Over 1 million tech questions and answers.

Virus Blocks Bios and Safe Mode on Startup

Q: Virus Blocks Bios and Safe Mode on Startup

Hi
 
From request I have made a new thread in this section (original thread:http://www.bleepingcomputer.com/forums/t/524717/virus-blocks-bios-and-safe-mode-on-startup/)
 
DDS log : 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16450  BrowserJavaVersion: 10.51.2
Run by THOMAS at 13:33:25 on 2014-02-19
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.64.1033.18.8140.5971 [GMT 13:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Bitdefender\Bitdefender\seccenter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyServer = 187.120.217.82:3128
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - 
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} - 
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
uRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
uRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [PowerDVD13Agent] "C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
dRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
dRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TP-LIN~1.LNK - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{471FA194-61D0-43F7-8257-93989865BB1C} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{471FA194-61D0-43F7-8257-93989865BB1C}\2545141303235375D2739364630393 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{471FA194-61D0-43F7-8257-93989865BB1C}\64F677C656273702E4564777F627B6 : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2014-2-18 893440]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-2-18 150256]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-1-17 19264]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2014-2-18 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2014-2-18 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2014-2-18 76944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-1-26 283200]
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5};Power Control [2014/02/09 13:02:49];C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [2013-11-29 32456]
R2 CyberLink PowerDVD 13 Media Server Monitor Service;CyberLink PowerDVD 13 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [2014-2-9 77576]
R2 CyberLink PowerDVD 13 Media Server Service;CyberLink PowerDVD 13 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [2014-2-9 327432]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-19 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-19 701512]
R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-4-8 5352960]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-17 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2009-2-10 15129376]
R2 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2014-2-18 94624]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
R2 UPDATESRV;Bitdefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [2014-2-18 67320]
R3 appliandMP;appliandMP;C:\Windows\System32\drivers\appliand.sys [2013-6-21 33888]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2014-2-18 261056]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2014-2-18 635392]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-1-17 357184]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-1-17 789824]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2013-5-31 64280]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-19 25928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-17 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-1-17 726160]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2013-6-18 198360]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2013-4-27 31232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-8-13 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-8-13 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 appliand;Applian Network Service;C:\Windows\System32\drivers\appliand.sys [2013-6-21 33888]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2014-2-18 121928]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2014-2-18 82824]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2013-10-15 520416]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2013-5-5 115272]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-4-27 746392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-12 1255736]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2014-2-18 77632]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
.
=============== Created Last 30 ================
.
2014-02-18 13:34:32 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1ACBE3A-71C5-4B14-B3A8-9913BB8F85C0}\offreg.dll
2014-02-18 12:48:01 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-18 12:48:01 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-18 12:48:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-18 12:42:48 -------- d-sh--w- C:\$RECYCLE.BIN
2014-02-18 11:44:54 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\Malwarebytes
2014-02-18 10:03:34 700698 ----a-w- C:\ProgramData\1392717167.bdinstall.bin
2014-02-18 10:03:04 -------- d-----w- C:\ProgramData\BDLogging
2014-02-18 10:02:57 76944 ----a-w- C:\Windows\System32\drivers\bdvedisk.sys
2014-02-18 10:02:47 93600 ----a-w- C:\Windows\System32\drivers\BdfNdisf6.sys
2014-02-18 10:02:47 82824 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys
2014-02-18 10:02:47 74512 ----a-w- C:\Windows\SysWow64\bdsandboxuiskin32.dll
2014-02-18 10:02:47 511328 ----a-w- C:\Windows\capicom.dll
2014-02-18 10:02:46 893440 ----a-w- C:\Windows\System32\drivers\avc3.sys
2014-02-18 10:02:46 635392 ----a-w- C:\Windows\System32\drivers\avckf.sys
2014-02-18 10:02:46 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
2014-02-18 09:56:22 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-02-18 09:56:20 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1ACBE3A-71C5-4B14-B3A8-9913BB8F85C0}\mpengine.dll
2014-02-18 09:55:13 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\Bitdefender
2014-02-18 09:55:10 3271472 ---ha-w- C:\bdr-bz01
2014-02-18 09:53:09 84848 ----a-w- C:\Windows\System32\BDSandBoxUISkin.dll
2014-02-18 09:53:09 74512 ----a-w- C:\Windows\System32\bdsandboxuiskin32.dll
2014-02-18 09:53:09 34384 ----a-w- C:\Windows\System32\BDSandBoxUH.dll
2014-02-18 09:53:09 150256 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2014-02-18 09:53:09 -------- d-----w- C:\ProgramData\Bitdefender
2014-02-18 09:53:08 389240 ----a-w- C:\Windows\System32\drivers\trufos.sys
2014-02-18 09:53:08 -------- d-----w- C:\Program Files\Bitdefender
2014-02-18 09:52:47 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\QuickScan
2014-02-18 09:40:28 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2014-02-18 08:51:56 -------- d-----w- C:\AdwCleaner
2014-02-18 08:02:37 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\TuneUp Software
2014-02-18 07:37:10 98816 ----a-w- C:\Windows\sed.exe
2014-02-18 07:37:10 256000 ----a-w- C:\Windows\PEV.exe
2014-02-18 07:37:10 208896 ----a-w- C:\Windows\MBR.exe
2014-02-18 06:59:35 -------- d--h--w- C:\ProgramData\Common Files
2014-02-18 06:59:34 -------- d-----w- C:\Users\THOMAS\AppData\Local\MFAData
2014-02-18 06:59:34 -------- d-----w- C:\ProgramData\MFAData
2014-02-18 06:46:07 -------- d--h--w- C:\ProgramData\{$3918-8545-4316-2157$}
2014-02-18 06:46:04 -------- d--h--w- C:\ProgramData\{$5364-3635-6632-2608$}
2014-02-14 12:22:05 -------- d-----w- C:\ProgramData\Oracle
2014-02-14 12:11:32 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-14 00:12:58 -------- d-----w- C:\Users\THOMAS\AppData\Local\ESN
2014-02-13 16:20:50 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins
2014-02-11 03:01:55 40960 ----a-r- C:\Users\THOMAS\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2014-02-11 03:01:55 40960 ----a-r- C:\Users\THOMAS\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2014-02-11 03:01:55 -------- d-----w- C:\Program Files (x86)\Project64 1.6
2014-02-10 15:06:05 2434856 ----a-w- C:\Windows\SysWow64\pbsvc_bc2.exe
2014-02-08 23:59:20 -------- d-----w- C:\Users\THOMAS\AppData\Local\CyberLink
2014-02-08 23:53:10 -------- d-----w- C:\Users\THOMAS\AppData\Local\Cyberlink SoftDMA
2014-02-08 23:51:28 -------- d-----w- C:\MediaServer
2014-02-08 23:51:25 -------- d-----w- C:\Users\THOMAS\AppData\Local\MediaServer
2014-02-08 23:51:20 -------- d-----w- C:\ProgramData\PDVD
2014-02-08 23:50:50 -------- d-----w- C:\ProgramData\install_clap
2014-02-08 05:31:34 -------- d-----w- C:\Users\THOMAS\AppData\Roaming\BitTorrent
2014-01-31 14:06:24 -------- d-----w- C:\Program Files (x86)\Origin Games
2014-01-31 13:34:04 -------- d-----w- C:\Program Files (x86)\Origin
2014-01-29 05:57:02 -------- d-----w- C:\Program Files (x86)\TSEV Skyrim LE
2014-01-29 03:22:43 -------- d-----w- C:\Program Files\Nexus Mod Manager
2014-01-29 03:11:55 396800 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\w\a\l\m\a\r\t\dll\ISSkinExW.dll
2014-01-25 08:46:01 -------- d-----w- C:\Program Files\Futuremark
2014-01-25 07:58:51 -------- d-----w- C:\Users\THOMAS\AppData\Local\IsolatedStorage
2014-01-25 07:58:51 -------- d-----w- C:\Users\THOMAS\AppData\Local\Futuremark
2014-01-25 07:58:35 -------- d-----w- C:\Program Files (x86)\Futuremark
2014-01-21 08:48:32 -------- d-----w- C:\adobeTemp
.
==================== Find3M  ====================
.
2014-02-16 23:28:07 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-02-16 23:27:58 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-02-13 16:20:30 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-02-12 23:14:15 282296 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-01-16 21:48:16 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2013-12-19 18:53:46 6671648 ----a-w- C:\Windows\System32\nvcpl.dll
2013-12-19 18:53:46 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-12-19 18:53:44 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-12-19 18:53:44 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-12-19 18:53:44 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2013-12-19 05:01:48 3539040 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-12-18 23:20:22 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-12-17 17:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-10 02:13:11 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-12-10 02:13:01 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-12-05 08:42:30 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-12-05 08:42:26 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-11-28 13:38:22 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-11-28 13:38:18 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-11-25 23:09:29 3123272 ----a-w- C:\Windows\SysWow64\pbsvc.exe
2013-11-22 08:36:08 1515296 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2013-02-17 03:27:32 2174976 ----a-w- C:\Program Files (x86)\Common Files\atimpenc.dll
.
============= FINISH: 13:33:36.23 ===============
 
If anymore information is needed let me know, thanks!!

RELEVANCY SCORE 200
Preferred Solution: Virus Blocks Bios and Safe Mode on Startup

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Virus Blocks Bios and Safe Mode on Startup

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number). Please downloadJunkware Removal Tool to your Desktop.Please close your security software to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete, depending on your system's specifications.On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.Please post the contents of JRT.txt into your reply.===Download the correct version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.===Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.Let me know what problem persists.

Read other 2 answers
RELEVANCY SCORE 120

Hi
 
Recently my computer was infected with a virus.
-I ran RKill and combofix which seemed to remove all the malicious proccesses the virus ran. 
-I was then able to use bitDefender and Malwarebytes which removed various files. 
 
Now my computer appears to be functioning normally however when I restart my computer:
-the screen remains black until the windows log in screen shows. (No bios splash screen shows, I have an ASUS mobo)
-If I try to enter safe mode the computer freezes and is inoperable until it is restarted again.
 
Note: I can post particular logs if necessary or more information is needed. I am capable with computers however this is the first time I have been infected.
 
Thank you so much for any help, it is greatly appreciated!
 
Thomas

A:Virus Blocks Bios and Safe Mode on Startup

Please follow Steps 6-8 of Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html and submit the requested DDS log, along with your ComboFix log, in a new topic in the forum containing the Prep Guide.
 
Once that is done,..come back to this topic and post a link to your new topic.  Once that is done, this topic will be closed to avoid confusion.
 
Thanks .
 
Louis

Read other 3 answers
RELEVANCY SCORE 84.4

Can you advise re UK interpol virus infection toDelllaptoprunning windows 7

screen is lockedto the interpol message tried allsafe modes toget back in but system shuts down and reboots into normal mode

will a BIOS redirect to boot drive on cd or flash be the best strategy if so what is recommended?
 

Read other answers
RELEVANCY SCORE 82.8

I run MS Security Essentials and AVG - AVG expired a month ago and I had been debating whether to change to another supplier but before I could do so last week I got hit by the WindowsRecovery virus. I thought I had cleared it out manually, but had been having some problems with access to IE so opened in safe mode to download Malwarebytes. At once a new virus opened, XP Anti Spyware with the usual dire warnings, and has blocked access to Malwarebytes website. Cannot now run in even safe mode as this new virus is rampaging about inside safe mode. It has presumably infiltrated SE in some way. I have no idea how it got in as I have not downloaded anything in weeks. But now I cannot even run in safe mode or access malwarebytes.

I assume the only way forward is to download an anti virus package from this pc (not yet infected) onto a usb stick and install it from there. Is this the way forward and which one should I chose. I am running XP Pro by the way.

A:Virus runs in safe mode and blocks access to Malwarebytes

Please see the self-help guide: Remove XP Anti-Spyware 2011, Vista Security 2011, and Win 7 Internet Security 2011. Be sure to follow the instructions exactly as written using FixNCR.reg, RKill and then an immediate scan by Malwarebytes.I run MS Security Essentials and AVG - AVG expired a month ago and I had been debating whether to change to another supplierUsing more than one anti-virus program is not advisable. Why? The primary concern with doing so is due to conflicts that can arise when they are running in real-time mode simultaneously and issues with Windows resource management. Even if one of them is disabled for use as a stand-alone scanner, it can affect the other and cause conflicts. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior. Each anti-virus may interpret the activity of the other as suspicious behavior and there is a greater chance of them alerting you to a "False Positive". If one finds a virus or a suspicious file and then the other also finds the same, both programs will be competing over exclusive rights ... Read more

Read other 7 answers
RELEVANCY SCORE 82.8

Greetings, and thanks for helping.

I am running Windows XP SP2 and my PC has fallen under the cold, icy grip of an evil virus, so am posting from a laptop. I believe the problem may have originated as some sort of malware/adware and gotten worse. Here's the background info:

-Before these problems originated, I was running AVG Free and Ad-Aware.

-I have no idea what happened -- I usually browse pretty safely and avoid shady websites offering enlargement of my...uh...anyway, I don't open email attachments from bad sources, and never download .exes from untrusted websites.

-The first problem I noticed was Firefox (I don't even use IE) opening tabs with pages full of advertisements, despite a popup blocker. I got sick of this pretty fast and ran AVG. That got a few things but the problem persisted.

-Ditto with Ad-Aware. I would always get a bunch of bad cookies, maybe a trojan, but never anything really severe.

-Then things got worse. AVG's email scanner has been forcibly disabled (!!).

-I try to boot into safe mode and run AVG again. Safe Mode will not run. It crashes on loadup (it hangs up on a driver called SPTD.sys, but renaming that driver causes it to hang up on another one). The driver hangs, then it blue screens really fast (cannot read error code) and restarts.

-Normal mode works fine.

-In the meanwhile I installed Malwarebytes' Anti-Malware, Spybot Search & Destroy, and the (paid!) version of Spyware Doctor, all to no avail. ... Read more

A:Nasty virus evades several programs, blocks Safe Mode

Malwarebytes' Anti-Malware 1.44
Database version: 3645
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

1/27/2010 9:31:36 AM
mbam-log-2010-01-27 (09-31-36).txt

Scan type: Quick Scan
Objects scanned: 116919
Time elapsed: 5 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

----

It appears I'm screwed. Currently backing up data for a format.

Read other 1 answers
RELEVANCY SCORE 82.4

Randsomeware has everything is being blocked from the "normal" removal process. this one happens to Department Of Justice moneypak. on an XP Pro 32 bit.
 
I have attempted so far:
 
hitman kick start from USB but it is blocked as well attempted from cd no go
 
kaspersky recovery disk 10.0 boots up can update and scan found java exploit virus x4 however Doj returns on reboot
 
ran through terminal in kaspersky recvovery the windowsunlocker step. doj returns on reboot
 
maby good news is that kaspersky can brows filed and registry but have not made any changes as of yet.
 
Attempt to run Norton bootable revovery after press any key to boot from CD is hit black screen and no activity at all
 
 
 
Not sure of next step....
 
Any help is greatly appreciated

A:Ransomeware blocks safe mode blocks Hitman kick start

Wachman48, welcome to the BC Forums!!
 
Please run the Kaspersky WindowsUnlocker tool and then follow up by running the Kaspersky Rescue Disk scan.
 
Using the following link:
http://support.kaspersky.com/us/viruses/disinfection/8005#block4
 
Follow Step #2 to boot the computer from the Kaspersky Rescue Disk with Kaspersky WindowsUnlocker.
Next, use...
Step #3 with the following command: Unblock Windows
Step #4 to scan computer using Kaspersky Rescue Disk
Step #6 to obtain a report of Kaspersky WindowsUnlocker
Note that the Kaspersky WindowsUnlocker utility is designed to disinfect Registry entries of the operating systems, and disinfect user Registry trees.
Kaspersky WindowsUnlocker does not  perform any actions with files!
 
In order to disinfect the files, use the Kaspersky Rescue Disk Graphic Mode, and load the graphic subsystem.
 
If there is an option to obtain a report, please do so. If not, please take note of the Detected Malicious Software, and provide it in your reply.
 
 
If you have any questions, do not hesitate to ask.
 
When done, please provide feedback as to whether the computer boots normally.

Read other 66 answers
RELEVANCY SCORE 76.8

Hey guys i have a slight problem.. When i press the power button on the cpu to turn my computer on it takes about 20 seconds for the Display to actually show up.. and when the bios starts it always tells me to press F1 to continue or DEL to enter setup..
gives a message saying that " Setup is running in safe mode please change you overclocked settings or something like" i havent overclocked my computer and everything is in default what should i do to remove this message appearing everytime i start my computer

AMD ATHLON 64 3200+
512 MB DDR
MS- 7030
Geforce 6800
 

A:Safe mode message during bios Startup

If you go into your bios settings the save and exit that should cure the problem. If it doesnt then let me know and i will do my best to help further. Rik.
 

Read other 4 answers
RELEVANCY SCORE 70

Hi,
I'm using Comodo v10 in proactive security, the HIPS level is Safe mode.
Unfortunately, I always find this line in the blocked applications:
The exe comes from a trusted vendor:
And I have a custom HIPS rule that allow that exe:
If i unblock the app from the blocked list, after few seconds a new entry is created.
The only way to not create the entry is disable the HIPS component.

IMO it's a bug: the driver comes from a trusted vendor, I'm in safe mode and, anyway, and an explicit allow rule is present.
Do you know if there is a specific reason for this?
 

A:Comodo in Safe Mode blocks a trusted vendor app

ctrlz said:


IMO it's a bug: the driver comes from a trusted vendor, I'm in safe mode and, anyway, and an explicit allow rule is present.
Do you know if there is a specific reason for this?Click to expand...

Have you been able to contact or post a bug report to Comodo Support (Email and Forum)?
 

Read other 0 answers
RELEVANCY SCORE 70

I got infected with this Copyright Violation malware. Most of the advice on how to get rid of it says something like, "Click on start and then..." Well I can't get a screeen that shows start or anything not even when I go into safe mode.

A:Copyright Violation that blocks Vista even in safe mode

Hi, AtheistBill Lets give this a try. You will need a flash drive to move information from the sick computer to a working computer. It is the only way we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).Here is what you need to do.Two programs to downloadFirst Download ISOBurner. Click Here for ISOBurner Instructions. Install the program, and follow the next set of steps. SecondDownload OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 276.7MB in size so it may take some time to download.When downloaded double click and this will then open ISOBurner to burn the file to CDBoot the Non working computer using the boot CD you just created.In order to do so, the computer must be set to boot from the CD firstNote : For information click hereYour system should now display a REATOGO-X-PE desktop.Double-click on the OTLPE icon.When asked "Do you wish to load the remote registry", select YesWhen asked "Do you wish to load remote user profile(s) for scanning", select YesEnsure the box "Automatically Load All Remaining Users" is checked and press OKOTL should now start. Change the following settingsChange Drivers to AllChange Standart Registry to AllUnder the Custom Scan box paste this in/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr... Read more

Read other 3 answers
RELEVANCY SCORE 69.2

I'm at my wits end here. I'm infected with at least Virtuomonde and Smitfraud. Here is what's happening.

All antivirus and HJT that I've tried (spybot, HJT, Avast, etc) start to run and then die. When I try to restart I get a dialog box that says, cannot access, file, drive, path--you may have insufficient rights.

clicking on browser links redirects to a random page.

booting in safe mode gives me a quick BSD and then starts over

Active desktop has died--I deleted an html "warning" image from the recovery console on a Win XP CD.

Can ANYBODY help or am I doomed to reformatting?

Currently running Win XP Home Edition--SP-3

Thanks so much!

Chuck

A:Malware Blocks All Antivirus and Stops Safe Mode Boot

You have the new rootkit that's out thereWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.-----------------If the scan doesn't run or won't complete, just select Drivers to scan

Read other 1 answers
RELEVANCY SCORE 69.2

Hello,

Recently my dad's computer had a corrupted hive and boot.ini. Via this website, I was instructed to run a chkdsk /r while in the recovery console. Everytime I used his OS disk to get into the recovery console, it prompted me for a password and I didn't know it (nor could I leave it blank). I decided to use my OS disk from my computer and I could fix the problem. Now, though, everytime I startup the computer, it prompts me to start windows normally, in safe mode, in safe mode with networking... To give further information...on that same screen there is an option for Windows XP and Windows XP Home Edition. Don't know if that has something to do with it. They both work though when I press enter on either one. Could anyone help me stop the computer from prompting me??? Thank you for any help.

Read other answers
RELEVANCY SCORE 68.8

okay, i'm usually a rather resourceful guy who somehow manages to fix his computer problems with hours of googling, but this time i need some help.

It all started on my dad's vista basic laptop. He got that vista home security 2012 virus which i attempted to remove by following the guide on bleeping computer. after editing the registry to stop vista home security from opening every time i ran an exe, i rebooted so i could go into safe mode and get rid of the virus once for all. when i tried booting into safe mode, it took me to the normal safe mode login screen, i then entered my password, and it hung with a black screen and my mouse almost like explorer.exe wasn't running. well i tried ctrl alt del to start explorer but all i got was a message saying something along the lines of i don't have the permissions. that's weird because my only user on the computer is an administrator. so i rebooted the computer and tried to login normally, without safe mode, and i got the same never ending black screen, still couldn't reach task manager. so i decided to take the battery out and try safe mode again. well this time safe mode started booting up, and then blam! computer restarts itself.

so to clarify, i cannot boot up any safe mode (regular safe mode, safe mode with networking, or the basic safe mode with cmd). so after a few hours of murdering people on call of duty to clear my mind, i figured i would swap hard drives with my other laptop. i got the screwed up hard drive in a new ... Read more

A:Vista Virus Locked me out No safe mode quick bsod on startup cant read

Welcome
Although your offer is very interesting, the members of this forum will give you all the help they can for a simple smile and thankyou when done.
Lets start with installing Ubuntu, this should get your pics, unless there are hardware problems
http://www.howtogeek.com/howto/windo...dows-computer/
If this does not work, which it should, we will try a startup repair.

Read other 6 answers
RELEVANCY SCORE 68.8

I have an XP SP3 box (Pentium Ci5, 4GB RAM) which is infected with the Police Central e-crime Unit scam. I have read the removal instructions on this page:

http://www.bleepingcomputer.com/virus-removal/remove-police-central-e-crime-unit-reveton-ransomware

Unfortunately the computer will not boot in safe mode or safe mode with networking. If I select either option, the computer just restarts before loading Windows.

I should be very grateful if anyone knows of a fix which can be run from a bootable thumb drive.

A:Police Central e-crime Unit scam blocks safe mode

Hello, do you have the possibility to boot from a CD as well or only a flashdrive?

Read other 79 answers
RELEVANCY SCORE 68.4

Hello all, I've been messing with and Googling this problem all day and am stumped. Any help will be greatly appreciated.

My laptop:
Toshiba A105-S4134
XP SP2
MCE 2005
Intel T2400 Duo Core
2 GB RAM

1. Two days ago I had a glitch - a bunch of browser windows were open and the system just sort of froze up. I ended up doing a hard restart. The PC then took a longer than normal time to boot back up.

2. That made me nervous, so yesterday I made True Image images of both partitions on the HD, that is C: (OS and apps) and D: (data).

3. This morning I decided to run a memory diagnostic disk (I had memtest86+ and Windows Diagnostics CDs on hand). I set boot priority to CD/DVD ROM using Start > All Programs > Toshiba > Utilities > Toshiba Assist > Optimize > Toshiba Hardware Settings > Boot Priority

4. When I restarted the PC, I heard the CD Rom drive spin for a few seconds, but the screen stayed lack and didn't boot. After some time passed with no activity, I hit control/alt/delete a couple of times and XP then booted form the HD.

5. I unsuccessfully tried multiple times with three bootable CDs (that worked on another Toshiba laptop), including the Recovery and Apps disk that came with the laptop. Same result. I re-checked boot order a few times and the setting priority was still as I had set it.

6. I then found that I was unable to get into either safe mode or BIOS, or to get the PC to boot from the CD ROM during startup using any of F12, F8, F2... Read more

A:Solved: Toshiba: Cannot boot from CD or enter Safe Mode or enter BIOS on startup

Read other 11 answers
RELEVANCY SCORE 67.6

Ok so I got some messed up virus a couple of days ago. It was antivirus security pro i believe. I couldnt get rid of it in time and tried starting my computer in safe mode but it didnt work. It just tried to restore my computer with entire hd and two partitions. I didn't want to do that since I figured I could use norton in safe mode and get rid of the virus. So i kept shutting it off and retrying safe mode but it kept going to that. Now I wish it would do that. Instead my laptop goes to startup repair, which it says is incompatible with my system.
 
It's an ASUS laptop that's like 4-5 years old and I'm running windows 7 32 bit.
 
I'm getting a windows 7 install disc made from another computer and hopefully that will work but I really don't know what else to do. I think my laptop started off as windows XP but I don't remember.
 
All I have is system recovery options and none of them can do anything except for the command prompt.
 
Any help would be really appreciated!!

A:Virus meltdown/startup repair loop/no safe mode/no install disc/no restore point

Wow sorry to hear it did you in that hard! So no factory restore options are working? I would see what happens when you get that windows cd made and boot from it. Hopefully you can get a bit farther
-alex

Read other 5 answers
RELEVANCY SCORE 65.2

I recently attempted to clean my brother's computer after he aquired a virus from the torrent file program he uses. Regardless, I cleaned a trojan and a backdoor from his system from safe mode. I can not boot in normal mode. Everytime i try the system gets hung up at the windows loading screen then the screen turns black and sits there. I have to hard reboot. I ahve used a repar CD and i have come across an error 0x800700b7, i have also recived this when i tried to work around this problem "identifier {9dea862c-5cdd-4e70-acc1-f32b344d4795}"

OS= Win 7

A:System will only start in Safe mode, Clean virus in safe mode

You can spend a lot of time trying to fix the boot problem and clean the virus from the computer, or you can nuke it and reinstall Windows. I wouldn't bother trying to fix it, personally - I'd back up what I could and then I'd install Windows again.

Read other 9 answers
RELEVANCY SCORE 63.6

Hello, I'm hoping someone would be able to help me resolve this so that I can avoid having to reinstall Windows. Here's the situation: my laptop suddenly cannot boot up anymore; it usually hangs when the "Please wait..." dialog shows up with the text "Windows is starting up...", but sometimes it goes as far as the login prompt, then hangs after I enter my credentials and press Enter. When it hangs I cannot even move my mouse cursor. I can only think of two things I did out of the ordinary that created this mess:
I installed the driver for the Turtle Beach AudioAdvantage Micro USB stick audio card before my PC started hanging. However, after I installed the driver I was forced to reboot, and my computer rebooted just fine.
I closed my laptop's lid to put it in sleep mode while MyDefrag (formerly JkDefrag) was running. I have done this in the past without any issues, but this time when I exited sleep mode my computer was hanging, so I forced a reboot. This trouble started after I rebooted.

I am able to boot up in Safe Mode, but not Safe Mode with Networking, which leads me to think that maybe some network related drivers got corrupted. Some more info on my setup:
I have Windows XP Pro SP3 installed (v5.1.2600)
I have Avira AntiVir and Comodo Firewall installed
I am not using Hibernation
Audio: SigmaTel STAC9751
Graphics: Intel 945 GMS
Chipset: Mobile Intel 945 GMS Express
Netcard: Realtek RTL8101L
Wifi: Intel PRO/wireless 3945

Update 1: ... Read more

Read other answers
RELEVANCY SCORE 63.6

Windows XP will freeze after about 10-15 seconds after starting up. I cannot move the cursor or right-click. I have no other choice but to hold down the power button and shut down. However, it loads OK in Safe Mode. Where do I go from here to fix this?

A:Windows XP freezes on startup in normal mode, but loads OK in safe mode. What do I do?

Arrrgh! Now when I go into Safe Mode none of the icons appear, and I can't see the Start menu! It's a totally black screen except for "Microsoft ® Windows XP Build..." and "Safe Mode" in the four corners. Please help!

Read other 24 answers
RELEVANCY SCORE 63.6

ok i have a huge problem, i no virus scan capabilities in safe mode and in safe mode with networking, now i have tried to go back to reg. booting, and see if it is installed corectly, and from the looks of it, it is all icons and file folders are there and working.....now when im in either one of the two safe modes wither im on the amnstdr or mine the software will not open and it won't open, here is what comes up when i try to open it from program files:

"Faild to start the Symantec Management Client service. Error code returned:
0x8007043c
i am getting frustrated badly with this, i am running XP home ed. on an ACER aspier one, (say what you want but its practical) and as you can tell i am running live update/Symantec Endpoint Protection
and yes everything is up to date, i have waxxed the backdoor troj. with no prob. but i am needing help tring to fig. out how to solve this prob so i can make shure i completly killed the attack...thanx

A:No virus scan in safe mode or safe mode with netwrkg

Hi and Welcome to BleepingComputer,

Not all anitvirus programs work in safe mode, I don't know about Symantec but I do know my ZoneAlarm does not. I do not see the reason to run it in safe mode. If you are really wanting to run stuff in safe mode, run SuperAntiSpyware in it and just run your antivirus program in regular windows.

Btw, it sounds like you had something on there that has backdoor capabilities and if that is the case, then unless you reformat the computer, it will never be truly safe again.

Read other 11 answers
RELEVANCY SCORE 63.6

I had this machine built just over a year ago, and only had occasional crashes (no particular activities seemed to generate the issue). About 2 months ago the crashes became more persistent, and upon restarting the machine would have trouble loading normal mode. At the screen that reads "welcome" the spinning wheel would simply freeze, and the computer would lock up. As this problem persisted the computer would either automatically reboot itself each time, or crash into a BSOD and run a dump. I can, however, start it in Safe Mode without issue.

It had been running the same install of windows 7 ultimate x64 until a couple of weeks ago when I attempted to reinstall. This solved nothing, so I reinstalled again, this time deleting the partitions and formatting the drive. Again, the problems persist. I'm inclined to think they're hardware related at this point, but I'm in no way an expert.

From the most recent BSOD:




Quote:
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

Additional information about the problem:
BCCode: 116
BCP1: FFFFFA8009500010
BCP2: FFFFF880108EAF10
BCP3: FFFFFFFFC000009A
BCP4: 0000000000000004
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1


My system stats:
MB - Asus P6X58D-E
CPU - Intel i7 950
RAM - 3 x 2gb Kingston HyperX DDR3 1600 SDRAM
HD - Western Digital 640gb 7200 rpm SATA 6gb
Vid - EVGA GeForce GTX 460 ... Read more

A:BSOD during startup for normal mode. Can only start in safe mode.

Look at Computer lags every couple seconds

Try the following:
1. Download and install Driver Sweeper
2. Download the latest driver for your display card
3. Click Start Menu
4. Right Click My Computer
5. Click Manage
6. Click Device Manager from the list on the left
7. Click the + next to Display adapter
8. Right click your display/graphics card device
9. Click Uninstall
10. Check the box to Delete driver software for the device
11. Click OK
12. Restart your computer in safe mode
13. Run Driver Sweeper, select display card manufacturer's drivers, analyze, clean
14. Restart your computer
15. Install the latest drivers

Update to SP1Download Details - Microsoft Download Center - System Update Readiness Tool for Windows 7 (KB947821) [August 2011]

Download Details - Microsoft Download Center - System Update Readiness Tool for Windows 7 for x64-based Systems (KB947821) [August 2011]

Steps to follow before you install Windows 7 Service Pack 1 from the Microsoft Download Center

Service Pack 1 Download site
Links to Service Pack 1 (SP1) and preparation for SP1 courtesy of JMH

Also, it appears if it is hardware, it is probably your graphics card. Recommend trying a different display card and seeing if it resolves the issue (borrow one from someone if you can since buying one and replacing the old one may not fix the problem and may be a waste of money).

Edit: I know you may not be able to do all above steps in safe mode, but do what you can.

Read other 6 answers
RELEVANCY SCORE 63.6

Okay i got a virus some how dont know how that really isnt relevant surpisingly.
i noticed it because avg picked it up and i then qaurentined it.
afterwards i used Four diff AV programs just to verify it precense.
All three found it in the exact same place under the same name and all that.
so i rebooted in safe mode, and proceeded to delete it.

I deleted the actual file, which was annoying like usual...
i had to right click on the .dll and go to the properties and remove all the permissions.
Very pety and frustrating... anyways after i deleted them,

I ran the same Four AV programs and they picked up nothing.
then i ran a specific scan with avg, only in the "system volume information folder"
i would have deleted it from there it manually, but it take like an hour,
to go through all the CMD crap, and changing variables, anyways..
it picked it up in there as i hoped it would, i then deleted it from there

afterwards i defragged my whole machine to make sure there wasnt pieces of it anywhere
after the defragging was done, i scanned again w/same 4 AV programs & found nothing
OBVIOUSLY it was gone lol.
i rebooted the system and let it boot up normal this time

when it started up in normal mode after i did all of the above it seemed pretty happy...
keyworrd there "seemed" i waited a lik for the startup programs to load.
gave um a lil extra time just in case i clicked on my computer for the first thing
i was gonna check C:\Windows\sy... Read more

A:freezing at startup after logon in normal mode (not safe mode)

im not going to bump this yet,
but i really need someones help i have to already explain today now why i am a day behind on my paper,
i really dont want to have to explain to my of a professor why i am two or three days behind, for obvious reasons something along those lines lmao

Read other 3 answers
RELEVANCY SCORE 63.6

I am having an issue where my computer will start fine in normal mode, but if I try to go into safe mode, it goes into startup repair mode.

Windows 7 Home 64bit, Lenovo desktop. Webroot Secureanywhere.

A little bit of background: OPENVPN was giving me a lot of messages like, "TCP: connect to [AF_INET]109.73.164.47:443 failed, will try again in 5 seconds: The system tried to join a drive to a directory on a joined drive". Contacted my VPN provider regarding this, they questioned where that IP address was coming from because it was not theirs. The IP address is this message would sometimes change, but according to WHOIS all were registred to:

OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam


I have no idea personally who this is. Ran the widely accepted malware scanners (Malwarebytes, Superantispyware, Rkill, Adwcleaner, Combofix "feel free to scold me...", and I think some rootkit scanners) found Somoto PUP, which I seem to have removed. OPENVPN ceased giving me the "system tried to join a drive" messages.

I want to run Malwarebytes in safe mode to make sure the infections are gone, but every time I F8 and select SAFE MODE or SAFE MODE WITH NETWORKING, the computer goes into STARTUP REPAIR mode. I have not selected the RESTORE option, but selecting the REPAIR option just results in the computer hanging and I have to force power off the computer.

Tried googling for this issue, but all I fi... Read more

A:Starts in normal mode but safe mode goes into startup repair...

Run the tool below

Farbar Recovery Scan Tool


64-Bit Version OS Farbar Recovery Scan Tool x64 <===== Download Link

Drag the FRST64.exe from the Downloads folder to your Desktop

Right click on FRST64.exe and choose

When the tool opens click Yes on the disclaimer window .

Press Scan button.

FRST will let you know when the scan is complete and has written the FRST.txt to file



   Note
The first time Farbar Recovery Scan Tool is run, it makes also another log Addition.txt


Please upload both logs in your reply.(FRST.txt and Addition.txt)

FRST.txt and Addition.txt will be on the Desktop

Upload a File
Click on the Go Advanced button under the Message box . Scroll down to Additional Options then click on Manage Attachments in the Attach Files sections . Click the Browse button locate the file then click on the Open button . In the Upload File from your Computer section click on the Upload button . Wait until it finishes uploading then close the window . Then click Submit Reply .

Read other 4 answers
RELEVANCY SCORE 62.8

Consistent BSOD during Windows startup for both normal mode and safe mode. BSOD problem started shortly after buggy installations of Microsoft Visual C++ 2005 x64, Microsoft .Net Framework 1.1, and AMD Catalyst Drivers 13.9; and turning off Microsoft .Net Framework 3.5.1.

Startup Repair is consistently unable to fix: 0x0000007e (0xffffffffc0000005, 0xfffff800033bf6d6, 0xfffff880009a7578, 0xfffff880009a6dd0).

I accessed the dump file of the BSOD-inflicted drive by usb-connecting it to the same pc, but that's now running a functioning, system hard-drive.

BlueScreenView shows these following files to be problematic:
atikmpag.sys
dxgkrnl.sys
dxgmms1.sys

The hash of the atikmpag.sys from the BSOD-inflicted drive is identical to the one in the functioning drive, so I don't think this is the root problem.
However, the hashes of the two dx files (dxgkrnl.sys, dxgmms1.sys) are different. I have replacement files for the broken dx files, but I don't have, nor know how to get, the access permission to replace them.

I'm at a loss for what I can try at this point. I used DM Log Collector and uploaded the resulting file. Any help is appreciated, thanks.

A:BSOD during windows startup; can't safe mode; startup repair can't fix

Henry,

The cause of the problem may be related to a Windows 7 installation which has never seen any updates.

Code:
Host Name: HENRY-PC
OS Name: Microsoft Windows 7 Home Premium
OS Version: 6.1.7600 N/A Build 7600
Can I just confirm, you have no way of booting into Windows at the moment. Correct?

Read other 2 answers
RELEVANCY SCORE 61.6

My brothers computer was infected with a virus which basically disabled half the keys on his keyboard and slowed his laptop down insanely. He tried rebooting his computer but he forgot that he had a BIOS password enabled.

Once the laptop is booted up, we can not get through the BIOS password because half of his keys do not work. We can not go through set up files or boot options because the password comes first, we can not use a recovery CD, and we have tried opening up his laptop to pull out the CMOS Battery but when we opened up the laptop, we could not see where the battery was?

His laptop is a Lenovo IdeaPad Z565 running with Windows 7 Home Premium.

Thank you for any help!
 

Read other answers
RELEVANCY SCORE 60.4

I was browsing the internet the other day when I clicked on a link and my computer shut down. I immediately knew it was a bad link. My computer rebooted and it wouldn't let me on IE after that at all. I then did a restore to the previous day. I was about to get online so I went and downloaded Kaspersky IS and scanned my computer. My laptop messed up and rebooted itself. Then got Anti-Malware Bytes in Safe mode and ran a scan, still had issues Kaspersky not running right and my computer freezing after just a couple of minutes. Went back and did a restore again to the same spot and this time said forget Kaspersky and jsut did AMWB. It showed my computer is clean, yet about 2 minutes after booting, my computer reboots and the safe mode option pops up. I can run ok in safe mode but cannot get it to work in normal mode. I did trend micros housecall and another online scanner and all say my computer is clean. Yet, when I start IE, I am redirected on every link I click to scour..... or another site with links on it. Any help is greatly appreciated, as well as a recommendation for a better Anti-virus. I jsut had McAfree that came with this laptop. Thanks!






.
DDS (Ver_2011-06-12.02) - NTFSx86 NETWORK
Internet Explorer: 8.0.7600.16385
Run by Mom at 1631 on 2011-06-20
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1805 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes =... Read more

A:Only runs in safe, redirects even in safe, reboots in normal mode..no virus' found

oh and Malwarebytes did block a 91-207-192-22 port 49179 svchost.exe

Read other 9 answers
RELEVANCY SCORE 59.6

How do I boot up into BIOS and  safe mode? Does anyone have an answer this?
Thanks!

A:BIOS and Safe Mode

Windows 8 "safemode" - http://windows.microsoft.com/en-us/windows-8/windows-startup-settings-safe-mode
 
BIOS - try pressing F2, F10 or F12 during boot-up.
 
Regards. . .
 
jcgriff2

Read other 3 answers
RELEVANCY SCORE 59.6

Does anyone know of the F key to activate the bios safe mode screen? I want to load xp but in safe mode.
 

A:BIOS safe mode key

Make and model of your computer would assist us in helping you. Different brands use different keys for bios.
 

Read other 7 answers
RELEVANCY SCORE 59.6

Hi,
I`m a newbie! Bear with me. I`ve caused the fault but I don`t know what I did or how to correct the consequence!
Unless I go into MSCONFIG, I cannot invoke SAFE MODE.
STARTUP should automatically go into the SAFE MODE Menu, if there was a prior failure. Mine will not.
I cannot invoke the SAFE MODE menu from STARTUP by presssing the appropriate function key.
Normally Windows 7 is very resilient, I would rarely have to go into SAFE MODE but if I leave my PC with the Internet on the screen turns off and no matter what I do it will not restart till I`ve pressed the Power Off button on the PC. I use the SAFE MODE in the event of some sort of Systems crash.
Help!!
Thank you.
Alan Beckley

A:Safe Mode within Startup

Just checking that you are tapping F8 before the Windows spash screen shows up, correct?

And were you able to get into safemode before?

Are you able to get into the bios (F2 or del)?

I want to make sure your F8 key is working.

Read other 7 answers
RELEVANCY SCORE 59.6

I have an ASUS CM5570 with Pentium Dual Core CPU, 2.60GHZ each, 6GB Ram, and 630GB HDD running Vista Home Premium OS. I've tried several times to start in Safe Mode pressing F8. Each time a blue window appears with 2 options: SATA:PM-Hitachi HDT721064SLA360 or CDROM: SM-ATAPI DVD A DH20A6S. I've always chosen the SATA option. The computer just boots in normal mode. How do I get this to start in Safe Mode? HELP! Thanks!

A:Safe Mode Startup

Click Start, Run, type in msconfig, and click OK. When the System Configuration Utility window comes up, click the BOOT.INI tab, select SAFEBOOT, and then OK. You will get asked to reboot and when you do, it will come up in Safe Mode.

When you're done in Safe Mode, go back to msconfig and remove the checkmark from SAFEMODE. Do this before you get out of safe mode or the computer may start continuously rebooting in safe mode.

See: Safe Mode

Read other 1 answers
RELEVANCY SCORE 59.6

ok here's a good one .... have a HP Pavilion dv7, uses Windows 7, last night start menu error box pops up, cannot load start menu or desktop, cannot system restore or any suggested ideas, figured I'd go to safe mode .... nothing, completely ignores F8 key tapping or holding .... any suggestions ?
 

A:No Startup - No Safe Mode

Windows repair.
 

Read other 1 answers
RELEVANCY SCORE 59.6

OK ... Not sure what caused this but ....

When I got home, computer was in blue screen. Unplugged and rebooted. Hung at Starting Windows. Unplugged again and rebooted. Selected user and continued on. Hung after desktop image was downloaded and normal desktop was presented. If I moved the cursor to the task bar, got hour glass. Could not get task manager to appear and could not start any program.

Booted in safe mode with networking. Opened firefox in safe mode and it was really funky. Could not get to techguy.org. Showed some porn. Basically, it was highjacked.

Ran hijack this (probably an older version) which I then copied onto flash drive and copied onto my laptop for posting here.

Need help, thought I'm concerned that I won't be able to download any programs you suggest onto the affected computer.

Thanks,
Dave
Logfile of HijackThis v1.99.1
Scan saved at 9:42:33 PM, on 12/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finance.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h... Read more

A:Virus - browser issues in safe mode/hangs in normal mode

Read other 7 answers
RELEVANCY SCORE 59.6

Hi All,

Been having this problem since yesterday. Whenever I start up windows, it freezes after a couple of minutes. Tried going into safe mode to run virus scan (Avira and Malwarebytes) but both freeze halfway through scanning and I have to do a hard reset. No idea at all what is wrong with it.

Also find that when I try to open Adobe PDF Reader, it shows this message when I am in normal mode. 'The windows installer service could not be accessed. This can occur if you are running in safe mode, or if the windows installer is not correctly installed.' Right after that, it freezes. Not sure if that's relevant.
Please help me! Thanks a lot in advance!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:22:47 AM, on 2/4/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Pro... Read more

A:Computer freezes in normal mode after a few minutes and then in safe mode when running virus scans

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. [/b]If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about y... Read more

Read other 3 answers
RELEVANCY SCORE 59.2

Just a general question:1. When doing a routine scan for viruses and malware, etc. (and just generally speaking), is it better to scan in safe mode or regular mode? 2. If you scan in safe mode, is there anything that wouldn't show up (that you could potentially miss) that *would* show up in regular mode? 3. Or is safe mode just better all around, and everything is covered (plus more) that you'd find with scanning in regular mode?(I'm referring to scanning with AVG A/V, AVG Anti-Spyware, SpyBot (old version), and Ad-Aware SE.)Thanks!

A:Better To Scan In Safe Mode Or Regular Mode For Virus/malware?

Safe Mode is a troubleshooting mode designed to start Windows with minimal drivers and running processes to diagnose problems with your computer. This means some of the programs that normally run when Windows starts will not run.The Windows operating system protects files when they are being accessed by an application or a program. Malware writers create programs that can insert itself and hide in these protected areas when the files are being used. Using "Safe Mode" reduces the number of modules requesting files to only the essentials to make your computer functional. This in turn reduces the number of hiding places for malware, making it easier to find and delete the offending files. Using your anti-virus and anti-malware tools, in "Safe Mode" also speeds up the scanning process. Read "Beginners Guides: Windows XP Safe Mode Explained" and "What is 'Safe Mode' used for and why?"

Read other 4 answers
RELEVANCY SCORE 58.8

Yo.

So just a hour or two ago, after I had restarted my computer (it was working ok afterwards, except the fact the internet wasnt wanting to work at all, i restarted to try fixing that), the computer will not boot up. It will be stuck on the animated loading circle thing, sometimes if I wait long enough it'll BSOD for a split second and then restarts. At times it'll bring up a "automatic repair" thing, it'll try preparing it and then suddenly it'll go into a black screen and do nothing afterwards.

While it is loading, the keyboard will be on for a moment and then turn off, I have tried mashing function keys and it does jack, I was trying to see if I could boot it up with ubuntu to try recovering files of mine but it won't let me, if I remember correctly I have to set up some stuff in BIOS, then load ubuntu via flash drive. But as I said, pressing function keys does nothing at all. This also means I can't get to safe mode.

Read other answers
RELEVANCY SCORE 58.8

I am a numbskull.

I cannot current view any of the operations of my t3256 machine on my monitor. I recently installed a new video card, but did it wrong... way wrong.

First, I didn't disable the integrated card before installing the new one. After inserting the card and installing the new driver, I accidentally deleted the originally driver from the computer. So at startup it declared "new hardware-pga compatible video driver missing". In my defense I really knew better, but was too tired to be working on the machine.

For a variety of reasons it took about three days to get a new (old) driver, to disable. However, in the meantime I had tried to connect to my big tv, and when displayed on this tv, the pc would not let me adjust my resolution to any but the smallest of res (820x?). This was a new problem for me (I was using the wrong cable connection so the tv didn't recognize the input as a computer and the computer couldn't figure out what it was hooked to so it went to default, I think). In a particularly bright moment, I set the display res to it's highest possibility on my small monitor, hoping it would fix the tv problem, however it made my monitor mad enough to just display text saying that it could not support such settings. I could not adjust it at all from that monitor anymore.

Back to the tv, I tried to undo the problem by disabling the new card, expecting that I could reinstall the old driver afterward and be back to square one, to do it all ov... Read more

A:Can I start safe mode from bios?

If you removed the Windows basic VGA drivers they should be reinstalled using a Repair Install.

http://www.michaelstevenstech.com/XPrepairinstall.htm

The NVIDIA? GeForce?4? MX graphics drivers you would get from Nvidia's site.

You should be able to get into Safe Mode and fix things if the drivers you uninstalled were the Nvidia ones.

http://support.microsoft.com/kb/315222

Read other 4 answers
RELEVANCY SCORE 58.8

I'm not sure, and you can decide for yourselves, but I think the hard drive is toast.
My brother (another brother, not Darrel ) got something in his machine that started
" Dumping Physical Memeory".

Every attempt to put adware, malware or antivirus software in and it would crash. Every time!

The problem is that now it will not go past the "boot from CD ROM."
I tried booting from the supplied rescue disk ( MDG Canada ) and it would'nt
I have XP/SP2 Professional and tried that with the same result.

I can't F6 or F8 into it. It goes directly to boot from ??....

Replace hard drive or what?

Greg

A:Will Not Boot In Safe Or Bios Mode At All!

Not booting, hmmm, have you checked your BIOS settings? Does BIOS see the hard drive?
I think you should take the hard drive out of the computer, set it's jumpers to slave position and put it in another computer to see if Windows will recognise it before you just discard it.
Boot to a Windows98 floppy disk should work too - if it can see a "non FAT" partition your disk is OK.

Read other 11 answers
RELEVANCY SCORE 58.8

Hi, I mistakenly installed the 15-ab214nl BIOS while my pc is a 15-ab022nl, now the computer only starts in safe mode .. What can I do? Help me I need the pc for my university thesis. Help! Sorry for my terrible English.













Solved!

View Solution.

A:Safe mode after bios installation

Hi, The bios update for both Models you mention is the same, so that should be Ok. Regarding the accelerometer error, try the following. Open windows Control Panel, open Programs and Features, right click the entry for HP 3D DriveGuard and select Uninstall. When this has completed, restart the notebook. When windows has reloaded, download and install the version of HP 3D DriveGuard on the following link. http://ftp.hp.com/pub/softpaq/sp67001-67500/sp67280.exe Regards, DP-K

Read other 5 answers
RELEVANCY SCORE 58.8

Dell Latitude d810 gets the blue screen at normal startup, all versions of safe mode, and last known good configuration. The error is 0x0000000A (0x1D001C00, 0x00000002, 0x00000001, 0x804E79AA). The user said he was updating his Garmin gps via usb when the computer froze. He restarted and received the BSOD.

A:BSOD at startup and safe mode

Go here: http://support.microsoft.com/kb/314063Scroll down to the section entitled "Error occurs after Windows XP is already installed"

Read other 1 answers
RELEVANCY SCORE 58.8

I am working on a:
Gateway GM5260 Intel Core 2 Duo system running Windows XP Media Center
2 GB RAM (2x1GB)
320 GB HD
DVD-RW

I was cleaning up this PC for someone, removing programs and games, etc and doing updates. Well I had left it for the day and I came back and it was powered off. I went to turn it on and it gets to the Windows XP black splash screen and flashes a BSOD real quick and restarts itself, it's in a loop. It always asks how I want to start since it was not shut down properly. I have tried last known good, safe mode, safe mode with networking, and safe mode with command to no avail...same thing.

The BSOD did stay up when I tried to go to safe mode and it says:
A problem has been detctecd and Windows has been bleep down to prevent damage to your computer.

If this is the first time you've seen this stop erro screen, restart your computer. If this screen appears again, follow these steps:

Check for viruses on your computer. Remove any newly installed hard drives or hard drive controllers. Check your hard drive to make sure it is properly configured and terminated. Run CHKDSK /F to check for hard drive corruption, and then restart your computer.

Technical information:

***STOP: 0x0000007B (0XF78E2640, 0XC0000034, 0X00000000, 0X00000000)


Any recommendations next? I was planning on pulling the hard drive and running a check disk via slaving it over to my PC.

Thanks for the input

A:BSOD on startup cant get into safe mode either

Problem solved. Ran a CHKDSK /f on my computer and put it back into the Gateway and it boots up again.

Read other 2 answers
RELEVANCY SCORE 58.8

On startup XP stops before loading desktop icons and start menu etc. I can load task manager, see there are no apps running etc but can't access anything else. If I try to run Explorer (or any other usefull utiliies) from Task Manager nothing loads. The same occurs in Safe Mode, or with last know good config or any other option from the F8 menu.

I have re-installed XP (repair option from the XP CD) but still the same problem. I have now experienced this with 2 PCs on my network (XP Home & XP Pro) this week and only have 1 PC left still working!

Could this be virus or corruption? Bit of a co-incidence to have 2 PCs corrupted at the same time but can't find any info about likely viruses, any suggestions?
 

A:Hang on startup - even in Safe mode

I had a simular problem on one of my PCs, which was caused by installing a new DVD drive. The drivers for a CD-ROM drive I removed were conflicting with the new DVD. And removing the DVD drive and reinstalling the old CD-ROM drive did not correct the problem as the DVD drivers were now conflicting with the CD-ROM.

I corrected the problem by removing the hidden drivers within Windows, for instructions how to view and remove them see: http://support.microsoft.com/default.aspx?scid=kb;en-us;283658&sd=tech
 

Read other 2 answers
RELEVANCY SCORE 58.8

Hey,

I dont know what has triggered this off but everytime I try to run windows normaly the loading animation sticks and I get a BSOD....Ive gone into safe mode and here are the BSOD details:

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.0.6001.2.1.0.256.1
Locale ID: 2057

Additional information about the problem:
BCCode: 1000007e
BCP1: C0000005
BCP2: 88B2106D
BCP3: 80758894
BCP4: 80758590
OS Version: 6_0_6001
Service Pack: 1_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\Mini081608-02.dmp
C:\Users\Jeremy\AppData\Local\Temp\WER-67656-0.sysdata.xml
C:\Users\Jeremy\AppData\Local\Temp\WER9D73.tmp.version.txt

Read our privacy statement:
http://go.microsoft.com/fwlink/?link...3&clcid=0x0409


Please help me fix this...I dont want to reinstall!

A:BSOD on startup...please help me fix im in safe mode right now....

Help Anyone???!!!!!

Read other 2 answers
RELEVANCY SCORE 58.8

ok, i have been having trouble with restarts while i was playing games recently (which is a whole other long involved story) and i have come to the conclusion it is the power supply, so i will be replacing that soon.

i have not used the computer in a good while and decided to work on it the other day. well, minutes after going into a game, it restarted. now the computer is running at 100% all the time, non stop. i checked the programs that are running, to see what is eating it up, and there are way too many programs jumping around between 0% and 40% i can barely see what they are.

I did however receive a STOP error once or twice during a restart:
STOP: 0x000000F4 (0x00000003, 0x855D0020, 0x855D0194, 0x805F9F88)

the computer runs fine in safe mode, so i assume its not a hardware problem (although i have checked the ram, and hard drives and such). am i wrong for assuming this? so i used msconfig to restart it in Diagnostic Startup, which still ran like crap. What exactly is running during Diagnostic Startup that isnt running in safe mode that could be causing this problem?

During Diagnostic Startup, i did manage to see 2 programs that were jumping the most (lsrass and csrss - i am really not sure if thats the exact spelling as i am not at the specific computer right now)
 

A:Diagnostic Startup vs Safe Mode

Read other 16 answers
RELEVANCY SCORE 58.8

Hi guys,
i already had a installed win7, but it got in to safe mood, i tried a lot but failed to start in normal mode, so decided to install a fresh copy of win7 n when installed a fresh copy (installation process went well) after installation when (DVD) (recovery media) was ejected system got shut down n when started again started giving message something like (reboot\select boot device n all), but windows did not start.
pls help, i am in lot of trouble...............

n if possible pls show me the way to completely disable safe mood.

thnx a lot in advance all u guys!

A:Safe Mode and installation will not startup

Hi all of u Genius Guys there,

Am going through Hell, coz of SafeMode in Windows7,

pls u guys help me to totally disable this safe mode feature or the best n easiest way to come out through it,

thnx in advance guyssssssssssssssssss.

Read other 6 answers
RELEVANCY SCORE 58.8

HI I've tried almost everything everyone in here has asked me to do, but still no luck. I thought I'd try again today with a new set of eyes and ideas.
 

A:Computer still will only startup in safe mode

Read other 16 answers
RELEVANCY SCORE 58.8

Im so ****ing confused how this is possible, please help

A:Safe Mode has asus startup

Hello Brandon and welcome to Seven Forums.

Do you happen to have your Asus M/B disk in the DVD drive on boot up ?

Read other 9 answers
RELEVANCY SCORE 58.8

I have recently upgraded my pc and it was working fine, then this morning I turned it on, tried to log on and it crashed.
When I tried to log on again the BSOD popped up.
I tried to start it up in safe mode, it worked the first time then when I tried again it popped up with the BSOD.
I can't get the the info from the crash because it wont let me log on.
Any advice on this would be useful as I have run a memory diagnostic which came back as nothing wrong, and I have tried booting from my windows 7 disk with the BSOD replacing the logon screen.
After waiting a while, the BSOD has stopped appearing, instead it get onto my user and came up with error messages saying nothing could be loaded except my background, i tried again and it wouldn't even log in.

A:BSOD on startup, safe mode too

The BSOD has stopped appearing, instead it get onto my user and came up with error messages saying nothing could be loaded except my background, i tried again and it wouldn't even log in.

Read other 8 answers