Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows 7 won't boot

Started by bluegang6 , Mar 11 2011 06:34 PM

  • This topic is locked This topic is locked

#16
michaelg9
Posted 20 March 2011 - 01:52 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey,

OK, you still have the same problem when trying to start Windows in normal mode?

Also, can you please answer me this question?

I'd appreciate any more information you can give me in order to direct the solution somewhere, like when that happened, what were you doing at that time, if any errors appeared...


  • 0

Advertisements

#17
bluegang6
Posted 20 March 2011 - 08:56 AM

bluegang6

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 222 posts
Yup, same problem :S

I wasn't doing anything :S It was off, and when I turned it on, it wouldn't work.

It has appropriate virus, spyware, and rootkit protection.

No errors appeared before I put i shut it down, and then I got into this reboot-loop type problem

:S

*update*

I just asked my sister, and she said that while she was researching for her essay (about a week before the problem happened), she accessed a website, which popped this avast notification up:
Posted Image

Of course, this image is SIMILAR to the one that she encountered, but is not the same error message with the same trojan horse found :D

Edited by bluegang6, 20 March 2011 - 09:06 AM.

  • 0

#18
michaelg9
Posted 20 March 2011 - 01:25 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey,

Ok let's check for nasties:

IMPORTANT:
You will need a flash drive with a size of 512 Mb or bigger. Make sure that you do not leave anything important on the flash drive, as all data on it will be deleted during the following steps.

    • Download OTLPEStd.exe from one of the following links and save it to your Desktop: mirror1 or mirror2
    • Download eeepcfr.zip from the following link and save it to your Desktop: the mirror
    • Finally, if you do not have a file archiver like 7-zip or Winrar installed, please download 7-zip from the following link and install it: the mirror
  • Once you have 7-zip install, decompress OTLPEStd.exe by rightclicking on the folder and choosing the options shown in the picture below. Please use a dedicated folder, for example OTLPE, on your Desktop

    Posted Image

  • Open the folder OTLPEStd which will be created in the same location as OTLPEStd.exe and right-click OTLPE_New_Std.iso. Select 7-Zip and from the submenu select Extract files... and extract the content onto your Desktop in a OTLPE folder:

    Posted Image

  • Please also decompress eeepcfr to your systemroot (usually C:\).
  • Empty the flash drive you want to install OTLPE on.
  • Go to C:\eeecpfr and double-click usb_prep8.cmd to launch it.
  • Press any key when asked to in the black window that opens.
  • As indicated in the image, make sure you have selected the correct flash drive, before proceeding.
    For Drive Label: type in OTLPE.
    Under Source Path to built BartPE/WinPE Files click ... and select the folder OTLPE that you created on your Desktop.
    Finally check Enable File Copy.

    Posted Image


  • Click on Start, accept the disclaimers and wait for the program to finish.
Your bootable flash drive should now be ready!


  • Reboot your system using the boot USB you just created.
    Note : If you do not know how to set your computer to boot from USB follow the steps here
  • As the USB needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :D

  • Your system should now display a Reatogo desktop.
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Download the following file scan.txt to your Desktop. Click here to download it. You may need to right click on it and select "Save". Drag it in Custom scans and fixes box
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#19
bluegang6
Posted 20 March 2011 - 01:27 PM

bluegang6

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 222 posts
Does this require access to Windows? As I can't access windows on the non-bootable windows (will not be able to retrieve any logs :S)
  • 0

#20
michaelg9
Posted 20 March 2011 - 01:29 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
No, it doesn't require access on windows. You should normally be able to perform it :D
  • 0

#21
bluegang6
Posted 20 March 2011 - 02:14 PM

bluegang6

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 222 posts
:S not allowing me to go past step 8:

Posted Image


It isn't recognizing my drive :S
  • 0

#22
michaelg9
Posted 20 March 2011 - 02:17 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey,

Please try to press the refresh button, or try another USB stick...
If that doesn't work, we can burn it on a CD, if you have one
  • 0

#23
bluegang6
Posted 20 March 2011 - 02:36 PM

bluegang6

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 222 posts
I'vee got a bunch of empty DVDs, let's try that.

Do I just drag the iso into the disk?
whoops, I have Nero, shall I use that*

Edited by bluegang6, 20 March 2011 - 02:37 PM.

  • 0

#24
bluegang6
Posted 20 March 2011 - 02:36 PM

bluegang6

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 222 posts
­

Edited by bluegang6, 20 March 2011 - 02:37 PM.

  • 0

#25
bluegang6
Posted 20 March 2011 - 03:29 PM

bluegang6

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 222 posts
Managed to create a boot disk, and looking @ my computer, I see a couple of drives :D

Recovery (C:) 14GB (8.43 GB free)
OS (F:) 218GB (146GB free)

Both contain a "windows" folder, and "users" and any generic folders you see in the root directory of a Windows installation.

Disk F has all the program files and all.

When I drag scan.txt into custom scans/fixes, I receive an error saying that it is not a valid fix file.

However, I copied the contents into the box, and it ran the scan.

Attached is the log.

Dangg, Just read online, "Windows Vista/7 doesn't use boot.ini."

So that's out of the question o.O


I also have just Tried some Bootsect commants (bootsect.exe /nt60 all /force) and others, with no luck (says successful, but not booting)

I also tried diskpart, and I got no luck there :S

I also tried:
Bcdboot C:\windows

BOOTREC /FIXMBR
BOOTREC /FIXBOOT
BOOTREC /REBUILDBCD (total identified windows installations: 0)
BOOTREC /SCANOS (total identified windows installations: 0)




OTL logfile created on: 3/19/2011 9:26:38 AM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows 7 Home Premium (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 14.65 Gb Total Space | 8.44 Gb Free Space | 57.61% Space Free | Partition Type: NTFS
Drive D: | 7.47 Gb Total Space | 7.47 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive F: | 218.20 Gb Total Space | 146.67 Gb Free Space | 67.22% Space Free | Partition Type: NTFS
Drive G: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (WwanSvc)
SRV - File not found [Auto] -- -- (wudfsvc)
SRV - File not found [Auto] -- -- (WSearch)
SRV - File not found [Auto] -- -- (wscsvc)
SRV - File not found [On_Demand] -- -- (WPDBusEnum)
SRV - File not found [On_Demand] -- -- (WPCSvc)
SRV - File not found [On_Demand] -- -- (WMPNetworkSvc)
SRV - File not found [Auto] -- -- (Wlansvc)
SRV - File not found [On_Demand] -- -- (WinRM)
SRV - File not found [Auto] -- -- (WinDefend)
SRV - File not found [On_Demand] -- -- (WerSvc)
SRV - File not found [On_Demand] -- -- (wercplsupport)
SRV - File not found [On_Demand] -- -- (Wecsvc)
SRV - File not found [On_Demand] -- -- (WebClient)
SRV - File not found [On_Demand] -- -- (WdiSystemHost)
SRV - File not found [On_Demand] -- -- (WdiServiceHost)
SRV - File not found [On_Demand] -- -- (wcncsvc)
SRV - File not found [On_Demand] -- -- (WbioSrvc)
SRV - File not found [On_Demand] -- -- (WatAdminSvc)
SRV - File not found [Auto] -- -- (UxTuneUp)
SRV - File not found [Auto] -- -- (UxSms)
SRV - File not found [Auto] -- -- (upnphost)
SRV - File not found [On_Demand] -- -- (UI0Detect)
SRV - File not found [Auto] -- -- (TuneUp.UtilitiesSvc)
SRV - File not found [On_Demand] -- -- (TuneUp.Defrag)
SRV - File not found [Auto] -- -- (TrkWks)
SRV - File not found [Auto] -- -- (ThreatFire)
SRV - File not found [On_Demand] -- -- (THREADORDER)
SRV - File not found [Auto] -- -- (Themes)
SRV - File not found [On_Demand] -- -- (TermService)
SRV - File not found [Auto] -- -- (TeamViewer5)
SRV - File not found [Auto] -- -- (TeamViewer4)
SRV - File not found [On_Demand] -- -- (TapiSrv)
SRV - File not found [On_Demand] -- -- (TabletInputService)
SRV - File not found [Auto] -- -- (SysMain)
SRV - File not found [On_Demand] -- -- (stllssvr)
SRV - File not found [Auto] -- -- (StiSvc)
SRV - File not found [Auto] -- -- (STacSV)
SRV - File not found [On_Demand] -- -- (SSDPSRV)
SRV - File not found [On_Demand] -- -- (sppuinotify)
SRV - File not found [Auto] -- -- (sppsvc)
SRV - File not found [Auto] -- -- (Spooler)
SRV - File not found [On_Demand] -- -- (SNMPTRAP)
SRV - File not found [Auto] -- -- (ShellHWDetection)
SRV - File not found [On_Demand] -- -- (SharedAccess)
SRV - File not found [Auto] -- -- (SftService)
SRV - File not found [On_Demand] -- -- (SessionEnv)
SRV - File not found [On_Demand] -- -- (SensrSvc)
SRV - File not found [Auto] -- -- (SENS)
SRV - File not found [On_Demand] -- -- (SDRSVC)
SRV - File not found [On_Demand] -- -- (SCPolicySvc)
SRV - File not found [Auto] -- -- (Schedule)
SRV - File not found [On_Demand] -- -- (SCardSvr)
SRV - File not found [On_Demand] -- -- (RpcLocator)
SRV - File not found [Auto] -- -- (RpcEptMapper)
SRV - File not found [On_Demand] -- -- (RemoteRegistry)
SRV - File not found [Disabled] -- -- (RemoteAccess)
SRV - File not found [Auto] -- -- (Power)
SRV - File not found [On_Demand] -- -- (PNRPsvc)
SRV - File not found [On_Demand] -- -- (PNRPAutoReg)
SRV - File not found [Auto] -- -- (Pml Driver HPZ12)
SRV - File not found [On_Demand] -- -- (pla)
SRV - File not found [On_Demand] -- -- (PcaSvc)
SRV - File not found [On_Demand] -- -- (p2psvc)
SRV - File not found [On_Demand] -- -- (p2pimsvc)
SRV - File not found [On_Demand] -- -- (ose)
SRV - File not found [On_Demand] -- -- (odserv)
SRV - File not found [Disabled] -- -- (NetTcpPortSharing)
SRV - File not found [On_Demand] -- -- (netprofm)
SRV - File not found [Auto] -- -- (Net Driver HPZ12)
SRV - File not found [On_Demand] -- -- (napagent)
SRV - File not found [On_Demand] -- -- (msiserver)
SRV - File not found [On_Demand] -- -- (MSiSCSI)
SRV - File not found [On_Demand] -- -- (MSDTC)
SRV - File not found [Auto] -- -- (MMCSS)
SRV - File not found [Disabled] -- -- (Mcx2Svc)
SRV - File not found [Auto] -- -- (McAfee SiteAdvisor Service)
SRV - File not found [On_Demand] -- -- (lltdsvc)
SRV - File not found [Auto] -- -- (LanmanServer)
SRV - File not found [On_Demand] -- -- (KtmRm)
SRV - File not found [On_Demand] -- -- (iPod Service)
SRV - File not found [Auto] -- -- (iphlpsvc)
SRV - File not found [On_Demand] -- -- (IPBusEnum)
SRV - File not found [On_Demand] -- -- (idsvc)
SRV - File not found [Auto] -- -- (IAANTMON) Intel®
SRV - File not found [Auto] -- -- (hpqddsvc)
SRV - File not found [On_Demand] -- -- (hpqcxs08)
SRV - File not found [On_Demand] -- -- (HomeGroupProvider)
SRV - File not found [On_Demand] -- -- (HomeGroupListener)
SRV - File not found [On_Demand] -- -- (hkmsvc)
SRV - File not found [Auto] -- -- (gupdate1ca4f9eb166eca0) Google Update Service (gupdate1ca4f9eb166eca0)
SRV - File not found [On_Demand] -- -- (GoToAssist)
SRV - File not found [On_Demand] -- -- (FontCache3.0.0.0)
SRV - File not found [Auto] -- -- (FontCache)
SRV - File not found [On_Demand] -- -- (FLEXnet Licensing Service)
SRV - File not found [Auto] -- -- (FDResPub)
SRV - File not found [On_Demand] -- -- (fdPHost)
SRV - File not found [On_Demand] -- -- (Fax)
SRV - File not found [Auto] -- -- (EventSystem)
SRV - File not found [On_Demand] -- -- (ehSched)
SRV - File not found [On_Demand] -- -- (ehRecvr)
SRV - File not found [On_Demand] -- -- (EapHost)
SRV - File not found [Auto] -- -- (DPS)
SRV - File not found [On_Demand] -- -- (dot3svc)
SRV - File not found [Auto] -- -- (DockLoginService)
SRV - File not found [Auto] -- -- (Dhcp)
SRV - File not found [On_Demand] -- -- (defragsvc)
SRV - File not found [Auto] -- -- (clr_optimization_v4.0.30319_32)
SRV - File not found [Disabled] -- -- (clr_optimization_v2.0.50727_32)
SRV - File not found [On_Demand] -- -- (CertPropSvc)
SRV - File not found [Auto] -- -- (btwdins)
SRV - File not found [On_Demand] -- -- (Browser)
SRV - File not found [Auto] -- -- (Bonjour Service)
SRV - File not found [On_Demand] -- -- (BDESVC)
SRV - File not found [On_Demand] -- -- (AxInstSV)
SRV - File not found [On_Demand] -- -- (avast! Web Scanner)
SRV - File not found [On_Demand] -- -- (avast! Mail Scanner)
SRV - File not found [Auto] -- -- (avast! Antivirus)
SRV - File not found [Auto] -- -- (Audiosrv)
SRV - File not found [Auto] -- -- (AudioEndpointBuilder)
SRV - File not found [Auto] -- -- (aswUpdSv)
SRV - File not found [Auto] -- -- (Apple Mobile Device)
SRV - File not found [On_Demand] -- -- (Appinfo)
SRV - File not found [On_Demand] -- -- (AppIDSvc)
SRV - File not found [On_Demand] -- -- (ALG)
SRV - File not found [Auto] -- -- (AESTFilters)
SRV - File not found [On_Demand] -- -- (AeLookupSvc)
SRV - [2009/07/13 21:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- F:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009/07/13 21:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- F:\Windows\System32\qwave.dll -- (QWAVE)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (yukonw7)
DRV - File not found [Kernel | On_Demand] -- -- (WUDFRd)
DRV - File not found [Kernel | On_Demand] -- -- (WudfPf)
DRV - File not found [Kernel | On_Demand] -- -- (WinUsb)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock)
DRV - File not found [File_System | On_Demand] -- -- (WIMMount)
DRV - File not found [File_System | On_Demand] -- -- (WimFltr)
DRV - File not found [Kernel | System] -- -- (WfpLwf)
DRV - File not found [Kernel | System] -- -- (vwififlt)
DRV - File not found [Kernel | On_Demand] -- -- (vwifibus)
DRV - File not found [Kernel | On_Demand] -- -- (vhdmp)
DRV - File not found [Kernel | On_Demand] -- -- (vga)
DRV - File not found [Kernel | Boot] -- -- (vdrvroot)
DRV - File not found [Kernel | On_Demand] -- -- (usbvideo) USB Video Device (WDM)
DRV - File not found [Kernel | On_Demand] -- -- (usbscan)
DRV - File not found [Kernel | On_Demand] -- -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - File not found [Kernel | On_Demand] -- -- (USBAAPL)
DRV - File not found [Kernel | On_Demand] -- -- (UmPass)
DRV - File not found [Kernel | On_Demand] -- -- (tunnel)
DRV - File not found [Kernel | On_Demand] -- -- (TuneUpUtilitiesDrv)
DRV - File not found [Kernel | On_Demand] -- -- (tssecsrv)
DRV - File not found [Kernel | Boot] -- -- (TfSysMon)
DRV - File not found [Kernel | On_Demand] -- -- (TfNetMon)
DRV - File not found [Kernel | Boot] -- -- (TfFsMon)
DRV - File not found [Kernel | On_Demand] -- -- (TDTCP)
DRV - File not found [Kernel | On_Demand] -- -- (TDPIPE)
DRV - File not found [Kernel | Auto] -- -- (tcpipreg)
DRV - File not found [Kernel | On_Demand] -- -- (STHDA)
DRV - File not found [Kernel | On_Demand] -- -- (stexstor)
DRV - File not found [Kernel | On_Demand] -- -- (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM)
DRV - File not found [Kernel | On_Demand] -- -- (sscdmdm)
DRV - File not found [Kernel | On_Demand] -- -- (sscdmdfl)
DRV - File not found [Kernel | On_Demand] -- -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - File not found [File_System | On_Demand] -- -- (srvnet)
DRV - File not found [File_System | On_Demand] -- -- (srv2)
DRV - File not found [File_System | On_Demand] -- -- (srv)
DRV - File not found [Kernel | Boot] -- -- (spldr)
DRV - File not found [Kernel | On_Demand] -- -- (sffp_sd)
DRV - File not found [Kernel | On_Demand] -- -- (sffp_mmc)
DRV - File not found [Kernel | On_Demand] -- -- (sffdisk)
DRV - File not found [Kernel | Auto] -- -- (secdrv)
DRV - File not found [Kernel | On_Demand] -- -- (scfilter)
DRV - File not found [Kernel | System] -- -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand] -- -- (SASENUM)
DRV - File not found [Kernel | System] -- -- (SASDIFSV)
DRV - File not found [Kernel | On_Demand] -- -- (RTSTOR)
DRV - File not found [Kernel | Auto] -- -- (rspndr)
DRV - File not found [Kernel | On_Demand] -- -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV - File not found [Kernel | Boot] -- -- (rdyboost)
DRV - File not found [Kernel | On_Demand] -- -- (RDPWD)
DRV - File not found [Kernel | System] -- -- (RDPREFMP)
DRV - File not found [Kernel | System] -- -- (RDPENCDD)
DRV - File not found [Kernel | System] -- -- (RDPCDD)
DRV - File not found [Kernel | On_Demand] -- -- (rdpbus)
DRV - File not found [Kernel | On_Demand] -- -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - File not found [Kernel | On_Demand] -- -- (QWAVEdrv)
DRV - File not found [Kernel | Boot] -- -- (PxHelp20)
DRV - File not found [Kernel | System] -- -- (Psched)
DRV - File not found [Kernel | Auto] -- -- (PEAUTH)
DRV - File not found [Kernel | Boot] -- -- (pcw)
DRV - File not found [Kernel | On_Demand] -- -- (OA009Vid)
DRV - File not found [Kernel | On_Demand] -- -- (OA009Ufd)
DRV - File not found [Kernel | On_Demand] -- -- (Ndisuio)
DRV - File not found [Kernel | On_Demand] -- -- (NdisCap)
DRV - File not found [Kernel | On_Demand] -- -- (NativeWifiP)
DRV - File not found [Kernel | On_Demand] -- -- (MTConfig)
DRV - File not found [Kernel | On_Demand] -- -- (mshidkmdf)
DRV - File not found [Kernel | On_Demand] -- -- (msdsm)
DRV - File not found [File_System | On_Demand] -- -- (MRxDAV)
DRV - File not found [Kernel | On_Demand] -- -- (mpio)
DRV - File not found [Kernel | On_Demand] -- -- (monitor)
DRV - File not found [Kernel | On_Demand] -- -- (Modem)
DRV - File not found [File_System | Auto] -- -- (luafv)
DRV - File not found [Kernel | On_Demand] -- -- (LSI_SAS2)
DRV - File not found [Kernel | Auto] -- -- (lltdio)
DRV - File not found [Kernel | Boot] -- -- (KSecPkg)
DRV - File not found [Kernel | On_Demand] -- -- (IRENUM)
DRV - File not found [Kernel | On_Demand] -- -- (IPNAT)
DRV - File not found [Kernel | On_Demand] -- -- (IpFilterDriver)
DRV - File not found [Kernel | On_Demand] -- -- (igfx)
DRV - File not found [Kernel | Boot] -- -- (hwpolicy)
DRV - File not found [Kernel | On_Demand] -- -- (HTTP)
DRV - File not found [Kernel | On_Demand] -- -- (HpSAMD)
DRV - File not found [Kernel | On_Demand] -- -- (HidBatt)
DRV - File not found [Kernel | On_Demand] -- -- (hcw85cir)
DRV - File not found [Kernel | On_Demand] -- -- (GEARAspiWDM)
DRV - File not found [File_System | On_Demand] -- -- (FsDepends)
DRV - File not found [File_System | On_Demand] -- -- (Filetrace)
DRV - File not found [File_System | Boot] -- -- (FileInfo)
DRV - File not found [Kernel | On_Demand] -- -- (ebdrv)
DRV - File not found [Kernel | On_Demand] -- -- (DXGKrnl)
DRV - File not found [Kernel | On_Demand] -- -- (drmkaud)
DRV - File not found [Kernel | On_Demand] -- -- (dot4usb)
DRV - File not found [Kernel | On_Demand] -- -- (Dot4Print)
DRV - File not found [Kernel | On_Demand] -- -- (Dot4)
DRV - File not found [Kernel | System] -- -- (discache)
DRV - File not found [Kernel | On_Demand] -- -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - File not found [Kernel | On_Demand] -- -- (CtClsFlt)
DRV - File not found [Kernel | On_Demand] -- -- (CompositeBus)
DRV - File not found [Kernel | Boot] -- -- (CNG)
DRV - File not found [Kernel | On_Demand] -- -- (CmBatt)
DRV - File not found [Kernel | On_Demand] -- -- (circlass)
DRV - File not found [Kernel | On_Demand] -- -- (btwrchid)
DRV - File not found [Kernel | On_Demand] -- -- (btwl2cap)
DRV - File not found [Kernel | On_Demand] -- -- (btwavdt)
DRV - File not found [Kernel | On_Demand] -- -- (btwaudio)
DRV - File not found [Kernel | On_Demand] -- -- (btusbflt)
DRV - File not found [Kernel | On_Demand] -- -- (BTHUSB)
DRV - File not found [Kernel | On_Demand] -- -- (BTHPORT)
DRV - File not found [Kernel | On_Demand] -- -- (BthPan) Bluetooth Device (Personal Area Network)
DRV - File not found [Kernel | On_Demand] -- -- (BTHMODEM)
DRV - File not found [Kernel | On_Demand] -- -- (BthEnum)
DRV - File not found [Kernel | System] -- -- (blbdrive)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - File not found [Kernel | On_Demand] -- -- (BCM42RLY)
DRV - File not found [Kernel | On_Demand] -- -- (b57nd60x)
DRV - File not found [Kernel | On_Demand] -- -- (b06bdrv)
DRV - File not found [Kernel | System] -- -- (aswTdi)
DRV - File not found [Kernel | System] -- -- (aswSP)
DRV - File not found [Kernel | System] -- -- (aswRdr)
DRV - File not found [File_System | Auto] -- -- (aswMonFlt)
DRV - File not found [File_System | Auto] -- -- (aswFsBlk)
DRV - File not found [Kernel | On_Demand] -- -- (AppID)
DRV - File not found [Kernel | On_Demand] -- -- (ApfiltrService)
DRV - File not found [Kernel | Boot] -- -- (amdxata)
DRV - File not found [Kernel | On_Demand] -- -- (amdsbs)
DRV - File not found [Kernel | On_Demand] -- -- (amdsata)
DRV - File not found [Kernel | On_Demand] -- -- (AmdPPM)
DRV - File not found [Kernel | On_Demand] -- -- (AcpiPmi)
DRV - File not found [Kernel | On_Demand] -- -- (1394ohci)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Cindy_ON_F\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.del...c=ae&l=ar&s=gen
IE - HKU\Cindy_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?l...en-ca&OCID=iehp
IE - HKU\Cindy_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKU\Cindy_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 66 16 8D 2A BA 89 CB 01 [binary data]
IE - HKU\Cindy_ON_F\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Cindy_ON_F\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - File not found
IE - HKU\Cindy_ON_F\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Cindy_ON_F\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local




FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins


O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - File not found
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - File not found
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - File not found
O3 - HKU\Cindy_ON_F\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] File not found
O4 - HKLM..\Run: [Apoint] File not found
O4 - HKLM..\Run: [AppleSyncNotifier] File not found
O4 - HKLM..\Run: [avast!] File not found
O4 - HKLM..\Run: [Dell Webcam Central] File not found
O4 - HKLM..\Run: [dellsupportcenter] File not found
O4 - HKLM..\Run: [HotKeysCmds] File not found
O4 - HKLM..\Run: [HP Software Update] File not found
O4 - HKLM..\Run: [IAAnotif] File not found
O4 - HKLM..\Run: [IgfxTray] File not found
O4 - HKLM..\Run: [iTunesHelper] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] File not found
O4 - HKLM..\Run: [PDVDDXSrv] File not found
O4 - HKLM..\Run: [Persistence] File not found
O4 - HKLM..\Run: [QuickTime Task] File not found
O4 - HKLM..\Run: [SysTrayApp] File not found
O4 - HKLM..\Run: [ThreatFire] File not found
O4 - HKU\Cindy_ON_F..\Run: [msnmsgr] File not found
O4 - HKU\Cindy_ON_F..\Run: [Sidebar] File not found
O4 - HKU\Cindy_ON_F..\Run: [SmileboxTray] File not found
O4 - HKU\Cindy_ON_F..\Run: [SUPERAntiSpyware] File not found
O4 - HKU\LocalService_ON_F..\Run: [Sidebar] File not found
O4 - HKU\NetworkService_ON_F..\Run: [Sidebar] File not found
O4 - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_F..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_F..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - File not found
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - File not found
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - File not found
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - File not found
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - File not found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - File not found
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - File not found
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - File not found
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - File not found
O30 - LSA: Security Packages - (tspkg) - File not found
O30 - LSA: Security Packages - (pku2u) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 18:01:00 | 000,000,053 | -HS- | M] () - C:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/05/06 08:26:23 | 000,000,309 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: AeLookupSvc - File not found
NetSvcs: CertPropSvc - File not found
NetSvcs: SCPolicySvc - File not found
NetSvcs: lanmanserver - File not found
NetSvcs: AudioSrv - File not found
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Remoteaccess - File not found
NetSvcs: SENS - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: SRService - File not found
NetSvcs: Tapisrv - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: TermService - File not found
NetSvcs: ShellHWDetection - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: iphlpsvc - File not found
NetSvcs: seclogon - F:\Windows\System32\seclogon.dll (Microsoft Corporation)
NetSvcs: AppInfo - File not found
NetSvcs: msiscsi - File not found
NetSvcs: MMCSS - File not found
NetSvcs: wercplsupport - File not found
NetSvcs: EapHost - File not found
NetSvcs: schedule - File not found
NetSvcs: hkmsvc - File not found
NetSvcs: SessionEnv - File not found
NetSvcs: browser - File not found
NetSvcs: Themes - File not found
NetSvcs: BDESVC - File not found

Drivers32: midi - wdmaud.drv File not found
Drivers32: midi1 - wdmaud.drv File not found
Drivers32: midimapper - midimap.dll File not found
Drivers32: mixer - wdmaud.drv File not found
Drivers32: mixer1 - wdmaud.drv File not found
Drivers32: msacm.imaadpcm - imaadp32.acm File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm File not found
Drivers32: msacm.msadpcm - msadp32.acm File not found
Drivers32: msacm.msg711 - msg711.acm File not found
Drivers32: msacm.msgsm610 - msgsm32.acm File not found
Drivers32: msacm.siren - sirenacm.dll File not found
Drivers32: MSVideo8 - VfWWDM32.dll File not found
Drivers32: vidc.cvid - iccvid.dll File not found
Drivers32: vidc.i420 - iyuv_32.dll File not found
Drivers32: vidc.iv50 - ir50_32.dll File not found
Drivers32: VIDC.IYUV - iyuv_32.dll File not found
Drivers32: vidc.mrle - msrle32.dll File not found
Drivers32: vidc.msvc - msvidc32.dll File not found
Drivers32: VIDC.UYVY - msyuv.dll File not found
Drivers32: VIDC.YUY2 - msyuv.dll File not found
Drivers32: vidc.yv12 - yv12vfw.dll File not found
Drivers32: VIDC.YVU9 - tsbyuv.dll File not found
Drivers32: VIDC.YVYU - msyuv.dll File not found
Drivers32: wave - wdmaud.drv File not found
Drivers32: wave1 - wdmaud.drv File not found
Drivers32: wavemapper - msacm32.drv File not found

MsConfig - StartUpFolder: C:^Users^Cindy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - - File not found
MsConfig - StartUpReg: dskl - hkey= - key= - File not found
MsConfig - State: "startup" - 2

SafeBootMin: AppInfo - File not found
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MSIServer - File not found
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Power - File not found
SafeBootMin: Primary disk - Driver Group
SafeBootMin: RpcEptMapper - File not found
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TabletInputService - File not found
SafeBootMin: vga.sys - File not found
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - File not found
SafeBootMin: WudfPf - File not found
SafeBootMin: WudfRd - File not found
SafeBootMin: WudfSvc - File not found
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppInfo - File not found
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Browser - File not found
SafeBootNet: Dhcp - File not found
SafeBootNet: Dot3Svc - File not found
SafeBootNet: Eaphost - File not found
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: ipnat.sys - File not found
SafeBootNet: LanmanServer - File not found
SafeBootNet: Messenger - Service
SafeBootNet: MSIServer - File not found
SafeBootNet: NativeWifiP - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: ndiscap - File not found
SafeBootNet: Ndisuio - File not found
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: netprofm - File not found
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Power - File not found
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - File not found
SafeBootNet: rdsessmgr - Service
SafeBootNet: RpcEptMapper - File not found
SafeBootNet: sacsvr - Service
SafeBootNet: SCardSvr - File not found
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SharedAccess - File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TabletInputService - File not found
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - File not found
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - File not found
SafeBootNet: Wlansvc - File not found
SafeBootNet: WudfPf - File not found
SafeBootNet: WudfRd - File not found
SafeBootNet: WudfSvc - File not found
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

========== Files/Folders - Created Within 30 Days ==========

[2009/08/29 22:07:21 | 000,077,824 | -HS- | C] (XSS) -- C:\ProgramData\Info.exe
[2009/08/29 22:07:21 | 000,077,824 | -HS- | C] (XSS) -- C:\Program Files\Info.exe

========== Files - Modified Within 30 Days ==========


========== Files Created - No Company Name ==========

[2009/12/19 23:26:49 | 000,267,504 | ---- | C] () -- C:\Windows\FixBCD.exe
[2009/08/29 22:07:21 | 000,124,495 | -HS- | C] () -- C:\ProgramData\protect.korean
[2009/08/29 22:07:21 | 000,124,495 | -HS- | C] () -- C:\Program Files\protect.korean
[2009/08/29 22:07:21 | 000,119,790 | -HS- | C] () -- C:\ProgramData\protect.dutch
[2009/08/29 22:07:21 | 000,119,790 | -HS- | C] () -- C:\Program Files\protect.dutch
[2009/08/29 22:07:21 | 000,117,842 | -HS- | C] () -- C:\ProgramData\protect.japanese
[2009/08/29 22:07:21 | 000,117,842 | -HS- | C] () -- C:\Program Files\protect.japanese
[2009/08/29 22:07:21 | 000,117,667 | -HS- | C] () -- C:\ProgramData\protect.chinese traditional
[2009/08/29 22:07:21 | 000,117,667 | -HS- | C] () -- C:\Program Files\protect.chinese traditional
[2009/08/29 22:07:21 | 000,117,213 | -HS- | C] () -- C:\ProgramData\protect.chinese simplified
[2009/08/29 22:07:21 | 000,117,213 | -HS- | C] () -- C:\Program Files\protect.chinese simplified
[2009/08/29 22:07:21 | 000,116,564 | -HS- | C] () -- C:\ProgramData\protect.portuguese brazilian
[2009/08/29 22:07:21 | 000,116,564 | -HS- | C] () -- C:\Program Files\protect.portuguese brazilian
[2009/08/29 22:07:21 | 000,116,404 | -HS- | C] () -- C:\ProgramData\protect.swedish
[2009/08/29 22:07:21 | 000,116,404 | -HS- | C] () -- C:\Program Files\protect.swedish
[2009/08/29 22:07:21 | 000,116,363 | -HS- | C] () -- C:\ProgramData\protect.spanish
[2009/08/29 22:07:21 | 000,116,363 | -HS- | C] () -- C:\Program Files\protect.spanish
[2009/08/29 22:07:21 | 000,116,305 | -HS- | C] () -- C:\ProgramData\protect.german
[2009/08/29 22:07:21 | 000,116,305 | -HS- | C] () -- C:\Program Files\protect.german
[2009/08/29 22:07:21 | 000,116,238 | -HS- | C] () -- C:\ProgramData\protect.danish
[2009/08/29 22:07:21 | 000,116,238 | -HS- | C] () -- C:\Program Files\protect.danish
[2009/08/29 22:07:21 | 000,116,195 | -HS- | C] () -- C:\ProgramData\protect.norwegian
[2009/08/29 22:07:21 | 000,116,195 | -HS- | C] () -- C:\Program Files\protect.norwegian
[2009/08/29 22:07:21 | 000,116,015 | -HS- | C] () -- C:\ProgramData\protect.french
[2009/08/29 22:07:21 | 000,116,015 | -HS- | C] () -- C:\Program Files\protect.french
[2009/08/29 22:07:21 | 000,115,710 | -HS- | C] () -- C:\ProgramData\protect.italian
[2009/08/29 22:07:21 | 000,115,710 | -HS- | C] () -- C:\Program Files\protect.italian
[2009/08/29 22:07:21 | 000,047,233 | -HS- | C] () -- C:\ProgramData\protect.english
[2009/08/29 22:07:21 | 000,047,233 | -HS- | C] () -- C:\Program Files\protect.english
[2009/08/29 22:07:21 | 000,000,053 | -HS- | C] () -- C:\ProgramData\AUTORUN.INF
[2009/08/29 22:07:21 | 000,000,053 | -HS- | C] () -- C:\Program Files\AUTORUN.INF
[2009/08/29 22:07:08 | 000,000,060 | ---- | C] () -- C:\Windows\System32\WINPESHL.INI.7147
[2009/08/29 22:07:03 | 000,000,512 | ---- | C] () -- C:\Windows\System32\OS.DAT
[2009/08/29 22:07:02 | 000,000,053 | ---- | C] () -- C:\Windows\System32\WINPESHL.INI.7127
[2009/07/21 17:38:15 | 000,060,048 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/21 14:07:50 | 001,191,936 | ---- | C] () -- C:\Windows\System32\Restore7.exe
[2009/07/21 14:07:50 | 001,123,568 | ---- | C] () -- C:\Windows\System32\libxml2.dll
[2009/07/21 14:07:50 | 000,487,424 | ---- | C] () -- C:\Windows\System32\STRegistryD.dll
[2009/07/21 14:07:50 | 000,476,400 | ---- | C] () -- C:\Windows\System32\PSTImage.dll
[2009/07/21 14:07:50 | 000,447,728 | ---- | C] () -- C:\Windows\System32\STBackupEngine.dll
[2009/07/21 14:07:50 | 000,390,384 | ---- | C] () -- C:\Windows\System32\STODD.dll
[2009/07/21 14:07:50 | 000,386,288 | ---- | C] () -- C:\Windows\System32\STODDRD.dll
[2009/07/21 14:07:50 | 000,271,600 | ---- | C] () -- C:\Windows\System32\STODDIM.dll
[2009/07/21 14:07:50 | 000,259,312 | ---- | C] () -- C:\Windows\System32\STODDSC.dll
[2009/07/21 14:07:50 | 000,242,928 | ---- | C] () -- C:\Windows\System32\RestoreLauncher.exe
[2009/07/21 14:07:50 | 000,234,736 | ---- | C] () -- C:\Windows\System32\STFiles.dll
[2009/07/21 14:07:50 | 000,132,336 | ---- | C] () -- C:\Windows\System32\STWmiM.dll
[2009/07/21 14:07:50 | 000,132,336 | ---- | C] () -- C:\Windows\System32\STLog.dll
[2009/07/21 14:07:50 | 000,124,144 | ---- | C] () -- C:\Windows\System32\STCrypto.dll
[2009/07/21 14:07:50 | 000,121,584 | ---- | C] () -- C:\Windows\System32\STNLS.dll
[2009/07/21 14:07:50 | 000,115,952 | ---- | C] () -- C:\Windows\System32\STPE.dll
[2009/07/21 14:07:50 | 000,115,952 | ---- | C] () -- C:\Windows\System32\PSTVdsDisk.dll
[2009/07/21 14:07:50 | 000,107,760 | ---- | C] () -- C:\Windows\System32\STShellVC6.dll
[2009/07/21 14:07:50 | 000,103,664 | ---- | C] () -- C:\Windows\System32\STXMLSystem.dll
[2009/07/21 14:07:50 | 000,099,568 | ---- | C] () -- C:\Windows\System32\STMsXml.dll
[2009/07/21 14:07:50 | 000,095,472 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll
[2009/07/21 14:07:50 | 000,083,184 | ---- | C] () -- C:\Windows\System32\STProcess.dll
[2009/07/21 14:07:50 | 000,079,088 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2009/07/21 14:07:50 | 000,074,992 | ---- | C] () -- C:\Windows\System32\STRegistry.dll
[2009/07/21 14:07:50 | 000,071,408 | ---- | C] () -- C:\Windows\System32\STWiz.dll
[2009/07/21 14:07:50 | 000,058,608 | ---- | C] () -- C:\Windows\System32\STCoreXml.dll
[2009/07/21 14:07:50 | 000,000,020 | ---- | C] () -- C:\Windows\System32\ST_LOG.INI
[2009/07/21 14:07:49 | 000,410,864 | ---- | C] () -- C:\Windows\System32\BackupApi.dll
[2009/07/21 14:07:49 | 000,000,004 | ---- | C] () -- C:\Windows\System32\abort.dat
[2008/02/05 09:27:10 | 000,000,060 | ---- | C] () -- C:\Windows\System32\winpeshl.ini
[2008/01/19 04:47:14 | 000,004,444 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2008/01/19 04:47:14 | 000,001,536 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2008/01/19 02:52:16 | 000,077,824 | ---- | C] () -- C:\Windows\System32\schema.dat
[2008/01/18 23:48:22 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2008/01/03 14:57:53 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========


========== Purity Check ==========


< End of report >
  • 0

Advertisements

#26
michaelg9
Posted 21 March 2011 - 09:25 AM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey,

I can see why there was no valid Windows installations found... :D
It seems that something wiped out almost all of your files in C: or at least the Operating System and the programs. But we can try other things to see if we can fix it.

Please go again in Recovery Console using your Windows CD, and check the option "System Restore". See if you can find any restore points before the day that your computer became unbootable and use it.

If there are no Restore Points, I'd like to ask if you happened to do a system image backup when your computer was OK.

Thank you
  • 0

#27
bluegang6
Posted 21 March 2011 - 12:06 PM

bluegang6

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 222 posts
Tried sstem restore, no luck.

I ran some other tests, and bootmgr and all that, and my system restore poitns got wiped, but I tried the earliest, and that did not even work (like 2 months ago..)

I don't happen to have a system image backup :S

What to do? :S
  • 0

#28
michaelg9
Posted 22 March 2011 - 02:06 PM

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hey,
It may not be that bad finally. C: is not the drive that Windows are installed in the PE environment, but F: is (thanks to OT for the heads up)

When you're starting OTLPE are you asked to choose a Windows installation directory?
If yes, select the one in the F: drive:
F:\Windows
After doing this, perform another OTL scan like before, and post the log here :D
  • 0

#29
bluegang6
Posted 22 March 2011 - 02:58 PM

bluegang6

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 222 posts
Will do.

P.s. I now am getting a message upon boot:
Windows Boot Manager

insert disk, etc....

File: \Windows\system32\drivers\Wdf01000.sys"
status: 0x0000098"

Info: Windows failed to load because a critical system driver is missing or corrupt.
  • 0

#30
bluegang6
Posted 22 March 2011 - 03:42 PM

bluegang6

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 222 posts
See attached file :D


OTL logfile created on: 3/21/2011 11:35:25 AM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows ™ Code Name "Longhorn" Preinstallation Environment (Version = 6.0.6001.18000.6001) - Type = System
Internet Explorer (Version = )
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 89.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218.20 Gb Total Space | 152.67 Gb Free Space | 69.97% Space Free | Partition Type: NTFS
Drive E: | 39.10 Mb Total Space | 30.56 Mb Free Space | 78.18% Space Free | Partition Type: FAT
Drive F: | 14.65 Gb Total Space | 8.44 Gb Free Space | 57.60% Space Free | Partition Type: NTFS
Drive G: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 7.47 Gb Total Space | 7.46 Gb Free Space | 99.80% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (sacsvr)
SRV - [2009/07/13 21:16:15 | 000,313,856 | ---- | M] () [On_Demand] -- C:\Windows\System32\swprv.dll -- (swprv)


========== Driver Services (SafeList) ==========

DRV - File not found [File_System | Boot] -- -- (WimFsf)
DRV - File not found [Kernel | Boot] -- -- (ulsata2)
DRV - File not found [Kernel | Boot] -- -- (UlSata)
DRV - File not found [Kernel | Boot] -- -- (uliahci)
DRV - File not found [Kernel | Boot] -- -- (Symc8xx)
DRV - File not found [Kernel | Boot] -- -- (Sym_u3)
DRV - File not found [Kernel | Boot] -- -- (Sym_hi)
DRV - File not found [Kernel | Boot] -- -- (sacdrv)
DRV - File not found [Kernel | On_Demand] -- -- (rdpdr)
DRV - File not found [Kernel | Boot] -- -- (Ramdisk)
DRV - File not found [Kernel | On_Demand] -- -- (ntrigdigi)
DRV - File not found [Kernel | Boot] -- -- (Mraid35x)
DRV - File not found [Kernel | Boot] -- -- (iteraid)
DRV - File not found [Kernel | Boot] -- -- (iteatapi)
DRV - File not found [Kernel | Boot] -- -- (i2omp)
DRV - File not found [Kernel | Boot] -- -- (HpCISSs)
DRV - File not found [File_System | Boot] -- -- (FBWF)
DRV - File not found [Kernel | On_Demand] -- -- (Crusoe)
DRV - File not found [Kernel | On_Demand] -- -- (AmdK7)
DRV - File not found [Kernel | Boot] -- -- (adpu160m)
DRV - [2009/09/26 01:58:35 | 000,194,488 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\fvevol.sys -- (fvevol)
DRV - [2009/07/13 21:26:15 | 000,000,000 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV - [2009/07/13 21:19:10 | 000,445,008 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009/07/13 19:52:09 | 000,000,000 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\system32\drivers\usbhub.sys -- (usbhub)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========






[2010/12/22 23:06:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/03 19:02:28 | 000,002,027 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2010/04/26 00:49:46 | 000,001,715 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 runescape.com127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 4 more lines...
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableMIC = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIPI = 0
O13 - ftp Prefix: missing
O13 - gopher Prefix: missing
O13 - home Prefix: missing
O13 - mosaic Prefix: missing
O13 - www Prefix: missing
O20 - HKLM Winlogon: Shell - (cmd.exe) - C:\Windows\System32\cmd.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (/k start cmd.exe) - File not found
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/04/26 15:01:44 | 000,001,050 | ---- | M] () - E:\AUTOEXEC.BAT -- [ FAT ]
O32 - AutoRun File - [2009/04/26 15:01:44 | 000,001,050 | ---- | M] () - E:\AUTOEXEC.UP -- [ FAT ]
O32 - AutoRun File - [2004/04/30 18:01:00 | 000,000,053 | -HS- | M] () - F:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2008/05/06 08:26:23 | 000,000,309 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - File not found - -- [ CDFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Remoteaccess - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: SRService - File not found
NetSvcs: Tapisrv - C:\Windows\System32\tapisrv.dll ()
NetSvcs: WmdmPmSp - File not found
NetSvcs: TermService - File not found
NetSvcs: ShellHWDetection - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: sacsvr - File not found



SafeBootMin: AppInfo - Service
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - File not found
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: SWPRV - C:\Windows\System32\swprv.dll ()
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TabletInputService - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppInfo - Service
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Browser - Service
SafeBootNet: Dot3Svc - Service
SafeBootNet: Eaphost - Service
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: ipnat.sys - Driver
SafeBootNet: LanmanServer - Service
SafeBootNet: Messenger - Service
SafeBootNet: NativeWifiP - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: Ndisuio - Service
SafeBootNet: NetBIOS - Service
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: netprofm - Service
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - File not found
SafeBootNet: SCardSvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SharedAccess - File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: SWPRV - C:\Windows\System32\swprv.dll ()
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TabletInputService - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: Wlansvc - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

========== Files/Folders - Created Within 30 Days ==========

[2011/03/09 08:46:32 | 000,000,000 | R--D | C] -- \I386
[2011/03/09 08:45:14 | 000,000,000 | R--D | C] -- \SFX
[2011/03/09 08:38:52 | 000,000,000 | R--D | C] -- \PROGRAMS
[2011/02/22 18:34:50 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/02/22 18:34:50 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/02/19 20:14:47 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/07/28 20:20:56 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/20 19:02:32 | 000,000,185 | ---- | M] () -- C:\boot.ini
[2011/03/19 17:44:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/10 18:32:31 | 1581,010,944 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/08 10:06:43 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/07 22:55:30 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/07 22:55:30 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/07 22:48:06 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/19 20:14:43 | 242,589,667 | ---- | M] () -- C:\Windows\MEMORY.DMP
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/19 12:03:34 | 000,000,185 | ---- | C] () -- C:\boot.ini
[2011/03/09 08:44:21 | 000,001,052 | R--- | C] () -- \reatogoMenu.ini
[2011/03/09 08:38:45 | 000,000,000 | R--- | C] () -- \WIN51IP.SP2
[2011/03/09 08:38:45 | 000,000,000 | R--- | C] () -- \WIN51IP
[2010/09/19 13:44:03 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/09/19 13:44:02 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2010/09/19 13:44:02 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/09/19 13:44:00 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/07/28 20:18:42 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/07/28 20:14:38 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/07/28 20:14:38 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010/06/08 09:21:08 | 000,194,488 | ---- | C] () -- C:\Windows\System32\drivers\fvevol.sys
[2010/06/07 22:58:51 | 000,200,240 | ---- | C] () -- C:\Windows\System32\drivers\Apfiltr.sys
[2010/06/07 21:54:35 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010/02/27 14:13:00 | 000,148,996 | ---- | C] () -- C:\Windows\hpoins19.dat
[2009/11/02 18:29:19 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009/10/24 20:35:08 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/07/21 14:14:50 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009/07/21 13:58:19 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/07/21 13:55:37 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\iaStor.sys
[2009/07/21 13:51:45 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2009/07/21 13:51:44 | 000,026,112 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2009/07/21 13:41:08 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 002,268,688 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,628,460 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,110,612 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 20:19:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\tapisrv.dll
[2009/07/13 20:18:41 | 000,489,472 | ---- | C] () -- C:\Windows\System32\win32spl.dll
[2009/07/13 20:09:06 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wmpps.dll
[2009/07/13 20:07:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\sqlceqp30.dll
[2009/07/13 20:07:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\sqlceoledb30.dll
[2009/07/13 20:06:02 | 000,507,392 | ---- | C] () -- C:\Windows\System32\wmdrmdev.dll
[2009/07/13 20:04:44 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SndVolSSO.dll
[2009/07/13 20:03:12 | 000,172,032 | ---- | C] () -- C:\Windows\System32\wdmaud.drv
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- C:\Windows\System32\DShowRdpFilter.dll
[2009/07/13 20:02:49 | 000,000,000 | ---- | C] () -- C:\Windows\System32\termsrv.dll
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:52:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\usbhub.sys
[2009/07/13 19:52:03 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\nwifi.sys
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:51:31 | 000,392,704 | ---- | C] () -- C:\Windows\System32\drivers\bthport.sys
[2009/07/13 19:50:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\WUDFHost.exe
[2009/07/13 19:48:05 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SnippingTool.exe
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 19:40:50 | 000,755,200 | ---- | C] () -- C:\Windows\System32\sud.dll
[2009/07/13 19:37:45 | 000,000,000 | ---- | C] () -- C:\Windows\System32\logoncli.dll
[2009/07/13 19:34:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wdigest.dll
[2009/07/13 19:23:55 | 000,313,856 | ---- | C] () -- C:\Windows\System32\swprv.dll
[2009/07/13 19:23:03 | 000,000,000 | ---- | C] () -- C:\Windows\System32\WSDApi.dll
[2009/07/13 19:20:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\tdh.dll
[2009/07/13 19:14:56 | 000,000,000 | ---- | C] () -- C:\Windows\System32\uudf.dll
[2009/07/13 19:11:47 | 000,445,008 | ---- | C] () -- C:\Windows\System32\drivers\Wdf01000.sys
[2009/07/13 19:11:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\acpi.sys
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008/11/17 19:32:20 | 000,180,224 | ---- | C] () -- C:\Windows\System32\BtAudioHelper.dll
[2008/09/19 13:14:16 | 000,024,056 | ---- | C] () -- C:\Windows\System32\providers.bin
[2007/03/13 16:02:10 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2006/03/24 07:06:41 | 000,000,053 | R--- | C] () -- \AUTORUN.INF
[2005/07/16 17:36:50 | 000,240,128 | R--- | C] () -- \reatogoMenu.exe
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2011/03/09 08:46:32 | 000,000,000 | R--D | M] -- \I386
[2011/03/09 08:38:52 | 000,000,000 | R--D | M] -- \PROGRAMS
[2011/03/09 08:45:14 | 000,000,000 | R--D | M] -- \SFX
[2010/10/11 18:31:46 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP