Over 1 million tech questions and answers.

combofix crashed ...system boot

Q: combofix crashed ...system boot

I have read some of the instructions.. i have loaded the machine with OTLPE...here is the log if someone can helpOTL logfile created on: 10/6/2010 10:32:40 PM - Run OTLPE by OldTimer - Version Folder = X:\Programs\OTLPEMicrosoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEMInternet Explorer (Version = 6.0.2900.5512)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File freePaging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 89.42 Gb Total Space | 35.81 Gb Free Space | 40.05% Space Free | Partition Type: NTFSDrive D: | 4.09 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFSDrive E: | 1.86 Gb Total Space | 0.40 Gb Free Space | 21.29% Space Free | Partition Type: FATF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedDrive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGOCurrent User Name: SYSTEMLogged in as Administrator. Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = StandardUsing ControlSet: ControlSet001 ========== Win32 Services (SafeList) ========== SRV - File not found [Auto] -- -- (userinit)SRV - File not found [Disabled] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)SRV - [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)SRV - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)SRV - [2010/01/08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)SRV - [2010/01/08 00:43:09 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)SRV - [2009/11/09 21:46:24 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)SRV - [2009/05/27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)SRV - [2009/03/18 02:04:42 | 001,685,024 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto] -- C:\WINDOWS\system32\Nagasoft\vjocx.dll -- (vvdsvc)SRV - [2009/02/27 10:54:22 | 000,870,672 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®SRV - [2009/02/27 09:55:20 | 000,909,312 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel®SRV - [2009/02/27 09:38:38 | 000,473,360 | ---- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®SRV - [2009/01/20 21:38:48 | 000,217,088 | ---- | M] (Lenovo ) [Auto] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)SRV - [2009/01/20 21:38:36 | 000,098,304 | ---- | M] (Lenovo ) [Auto] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)SRV - [2008/12/06 09:36:38 | 003,315,080 | ---- | M] (IBM) [Auto] -- C:\Program Files\IBM\Lotus\Notes\nsd.exe -- (Lotus Notes Diagnostics)SRV - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)SRV - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)SRV - [2008/11/24 23:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)SRV - [2008/09/29 13:17:54 | 000,038,176 | ---- | M] (Lenovo) [Auto] -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC)SRV - [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)SRV - [2006/11/10 10:46:26 | 001,504,304 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Program Files\GFS Canada\VPN Client\cvpnd.exe -- (CVPND)SRV - [2005/09/23 11:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)SRV - [2004/08/02 23:36:36 | 000,173,392 | ---- | M] (symantec) [On_Demand] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)SRV - [2004/08/02 23:36:32 | 001,267,024 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)SRV - [2004/08/02 23:36:26 | 000,030,024 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)SRV - [2004/06/11 22:28:30 | 000,201,944 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)SRV - [2004/06/10 00:31:14 | 000,242,808 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)SRV - [2004/06/10 00:31:12 | 000,087,160 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)SRV - [2004/06/10 00:31:08 | 000,255,096 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA)DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\VBoxNetFlt.sys -- (VBOXNETFLT)DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)DRV - File not found [Kernel | System] -- -- (PCIDump)DRV - File not found [Kernel | System] -- -- (lbrtfdc)DRV - File not found [Kernel | System] -- -- (i2omgmt)DRV - File not found [Kernel | Boot] -- -- (fkewhz)DRV - File not found [Kernel | System] -- -- (Changer)DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\SANDEE~1\LOCALS~1\Temp\catchme.sys -- (catchme)DRV - [2010/10/04 04:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101004.003\NAVEX15.SYS -- (NAVEX15)DRV - [2010/10/04 04:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101004.003\NAVENG.SYS -- (NAVENG)DRV - [2010/08/05 14:08:04 | 000,100,496 | ---- | M] (Oracle Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)DRV - [2010/08/05 14:08:02 | 000,143,184 | ---- | M] (Oracle Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)DRV - [2010/03/10 11:36:36 | 000,217,032 | ---- | M] (PC Tools) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)DRV - [2009/09/29 16:06:14 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)DRV - [2009/03/04 13:31:32 | 004,202,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®DRV - [2009/02/24 22:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)DRV - [2009/02/09 08:10:48 | 000,014,336 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\cxru3643.sys -- (cxru3643)DRV - [2009/01/07 07:03:00 | 000,004,608 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)DRV - [2008/11/21 03:11:46 | 000,012,560 | ---- | M] (UPEK Inc.) [Kernel | Auto] -- C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys -- (smihlp) SMI Helper Driver (smihlp)DRV - [2008/10/06 13:47:36 | 000,225,696 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)DRV - [2008/09/29 13:17:16 | 000,023,848 | ---- | M] (Lenovo.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV)DRV - [2008/08/13 20:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)DRV - [2008/08/08 06:10:46 | 000,050,704 | ---- | M] (UPEK Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)DRV - [2008/05/12 23:22:04 | 000,004,224 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)DRV - [2008/05/12 22:14:16 | 000,017,844 | ---- | M] (Lenovo Group Limited) [Kernel | System] -- C:\WINDOWS\system32\drivers\TPHKDRV.sys -- (TPHKDRV)DRV - [2008/04/24 17:53:22 | 000,308,736 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)DRV - [2008/04/14 08:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)DRV - [2008/04/14 01:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)DRV - [2008/04/13 20:24:38 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)DRV - [2007/10/12 17:30:46 | 000,252,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®DRV - [2007/08/24 20:45:22 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)DRV - [2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\iaStor.sys -- (iaStor)DRV - [2006/12/21 08:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)DRV - [2006/12/21 08:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)DRV - [2006/12/21 08:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)DRV - [2006/11/10 10:44:52 | 000,305,788 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)DRV - [2006/09/21 17:55:16 | 000,126,864 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)DRV - [2005/09/28 20:07:02 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)DRV - [2005/05/17 13:20:06 | 000,015,872 | ---- | M] (Atmel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmeltpm.sys -- (atmeltpm)DRV - [2005/05/17 04:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)DRV - [2005/01/26 07:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)DRV - [2004/06/11 22:28:10 | 000,263,736 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)DRV - [2004/06/11 22:28:08 | 000,016,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)DRV - [2004/03/05 03:46:46 | 000,082,832 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)DRV - [2004/02/09 19:43:56 | 000,301,200 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)DRV - [2004/02/09 19:43:56 | 000,037,008 | R--- | M] (Symantec Corporation) [Kernel | Auto] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\administrator.DECISIONLABS_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)IE - HKU\administrator.DECISIONLABS_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Sandeep_Jyoti_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/IE - HKU\Sandeep_Jyoti_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usIE - HKU\Sandeep_Jyoti_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3E FE 41 98 34 60 CB 01 [binary data]IE - HKU\Sandeep_Jyoti_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)IE - HKU\Sandeep_Jyoti_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\Sandeep_Jyoti_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = exoplay.com:80 FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Fiddler2\FiddlerHook [2010/05/07 10:15:54 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\extensions\\{FF35CBDD-9429-4165-B7AA-5DCC9668ABA8}: C:\Documents and Settings\Sandeep Jyoti\Local Settings\Application Data\{FF35CBDD-9429-4165-B7AA-5DCC9668ABA8} [2010/09/28 14:36:55 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010/08/10 14:56:03 | 000,000,797 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: localhost O1 - Hosts: home.ombudsman.gov.ieO1 - Hosts: dev02.dlitools.comO2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\sandeeptemp\SDHelper.dll (Safer Networking Limited)O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)O3 - HKU\Sandeep_Jyoti_ON_C\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)O4 - HKLM..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )O4 - HKLM..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)O4 - HKLM..\Run: [DVDUpgrade] C:\WINDOWS\System32\dvdupgrd.exe (Microsoft Corporation)O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe (UPEK Inc.)O4 - HKLM..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)O4 - HKLM..\Run: [Wjimaxeqay] C:\WINDOWS\uwefazeq.DLL (VoLT, 2010)O4 - HKU\administrator.DECISIONLABS_ON_C..\Run: [SODCPreLoad] C:\Program Files\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20081031-1700\preload.exe ()O4 - HKU\Administrator_ON_C..\Run: [SODCPreLoad] C:\Program Files\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20081031-1700\preload.exe ()O4 - HKU\Sandeep_Jyoti_ON_C..\Run: [Erofujaxakuq] C:\WINDOWS\pavdml.DLL ()O4 - HKU\Sandeep_Jyoti_ON_C..\Run: [GoToMeeting] C:\Program Files\Citrix\GoToMeeting\457\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)O4 - HKU\Sandeep_Jyoti_ON_C..\Run: [ISUSPM] File not foundO4 - HKU\Sandeep_Jyoti_ON_C..\Run: [SkyU2M] C:\Program Files\SkyU2M\SkyU2M.exe (SkyU2M.com)O4 - HKU\Sandeep_Jyoti_ON_C..\Run: [SpybotSD TeaTimer] C:\sandeeptemp\TeaTimer.exe ()O4 - HKU\Sandeep_Jyoti_ON_C..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\1e13ac05-0e3c-4727-83ca-52b5eb0caf43.com File not foundO4 - HKU\Sandeep_Jyoti_ON_C..\Run: [wuaucldt] C:\documents and settings\sandeep jyoti\wuaucldt.exe File not foundO4 - Startup: C:\Documents and Settings\administrator.DECISIONLABS\Start Menu\Programs\Startup\Docova Explorer.lnk = C:\Work\DLI\DocLogic\DocLogicExplorer\bin\Debug\DocLogicExplorer.exe (DLI.tools Inc. www.dlitools.com)O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GFS Canada VPN Client.lnk = C:\Program Files\GFS Canada\VPN Client\vpngui.exe (Cisco Systems, Inc.)O4 - Startup: C:\Documents and Settings\Sandeep Jyoti\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\administrator.DECISIONLABS_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\Sandeep_Jyoti_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\Sandeep_Jyoti_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\sandeeptemp\SDHelper.dll (Safer Networking Limited)O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} http://dev02.dlitools.com/qp2.cab (Lotus Quickr Class)O16 - DPF: {155E724D-D3EE-4078-B226-871EF322E512} http://dev01.dlitools.com/DLIUploaderPro.CAB (DLITools.UploaderPro)O16 - DPF: {38135E75-34A9-49EC-B83D-9F9A31877CA0} file:///C:/Work/DLI/Uploader/WebControl/PackageJustRequired/DLIUploaderV2.CAB (DLITools.Uploader)O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} http://www.decisionlabs.com/iNotes6W.cab (iNotes6 Class)O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/vers...vex- (DLM Control)O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/Tran...ransferCtrl.cab (DLC Class)O16 - DPF: {8A9AE4F4-7651-4484-A877-B126009B8C7B} http://dev01.dlitools.com/ThingFactory.CAB (DLITools.ThingFactory)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://gfscanada.webex.com/client/T27LB/webex/ieatgpc.cab (GpcContainer Class)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = decisionlabs.comO18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)O20 - Winlogon\Notify\ComPlusSetup: DllName - C:\WINDOWS\system32\catsrvut.dll - C:\WINDOWS\system32\catsrvut.dll (Microsoft Corporation)O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)O20 - Winlogon\Notify\psfus: DllName - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll (Lenovo Group Limited)O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009/04/28 15:41:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O32 - AutoRun File - [2006/02/13 13:08:58 | 000,000,145 | R--- | M] () - D:\autorun.inf -- [ CDFS ]O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]O34 - HKLM BootExecute: (autocheck autochk *) - File not foundO35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not foundNetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not foundNetSvcs: Ias - File not foundNetSvcs: Iprip - File not foundNetSvcs: NWCWorkstation - File not foundNetSvcs: Nwsapagent - File not foundNetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DocLogic Explorer.lnk - C:\Program Files\DLItools\DocLogic\DocLogicExplorer\DocLogicExplorer.exe - (DLI.tools Inc. www.dlitools.com)MsConfig - StartUpFolder: C:^Documents and Settings^Sandeep Jyoti^Start Menu^Programs^Startup^Docova Explorer.lnk - C:\Program Files\DLItools\DocLogic\DocLogicExplorer\DocLogicExplorer.exe - (DLI.tools Inc. www.dlitools.com)MsConfig - State: "system.ini" - 0MsConfig - State: "win.ini" - 0MsConfig - State: "bootini" - 0MsConfig - State: "services" - 0MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver GroupSafeBootMin: Boot Bus Extender - Driver GroupSafeBootMin: Boot file system - Driver GroupSafeBootMin: File system - Driver GroupSafeBootMin: Filter - Driver GroupSafeBootMin: PCI Configuration - Driver GroupSafeBootMin: PEVSystemStart - ServiceSafeBootMin: PNP Filter - Driver GroupSafeBootMin: Primary disk - Driver GroupSafeBootMin: procexp90.Sys - DriverSafeBootMin: SCSI Class - Driver GroupSafeBootMin: sermouse.sys - DriverSafeBootMin: System Bus Extender - Driver GroupSafeBootMin: vga.sys - DriverSafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver GroupSafeBootNet: Boot Bus Extender - Driver GroupSafeBootNet: Boot file system - Driver GroupSafeBootNet: File system - Driver GroupSafeBootNet: Filter - Driver GroupSafeBootNet: NDIS Wrapper - Driver GroupSafeBootNet: NetBIOSGroup - Driver GroupSafeBootNet: NetDDEGroup - Driver GroupSafeBootNet: Network - Driver GroupSafeBootNet: NetworkProvider - Driver GroupSafeBootNet: PCI Configuration - Driver GroupSafeBootNet: PEVSystemStart - ServiceSafeBootNet: PNP Filter - Driver GroupSafeBootNet: PNP_TDI - Driver GroupSafeBootNet: Primary disk - Driver GroupSafeBootNet: procexp90.Sys - DriverSafeBootNet: SCSI Class - Driver GroupSafeBootNet: sermouse.sys - DriverSafeBootNet: Streams Drivers - Driver GroupSafeBootNet: System Bus Extender - Driver GroupSafeBootNet: TDI - Driver GroupSafeBootNet: vga.sys - DriverSafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllersSafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM DriveSafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDriveSafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controllerSafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - HdcSafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - KeyboardSafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - MouseSafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - NetSafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClientSafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetServiceSafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTransSafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA AdaptersSafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapterSafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - SystemSafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk driveSafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - VolumeSafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)ActiveX: {124D38C7-5BE5-4D4E-8D6D-9F10DC6B6D11} - Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB925674)ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShowActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimationActiveX: {29DB101A-E6BB-173C-69D7-3634ED67936E} - Microsoft Windows Media PlayerActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dllActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for JavaActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing PackActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - UniscribeActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced AuthoringActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /installActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NTActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShowActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectXActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawExActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer HelpActiveX: {4A447279-ADAF-78A1-91B5-39305FD4DD5E} - Internet Explorer Version UpdateActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.infActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java ClassesActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUserActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICWActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup ToolsActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing EnhancementsActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media PlayerActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site AccessActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web FoldersActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /installActiveX: {78DD9A0A-4AE1-46D0-B9A6-578EFCA47A3C} - Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB937060)ActiveX: {83C5DE6C-A673-EF5C-76D9-62A73FF2B4D9} - Themes SetupActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dllActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exeActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,InstallActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data BindingActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET FrameworkActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET FrameworkActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core FontsActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task SchedulerActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave FlashActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML HelpActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service InterfaceActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exeActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMPActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIEActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUPActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) ========== Files/Folders - Created Within 30 Days ========== [2010/10/05 16:33:43 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime[2010/10/05 16:33:42 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime[2010/10/05 16:33:41 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime[2010/10/05 16:33:41 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime[2010/10/05 16:33:40 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime[2010/10/05 16:33:39 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime[2010/10/05 16:33:38 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll[2010/10/05 16:33:38 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys[2010/10/05 16:33:37 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll[2010/10/05 16:33:37 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll[2010/10/05 16:33:36 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll[2010/10/05 16:33:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll[2010/10/05 16:33:35 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll[2010/10/05 16:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll[2010/10/05 16:33:35 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll[2010/10/05 16:33:34 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll[2010/10/05 16:33:34 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll[2010/10/05 16:33:33 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll[2010/10/05 16:33:29 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll[2010/10/05 16:33:29 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime[2010/10/05 16:33:28 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll[2010/10/05 16:33:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe[2010/10/05 16:33:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll[2010/10/05 16:33:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll[2010/10/05 16:33:24 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime[2010/10/05 16:33:24 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe[2010/10/05 16:33:24 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe[2010/10/05 16:33:23 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll[2010/10/05 16:33:22 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys[2010/10/05 16:33:22 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys[2010/10/05 16:33:22 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys[2010/10/05 16:33:19 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll[2010/10/05 16:33:18 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll[2010/10/05 16:33:17 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll[2010/10/05 16:33:17 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll[2010/10/05 16:33:16 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll[2010/10/05 16:33:14 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll[2010/10/05 16:33:13 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe[2010/10/05 16:33:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll[2010/10/05 16:33:12 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll[2010/10/05 16:33:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll[2010/10/05 16:33:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll[2010/10/05 16:33:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll[2010/10/05 16:33:11 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll[2010/10/05 16:33:11 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll[2010/10/05 16:33:10 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll[2010/10/05 16:33:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe[2010/10/05 16:33:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll[2010/10/05 16:33:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll[2010/10/05 16:33:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll[2010/10/05 16:33:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll[2010/10/05 16:33:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll[2010/10/05 16:33:07 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe[2010/10/05 16:33:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll[2010/10/05 16:33:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll[2010/10/05 16:33:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll[2010/10/05 16:33:06 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll[2010/10/05 16:33:06 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll[2010/10/05 16:33:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll[2010/10/05 16:33:05 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll[2010/10/05 16:33:05 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll[2010/10/05 16:33:05 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll[2010/10/05 16:33:05 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll[2010/10/05 16:33:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll[2010/10/05 16:33:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll[2010/10/05 16:33:04 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll[2010/10/05 16:33:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll[2010/10/05 16:32:59 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll[2010/10/05 16:32:59 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll[2010/10/05 16:32:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll[2010/10/05 16:32:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll[2010/10/05 16:32:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll[2010/10/05 16:32:56 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll[2010/10/05 16:32:56 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll[2010/10/05 16:32:56 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll[2010/10/05 16:32:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime[2010/10/05 16:32:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll[2010/10/05 16:32:52 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe[2010/10/05 16:32:52 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe[2010/10/05 16:32:50 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys[2010/10/05 16:32:49 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime[2010/10/05 16:32:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe[2010/10/05 16:32:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe[2010/10/05 16:32:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll[2010/10/05 16:32:44 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll[2010/10/05 16:32:44 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll[2010/10/05 16:32:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll[2010/10/05 16:32:43 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe[2010/10/05 16:32:43 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll[2010/10/05 16:32:42 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime[2010/10/05 16:32:42 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll[2010/10/05 16:32:41 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime[2010/10/05 16:32:41 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll[2010/10/05 16:32:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll[2010/10/05 16:32:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll[2010/10/05 16:32:38 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll[2010/10/05 16:32:38 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll[2010/10/05 16:32:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll[2010/10/05 16:32:33 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll[2010/10/05 16:32:32 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll[2010/10/05 16:32:31 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll[2010/10/05 16:32:27 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll[2010/10/05 16:32:26 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe[2010/10/05 16:32:21 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex[2010/10/05 16:32:20 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll[2010/10/05 16:32:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe[2010/10/05 16:32:08 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys[2010/10/05 16:32:08 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll[2010/10/05 16:32:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll[2010/10/05 16:32:07 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll[2010/10/05 16:32:06 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll[2010/10/05 16:32:05 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll[2010/10/05 16:32:04 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll[2010/10/05 16:32:04 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll[2010/10/05 16:32:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll[2010/10/05 16:32:03 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll[2010/10/05 16:32:02 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll[2010/10/05 16:31:58 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll[2010/10/05 16:31:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll[2010/10/05 16:31:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll[2010/10/05 16:31:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll[2010/10/05 16:31:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll[2010/10/05 16:31:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll[2010/10/05 16:31:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll[2010/10/05 16:31:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll[2010/10/05 16:31:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll[2010/10/05 16:31:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll[2010/10/05 16:31:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll[2010/10/05 16:31:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll[2010/10/05 16:31:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll[2010/10/05 16:31:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll[2010/10/05 16:31:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll[2010/10/05 16:31:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll[2010/10/05 16:31:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll[2010/10/05 16:31:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll[2010/10/05 16:31:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll[2010/10/05 16:31:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll[2010/10/05 16:31:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll[2010/10/05 16:31:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll[2010/10/05 16:31:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll[2010/10/05 16:31:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll[2010/10/05 16:31:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll[2010/10/05 16:31:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll[2010/10/05 16:31:51 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll[2010/10/05 16:31:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll[2010/10/05 16:31:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll[2010/10/05 16:31:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll[2010/10/05 16:31:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll[2010/10/05 16:31:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll[2010/10/05 16:31:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll[2010/10/05 16:31:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll[2010/10/05 16:31:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll[2010/10/05 16:31:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll[2010/10/05 16:31:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll[2010/10/05 16:31:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll[2010/10/05 16:31:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll[2010/10/05 16:31:47 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll[2010/10/05 16:31:47 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll[2010/10/05 16:31:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll[2010/10/05 16:31:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll[2010/10/05 16:31:43 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll[2010/10/05 16:31:43 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll[2010/10/05 16:31:42 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe[2010/10/05 16:31:41 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll[2010/10/05 16:31:41 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll[2010/10/05 16:31:40 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll[2010/10/05 16:31:40 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe[2010/10/05 16:31:39 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll[2010/10/05 16:31:39 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe[2010/10/05 16:31:38 | 000,233,52

Preferred Solution: combofix crashed ...system boot

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: combofix crashed ...system boot

Forgot to mention...The issue is that i can't seem to boot into XP after acquiring some viruses....when i was able to boot into the machine, i ran combofix and after installing the recovery console, it showed "Acccess is denided" a few times before the system crashed. After that, i could see in safe mode that the system was hanging while loading the isapnp.sys file....thats when i downloaded the otlpe iso and ran the scan posted above

Read other 3 answers

Hello,This is my first post so if I make errors, please let me know so I don't make the same mistake twice.This past weekend, I was working on a PC that showed numerous viruses. The owner visited a website which significantly slowed down the PC and from what she said other 'problems' started happening. She had no virus protection on the PC. I ran Malwarebytes and found numerous adware, which it cleaned up. The PC continued to be sluggish.I then downloaded ComboFix (as I have many times before working with other forums and techs) and began to run it. It installed the Microsoft Recovery Console and started to run. Identified rootkit problems and rebooted. That's when it never came back up and the PC just sat for HOURS with just a blinking cursor on a blank screen. After about 5 hours she shut down the PC. So now the PC will not boot to anything. Just a black screen with the cursor blinking in the upper left corner. I currently have the hard disk connected to another PC to back up her documents, pictures, desktop, etc. Not sure what to do next. Is there a way to recover from where ComboFix crashed ?This is store-built PC and the only discs that she gave me would rebuild the PC from scratch, losing everything. There is no XP system CD for me to boot from - just complete recovery. I'm trying real hard to avoid that option.

A:ComboFix crashed PC will not boot

Hello,First a few comments and questions.In what capacity are assisting the owner of this computer? Are you employed to repair it? Are you IT and this is a buisness computer? Is this a friend your helping?You have run Combofix unsupervised.....this was ill advised!! This is a complex and powerful tool that should not be used except under the supervision and direction of a malware expert. It can and will render your computer unbootable permanently!! Also realize that in most circumstances a single run of Combofix is ineffective. Specialized scripts will be written specifically directing this program to clean-up based on your logs!! I might be able to help you recover but first I would like you to answer my questions.Thanks,~ t

Read other 74 answers

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
Ran by roger casadejus (administrator) on ROGER-PM2S (09-09-2015 14:51:16)
Running from C:\Users\Roger Casadejus\Downloads
Loaded Profiles: roger casadejus (Available Profiles: Roger & PM2S & roger casadejus)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\45.0.2454.17\remoting_host.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\45.0.2454.17\remoting_host.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
... Read more

A:Combofix crashed my computer deleting system files!!

Greetings exabyte666 and to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.If you would allow me to call you by your first name I would prefer to do that.===================================================Ground Rules:First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter prob... Read more

Read other 3 answers

Requesting assistance to check out system that crashed.
22:31 14/07/17
System  crashed  -  then on RESTART asked for BOOT from externial device.
Started with this ERROR message after double clicking a desktop icon for installed program.
"Remote procedure call failed"
Tried several other installed programs.
Got same error message.
Then decided to do a restart.
This message appeared on the screen.
"Plug Boot device into assigned port"
Decided to restart in SAFE MODE.
Restart in "SAFE MODE" worked.
Picked  option:  "FIX COMPUTER".
A message box opened to scan for problems.
Clicked on "YES"
Scanning completed with message "NO PROBLEMS FOUND".
Another screen opened with system repair options.
Several restore points were listed  and an option to scan for affected programs.
picked scan for affected programs.
Scan result was "NO PROGRAMS AFFECTED".
Selected a good restore point and started restore process.
Restore process ran for three ( 3 ) hours.
At restore finish selected the option to "RESTART".
Restart worked and computer started.
Tried a few installed programs - all worked.
Windows-7 Home Prem
Intel i5-2410 CPU, 6.00 GB RAM,
operating system 64 bit
Requesting assistance to determine if computer is OK.

A:System Crashed - Tried restart - msg - Boot from Externial

Please download MiniToolBox  , save it to your desktop and run it.
 Checkmark the following checkboxes:  List last 10 Event Viewer log  List Installed Programs  List Users, Partitions and Memory size.
 Click Go and paste the content into your next post.
 Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.

Read other 9 answers

Windows failed to start. How do i solve the problem? Also, i dont have the windows installation disc and F8 doesn't work either.

Read other answers



Can you please start by telling me if you ran an new or an older version of Combofix?EDIT ~ Please refrain from using capslock, it makes reading hard and is considered yelling.

Read other 15 answers

Hi, i was recently infected by few trojans and worms I believe. I don't remember most of their names but i managed to delete some of them manually but a few of those return after logging off or restarting the computer. some virus i might have on the system are


someone has also hacked my passwords using seabra password stealer and the worse part is whoever sent the virus, it has killed all my anti-virus including combofix. it corrupted my "unhackme" program first so that it won't start and when i started the latest version of combofix, it started but after a while it gave an error with no message and crashed and deleted itself from my hard-drive..please i need your help desperately

A:Combofix crashed

Hi Warpath,The reader_s.exe file, plus a few other things I see in your second post, indicate that your system is infected with Virut.Virut is a polymorphic file infector with IRCBot functionality which infects .exe, .scr files, downloads more malicious files to your , and opens a back door that compromises your computer. Virux is an even more complex file infector which can embed an iframe into the body of web-related files and infect script files (.php, .asp, and .html). When Virut creates infected files, it also creates non-functional files that are corrupted beyond repair. In many cases the infected files cannot be disinfected properly by your anti-virus. When disinfection is attempted, the files become corrupted and the system may become irreparable.The virus has a number of bugs in its code, and as a result it may misinfect a proportion of executable files....some W32/Virut.h infections are corrupted beyond repair.McAfee Risk Assessment and Overview of W32/VirutThere are bugs in the viral code. When the virus produces infected files, it also creates non-functional files that also contain the virus...Due to the damaged caused to files by virut it's possible to find repaired but corrupted files. They became corrupted by the incorrect writing of the viral code during the process of infection. undetected, corrupted files (possibly still containing part of the viral code) can also be found. this is caused by incorrectly written and non-function viral code present in thes... Read more

Read other 6 answers

Today 8 June 2010 I downloaded combofix from bleepingcomputer as usual.
I run it but after it show the command promt window and the message about '... if is heavy infected it make take easy double time to run..." it become with light color the window ! like when a window is not responding in windows 7 and it appear the known window when a program crash waiting to find solution and then close.
I have also eset internet security but in disable it and also combofix forced it for exit (it asked me to exit from eset)
I copy here what I see in events.
Any help?

Log Name: Application
Source: Windows Error Reporting
Date: 8/6/2010 12:57:53 μμ
Event ID: 1001
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: xxxxxxxx
Fault bucket , type 0
Event Name: APPCRASH
Response: Not available
Cab Id: 0

Problem signature:
P1: CF3232.cfxxe
P2: 6.1.7600.16385
P3: 4a5bc19e
P4: ntdll.dll
P5: 6.1.7600.16385
P6: 4a5bdadb
P7: c00000fd
P8: 00046bdf

Attached files:

These files may be available here:
C:\ProgramData\Microsoft\... Read more


Please note the message text in blue at the top of the Am I infected? What do I do? forum. No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read the pinned topic ComboFix usage, Questions, Help? - Look here. With that said, what specific issues are you having that requires using ComboFix? Are you using a 64-bit versions of Windows 7?

Read other 8 answers

Ran combofix a day ago to clean up some nasty viruses on the PC. Now it won't boot into Windows or Safe Mode at all. What's the first step in this? I don't think combofix actually created logs. Do I run that Farbar program and post back?
Please help!

A:Ran combofix, now system doesn't boot into Windows or safe mode.

Hello? I thought there were usually like 4-5 replies for this sort of common problem.

Read other 2 answers

My Dell XPS 420 desktop with Windows Vista 32 began experiencing issues with pixels scrambling after an automatic ATI/AMD update.  I began receiving an error regarding  the graphics game card failure.  I was advised to try running ComboFix to see if that would help.   I initiated the ComboFix process and the computer crashed within a few minutes into the start of the process.  I restarted the computer and it went to a black screen with a white cursor.  I could not get into Safe Mode and all of my restore points were gone.  The error code on the computer showed a hardware failure.  So I purchased a PNY graphics card, but when I went to install the drivers it shows that I cannot access my cd/dvd drive.  I can access my flash drive.  I have tried everything that I know to get the computer running.  I purchased the Windows Vista 32 Recovery disk and converted it to a iso file.  I also purchased a Windows Vista 32 image file and converted it to an iso file.   After running the repair disk, it gave me the error 161 - error code 0xA1 and gave me a link for the tools needed to correct the problem.  The download was for DriverDetective and ReImage Repair.  I downloaded them to my flash drive and copied them to the hard drive (which I can access through x: through the F8 feature-system repair, etc.).  I attempted to run the execution files on both and received error regarding dll's not presen... Read more


FWIW: No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. When issues arise due to complex malware infections, possible false detections, problems running ComboFix or with other security tools causing conflicts, experts are usually aware of them and can advise what should or should not be done while providing individual assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment. Please read the pinned topic ComboFix usage, Questions, Help? - Look here.As a general policy, Bleeping Computer does not offer advice on how to run ComboFix unless we asked someone to run it or there is a problem with the computer caused by running it. This is because people should not be using ComboFix without being advised to do so by a trained expert who is assisting a member deal a malware issue on that system. Further, more information is needed by using tools like DDS, OTL, RSIT which create comprehensive logs with specific details about a computer's system, files, folders and registry keys which may have been modified by malware infection BEFORE deciding if ComboFix should be use... Read more

Read other 3 answers

I have first been getting these problems when I downloaded Comodo IS Pro. Apparently when I approached them for help,the technician did not reply to me after telling me to install.

Thus I did a system restore and the computer could load in normal mode(however the screen,etc loaded slow like hell.)

Yesterday, I downloaded comodo firewall and something familiar appeared

From Problem Reports and solution, these are the service that crashed:

4X svchost.exe
1X lsm.exe
1X sandboxie.exe
1X wininit.exe

But guard32.dll from comodo is the module causing it according to Problem Reports and Solution, but anyone knows why and how to solve it?

A:Svchost crashed, windows start up crashed, local session manager crashed

Have you tried uninstalling Commodo to see if it is causing the problem?

Read other 3 answers

hi all,

my win 7 pc crapped out. its not the disk. i have an image made on acronis. i bought a new win 10 pc. whats the easiest way to get that win 7 image with all my applications onto the new win 10 desktop? i want to get rid of windows 10. i would like my image working on new pc (new hardware) as i will not have to reinstall and configure everything again.

i tried swapping the old pc disk into the new pc, but the new pc would not boot: says invalid disk. could it have something to do with the MBR or that UEFI thing?

A:System crashed, how to restore Windows7 system image into new desktop

you're going to be in a world of pain if you want to do this but have no access to the old computer. In this situation, a SYSPREP with the generalize function is run in Windows 7 to prepare it for migration to new hardware.

You can try cold turkey like you did, you may have to switch to AHCI drivers from IDE or IDE to AHCI depending on what you had before to get it to boot. The boot sector may be a problem too. If you used standard MBR in the past then check your BIOS on the new PC to see what adjustment you can make.

Read other 1 answers

My SSD crashed, with the boot program on it. Can I get my HDD to boot  the comp? It's not partitioned for it. I have a 32 gb 3.0 flash drive. Running 8.1. Already tried to recover, and restore the ssd, partition isn't there. I think it's toast. 

A:Dual Hard Drives, SSD (Only boot Drive) Crashed, Can I get HDD to boot?

A couple more details. I'm hearing a beeping sound when I power up now. The ssd isn't even recognized when I scan the comp. If I use this comp, also a dell, and running 8.1 to load my flash drive with 8.1, will it boot my laptop, then can I set up my hdd to boot?

Read other 1 answers

I was recently helped by Jack & Jill in another forum.


I received clearance from the Malware forum to create this post.

After my topic was closed, I installed the updated Windows Vista Service Pack (the one I had was outdated). Upon completion of update my system crashed. I cannot even run System Restore (it never reaches completion).
When I try to start my computer I get the following message:
!!0xc0000034!! 185/49206 (program_files_windows_nt_tabletextservice_...)

Unfortunately I do not have any recovery CDs. Any help is greatly appreciated,

A:System Crashed - Unable to utilize System Restore

Can you start up in safe mode?

Read other 21 answers

Dear Tech guy,

I sure hope you can assist me to get my sony vaio vgnfw44jb to boot into windows 7 again. Its been 3 days of wrestling and I got to the end of what I know.


My Sony Vaio started to run weirdly and do random things; I figured it was infected so here's what I did.

1. downloaded and ran the free malwarebytes tool. >> some things removed but system still buggy
2. system restore > chose a 'good restore point' >>> ran slowly > result system restore failed
]tried older restore points> system restore result> failed
3. Vaio stopped booting into win 7 >>> able to boot into safe mode>> inserted win 7 system build cd to reinstall but thats not allowed in safe mode
4. downloaded Kapersky rootkiller cd >> ran this overnight >> forgot to save log to usb drive >> vaio stopped booting at all
5. downloaded the Hiren CD ( yes, read its all pirated not asking for help with that) ran mbrfix tool >> no change
6. found techguy site, browsed around, joined, downloaded ubcd > burned to cd
7. tested vaio : power on > windows starts but does not complete > vaio care begins> not able to repair, suggests I repair registry
8. viao now has ubcd in cd drive, powered off

Any advice on how I can fix my pc and get it to boot or... reinstall win 7 without losing my latest data?

Is there a way to strip off the data and applications so I can restore to vaio after fix?

Oh hear my tale of woe, tech ... Read more

A:After using a boot CD and Combofix, no boot & startup repair fails on sony vaio

Read other 16 answers

Hello I recently installed suse on my computer and I also have windows xp installed on a seperate partition. Since I am an idiot I was on windows xp and I decided to delete the suse partition trough windows. After I deleted the suse partition, I restarted windows and like ususal it said Grub loading, but I got an error because obviously suse is no longer there, so I put in the win xp disc and tried to repair windows. I thought if I deleted the 956 mb swap partition it would correct the system from trying to load Grub, but it actually made things worse and now I cannot even load the windows xp disc. Now when I try to load the xp disc it says inspecting system configuration then the screen goes blank.........I dont know what to do! Help!

A:Help system crashed

Read other 10 answers

I am running vista on an acer laptop. Last night it crashed. When i turn it on a black screen with safe mode options pops up. I tried that but it starts to load and nothing happens after that. I don't mind if i can't recover any files because all i really had on there was pictures and music.

If there are any tips that could help me out to get my computer up and running again, please let me know.

Read other answers

First off, thanks to everyone ahead of time for helping me!

Alright, so I just moved to a new house and hooked my computer up to the internet for the first time on the new IP. I was on for just a few minutes when I got a "Send error report" saying that "the system has recovered from a serious error". When I go to click anything, I get the BLUE SCREEN OF DEATH!! Now it happens everytime within a couple of minutes when I load my desktop. Now I don't really think it has anything to do with a different IP or anything like that, but I've been messing around with other forums for days now and still haven't been able to fix this problem so I decided to jump in the forums and post my own thread and just hope I can get this fixed.

A:My system crashed, please help!

Hopefully the computer wasn't dropped when you moved from house to house. Also hopefully the computer was packed up right and didn't get banged around inside the truck or whatsover.

One thing you can do is to check the HDD for any errors. Go to the manufacturer's website of the hard-drive and download the latest diagnostics utility. Then put the program onto a CD, boot the computer to the CD, and test HDD for any errors. If there are any errors, then it's time to backup your files ASAP.

Another thing you can do is to perform a windows repair on your computer and hopefully windows repair will fix the problem.

Also try reseating computer parts. Reseat the videocard, cpu, and memory sticks and make sure they are on the motherboard tight.

You can also perform a check disk repair. Go into my computer and right click on the C: drive. Then choose properties and then click on the tools menu. Click on "check now" on the error-checking section and then make sure the two boxes are checked. Click on start and reboot your computer and let check repair do it's thing.

Read other 2 answers

I was trying to free up some space and accidentally deleted tons of system files and a bunch of necessary things I have no idea what to do or which system files I deleted. I tried starting it up and it came up with a screen saying Power Saving Mode and then switched to a screen coming up with: SYNTAX in the middle and on the bottom it said: Press TAB to enter post.... and Press DEL to enter setup. I tried the rescue disk but it wouldn't load the CD Drive. Then I went into the BIOS and changed it so it would boot the CD drive first. Nothing happened. WQhenever i turn it on the SYNTAX and Power Saving Mode scxreens just cycle over and over continuously.

I desperately need help. I hope you can help me someway

A:System Crashed

Welcome to BC
Do you have a XP disk?

Read other 5 answers

I think that I wiped out some registry files prior to rebooting. Now can not access system, not even open BIOS setup.
Put Win xp pro disc in and rebooted many times, pushing DEL to open BIOS setup, but can not. Only comes up motherboard flash screen.

I really screwed up and have no idea how to access BIOS setup. This is a work machine so in a tight spot.

Any suggestions would be great!


A:HELP! Crashed system.

What were you doing to your computer before this happened? Where you flashing the BIOS?

Read other 2 answers

My windows vista crashed for no apparent reason and it will continuously direct me to a black screen with an option to continue normally or launch startup repair.

Normal startup doesn't work, and the repair gives me the message "cannot repair this computer automatically". I send the info to microsoft and it gave me no options to fix it

And although I have attempted the repair several times already, for some reason it says number if repair attempted:1

Root cause found:
Startup Repair has tried several times but can still not determine the cause of the problem."

Root cause found:
Unknown bugcheck: Bugcheck 7f. Parameters = 0x0 0x0 0x0 0x0.

Repair action: system restore
Result completed successfully

Note this is the results from 2 separate occations

I have tried System restore to an older date but it did not work

I have tried safe mode, did a dskchk with /f but didn't do anything

Unfortunately I have made no backup

Also, the windows came with the computer so I don't have any disks or anything

A:System crashed please help!!

I am no expert,but the same thing happened to me with my laptop in October. I called my computer manufacturer's tech service and we went through most of the F8 options and none of them worked except for the options under recovery manager: I had a choice of full factory recovery or recovery with automatic data backup and I chose recovery with automatic data backup. Because I chose recovery with backup,I retained all of my files. I don't know if your computer has that option or not. But,if all else fells you may be able to do that.

There are probably other things you can do first. Other people with more knowledge than me might have other suggestions,I'm sure.

Good Luck!

Read other 4 answers

I was working with my "backup" computer.......Win XP SP2 and ran an AVG scan.......anti-rootkits. I removed 5, and one was fixed. Later on I shut down the computer when a storm came through, and about an hour ago powered it back up. Windows will NOT boot up. It continued to recycle, and I am unable to get into SAFE mode, nor will it boot with the last known good settings. I tried "debugging mode", "disable automatic restart on system failure", and "safe mode with networking" (out of desperation), but nothing's working. I do not have a recovery disc, but I do have the OS re-installation disc that came with the computer, plus the SP2 disc I got from Microsoft.What's my next step? Thanks.

A:I Just Crashed My System

I will move this to the Am I Infected forum, where someone will try to assist you.


Read other 18 answers

Hiiiiiiiiii all

My XP.system have been crashed , I was doing some particular updates and when it done and reboot the system I can not log in to the XPsystem .

I have two systems in my device the other one is ubuntu , as we know when I turn on the device the system Give me a suggestions to select which system I want so I choose windows but the problem is the system again restart from it self and it still do that just with xp but it okay with linux , I think I need to delete the files of current updates but how can I log in to windows ?

- I can not reach to the welcome screen
- Safe mood as normal mood , which mean it still restart
- I lost the CD's of system

A:My XP.system have been crashed

From the Advanced Options Menu choose Disable automatic restart on system failure instead of Safe Mode.
Post the lines under the Technical Information section, the Stop code and any file names it mentions.

Do you know which updates you were installing?
If you were installing the KB977165 update, and have the version before MS added code to check for the presence of a rootkit, that could be the cause. Installing the update on an infected system causes blue screens or restarts.

Check the Windows partition for this folder:
If present, check in the spuninst subfolder for the spuninst.txt file

The spuninst.txt file contains the commands that the Recovery Console would use to uninstall the update. It's a list of Delete and Copy commands to delete the new files, and restore the old version. The last command makes a copy of the spuninst.txt file named spuninst.tag so that Windows Update will know it's been removed.

You can do each command from Ubuntu if you don't have an XP CD.
If you have access to a Vista/Win 7 DVD or can download one of the Vista/Win 7 Recovery Environment CDs, I have a batch file that can uninstall the update as well.

Vista Recovery Environment CD
64 bit Vista
32 bit Vista
Win 7 Recovery Environment CD

Read other 1 answers

My laptop crashed, system 32 not found/corrupted, i bought a boot cd ( not realising i had one supplied with the laptop). The bought disc then reloaded xp pro, so no files, no office programs. When i did find the right disc and press f8 on start up i have 3 windows xps to choose from bottom is the corrupted one middle is the clean version and an incomplete one. When i load the correct boot cd it states i do not have enough ram memory, can i delete the top 2 xps? I just want to get back to the corrupted version and give the original boot cd another try.

Read other answers

crashed drivers and only message appearing F2 set up and f12 to change boot service and keeps switching itself on and off and I cant reload new drivers online and retieve my data.pls help

A:crashed system

i m an windows 7 and cant reload and retieve my info,keeps restarting wih F2 and F12 msgs

Read other 3 answers

Early today my computer was perfect, then came the disater, I was informed that I needed to install SP1 (vista service pack 1). I did so, and towards the end of the process, it crashed my system, I mean a total, complete crash. There is no windows, no prompt, no curser, just a black screen. No matter how many times I turn my compter on and off, the same black screen is looking back at me. The microsoft website is not helping, they want to charge me to fix a problem caused by their system (dont get me wrong, happy to pay for service). Is there any way I can restore my system without inserting the start up disks again.

Added: While waiting for a reply I have decided that I would have to start over. However, my computer will not even read the discs to start over, there is just nothing. Just black. (3 years ago, I had to start over, it was simple,I just put the manufacturer disks in my disk drive, started the computer, and it wiped everything and started again). Any suggestions would be so much appreciated.

A:SP1 just crashed my system


are you using a PC or laptop? When you turn the PC off then back on, do you see the POST screen, i.e. the manufacturer's logo and/or a series of checks denoted by white text on a black screen?

It could be that the PC isn't fully turning off and you're going straight back to the screen you're seeing. If that's the case, remove the power lead from the PC after turning off (or remove the laptop battery), wait 10 seconds then reconnect and power on.

Read other 3 answers

Hello everyone,

While l was formating my Toshiba laptop, the power went out and the system could not continue with the formatting even when it is rebooted.

It comes on showing "NTLDR is missing", press ctrl+alt+Del to restart system.

Please Help.


A:Crashed System -XP

Don't know if you have a xp boot disk but if you do you should be able to copy the NTldr file from that to the root windows folder.

Read other 9 answers

recently i changed my window 7 home premium to ultimate, lost all my programs. my vaio assist button are no longer working and i ve no back up either...kindly assist me

A:system crashed

Hi and Welcome to TSF!

If you did a full reinstall then the new OS may have deleted all of your files.

How did you go about upgrading from Home Premium to Ultimate?

Read other 1 answers

my system got crashed and I managed to reboot with the cd of Lenovo but its not working as it was so I do like to know that can I get my system's factory settings if yes- how could I get it.
Thank you bon400

A:system crashed

Is the system a Dell server? If so, what model, operating system and controller?

Read other 3 answers

Im not sure what led to it- maybe a virus. The same events occured each time. Programs became very slow, mouse froze, became low on memory(~.5gb) so shut down the system and a couple of error windows came up saying to the effect that $something couldnt be saved. I wasnt saving any files that I knew of. Wouldnt reboot- wouldnt repair-reinstalled windws. the last time a bunch of mp3s were playing so checked all mp3s with AVG and Comodo AV as well as the entire system. Nothing found. This is getting old. but Im getting very fast at building the system Any ideas?

Read other answers

crashed drivers and only message appearing F2 set up and f12 to change boot service and keeps switching itself on and off and I cant reload new drivers online and retieve my data.pls help

A:crashed system

i m an windows 7 and cant reload and retieve my info,keeps restarting wih F2 and F12 msgs

Read other 3 answers

Ok so my computer was running sluggish before it eventually totally froze up. I reset the laptop (dell inspiron duo) and now everytime after going through dell screen/bios it tells me that "windows failed to start. A recent hardware or software change may be the cause" or something like that and gives me the option to load either run windows normally or launch startup repair.

No matter which option I choose I get windows is loading files and a White loading bar at the bottom of the page. Once this is complete the Microsoft green loading bar, no logo, will run through once before taking me to a blue screen which appears to be some kind of back ground. There's a dove carrying a branch and some White lines/lighting effects. This isn't my home screen and all that I can do is move the cursor around. Nothing else happens and there is none of the usual start up behaviour.

As far as I am aware there is no malware and the only new software that has been installed was the drivers to use an xbox controller with the pc via plug and play which was around 12 hours ago and the machine has since been turned on and off without problem up until now. Any help greatly appreciated although I'm not very technical friendly with this kind of stuff

Thanks in advance for any help.

A:Crashed and now won't boot

There's a dove carrying a branch and some White lines/lighting effects. This isn't my home screen and all that I can do is move the cursor around. Nothing else happens and there is none of the usual start up behavior. Click to expand...

Welcome to TSG Cal664 If you can move the cursor around, does the keyboard function? Try; Ctrl+Alt+Delete Select Task Manager \ File \ New Task and type Explorer.exe and hit enter. Did the desktop come up? I suggest doing a Clean Boot of Windows 7 and see if the system runs any better. After you have completed the clean boot you can then try and track down the culprit as per the tutorial in the link.

Read other 3 answers

I need a copy of windows xp pro to put on disk and get my laptop back on its feet. I bought it used and have no disk !

A:XP crashed won't boot up

Go buy it, that's the way the rest of us get our software.

Read other 3 answers

Hi guys. During game play the other night my PC locked up. No error message, no ctrl
+alt+del, nothing, so i had to hard reset my tower. After the hard reset the PC seemed to start up like normal.
All fans were running on the tower, plus GPU fan, PSU fan and CPU fan. The mouse light came on but not the keyboard. No error beeps. Now i am not getting a signal from the PC to my TV (Monitor). All parts in my tower are no more than 6 months old. Specs are as follows:

MSI 970a Krait Edition MOBO, AMD FX - 6300 Black Edition CPU, Corsair VS550 PSU, Gigabyte GeForce 660 VIDEO, Geil 8GB RAM (Dragon) as well as 6x 120mm internal case fans. Also running windows 10 on a 1TB HDD.

Please let me know if any extra info is required.

Read other answers

My desktop (Gateway GT5465E) crashed a week ago. It would come up in safe mode with networking so I ran malwarebytes, hijackthis, and several other diagnostics. I removed over 300 malware objects, checked a validation problem and tried to run the driver verifier. It stopped running and crashed again. This time it would not come back. It was looking for a boot disk. I put in my Win 7 repair disk 32-bit. It ran the startup repair twice but could not repair it automatically. I sent the information to Windows. The details list Root cause found:

Unknown Bugcheck: Bugcheck a0. Parameters = 0x1, 0x6, 0x84dfa020, 0x0.
Repair action: system files integrity check and repair
Result: Failed. Error code = 0x490
Time taken = 1265651 ms

I have no restore points for some reason.
it cannot find a system image to use for recovery
I can access a command prompt.

Can you help me get this running again.
If I can get the Win 7 disk, will I be able to reload it?

A:HELP!! Win 7 Crashed. Will not boot up

Corrupt MBR 0x490

You need to run Startup Repair at least 3 times, with re-starts in between each run.

How to Run a Startup Repair in Windows 7
I would recommend to run Startup Repair again, 3 seperate times with re-boots each time.
To be sure there is no more system errors run SFC /SCANNOW Command - System File Checker

When you get it running, start a thread in the System Security forum, they can help you be sure that all the malware is off your system.

Read other 9 answers

hello, I have a major problem here. I was playing an online game earlier today and everything was fine, I logged off from the main admin account and logged into a limited account and was just listening to some music while surfing when all of a sudden i hear a click and all my open programs just froze, I tried task manager but it wouldnt come up so I had to reboot using the power switch, on the first boot i got a message saying no disk was found so i had to boot up again. Now what happened is that just before the welcome screen comes up where you click your name my comp just freezes.Windows is refusing to boot up at all.

The drive in question is a maxtor diamondmax 10 200GB sata , and is split in 2 partitions, one for windows and a second partition full of files which i had backed up onto another drive.

The weird thing is that when i connect this drive up as a slave drive and try to go into the main partition windows tell's me that it is not formatted but oddly enough i can go in to the smaller partition and see all the files in there.Another thing is that the noise it makes is unbelievably loud compared to how it sounded a week ago

This must be the fourth time in the last few days that the drive has made a clicking sound and then just locked up. Would i be correct in assuming that the drive is about to die??

Read other answers

I'm having an identical problem with my laptop. It's a Gateway Q5WTC. Upgraded to WIN 10 from 8.1, an occasional crash I could deal with. But now it won't even POST, even though all the hardware I could remove works in other computers. I've searched around online, even called Best Buy and other computer repair places, but nobody seems to know how to fix this. Could it be a fried motherboard? The only thing I haven't tried that I saw suggested was removal of the DVD ROM, as a faulty drive can occasionally prevent POST.

Read other answers

My laptop that is running on Windows XP SP 3 crashes randomly. On reboot, I see a Missing Boot.ini message. I have run other anti-virus programs including Malwarebytes, Avast. and SpyBot Search and Destroy - but could not find the problem.Previously, I had a similar problem and I was able to get the fix using ComboFix - however, this time Combo fix is returning a message saying "Boot Partition cannot be properly enumerated." ComboFix also is trying to reinstall the Windows Recovery Console but it does not succeed. I have attached the ComboFix.txt file.I have run the DDS.scr and the results are attached. I tried running GMER.exe, however, my system freezes - so I do not have the GMER scan results.There is a thread elsewhere that was started by finalera - but I am not sure if this is the same issue. My drive did not really "crash" because I can always reboot and be working on it for a while - until the laptop randomly turns off without warning.Please advise.I just wanted to update you on this - I manually created the boot.ini file. To my surprise, however, after I rebooted the machine, the boot.ini was missing again. The malware deleted a fresh new boot.ini file.If you have had a similar experience and was able to resolve you viral infection, please let me know or at least point me to the proper thread or info. Thanks for looking at this info.AdrianMerged posts. ~ OB

A:Missing XP Boot.ini and Combofix msg "Boot partition cannot be enumerated"

Hi kangenguru,Welcome to Malware Removal (VTSMR) forum. I am going to assist you with your problem.Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. In case of making changes I shall assume my assistance is not needed any more.If the issue is not resolved please update me on the current condition of your computer.

Read other 19 answers

I hooked up my friend's computer and proceeded with the Microsoft Updates in order to download the latest updates for the PC. When prompted to restart, she clicked OK to restart. After startup, the PC screen when to the startup options - start normally, safe mode, etc. etc.

Computer will no longer reboot to a normal windows screen.

Help please.


A:System crashed after installing SP3

Its a known fault with amd processors.

Boot into safemode, then go
to HKEY_Local_Machine>system>Current Control Set>Services
Find intelppm and change the value from a 1 to a 4.

More info here:

Read other 1 answers

Anyone have an idea how to retrieve e-mail contacts in Outlook from a crashed system that won't boot and can't be restored?

A:Crashed system question

You could try slaving the HDD in another system and trying to retreive the contacts that way.

Read other 1 answers

We have Windows7 and an exterior drive backup. This exterior backup advised us this morning that a partition was full.

We tried to shut the system down - and it asked if we wanted to 'correct' something in the system (it said it was trying to decide). We opted to 'save' the changes and were prompted to reboot the system,

When the computer came back on - there was a white line across the middle of the screen, changed to black and the whole screen 'faded to black'.

Since then, we have tried a variety of things

We did ALT F10 - the system goes to Windows and the Ace restore menu

We did a system restore (NOT FULL)

Then we got

Error Code 1392 The file or directory is corrupted and unreadable

I SOOOOOOOOOO hope someone can give us a little direction to get this thing back up and running

One of the back up files says it was created in Sept 7 - and we cannot get into it. For some reason - the ongoing back up is not showing any more recent date than Sept

We DO NOT want to lose the data that hopefully is still in the computer

Any suggestions would really be appreciated - thank you

A:system crashed and won't restore

That sounds like your hard (external) disk is corrupted. Who is the maker on the drive?


Read other 3 answers

So, I did a stupid thing, deleted some files, and crashed my computer. I tried a safe reinstall of windows (which was not supposed to write over anything) but even after that I can get windows to install/run properly. It's windows XP. My question is, is there a way the I can hook up the broken system to another computer and simply copy the files off of it? I know the exact directories of the files I want to get. Or is this something I'd be better off taking it to the local best buy for? Or just call it a day and re-format?
Not really sure what other info to supply you with, haven't opened either system to see if there is an empty slot to hook up to.

A:Can I get files off of crashed system?

Read other 15 answers

Was installing service pack 2 and system crashed now can not even get back to my old vista.

Seems to be loading and then I get:

!!oxc 0190005!! 9293/45274 (registry\machine\schema\wcm.//microsoft-...)

Then it freezes. I let it stay here for 18 hours and nothing. Tried to boot with my old vista windows disk and can not get a fix or get back to loading anything. Latest error said windows can not fix problem. Frequant black screen of death after bios or it goes to above point and stops.

Any help would be appreciated.

A:System crashed during install

Originally Posted by johnjosiah

Was installing service pack 2 and system crashed now can not even get back to my old vista.

Seems to be loading and then I get:

!!oxc 0190005!! 9293/45274 (registry\machine\schema\wcm.//microsoft-...)

I think your system have trouble with unload Schema hive - it is only temporary hive and after restart system never use it.Download MEPIS Bypassing Log-in Passwords to Access Folders on Drive
burn,boot it and navigate to folder C:\Windows\System32\config ->in this folder find SCHEMA file and rename to SCHEMA.OLD ,next run system normally.

Read other 4 answers

i had a computer freeze today , i rebooted and it wouldnt get past post , just went to a black screen with no operating system start up , i rebooted again and tried to get into safe mode , but it stalls at a point where it says;
multi(O)diskrdisk..etc etc Sys32drivers\Mup.sys

rebooted again with different BIOS setting and it goes through post , lists USB devices , PCI devices , IRQ settings and then stops after the last line where it says ACPI controller.

i went back in to BIOS and checked all boot priority settings , i tried to reinstall the operating system , but it goes through the windows installation dialogue , then stalls at the point where it says " Setup is starting wondows " and just hangs

i thought the HDD was faulty , so installed a brand new HDD , tried to install windows on that but get the same problem ., it just hangs and wont start windows.

any suggestions ,it is obviously a hardware issue , it cant be the HDD as i replaced it with a new one............... ???
Win XP
gigabyte 945GZM S2
duo core CPU
kingston RAM 512 Gig
Seagate SATA 80 gig drive
using onboard VGA

A:crashed system cant install OS

Read other 6 answers

o.k., i'm giving this a try. my daughter's computer has been REALLY down for about a month now, nothing but black screen to reboot,safe,last configuration, etc. none do anything but repeat the screen or randamly go to the HP start screen. when i boot with the recovery console disc, it reaches the console and asks me to choose which do i want, install, R for repair, you know. then it will start the process over. i do find that it's missing systemconfig32, AND error code 14. setup cannot contnue when i try to load the compaq recovery disks. lately filei386halaacpi.dll COULD NOT BE LOADED has shown up. this is recent, though. i broke down and spent $60 with HP. WHAT A DOPE! don't think he knew any more that ME, and i know very little. lots of help would be greately appreciated-i've been out of work with a double back fusion for 6 yrs., it failed and i cannot work. gots little cash for circuit city! i've been reading the site for 4 days solid or until the wife yells too much to stand.

thanks for all the info already, it's been quite helpful.


A:completely crashed system...

Lets try some troubleshooting and see if it could be a hardware issue.

If you are comfortable working inside the computer, shutdown the computer, open the side of the case, remove all PCI cards except the Video Card if it is PCI or AGP, unplug all hardware from the computer except the Keyboard, Mouse, & Monitor, then boot and see if the same problem happens.

Post back with the exact error messages.

Read other 4 answers

My system crashed last night. Loading a heavy graphics MMORPG, the screen started stuttering and semi froze. It has happened before and I hard turn off computer and reboot and all is well. Not this time.
This time I went to the "boot in safe mode" or "last good settings" or "boot normally" screen.
None works. When I try to boot in safe mode, i get a string of lines and it stops.. then recycles. When I try to boot normally or at last good settings, I get the Windows booting screen with the horizontal scrolling then it turns off and starts the booting process again.

I went to CMOS and put on default safest mode and that didn't help.

Then I decided to reinstall Win XP 64 Pro, my OS. I set to boot first via CD drive and it starts the process and delivers me a blue screen with "Windows Setup" in the upper left hand corner of the screen but it proceeds no further. It just sits there and the CD stops spinning.

I put another HD in from an older computer with Win XP and it booted so I assume it's not related to the MB or CPU but I can't for the life of me figure out what to do next. If I can't boot in Safe Mode and if I can't reinstall Win XP64... I am out of ideas.
I am planning on buying a new HD and installing my OS in it if I can't come up with an alternative.

Don't have all my hardware info but it's an AMD 2X64 cpu and a decent gigabyte MB with onboard graphics. I don't have a video ca... Read more

Read other answers