Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
New Member
My computer will not boot after installing Norton Power Eraser (never ran it, computer froze upon initial restart after installation of Norton Power Eraser). Running Windows 7 64bit on laptop. It won't boot in safe mode, tried repair utility and get msg that can't repair itself automatically, tried recover from last known config also and that didn't work.
Can you help?
New Member
I downloaded FRST64... my next post has the contents of that scan in case that helps.
New Member
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014
Ran by SYSTEM on MININT-URBR4BR on 12-10-2014 11:26:06
Running from F:\
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-25] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1931536 2011-01-12] (Intel® Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252728 2010-03-17] (TOSHIBA)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [190808 2011-03-01] (Logitech Inc.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2013-11-27] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\RunOnce: [*Restore] => C:\windows\system32\rstrui.exe [296960 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Guest\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-08] (Google Inc.)
HKU\Jennifer\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-08] (Google Inc.)
HKU\Parthiv\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\Parthiv\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-08] (Google Inc.)
HKU\Parthiv\...\Run: [Google Update] => C:\Users\Parthiv\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-09] (Google Inc.)
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-12] ()
S2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
S2 OfflinePlayerService; C:\Users\Public\Harbinger Systems\Offline Player\view\OfflinePlayerService.exe [73728 2014-03-11] ()
S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2012-04-24] (Wajam) <==== ATTENTION
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\BASHDefs\20141003.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
S1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
S1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\IPSDefs\20141009.002\IDSvia64.sys [633560 2014-09-01] (Symantec Corporation)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\VirusDefs\20141009.016\ENG64.SYS [129752 2014-09-25] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.5.0.19\Definitions\VirusDefs\20141009.016\EX64.SYS [2137304 2014-09-25] (Symantec Corporation)
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2014-07-22] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-07-22] (Symantec Corporation)
S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-01] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-07-22] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-12 11:25 - 2014-10-12 11:26 - 00000000 ____D () C:\FRST
2014-10-11 19:24 - 2014-10-11 19:24 - 00000000 ____D () C:\ProgramData\SMR430
2014-10-07 13:18 - 2014-10-07 13:18 - 00000000 ____D () C:\Users\Parthiv\Documents\20141007-W262T2 Stay Ahead of the Curve! Reforms for Guidance for Fed(669767331)
2014-10-04 13:05 - 2014-10-04 13:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-09-23 10:50 - 2014-09-23 10:50 - 00013824 _____ () C:\Users\Parthiv\Downloads\PICSCHEDULE_2014 (1).xls
2014-09-23 08:47 - 2014-09-23 08:47 - 00013824 _____ () C:\Users\Parthiv\Downloads\PICSCHEDULE_2014.xls
2014-09-21 17:45 - 2014-09-21 17:46 - 00845597 _____ () C:\Users\Parthiv\Downloads\ExportBundleCoursesToExcel (1)
2014-09-21 17:41 - 2014-09-21 17:41 - 00845597 _____ () C:\Users\Parthiv\Downloads\ExportBundleCoursesToExcel
2014-09-19 09:02 - 2014-09-19 09:12 - 00000000 ____D () C:\ProgramData\WebEx
2014-09-19 09:01 - 2014-09-19 09:01 - 00220456 _____ (Cisco WebEx LLC) C:\Users\Parthiv\Downloads\,join-test,1594239231,-1281699182,MC,0-0,SDJTSwAAAAElEnz_f3wgZCWH3pafGpuGHFBkQqiRpX4gVpn7i7RuEw2_webex.exe
2014-09-19 08:45 - 2014-09-19 09:02 - 00000000 ____D () C:\Users\Parthiv\AppData\Local\WebEx
2014-09-19 08:45 - 2014-09-19 08:45 - 00631744 _____ (Cisco WebEx LLC) C:\Users\Parthiv\Downloads\Cisco_WebEx_Add-On (1).exe
2014-09-19 08:45 - 2014-09-19 08:45 - 00000000 ____D () C:\Users\Parthiv\AppData\Roaming\Mozilla
2014-09-19 08:44 - 2014-09-19 08:44 - 00631744 _____ (Cisco WebEx LLC) C:\Users\Parthiv\Downloads\Cisco_WebEx_Add-On.exe
2014-09-12 09:24 - 2014-09-04 18:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-12 09:24 - 2014-09-04 17:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-12 01:10 - 2010-09-29 00:09 - 00000000 ____D () C:\users\Guest
2014-10-12 01:10 - 2010-08-29 09:26 - 00000000 ____D () C:\Users\Parthiv\AppData\Roaming\Skype
2014-10-12 01:10 - 2010-08-28 19:59 - 00000000 ____D () C:\users\Jennifer
2014-10-12 01:10 - 2010-07-14 18:51 - 00000000 ____D () C:\users\Parthiv
2014-10-12 01:10 - 2010-05-15 04:48 - 00000000 ____D () C:\ProgramData\Norton
2014-10-12 01:10 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-10-11 19:23 - 2014-09-01 17:18 - 00000000 ____D () C:\Users\Parthiv\AppData\Local\NPE
2014-10-11 19:18 - 2010-09-08 10:34 - 00000000 ____D () C:\Users\Parthiv\Documents\Girls
2014-10-10 10:45 - 2012-07-19 09:52 - 00000000 __SHD () C:\Users\Parthiv\Documents\cache
2014-10-10 07:17 - 2011-06-28 11:43 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-131133104-2688936539-2419433585-1000UA.job
2014-10-10 06:52 - 2014-06-04 09:01 - 00000574 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-131133104-2688936539-2419433585-1000.job
2014-10-10 06:50 - 2010-08-28 20:03 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-10 04:55 - 2010-05-15 04:12 - 01810697 _____ () C:\Windows\WindowsUpdate.log
2014-10-10 03:30 - 2011-06-28 11:43 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-131133104-2688936539-2419433585-1000Core.job
2014-10-09 10:50 - 2010-08-28 20:03 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-07 11:02 - 2014-06-04 09:01 - 00003600 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-131133104-2688936539-2419433585-1000
2014-10-07 07:15 - 2009-07-13 20:45 - 00016304 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-07 07:15 - 2009-07-13 20:45 - 00016304 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-07 07:07 - 2010-09-27 06:19 - 00000000 ____D () C:\Users\Parthiv\AppData\Local\CrashDumps
2014-10-07 07:04 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-07 07:04 - 2009-07-13 20:51 - 00203415 _____ () C:\Windows\setupact.log
2014-10-06 17:48 - 2013-11-07 17:45 - 00031470 _____ () C:\Users\Parthiv\Desktop\Jen To Do.xlsx
2014-10-05 16:54 - 2010-04-08 18:34 - 00994422 _____ () C:\Windows\PFRO.log
2014-10-04 13:04 - 2014-09-01 16:50 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-10-04 13:04 - 2014-09-01 16:50 - 00002330 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-10-04 13:04 - 2014-09-01 16:43 - 00000000 ____D () C:\Windows\System32\Drivers\N360x64
2014-09-23 19:19 - 2014-05-30 18:10 - 00012488 _____ () C:\Users\Parthiv\Desktop\Summer Fun.xlsx
2014-09-21 17:51 - 2010-09-03 05:30 - 00001744 _____ () C:\Users\Parthiv\AppData\Roaming\wklnhst.dat
2014-09-19 09:05 - 2012-07-19 09:52 - 00000000 ____D () C:\Users\Parthiv\AppData\Roaming\webex
2014-09-16 17:23 - 2013-12-29 21:11 - 00017124 _____ () C:\Users\Parthiv\Desktop\KEURIG.xlsx
2014-09-13 06:27 - 2014-07-10 09:25 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-09-13 06:27 - 2013-08-05 05:22 - 00000000 ____D () C:\Windows\System32\MRT
2014-09-13 06:20 - 2010-09-20 09:25 - 101694776 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
Some content of TEMP:
====================
C:\Users\Parthiv\AppData\Local\Temp\_is39B5.exe
C:\Users\Parthiv\AppData\Local\Temp\_is7DB7.exe
C:\Users\Parthiv\AppData\Local\Temp\_is9A1.exe
C:\Users\Parthiv\AppData\Local\Temp\_isB183.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE Association (whitelisted) =============
==================== Restore Points =========================
Restore point made on: 2014-10-10 07:47:14
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 3890.67 MB
Available physical RAM: 3310.93 MB
Total Pagefile: 3888.82 MB
Available Pagefile: 3291.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
==================== Drives ================================
Drive c: (TI105835W0G) (Fixed) (Total:453.83 GB) (Free:108.67 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (CDROM) (Total:7.96 GB) (Free:0 GB) UDF
Drive f: () (Removable) (Total:0.48 GB) (Free:0.09 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 1786ECE7)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=453.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.5 GB) - (Type=17)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 490 MB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=490 MB) - (Type=06)
LastRegBack: 2014-10-05 20:04
==================== End Of Log ============================
|
Security →
Virus, Spyware, Malware Removal →
Help removing a suspected TrojanStarted by RobJames , 01 Feb 2024  FXSAPIDebugLogFile and 2 more...
|
|
|
|
|
Hardware →
Hardware, Components and Peripherals →
Recover the hard driveStarted by Andrew Board , 16 Jan 2024 data recovery, hard drive, help and 1 more...
|
|
|
|
|
|
Security →
Virus, Spyware, Malware Removal →
Hijacked Windows defender [Closed]Started by relay , 17 Nov 2023 shell, spyware, keylogger and 2 more...
|
|
![Hijacked Windows defender [Closed] - last post by DR M](https://www.geekstogo.com/forum/uploads/profile/photo-418842.gif?_r=1578338641)
|
|
|
|
#linux
Discussion →
Off-Topic →
Two different OS on two different drivers - recommended?Started by Killian Gharrah , 17 Sep 2023 #linux, #windows, #SSD, #HDD
|
|
|
|
|
|
Operating Systems →
All Other Operating Systems →
Specific boot problem with Windows XPStarted by SomeNewUser , 21 May 2023 Windows XP, boot
|
|
|
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.
Sign In
Create Account
