 TDSSKiller killed my PC, can't open windows |
  |
 12.02.2012 21:55
Post
#1
|
|
|
Newbie  Group: Members Posts: 1 Joined: 12.02.2012  |
I loaded TDSSKiller and selected cure, and my PC crashed. I was trying to get rid of a google redirect virus. malware bytes did not get rid of it nor did mcafee, and i cant tell if this did or not... since I cant get to my desktop.
I cant get past the set up windows. it will not do a system restore to previous point it will not repair when that choice is selected. it simply shuts down or restarts. I have tried starting from cd and it won't recognize the cd or the kav_rescue_10.iso file burned to it to to help fix the fix. I tried a safeboot.zip off a USB drive and it won't recognize that. I can get to a command promt but cant execute any files when I can find them. That could be lack of ability or the machine. tell me how to execute a file from the cmd wind... maybethat will help. The only program I can open is notepad. the log i sent to get a case number 313372487 is pasted below. but the resolution they suggested https://my.kaspersky.com/en/support?srfid=313372487 in their response has not worked or I am unable to accomplish the tasks required as the machine simply is stuck in a restart loop. I am at my wits end. I am not a programmer and feel this never should even be able to happen with a tool designed to fix a machine. I can handle the frustration of not being able to remove the GOOGLE redirect virus as it didn't seem to redirect from Yahoo.... but now I can't even log onto my machine. HEEEELLLLLPPPPP Please!   Scan result of Farbar Recovery Scan Tool Version: 28-01-2012 Ran by SYSTEM at 2012-02-08 19:17:05 Running from F:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1808680 2009-06-25] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-28] (IDT, Inc.) HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [165912 2009-06-30] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [385560 2009-06-30] (Intel Corporation) HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [365080 2009-06-30] (Intel Corporation) HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.) HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.) HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe" [3432448 2010-03-17] (Alcatel-Lucent) HKLM\...\Run: [dlcxmon.exe] "C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe" [292336 2007-01-12] () HKLM\...\Run: [MemoryCardManager] "C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe" [304008 2006-11-03] () HKLM\...\Run: [DLCXCATS] rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\DLCXtime.dll,RunDLLEntry [31744 2006-10-15] () HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-06-24] (CyberLink Corp.) HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [409744 2009-06-24] (Creative Technology Ltd) HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [494064 2009-06-18] () HKLM-x32\...\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter [206064 2009-05-21] (SupportSoft, Inc.) HKLM-x32\...\Run: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe" [111856 2009-02-23] (Yahoo! Inc) HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1675160 2011-11-22] (McAfee, Inc.) HKLM-x32\...\Run: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM [206120 2010-09-02] (SupportSoft, Inc.) HKLM-x32\...\Run: [PC Pitstop Diskmd3 Reminder] C:\Program Files (x86)\PCPitstop\DiskMD3\Reminder-Diskmd3.exe [x] HKLM-x32\...\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-06-07] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-04-08] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-11-13] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.) HKU\Bill Riley\...\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc) HKU\Bill Riley\...\Run: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun [1179648 2011-10-11] (W3i, LLC) HKU\Vicki\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4240760 2010-11-10] (Microsoft Corporation) HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation) HKLM-x32\...\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2010-07-21] (Softthinks) Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X] Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.11.1 ==================== Services (Whitelisted) ====== 2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [462184 2011-08-30] (Apple Inc.) 2 dlcx_device; C:\Windows\system32\dlcxcoms.exe -service [561152 2006-10-11] ( ) 2 IHA_MessageCenter; "C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe" [290832 2011-12-12] (Verizon) 2 McAfee SiteAdvisor Service; "C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe" [102608 2011-08-10] (McAfee, Inc.) 2 McciCMService; "C:\Program Files (x86)\Common Files\Motive\McciCMService.exe" [319488 2010-03-17] (Alcatel-Lucent) 2 McciCMService64; "C:\Program Files\Common Files\Motive\McciCMService.exe" [517632 2010-03-17] (Alcatel-Lucent) 3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe" [227232 2010-09-03] (McAfee, Inc.) 2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.) 2 mcmscsvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.) 2 McNaiAnn; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.) 2 McNASvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.) 3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [501768 2011-03-17] (McAfee, Inc.) 2 McProxy; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.) 2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [199272 2011-10-18] (McAfee, Inc.) 2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [208536 2011-10-18] (McAfee, Inc.) 2 mfevtp; "C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe" [161168 2011-10-18] (McAfee, Inc.) 2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [249936 2011-01-27] (McAfee, Inc.) 2 sprtsvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe /service /p verizondm [206120 2010-09-02] (SupportSoft, Inc.) 2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-28] (IDT, Inc.) 2 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [386424 2010-02-24] (SupportSoft, Inc.) 2 tgsrvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe /p verizondm [185640 2010-09-02] (SupportSoft, Inc.) ========================== Drivers (Whitelisted) ============= 3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65264 2011-10-15] (McAfee, Inc.) 3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [160280 2011-10-15] (McAfee, Inc.) 3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [229528 2011-10-15] (McAfee, Inc.) 3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [481768 2011-10-15] (McAfee, Inc.) 0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [647080 2011-10-15] (McAfee, Inc.) 1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75808 2011-10-15] (McAfee, Inc.) 3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2011-10-15] (McAfee, Inc.) 1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [284648 2011-10-15] (McAfee, Inc.) 3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) 3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) 3 mfeavfk01; [x] 3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x] 3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x] 3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x] 3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x] ========================== NetSvcs (Whitelisted) =========== ============ One Month Created Files and Folders ============== 2012-02-08 19:16 - 2012-02-08 19:17 - 0000000 ____D C:\FRST 2012-02-08 13:28 - 2012-02-08 13:29 - 0080520 ____A C:\TDSSKiller.2.7.10.0_08.02.2012_13.28.11_log.txt 2012-02-08 13:28 - 2012-02-08 13:28 - 0000000 ____D C:\TDSSKiller_Quarantine 2012-02-08 13:27 - 2012-02-08 13:36 - 0000000 ____D C:\Users\Bill Riley\My Documents\tdsskiller 2012-02-08 13:27 - 2012-02-08 13:36 - 0000000 ____D C:\Users\Bill Riley\Documents\tdsskiller 2012-02-08 13:27 - 2012-02-08 13:27 - 2041778 ____A C:\Users\Bill Riley\My Documents\tdsskiller.zip 2012-02-08 13:27 - 2012-02-08 13:27 - 2041778 ____A C:\Users\Bill Riley\Documents\tdsskiller.zip 2012-02-05 16:54 - 2012-02-05 16:54 - 58531840 ____A C:\Windows\System32\config\software.iobit 2012-02-05 16:54 - 2012-02-05 16:54 - 20971520 ____A C:\Windows\System32\config\system.iobit 2012-02-05 16:54 - 2012-02-05 16:54 - 0475136 ____A C:\Windows\System32\config\default.iobit 2012-02-05 16:54 - 2012-02-05 16:54 - 0057344 ____A C:\Windows\System32\config\sam.iobit 2012-02-05 16:54 - 2012-02-05 16:54 - 0024576 ____A C:\Windows\System32\config\security.iobit 2012-02-05 16:40 - 2012-02-05 16:40 - 0000000 ____D C:\Users\Bill Riley\Application Data\IObit 2012-02-05 16:40 - 2012-02-05 16:40 - 0000000 ____D C:\Users\Bill Riley\AppData\Roaming\IObit 2012-02-05 16:40 - 2012-02-05 16:40 - 0000000 ____D C:\Users\All Users\IObit 2012-02-05 16:40 - 2012-02-05 16:40 - 0000000 ____D C:\Users\All Users\Application Data\IObit 2012-02-05 16:40 - 2012-02-05 16:40 - 0000000 ____D C:\ProgramData\IObit 2012-02-05 16:39 - 2012-02-05 16:39 - 0000000 ____D C:\Program Files (x86)\IObit 2012-01-15 13:33 - 2012-01-15 13:33 - 2492946 ____A C:\Users\Bill Riley\My Documents\Tower_instructions.pdf 2012-01-15 13:33 - 2012-01-15 13:33 - 2492946 ____A C:\Users\Bill Riley\Documents\Tower_instructions.pdf ============ 3 Months Modified Files and Folders ============= 2012-02-08 19:17 - 2012-02-08 19:16 - 0000000 ____D C:\FRST 2012-02-08 14:21 - 2009-10-25 17:37 - 0000000 ____D C:\users\Vicki 2012-02-08 14:21 - 2009-10-25 11:15 - 0000000 ____D C:\users\Bill Riley 2012-02-08 14:20 - 2011-05-28 21:03 - 0000000 __SHD C:\Windows\SysWOW64\%APPDATA% 2012-02-08 14:20 - 2011-03-20 20:45 - 0000000 ____D C:\Program Files\Dl_cats 2012-02-08 14:20 - 2011-03-13 14:14 - 0000000 ____D C:\Users\All Users\McAfee Security Scan 2012-02-08 14:20 - 2011-03-13 14:14 - 0000000 ____D C:\Users\All Users\Application Data\McAfee Security Scan 2012-02-08 14:20 - 2011-03-13 14:14 - 0000000 ____D C:\ProgramData\McAfee Security Scan 2012-02-08 14:20 - 2009-12-28 20:11 - 0000000 __SHD C:\Windows\System32\%APPDATA% 2012-02-08 14:20 - 2009-11-01 21:07 - 0000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2012-02-08 14:20 - 2009-10-31 17:23 - 0000000 ____D C:\Users\All Users\Yahoo! Companion 2012-02-08 14:20 - 2009-10-31 17:23 - 0000000 ____D C:\Users\All Users\Application Data\Yahoo! Companion 2012-02-08 14:20 - 2009-10-31 17:23 - 0000000 ____D C:\ProgramData\Yahoo! Companion 2012-02-08 14:20 - 2009-10-25 20:49 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-02-08 14:20 - 2009-09-21 06:18 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2012-02-08 14:20 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files\Windows Portable Devices 2012-02-08 14:20 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files (x86)\Windows Portable Devices 2012-02-08 14:20 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\sysprep 2012-02-08 14:20 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\registration 2012-02-08 14:20 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\AppCompat 2012-02-08 14:20 - 2009-07-13 22:20 - 0000000 ____D C:\Program Files\Common Files\System 2012-02-08 14:20 - 2009-07-13 22:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared 2012-02-08 14:19 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\servicing 2012-02-08 14:18 - 2009-10-31 17:23 - 0000000 ____D C:\Users\Bill Riley\Application Data\Yahoo! 2012-02-08 14:18 - 2009-10-31 17:23 - 0000000 ____D C:\Users\Bill Riley\AppData\Roaming\Yahoo! 2012-02-08 14:18 - 2009-10-25 11:19 - 0000000 ____D C:\Users\Bill Riley\Local Settings\VirtualStore 2012-02-08 14:18 - 2009-10-25 11:19 - 0000000 ____D C:\Users\Bill Riley\Local Settings\Application Data\VirtualStore 2012-02-08 14:18 - 2009-10-25 11:19 - 0000000 ____D C:\Users\Bill Riley\AppData\Local\VirtualStore 2012-02-08 14:18 - 2009-10-25 11:15 - 0000000 ____D C:\Users\Bill Riley\AppData\LocalLow 2012-02-08 14:17 - 2009-09-21 06:12 - 0000000 ____D C:\Users\All Users\Application Data\Adobe 2012-02-08 14:17 - 2009-09-21 06:12 - 0000000 ____D C:\Users\All Users\Adobe 2012-02-08 14:17 - 2009-09-21 06:12 - 0000000 ____D C:\ProgramData\Adobe 2012-02-08 14:16 - 2009-10-29 10:52 - 0000000 __RHD C:\MSOCache 2012-02-08 14:16 - 2009-09-21 06:12 - 0000000 ____D C:\Program Files (x86)\Adobe 2012-02-08 14:00 - 2009-10-25 20:49 - 0000000 ____D C:\Users\Bill Riley\Application Data\Malwarebytes 2012-02-08 14:00 - 2009-10-25 20:49 - 0000000 ____D C:\Users\Bill Riley\AppData\Roaming\Malwarebytes 2012-02-08 13:36 - 2012-02-08 13:27 - 0000000 ____D C:\Users\Bill Riley\My Documents\tdsskiller 2012-02-08 13:36 - 2012-02-08 13:27 - 0000000 ____D C:\Users\Bill Riley\Documents\tdsskiller 2012-02-08 13:29 - 2012-02-08 13:28 - 0080520 ____A C:\TDSSKiller.2.7.10.0_08.02.2012_13.28.11_log.txt 2012-02-08 13:28 - 2012-02-08 13:28 - 0000000 ____D C:\TDSSKiller_Quarantine 2012-02-08 13:27 - 2012-02-08 13:27 - 2041778 ____A C:\Users\Bill Riley\My Documents\tdsskiller.zip 2012-02-08 13:27 - 2012-02-08 13:27 - 2041778 ____A C:\Users\Bill Riley\Documents\tdsskiller.zip 2012-02-08 13:12 - 2009-11-09 20:20 - 0000000 ____D C:\Users\Bill Riley\Local Settings\SoftThinks 2012-02-08 13:12 - 2009-11-09 20:20 - 0000000 ____D C:\Users\Bill Riley\Local Settings\Application Data\SoftThinks 2012-02-08 13:12 - 2009-11-09 20:20 - 0000000 ____D C:\Users\Bill Riley\AppData\Local\SoftThinks 2012-02-08 13:11 - 2009-09-21 08:02 - 3190050816 __ASH C:\hiberfil.sys 2012-02-05 16:54 - 2012-02-05 16:54 - 58531840 ____A C:\Windows\System32\config\software.iobit 2012-02-05 16:54 - 2012-02-05 16:54 - 20971520 ____A C:\Windows\System32\config\system.iobit 2012-02-05 16:54 - 2012-02-05 16:54 - 0475136 ____A C:\Windows\System32\config\default.iobit 2012-02-05 16:54 - 2012-02-05 16:54 - 0057344 ____A C:\Windows\System32\config\sam.iobit 2012-02-05 16:54 - 2012-02-05 16:54 - 0024576 ____A C:\Windows\System32\config\security.iobit 2012-02-05 16:40 - 2012-02-05 16:40 - 0000000 ____D C:\Users\Bill Riley\Application Data\IObit 2012-02-05 16:40 - 2012-02-05 16:40 - 0000000 ____D C:\Users\Bill Riley\AppData\Roaming\IObit 2012-02-05 16:40 - 2012-02-05 16:40 - 0000000 ____D C:\Users\All Users\IObit 2012-02-05 16:40 - 2012-02-05 16:40 - 0000000 ____D C:\Users\All Users\Application Data\IObit 2012-02-05 16:40 - 2012-02-05 16:40 - 0000000 ____D C:\ProgramData\IObit 2012-02-05 16:39 - 2012-02-05 16:39 - 0000000 ____D C:\Program Files (x86)\IObit 2012-02-03 09:46 - 2009-11-01 17:35 - 0000000 ____D C:\Users\Bill Riley\Local Settings\Application Data\Adobe 2012-02-03 09:46 - 2009-11-01 17:35 - 0000000 ____D C:\Users\Bill Riley\Local Settings\Adobe 2012-02-03 09:46 - 2009-11-01 17:35 - 0000000 ____D C:\Users\Bill Riley\AppData\Local\Adobe 2012-01-28 15:10 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\System32\config\TxR 2012-01-28 15:09 - 2009-11-01 21:07 - 0000000 ____D C:\Users\Bill Riley\Local Settings\Thunderbird 2012-01-28 15:09 - 2009-11-01 21:07 - 0000000 ____D C:\Users\Bill Riley\Local Settings\Application Data\Thunderbird 2012-01-28 15:09 - 2009-11-01 21:07 - 0000000 ____D C:\Users\Bill Riley\AppData\Local\Thunderbird 2012-01-15 13:33 - 2012-01-15 13:33 - 2492946 ____A C:\Users\Bill Riley\My Documents\Tower_instructions.pdf 2012-01-15 13:33 - 2012-01-15 13:33 - 2492946 ____A C:\Users\Bill Riley\Documents\Tower_instructions.pdf 2012-01-03 11:56 - 2010-03-06 09:15 - 0000906 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-01-03 11:45 - 2009-07-14 00:10 - 1395804 ____A C:\Windows\WindowsUpdate.log 2012-01-03 10:21 - 2010-04-16 10:10 - 0001749 ____A C:\Users\Public\Desktop\McAfee Total Protection.lnk 2012-01-03 10:21 - 2010-04-16 10:10 - 0001749 ____A C:\Users\All Users\Desktop\McAfee Total Protection.lnk 2012-01-03 10:21 - 2009-07-14 00:13 - 0713888 ____A C:\Windows\System32\PerfStringBackup.INI 2012-01-03 10:20 - 2009-07-13 23:45 - 0014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-01-03 10:20 - 2009-07-13 23:45 - 0014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-01-03 10:16 - 2010-03-06 09:15 - 0000902 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-01-03 10:13 - 2009-07-14 00:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT 2012-01-03 10:13 - 2009-07-13 23:51 - 0088937 ____A C:\Windows\setupact.log 2011-12-28 16:05 - 2009-09-21 08:02 - 0555566 ____A C:\Windows\PFRO.log 2011-12-26 23:11 - 2011-12-26 23:11 - 0000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin 2011-12-26 23:11 - 2011-12-26 23:11 - 0000000 ____D C:\Program Files (x86)\W3i 2011-12-26 23:09 - 2011-12-26 23:09 - 0037606 ____A C:\Windows\SysWOW64\msg-instll-log.txt 2011-12-26 23:09 - 2011-12-26 23:09 - 0000650 ____A C:\Windows\System32\msg-instll-log.txt 2011-12-26 23:09 - 2011-12-26 23:09 - 0000260 ____A C:\Windows\SysWOW64\cmdVBS.vbs 2011-12-26 23:09 - 2011-12-26 23:09 - 0000256 ____A C:\Windows\SysWOW64\MSIevent.bat 2011-12-26 23:09 - 2010-06-28 21:09 - 0000000 ____D C:\Program Files\Verizon 2011-12-26 23:09 - 2010-06-28 21:09 - 0000000 ____D C:\Program Files (x86)\Verizon 2011-12-18 14:43 - 2011-12-18 14:43 - 0335323 ____A C:\Users\Bill Riley\My Documents\canon recipt.docx 2011-12-18 14:43 - 2011-12-18 14:43 - 0335323 ____A C:\Users\Bill Riley\Documents\canon recipt.docx 2011-12-16 15:58 - 2011-06-12 20:08 - 0002346 ____A C:\Users\Public\Desktop\Google Chrome.lnk 2011-12-16 15:58 - 2011-06-12 20:08 - 0002346 ____A C:\Users\All Users\Desktop\Google Chrome.lnk 2011-12-10 13:39 - 2011-12-10 13:00 - 0003753 ____A C:\Users\Bill Riley\My Documents\xmaslist_2011.csv 2011-12-10 13:39 - 2011-12-10 13:00 - 0003753 ____A C:\Users\Bill Riley\Documents\xmaslist_2011.csv 2011-12-10 12:59 - 2008-12-10 19:43 - 0025600 ____A C:\Users\Bill Riley\My Documents\xmas card list.xls 2011-12-10 12:59 - 2008-12-10 19:43 - 0025600 ____A C:\Users\Bill Riley\Documents\xmas card list.xls 2011-11-22 19:59 - 2011-11-22 19:59 - 0002133 ____A C:\Users\Public\Desktop\Google Earth.lnk 2011-11-22 19:59 - 2011-11-22 19:59 - 0002133 ____A C:\Users\All Users\Desktop\Google Earth.lnk 2011-11-22 19:59 - 2009-12-13 16:04 - 0000000 ____D C:\Program Files (x86)\Google 2011-11-19 21:01 - 2011-11-19 21:01 - 0001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk 2011-11-19 21:01 - 2011-11-19 21:01 - 0001847 ____A C:\Users\All Users\Desktop\QuickTime Player.lnk 2011-11-19 21:01 - 2011-11-19 21:01 - 0000000 ____D C:\Program Files (x86)\QuickTime 2011-11-19 20:56 - 2011-11-19 20:56 - 0000628 ____A C:\Windows\System32\mapisvc.inf 2011-11-19 20:56 - 2011-10-22 16:42 - 0000000 ____D C:\Program Files\Common Files\Apple 2011-11-19 20:50 - 2011-11-19 20:50 - 0001785 ____A C:\Users\Public\Desktop\iTunes.lnk 2011-11-19 20:50 - 2011-11-19 20:50 - 0001785 ____A C:\Users\All Users\Desktop\iTunes.lnk 2011-11-19 20:50 - 2011-11-19 20:49 - 0000000 ____D C:\Program Files\iTunes 2011-11-19 20:50 - 2011-10-22 16:43 - 0000000 ____D C:\Program Files (x86)\iTunes 2011-11-19 20:49 - 2011-11-19 20:49 - 0000000 ____D C:\Program Files\iPod 2011-11-19 20:29 - 2009-11-01 21:07 - 0000000 ____D C:\Users\Bill Riley\Application Data\Mozilla 2011-11-19 20:29 - 2009-11-01 21:07 - 0000000 ____D C:\Users\Bill Riley\AppData\Roaming\Mozilla 2011-11-15 14:29 - 2009-11-15 18:43 - 0270720 ____A (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ========================= Memory info ====================== Percentage of memory in use: 14% Total physical RAM: 4056.36 MB Available physical RAM: 3464.6 MB Total Pagefile: 4054.51 MB Available Pagefile: 3437.27 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ======================= Partitions ========================= 1 Drive c: (OS) (Fixed) (Total:446.59 GB) (Free:352.64 GB) NTFS 3 Drive e: (RECOVERY) (Fixed) (Total:18.87 GB) (Free:14.29 GB) NTFS ==>[System with boot components (obtained from reading drive)] 4 Drive f: () (Removable) (Total:1.91 GB) (Free:1.68 GB) FAT 6 Drive h: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS 7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 0 B Disk 1 No Media 0 B 0 B Disk 2 Online 1953 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 OEM 298 MB 31 KB Partition 2 Primary 18 GB 299 MB Partition 3 Primary 446 GB 19 GB Disk: 0 Partition 1 Type : DE Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 6 FAT Partition 298 MB Healthy Hidden Disk: 0 Partition 2 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 E RECOVERY NTFS Partition 18 GB Healthy Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 C OS NTFS Partition 446 GB Healthy Partitions of Disk 2: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 1952 MB 122 KB Disk: 2 Partition 1 Type : 06 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 F FAT Removable 1952 MB Healthy ========================================================== TDL4: custom:26000022 ========================================================== Last Boot: 2012-01-30 16:47 ======================= End Of Log ========================== |
 |
 
|
|
17.02.2012 00:39
Post
#2
|
|
|
Member Group: Members Posts: 10 Joined: 20.11.2011 |
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Attached is fixlist.txt Save fixlist.txt to your flash drive. You should now have both fixlist.txt and FRST64.exe on your flash drive. Now re-enter System Recovery Options. Run FRST64 and press the Fix button just once and wait. The tool will make a log on the flashdrive (Fixlog.txt). Please attach this to your next message. (How to attach) Now attempt to boot normally.
Attached File(s)
|
|
|
|
|
| Lo-Fi Version | Time is now: 22.05.2013 01:06 |