 | 000,000,000 | R--D | C] -- C:\Users\june\Saved Games
[2010/12/11 02:20:33 | 000,000,000 | R--D | C] -- C:\Users\june\Pictures
[2010/12/11 02:20:33 | 000,000,000 | R--D | C] -- C:\Users\june\Music
[2010/12/11 02:20:33 | 000,000,000 | R--D | C] -- C:\Users\june\Links
[2010/12/11 02:20:33 | 000,000,000 | R--D | C] -- C:\Users\june\Favorites
[2010/12/11 02:20:33 | 000,000,000 | R--D | C] -- C:\Users\june\Downloads
[2010/12/11 02:20:33 | 000,000,000 | R--D | C] -- C:\Users\june\Documents
[2010/12/11 02:20:33 | 000,000,000 | R--D | C] -- C:\Users\june\Desktop
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\AppData\Local\Temporary Internet Files
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\Templates
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\Start Menu
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\SendTo
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\Recent
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\PrintHood
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\NetHood
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\Documents\My Videos
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\Documents\My Pictures
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\Documents\My Music
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\My Documents
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\Local Settings
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\AppData\Local\History
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\Cookies
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\Application Data
[2010/12/11 02:20:33 | 000,000,000 | -HSD | C] -- C:\Users\june\AppData\Local\Application Data
[2010/12/11 02:20:33 | 000,000,000 | -H-D | C] -- C:\Users\june\AppData
[2010/12/11 02:20:33 | 000,000,000 | ---D | C] -- C:\Users\june\AppData\Local\Temp
[2010/12/11 02:20:33 | 000,000,000 | ---D | C] -- C:\Users\june\AppData\Local\Microsoft
[2010/12/11 02:20:33 | 000,000,000 | ---D | C] -- C:\Users\june\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2010/12/12 02:12:20 | 000,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/12/12 02:06:37 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/12/11 22:29:10 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\june\Desktop\OTL.exe
[2010/12/11 22:19:18 | 000,617,662 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/11 22:19:18 | 000,103,440 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/11 22:14:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/11 22:14:52 | 000,370,960 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/11 11:19:09 | 000,000,938 | ---- | M] () -- C:\Users\june\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2010/12/11 11:16:57 | 000,037,581 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/12/11 11:16:56 | 000,037,581 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/12/11 10:44:03 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/11 10:43:24 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/11 10:39:03 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/11 10:39:02 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/11 10:27:10 | 000,001,356 | ---- | M] () -- C:\Users\june\AppData\Local\d3d9caps.dat
[2010/12/11 02:44:26 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/12/11 02:44:26 | 000,001,955 | ---- | M] () -- C:\Users\june\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/11 02:39:37 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/12/11 02:39:33 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/12/11 02:32:07 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/11 02:21:13 | 000,000,943 | ---- | M] () -- C:\Users\june\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2010/12/11 20:25:47 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010/12/11 20:25:46 | 000,438,840 | RHS- | C] () -- C:\bootmgr
[2010/12/11 11:19:09 | 000,000,938 | ---- | C] () -- C:\Users\june\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2010/12/11 05:44:13 | 000,037,581 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/12/11 05:44:12 | 000,037,581 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/12/11 02:44:26 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/12/11 02:44:26 | 000,001,955 | ---- | C] () -- C:\Users\june\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/11 02:39:49 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/11 02:39:48 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/11 02:39:37 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/12/11 02:32:07 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/12/11 02:21:13 | 000,000,943 | ---- | C] () -- C:\Users\june\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/11 02:20:35 | 000,001,356 | ---- | C] () -- C:\Users\june\AppData\Local\d3d9caps.dat
[2010/12/11 02:20:33 | 000,000,258 | ---- | C] () -- C:\Users\june\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/12/11 02:20:33 | 000,000,240 | ---- | C] () -- C:\Users\june\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2006/11/02 23:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 18:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010/12/11 11:26:00 | 000,002,118 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: AGP440.SYS >
[2006/11/02 20:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows.old\Windows\System32\drivers\AGP440.sys
[2006/11/02 20:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[2006/11/02 20:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 20:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2006/11/02 20:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows.old\Windows\System32\drivers\atapi.sys
[2006/11/02 20:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2006/11/02 20:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\drivers\atapi.sys
[2006/11/02 20:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/01/19 16:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\SoftwareDistribution\Download\c0a17eb89d8e2d806cdee4a2d05890b4\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/01/19 15:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\SoftwareDistribution\Download\c0a17eb89d8e2d806cdee4a2d05890b4\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 20:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\System32\cngaudit.dll
[2006/11/02 20:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
[2006/11/02 20:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 20:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EXPLORER.EXE >
[2008/10/29 17:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 17:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 14:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007/08/27 14:10:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\SoftwareDistribution\Download\f411dcb0df2de951a1b7d68be5b8fec7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007/08/27 13:01:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\SoftwareDistribution\Download\f411dcb0df2de951a1b7d68be5b8fec7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008/10/28 13:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\SoftwareDistribution\Download\7061d8bdfc6a60f6588941d7a2c304c7\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 20:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows.old\Windows\explorer.exe
[2006/11/02 20:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2006/11/02 20:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\explorer.exe
[2006/11/02 20:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe

< MD5 for: IASTORV.SYS >
[2006/11/02 20:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows.old\Windows\System32\drivers\iaStorV.sys
[2006/11/02 20:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
[2006/11/02 20:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 20:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 20:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows.old\Windows\System32\netlogon.dll
[2006/11/02 20:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2006/11/02 20:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 20:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 20:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows.old\Windows\System32\drivers\nvstor.sys
[2006/11/02 20:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2006/11/02 20:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 20:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

< MD5 for: SCECLI.DLL >
[2006/11/02 20:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows.old\Windows\System32\scecli.dll
[2006/11/02 20:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2006/11/02 20:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 20:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< MD5 for: SVCHOST.EXE >
[2006/11/02 20:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows.old\Windows\System32\svchost.exe
[2006/11/02 20:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2006/11/02 20:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\System32\svchost.exe
[2006/11/02 20:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe

< MD5 for: USERINIT.EXE >
[2006/11/02 20:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows.old\Windows\System32\userinit.exe
[2006/11/02 20:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006/11/02 20:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006/11/02 20:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006/11/02 20:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows.old\Windows\System32\winlogon.exe
[2006/11/02 20:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2006/11/02 20:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006/11/02 20:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

< c:\windows\system32\*.dll /lockedfiles >
[2006/11/02 20:46:04 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2006/11/02 20:46:04 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2006/11/02 20:46:05 | 000,192,512 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll

< c:\windows\system32\drivers\*.sys /lockedfiles >

< %systemroot%\*. /mp /s >

< End of report >
________________________________________________________________

OTL Extras logfile created on: 12/11/2010 10:29:57 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\june\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 77.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 372.61 Gb Total Space | 350.60 Gb Free Space | 94.09% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: june | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{41F5A890-1DA2-4257-BFC3-28CDE1D111E4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"avast5" = avast! Free Antivirus
"Google Chrome" = Google Chrome
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PROR" = Microsoft Office Professional 2007

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/11/2010 7:36:21 AM | Computer Name = home-pc | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 12/11/2010 7:36:41 AM | Computer Name = home-pc | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 12/11/2010 7:36:41 AM | Computer Name = home-pc | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 12/11/2010 7:36:41 AM | Computer Name = home-pc | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 12/11/2010 7:36:41 AM | Computer Name = home-pc | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 12/11/2010 7:36:41 AM | Computer Name = home-pc | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 12/11/2010 7:36:41 AM | Computer Name = home-pc | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 12/11/2010 7:36:41 AM | Computer Name = home-pc | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 12/11/2010 7:36:41 AM | Computer Name = home-pc | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 12/11/2010 7:36:42 AM | Computer Name = home-pc | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

[ System Events ]
Error - 12/10/2010 8:13:58 PM | Computer Name = home-pc | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 12/10/2010 8:13:58 PM | Computer Name = home-pc | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 12/10/2010 8:13:58 PM | Computer Name = home-pc | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 12/10/2010 8:13:58 PM | Computer Name = home-pc | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 12/11/2010 7:15:20 AM | Computer Name = home-pc | Source = DCOM | ID = 10005
Description =

Error - 12/11/2010 7:15:26 AM | Computer Name = home-pc | Source = DCOM | ID = 10005
Description =

Error - 12/11/2010 7:15:27 AM | Computer Name = home-pc | Source = DCOM | ID = 10005
Description =

Error - 12/11/2010 7:15:29 AM | Computer Name = home-pc | Source = DCOM | ID = 10005
Description =

Error - 12/11/2010 7:16:02 AM | Computer Name = home-pc | Source = Service Control Manager | ID = 7001
Description =

Error - 12/11/2010 7:16:02 AM | Computer Name = home-pc | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0

#5
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Hi junew,

I had given up and ran killdisk, which did what it was supposed to do. I then reloaded vista.


Did you reinstall Vista twice cause I am still seeing the windows.old folder in the logs. :D


Step One

Download Speedfan (The download link is to the right), and install it. Once it's installed, run the program and post here the information it shows.
The information I want you to post is the stuff that is circled in the example picture I have attached.
To make sure we are getting all the correct information it would help us if you were to attach a screenshot like the one below of your Speedfan results.

To do a screenshot please have click on your Print Screen on your keyboard.
  • It is normally the key above your number pad between the F12 key and the Scroll Lock key
  • Now go to Start and then to All Programs
  • Scroll to Accessories and then click on Paint
  • In the Empty White Area click and hold the CTRL key and then click the V
  • Go to the File option at the top and click on Save as
  • Save as file type JPEG and save it to your Desktop
  • Attach it to your next reply

Posted Image


Step Two

Download BlueScreenView (in Zip file) No installation required. Unzip downloaded file and double click on BlueScreenView.exe file to run the program. When scanning is done, go Edit>Select All. Go File>Save Selected Items, and save the report as BSOD.txt. Open BSOD.txt in Notepad, copy all content, and paste it into your next reply .


Step Three

Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.
  • Save it to your desktop.
  • Reboot your computer into SafeMode.

    You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
    Use your up arrow key to highlight SafeMode then hit enter
    .

  • Double click the setup file to run it.
  • Click Next to continue.
  • Accept the Licence agreement and click on next
  • It will by default install it to your desktop folder.Click Next.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • Hidden Startup Objects
  • System Memory
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)


Leave the rest of the settings as they appear as default.

  • Then click on Scan at the to right hand Corner.
  • It will automatically Neutralize any objects found.
  • If some objects are left un-neutralized then click the button that says Neutralize all
  • If it says it cannot be Neutralized then chooose The delete option when prompted.
  • After that is done click on the reports button at the bottom and save it to file name it Kas.
  • Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

    Note: This tool will self uninstall when you close it so please save the log before closing it.


  • 0

#6
junew

junew

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Hi

Windows would be in there twice because when i started reinstalling, i disabled all but boot from dvd in the bios. Then when windows installed, I hadnt changed the settings and I thought it didnt load. I went in and changed the settings and then did it again as it booted from the dvd. (hope that makes sense)

I have done everything you asked, I have attached the speed fan report. I ran the blue screen, but it stayed blank. I ran the kaspersky, and could not see anywhere where it said "detected" I did exactly what you said.

Hope these are as you want them, and again thanks for your help.

speedfan.jpg
  • 0

#7
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Hi junew,

That’s all you need to do. The problem doesn't seem to be malware related.

I now suggest you head to the Vista and Windows 7 forum and post a new topic– they will be able to provide better advice than I can . Provide a link to this topic for reference. In the meantime, here are my suggestions for staying safe and clean – I know you already have some, but there are a few that you don’t have – and should! Also take the time to read some of the articles on PC safety and security.

Below are links to several programs that will help protect your computer.

Anti-Spyware
I recommend downloading and installing all of the following applications.
  • SpywareBlaster keeps spyware from installing on your system - read the tutorial here
  • SpywareGuard protects your browser and computer in real time - read the tutorial here
  • SUPERAntiSpyware Free Edition detects and removes spyware, adware, malware, trojans, rogue software, worms, rootkits, parasites and other potentially harmful software applications - read the tutorial here

++++++++++++++++++++++++++++++++++++

Other things to keep in mind.

Windows, Java, and Adobe products should all be kept up-to-date on a regular basis so the latest security fixes are in place on your computer. Please refer to the following links on how to manage these products.

Here are a few other applications you might consider. Keeping your temporary file area clean, your Windows registry backed up, and backing up your important data are all good techniques.

Please remember that just having these programs is not enough. You must use them. Running a full spyware scan weekly, a full virus scan monthly, and checking for updates and cleaning your temporary files periodically is very important in keeping your computer in tip-top shape.

Finally, please take the time to read the following articles. Applying this information will help prevent future infections:

How to prevent malware by miekiemoes
Preventing Malware and Safe Computing by Rorschach112

This article will help you understand how you may have gotten infected:
How did I get infected in the first place?

Remember, you have to be smarter than the bad guys! Be safe out there! Posted Image
  • 0

#8
junew

junew

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Thank you so much for your reply. I will go to the forum you suggested. I am wondering whether i should have waited a while after doing the killdisk to reinstall windows. To let the pc "forget" so to speak.

Anyway, I cant thank you enough for your help, and I will download the anti spy and virus software.

All the best

June

"when life hands you a jeffrey....stroke the furry wall"
  • 0

#9
Salagubang

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,890 posts
Your welcome. :D
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :D

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP