1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Can't login into Win XP Home

Discussion in 'Virus & Other Malware Removal' started by peter_ks_lee, Dec 30, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. peter_ks_lee

    peter_ks_lee Thread Starter

    Joined:
    Jan 30, 2006
    Messages:
    90
    As described. Only in Win XP Title ...
     
  2. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Is this due to a forgotten password? A little more information would help.
     
  3. peter_ks_lee

    peter_ks_lee Thread Starter

    Joined:
    Jan 30, 2006
    Messages:
    90
    No Login Page .. If windows functioning well ..will boot into Windows desktop ..
    Stuck in WinXP title screen .. hard disk not running ..
     
  4. DKTaber

    DKTaber

    Joined:
    Oct 26, 2001
    Messages:
    2,871
    Do you have a Win XP CD? If so, does computer boot fully from that? If not, will it boot fully in Safe Mode (hit F5 immediately after BIOS logo disappears and select Safe Mode)?
     
  5. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    It sounds like you may have a problem with the hard drive, run this test:

    Open Internet Explorer and click on this: Seatools

    Save the download to your desktop.

    In Windows 7 right click the ISO file, select Open With, then select Windows Disc Image Burning Tool then follow the prompts.
    For all other versions of windows (if you do not have an ISO burner) download this free software. ImgBurn Install the program and start the application. Select the top left hand option to Write image file to disc and then on the next window click on the small yellow folder icon and browse to the ISO file on your desktop. Then click on the two grey discs with the arrow in between (bottom left) and leave it to complete the operation.

    You will need a blank recordable CD or a re-recordable CD. You cannot use this software on a USB flash drive.

    When the CD has been burned boot the PC into the Bios setup and set the CD/DVD drive to 1st in the boot sequence. Insert the disk in the drive then reboot and the disc will load into DOS. Click on Basic Tests and select the Long Test.

    A full set of instructions can be found here: Seatools instructions

    When the test completes it will show a Pass or Fail.
     
  6. peter_ks_lee

    peter_ks_lee Thread Starter

    Joined:
    Jan 30, 2006
    Messages:
    90
    ST9250827AS 5RG4Z8C9
    Started Short DST 1/3/2013 @ 2:40.11
    DST Completed Without Error
    Short DST Passed 1/3/2013 @ 2:41.11
    Long Test Passed 1/3/2013 @ 2:41.11
     
  7. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Your hard drive appears to be in good health.

    Could you please give a full explanation of what you said in post 3 so I can fully understand what the PC is doing. I need to know all the facts without abbreviation, then I will have a better idea of what we are dealing with.

    Please run this scan and post the log.

    Please download MiniToolBox and save it to your desktop.
    Double click on the MiniToolBox icon [​IMG]

    You will now see the following window appear.

    [​IMG]

    Click on each of the boxes as indicated in the list below, then click on the GO button.

    Copy & Paste the contents of the report that appears into your next post, you can also find a copy of the report on your desktop (Result.txt).

    •List last 10 Event Viewer Errors
    •List Installed Programs
    •List Devices Check options for Only Problems
    •List Users, Partitions and Memory size.
    •List Minidump Files
     
  8. peter_ks_lee

    peter_ks_lee Thread Starter

    Joined:
    Jan 30, 2006
    Messages:
    90
    Windows Normal Mode not running..
    Windows Safe Mode not running..
     
  9. peter_ks_lee

    peter_ks_lee Thread Starter

    Joined:
    Jan 30, 2006
    Messages:
    90
    I can login by using BartPE or WinPE ..
    with limited function
     
  10. peter_ks_lee

    peter_ks_lee Thread Starter

    Joined:
    Jan 30, 2006
    Messages:
    90
    MiniToolBox runs under BartPE

    MiniToolBox by Farbar Version: 25-11-2012
    Ran by SYSTEM (administrator) on 04-01-2013 at 08:29:29
    Running from "C:\"
    Microsoft Windows XP (X86)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Event log errors: ================================

    Could not start eventlog service, could not read events.

    The service name is invalid.

    More help is available by typing NET HELPMSG 2185.


    =========================== Installed Programs ============================


    ========================= Memory info: ===================================

    Percentage of memory in use: 11%
    Total physical RAM: 1534.05 MB
    Available physical RAM: 1364.79 MB
    Total Pagefile: 1384.21 MB
    Available Pagefile: 1363.98 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 2004.99 MB

    ========================= Partitions: =====================================

    1 Drive b: (RAMDisk) (Fixed) (Total:0.03 GB) (Free:0.03 GB) FAT
    2 Drive c: (ACER) (Fixed) (Total:77.61 GB) (Free:18.19 GB) FAT32
    3 Drive d: () (Fixed) (Total:77.63 GB) (Free:15.42 GB) NTFS
    4 Drive e: (New Volume) (Fixed) (Total:77.62 GB) (Free:17.37 GB) NTFS
    6 Drive x: (BartPE) (CDROM) (Total:0.15 GB) (Free:0 GB) CDFS

    ========================= Users: ========================================

    User accounts for \\

    Administrator Guest

    ========================= Minidump Files ==================================

    No minidump file found


    **** End of log ****
     
  11. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Please run this. It includes instructions to create a BartPE disc which you already have so you can skip that part.

    Please use a clean working PC to download and copy FRST to a Flash Drive and to make the BartPE CD.
    Use these links to download the correct version for your operating system and save it to the Flash Drive.
    For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit
    For x64 bit systems download Farbar Recovery Scan Tool 64-Bit

    Follow the instructions in this link to make a BartPE CD boot disc.

    • Put the BartPE CD into the infected PC and plug in the Flash Drive that has FRST copied to it. Reboot the PC.
    • If the CD does not start to run you must go into the Bios and change the boot order How to change the boot order
    • If asked to press any key to boot from the CD, then do so.
    • BartPE will start to load, be patient as it may take a minute or two, you should see the Windows logo as it loads and then you will end up seeing the BartPE screen.
    • Click on GO in the bottom left corner and select Command Prompt.
    • At the Commad Prompt type in notepad and hit the Enter key.
    • Notepad will open, click on File in the top left corner and select Open, you will see something similar to this below, click on the arrow as shown and make a note of the drive letter for your Flash Drive. This screen image will vary from one computer to another depending on the number of partitions on the hard drive.
    • In this screen image the Flash drive is shown as drive D: on your system it may be different and appear with a different name. Close the windows leaving just the Command Prompt open.
    • In the command window type d:\frst.exe (for x64 bit version type d:\frst64) and press Enter
      Note: Replace letter d with the drive letter of your flash drive.
      NOTE: if you receive an error message "the system cannot find the drive specified" go back into Notepad and check the drive letter for the Flash Drive, also note the letter can change on subsequent runs.
    • The tool will start to run. If you have more than one version of Windows installed you will be asked to confirm which one should be scanned.
    • When the tool opens click Yes to disclaimer. (This may not appear on all systems).
    • When the Farbar Recovery Scan Tool window opens click on the Scan button. The progress bar may freeze for a while which is normal, leave it undisturbed and it will complete the scan. A small window will pop up to confirm completion of the scan, click OK, close all the windows and click on GO and select Shut Down.
    • It will make a log (FRST.txt) on the flash drive. Put the Flash drive back in a working PC, open Windows Explorer and then click on the Flash Drive. Double click on FRST.txt then Copy & Paste the log into your next reply. Please DO NOT send the log as an attachment.
     
  12. peter_ks_lee

    peter_ks_lee Thread Starter

    Joined:
    Jan 30, 2006
    Messages:
    90
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-12-2012
    Ran by SYSTEM at 05-01-2013 21:34:52
    Running from F:\
    Microsoft Windows XP (X86) OS Language:
    The current controlset is ControlSet001

    ==================== Registry (Whitelisted) ===================

    HKLM\...\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [344064 2006-01-17] (Acer Incorporated)
    HKLM\...\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [102400 2005-11-02] (Synaptics, Inc.)
    HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [692224 2005-11-02] (Synaptics, Inc.)
    HKLM\...\Run: [SkyTel] SkyTel.EXE [x]
    HKLM\...\Run: [RTHDCPL] RTHDCPL.EXE [x]
    HKLM\...\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC [455168 2004-08-04] (Microsoft Corporation)
    HKLM\...\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName [455168 2004-08-04] (Microsoft Corporation)
    HKLM\...\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" [151552 2005-12-02] (CyberLink Corp.)
    HKLM\...\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC [59392 2004-08-04] ()
    HKLM\...\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE [225280 2005-11-30] (Logitech)
    HKLM\...\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect [73728 2005-11-29] (Acer)
    HKLM\...\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation [262144 2004-11-01] (Logitech Inc.)
    HKLM\...\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [438272 2005-11-29] (Acer)
    HKLM\...\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [458752 2005-12-06] (Dritek System Inc.)
    HKLM\...\Run: [LaunchApp] Alaunch [x]
    HKLM\...\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 [208952 2004-08-04] (Microsoft Corporation)
    HKLM\...\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [69632 2005-10-19] (HiTRUST)
    HKLM\...\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 [73728 2002-05-10] (VeNoM386 and SwENSkE)
    HKLM\...\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent [x]
    HKLM\...\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay [45056 2005-08-12] (ATI Technologies Inc.)
    HKLM\...\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe" [2462208 2005-10-24] (Avocent Inc.)
    HKLM\...\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot [3080192 2006-01-16] (Acer Value Labs, Taiwan)
    HKLM\...\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" [87336 2009-02-16] (CyberLink Corp.)
    HKLM\...\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" [50472 2008-10-13] (CyberLink Corp.)
    HKLM\...\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-02-28] (cyberlink)
    HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
    HKLM\...\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe /silent [881664 2012-09-27] (Vitzo)
    HKLM\...\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [58992 2004-12-13] (Symantec Corporation)
    HKLM\...\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe" [1537648 2005-09-09] (Symantec Corporation)
    HKLM\...\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
    HKU\Default User\...\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [10752 2005-10-28] (Nero AG)
    HKU\Peter\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [15360 2004-08-04] (Microsoft Corporation)
    HKU\Peter\...\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [1667584 2004-08-04] (Microsoft Corporation)
    HKU\Peter\...\Run: [HW_OPENEYE_OUC_Maxis Broadband] "C:\Program Files\Maxis Broadband\UpdateDog\ouc.exe" [110592 2009-07-27] (Huawei Technologies Co., Ltd.)
    HKU\Peter\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [94208 2005-10-28] (Nero AG)
    HKU\Peter\...\Run: [AROReminder] C:\Program Files\ARO 2012\aro.exe -rem [2547200 2012-01-06] (Support.com, Inc.)
    HKU\Guest\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [15360 2004-08-04] (Microsoft Corporation)
    HKU\Guest\...\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [10752 2005-10-28] (Nero AG)
    HKU\Administrator\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [15360 2004-08-04] (Microsoft Corporation)
    HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [10752 2005-10-28] (Nero AG)
    HKU\Administrator.ACER-8C1E498EF8\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [94208 2005-10-28] (Nero AG)
    HKU\Administrator.ACER-8C1E498EF8\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [15360 2004-08-04] (Microsoft Corporation)
    HKU\Administrator.ACER-8C1E498EF8\...\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [10752 2005-10-28] (Nero AG)
    Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
    Tcpip\..\Interfaces\{9CB60C06-FF45-4E69-BF33-D07BD3F61E8F}: [NameServer]202.188.0.133,202.188.1.5
    Startup: C:\Documents and Settings\Peter\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk
    ShortcutTarget: OpenOffice.org 2.0.lnk -> C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe ()

    ==================== Services (Whitelisted) ===================

    2 AWService; "C:\Acer\Empowering Technology\admServ.exe" [1314816 2005-10-24] (Avocent Inc.)
    2 ccEvtMgr; "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" [198256 2004-12-13] (Symantec Corporation)
    3 ccPwdSvc; "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" [79472 2004-12-13] (Symantec Corporation)
    2 ccSetMgr; "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" [165488 2004-12-13] (Symantec Corporation)
    2 CLCapSvc; "C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe" [254050 2005-12-02] ()
    2 CLSched; "C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe" [114784 2005-12-02] ()
    2 CyberLink Media Library Service; "C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe" [61440 2005-12-02] (Cyberlink)
    2 Eventlog; C:\Windows\System32\services.exe [110592 2009-02-06] (Microsoft Corporation)
    2 GEARSecurity; C:\Windows\System32\GEARSec.exe [53248 2005-09-09] (GEAR Software)
    4 HWDeviceService.exe; "C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe" -/service [266240 2011-03-14] ()
    2 iWinTrusted; C:\Program Files\iWin Games\iWinTrusted.exe [78104 2010-01-22] (iWin Inc.)
    2 MBAMScheduler; "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-07] (Malwarebytes Corporation)
    2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-07] (Malwarebytes Corporation)
    2 Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [2066024 2012-11-05] (Symantec Corporation)
    3 npggsvc; C:\WINDOWS\system32\GameMon.des -service [3600600 2010-06-20] (INCA Internet Co., Ltd.)
    2 RichVideo; "C:\Program Files\CyberLink\Shared Files\RichVideo.exe" [143360 2005-01-21] ()
    2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-11-28] (Intel Corporation )
    3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [822424 2012-11-05] (Symantec Corporation)
    2 TuneUp.UtilitiesSvc; "C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe" [1699168 2012-09-19] (TuneUp Software)
    3 usprserv; C:\Windows\System32\svchost.exe -k netsvcs [14336 2004-08-04] (Microsoft Corporation)
    3 AppMgmt; C:\Windows\System32\appmgmts.dll [x]
    2 btwdins; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [x]
    2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
    2 LVPrcSrv; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [x]
    1 netmsgeln; \??\C:\WINDOWS\system32\netmsgeln.dll [x]
    3 rpcapd; "C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini" [x]

    ==================== Drivers (Whitelisted) ====================

    3 ACSSCR; C:\Windows\System32\DRIVERS\a38usb.sys [33536 2006-03-24] (Advanced Card Systems Ltd)
    2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21275 2008-11-09] (Meetinghouse Data Communications)
    3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [1412608 2005-12-01] (ATI Technologies Inc.)
    3 AVerM115; C:\Windows\System32\DRIVERS\AVerM115.sys [692992 2005-08-24] (AVerMedia TECHNOLOGIES, Inc.)
    3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [132352 2005-04-05] (Broadcom Corporation)
    3 btaudio; C:\Windows\System32\drivers\btaudio.sys [328141 2005-12-02] (Broadcom Corporation.)
    3 BTDriver; C:\Windows\System32\DRIVERS\btport.sys [30363 2005-12-02] (Broadcom Corporation.)
    3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [854826 2005-12-02] (Broadcom Corporation.)
    2 BTSERIAL; \??\C:\WINDOWS\system32\drivers\btserial.sys [23271 2005-12-02] (Broadcom Corporation.)
    3 BTWDNDIS; C:\Windows\System32\DRIVERS\btwdndis.sys [148488 2005-12-02] (Broadcom Corporation.)
    3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [65016 2005-12-02] (Broadcom Corporation.)
    3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
    2 EpmPsd; \??\C:\WINDOWS\system32\drivers\epm-psd.sys [4096 2005-04-22] (Acer Value Labs, USA)
    2 EpmShd; \??\C:\WINDOWS\system32\drivers\epm-shd.sys [78208 2005-04-22] (Acer Value Labs, USA)
    1 Flpydisk; C:\Windows\System32\Drivers\Flpydisk.sys [150804 2012-12-25] ()
    1 FsVga; C:\Windows\System32\DRIVERS\fsvga.sys [12160 2004-08-04] (Microsoft Corporation)
    3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [138752 2005-01-07] (Windows (R) Server 2003 DDK provider)
    3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [202240 2005-11-08] (Conexant Systems, Inc.)
    3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [997376 2005-11-08] (Conexant Systems, Inc.)
    3 lv321av; C:\Windows\System32\Drivers\lv321av.sys [1088896 2005-11-29] (Logitech)
    3 lvmvdrv; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys [2400128 2005-11-30] ()
    3 LVPrcMon; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys [16768 2005-11-30] ()
    3 LVUSBSta; C:\Windows\System32\drivers\lvusbsta.sys [39424 2005-11-29] (Logitech)
    3 MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [22856 2012-09-07] (Malwarebytes Corporation)
    3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15360 2004-08-03] (Microsoft Corporation)
    3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85376 2004-08-03] (Microsoft Corporation)
    3 NdisFilt; C:\Windows\System32\Drivers\NdisFilt.sys [4392 2005-09-13] (OSA Technologies)
    3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation)
    3 NETMNT; C:\Windows\System32\DRIVERS\NETMNT.sys [9600 2005-05-02] ()
    2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
    2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88448 2004-08-04] (Microsoft Corporation)
    2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2004-08-04] (Microsoft Corporation)
    2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-04] (Microsoft Corporation)
    1 OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys [12106 2005-10-15] (OSA Technologies)
    2 osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys [7296 2005-06-30] (OSA Technologies, An Avocent Company)
    2 osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys [4010 2005-01-14] (Windows (R) 2000 DDK provider)
    3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
    2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [13568 2005-11-28] (Intel Corporation)
    3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2004-08-04] ()
    3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2004-08-03] (Microsoft Corporation)
    3 SMCB000; C:\Windows\System32\DRIVERS\hidsmsc.sys [15744 2005-12-06] (SMSC)
    3 SMCIRDA; C:\Windows\System32\DRIVERS\smcirda.sys [46592 2004-12-09] (SMSC)
    0 Stealth; C:\Windows\System32\DRIVERS\stealth.sys [77920 2002-05-13] (Generic)
    3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15360 2004-08-03] (Microsoft Corporation)
    2 symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys [4608 2012-11-05] (Symantec Corporation)
    3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-08-29] (TuneUp Software)
    0 UBHelper; C:\Windows\System32\Drivers\UBHelper.sys [13952 2004-12-17] ()
    1 V2IMount; C:\Windows\System32\Drivers\V2IMount.sys [56192 2005-09-09] (Symantec Corporation)
    3 w39n51; C:\Windows\System32\DRIVERS\w39n51.sys [1428096 2005-12-05] (Intel?Corporation)
    3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19328 2004-08-03] (Microsoft Corporation)
    2 {B154377D-700F-42cc-9474-23858FBDF4BD}; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-02-28] (CyberLink Corp.)
    4 Abiosdsk; [x]
    4 Atdisk; [x]
    3 catchme; \??\C:\DOCUME~1\Peter\LOCALS~1\Temp\catchme.sys [x]
    1 Changer; [x]
    4 InCDFs; C:\Windows\System32\drivers\InCDFs.sys [x]
    1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [x]
    1 InCDRm; C:\Windows\System32\drivers\InCDRm.sys [x]
    1 lbrtfdc; [x]
    1 PCIDump; [x]
    3 PDCOMP; [x]
    3 PDFRAME; [x]
    3 PDRELI; [x]
    3 PDRFRAME; [x]
    4 Simbad; [x]
    3 TlntSvr; [x]
    3 WDICA; [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-01-05 06:05 - 2013-01-05 06:05 - 00000000 ____D C:\FRST
    2013-01-05 00:48 - 2013-01-05 00:48 - 00000000 ____A C:\Windows\System32\Drivers\Gsogk.sys
    2013-01-04 08:41 - 2013-01-04 08:41 - 00000000 ____A C:\Windows\System32\Drivers\Esoeo.sys
    2013-01-04 08:29 - 2013-01-04 08:29 - 00001547 ____A C:\Result.txt
    2013-01-04 08:18 - 2013-01-04 08:14 - 00752213 ____A (Farbar) C:\MiniToolBox.exe
    2013-01-04 07:46 - 2013-01-04 07:46 - 00000000 ____A C:\Windows\System32\Drivers\Csqfh.sys
    2013-01-03 09:13 - 2013-01-03 09:13 - 00000000 ____A C:\Windows\System32\Drivers\Fsogk.sys
    2013-01-03 05:25 - 2013-01-03 05:25 - 00000000 ____A C:\Windows\System32\Drivers\Btllk.sys
    2013-01-03 05:16 - 2013-01-03 05:16 - 00000000 ____A C:\Windows\System32\Drivers\Csnhg.sys
    2013-01-03 05:02 - 2013-01-03 05:03 - 00000000 ____A C:\Windows\System32\Drivers\Gsnni.sys
    2013-01-03 01:00 - 2013-01-03 01:00 - 00000000 ____A C:\Windows\System32\Drivers\Dspjf.sys
    2013-01-03 00:29 - 2013-01-03 00:29 - 00000000 ____A C:\Windows\System32\Drivers\Esnln.sys
    2013-01-03 00:24 - 2013-01-03 00:24 - 00000000 ____A C:\Windows\System32\Drivers\Fsnni.sys
    2013-01-03 00:20 - 2013-01-03 00:20 - 00000000 ____A C:\Windows\System32\Drivers\Csnkh.sys
    2013-01-02 08:43 - 2013-01-02 08:43 - 00000000 ____A C:\Windows\System32\Drivers\Gqomm.sys
    2013-01-02 08:27 - 2013-01-02 08:27 - 00000000 ____A C:\Windows\System32\Drivers\Csomm.sys
    2013-01-01 20:54 - 2013-01-01 20:54 - 00000000 ____A C:\Windows\System32\Drivers\Esnni.sys
    2013-01-01 20:49 - 2013-01-01 20:49 - 00000000 ____A C:\Windows\System32\Drivers\Btmji.sys
    2013-01-01 20:42 - 2013-01-01 20:42 - 00000000 ____A C:\Windows\System32\Drivers\Cspjf.sys
    2013-01-01 00:36 - 2013-01-01 00:36 - 00000000 ____A C:\Windows\System32\Drivers\Esoif.sys
    2012-12-30 13:27 - 2012-12-30 13:27 - 00000000 ____A C:\Windows\System32\Drivers\Cspfn.sys
    2012-12-30 11:01 - 2012-12-30 11:01 - 00000000 ____A C:\Windows\System32\Drivers\Esogk.sys
    2012-12-29 21:51 - 2012-12-29 21:52 - 00000000 ____A C:\Windows\System32\Drivers\Dsogk.sys
    2012-12-29 20:17 - 2012-12-29 20:18 - 00000000 ____A C:\Windows\System32\Drivers\Dsoif.sys
    2012-12-29 20:13 - 2012-12-29 20:13 - 00000000 ____A C:\Windows\System32\Drivers\Btljo.sys
    2012-12-29 20:08 - 2012-12-29 20:08 - 00000000 ____A C:\Windows\System32\Drivers\Ctogk.sys
    2012-12-29 20:02 - 2012-12-29 20:02 - 00000000 ____A C:\Windows\System32\Drivers\Esolg.sys
    2012-12-28 05:51 - 2012-12-28 05:51 - 00000000 ____A C:\Windows\System32\Drivers\Dsolg.sys
    2012-12-27 20:27 - 2012-12-27 20:27 - 00000000 ____A C:\Windows\System32\Drivers\Dsoeo.sys
    2012-12-27 19:53 - 2012-12-27 19:53 - 00000000 ____A C:\Windows\System32\Drivers\Dsnln.sys
    2012-12-26 21:21 - 2012-12-26 21:21 - 00000000 ____A C:\Windows\System32\Drivers\Csojl.sys
    2012-12-26 21:19 - 2012-12-26 21:19 - 00000000 ____A C:\Windows\System32\Drivers\Csnln.sys
    2012-12-26 21:15 - 2012-12-26 21:15 - 00000000 ____A C:\Windows\System32\Drivers\Csoif.sys
    2012-12-26 21:04 - 2012-12-26 21:04 - 00000000 ____A C:\Windows\System32\Drivers\Csogk.sys
    2012-12-26 20:10 - 2012-12-26 20:11 - 00000000 ____A C:\Windows\System32\Drivers\Csolg.sys
    2012-12-26 18:56 - 2012-12-26 18:56 - 00000000 ____A C:\Windows\System32\Drivers\Dsnni.sys
    2012-12-26 18:45 - 2012-12-26 18:45 - 00000000 ____A C:\Windows\System32\Drivers\Btlii.sys
    2012-12-26 18:27 - 2012-12-26 18:27 - 00000000 ____A C:\Windows\System32\Drivers\Csoeo.sys
    2012-12-26 08:01 - 2012-12-26 08:01 - 00000000 ____A C:\Windows\System32\Drivers\Ctnhg.sys
    2012-12-26 07:55 - 2012-12-26 07:55 - 00000000 ____A C:\Windows\System32\Drivers\Csnni.sys
    2012-12-22 22:23 - 2012-12-22 22:39 - 00007595 ____A C:\Documents and Settings\Peter\Desktop\All My gods.ods
    2012-12-22 21:59 - 2012-12-22 21:59 - 00000600 ____A C:\Documents and Settings\Peter\Desktop\All_My_Gods.lnk
    2012-12-22 08:23 - 2012-12-22 08:23 - 00000127 __RSH C:\Windows\System32\dvsrec.ini
    2012-12-22 08:23 - 2012-12-22 08:23 - 00000000 ____D C:\Documents and Settings\Peter\Application Data\Realore All My Gods
    2012-12-17 18:20 - 2012-12-17 18:20 - 00000000 ____D C:\Documents and Settings\Peter\Desktop\mv
    2012-12-15 09:17 - 2012-12-15 09:17 - 00000555 ____A C:\Documents and Settings\Peter\Desktop\Day by Day.wpl.lnk
    2012-12-13 08:30 - 2012-12-13 08:30 - 00002227 ____A C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
    2012-12-13 08:30 - 2012-12-13 08:30 - 00002133 ____A C:\Documents and Settings\All Users\Desktop\Nero Home.lnk
    2012-12-13 07:53 - 2012-09-17 16:44 - 323011663 ____A () C:\Counter Strike 1.6.exe
    2012-12-09 11:37 - 2012-12-09 11:37 - 00000000 ____D C:\Program Files\Mozilla Firefox

    ==================== One Month Modified Files and Folders ========

    2013-01-05 06:05 - 2013-01-05 06:05 - 00000000 ____D C:\FRST
    2013-01-05 00:48 - 2013-01-05 00:48 - 00000000 ____A C:\Windows\System32\Drivers\Gsogk.sys
    2013-01-04 08:41 - 2013-01-04 08:41 - 00000000 ____A C:\Windows\System32\Drivers\Esoeo.sys
    2013-01-04 08:29 - 2013-01-04 08:29 - 00001547 ____A C:\Result.txt
    2013-01-04 08:14 - 2013-01-04 08:18 - 00752213 ____A (Farbar) C:\MiniToolBox.exe
    2013-01-04 07:46 - 2013-01-04 07:46 - 00000000 ____A C:\Windows\System32\Drivers\Csqfh.sys
    2013-01-03 09:13 - 2013-01-03 09:13 - 00000000 ____A C:\Windows\System32\Drivers\Fsogk.sys
    2013-01-03 05:25 - 2013-01-03 05:25 - 00000000 ____A C:\Windows\System32\Drivers\Btllk.sys
    2013-01-03 05:16 - 2013-01-03 05:16 - 00000000 ____A C:\Windows\System32\Drivers\Csnhg.sys
    2013-01-03 05:03 - 2013-01-03 05:02 - 00000000 ____A C:\Windows\System32\Drivers\Gsnni.sys
    2013-01-03 01:00 - 2013-01-03 01:00 - 00000000 ____A C:\Windows\System32\Drivers\Dspjf.sys
    2013-01-03 00:29 - 2013-01-03 00:29 - 00000000 ____A C:\Windows\System32\Drivers\Esnln.sys
    2013-01-03 00:24 - 2013-01-03 00:24 - 00000000 ____A C:\Windows\System32\Drivers\Fsnni.sys
    2013-01-03 00:20 - 2013-01-03 00:20 - 00000000 ____A C:\Windows\System32\Drivers\Csnkh.sys
    2013-01-02 08:43 - 2013-01-02 08:43 - 00000000 ____A C:\Windows\System32\Drivers\Gqomm.sys
    2013-01-02 08:27 - 2013-01-02 08:27 - 00000000 ____A C:\Windows\System32\Drivers\Csomm.sys
    2013-01-01 20:54 - 2013-01-01 20:54 - 00000000 ____A C:\Windows\System32\Drivers\Esnni.sys
    2013-01-01 20:49 - 2013-01-01 20:49 - 00000000 ____A C:\Windows\System32\Drivers\Btmji.sys
    2013-01-01 20:42 - 2013-01-01 20:42 - 00000000 ____A C:\Windows\System32\Drivers\Cspjf.sys
    2013-01-01 00:36 - 2013-01-01 00:36 - 00000000 ____A C:\Windows\System32\Drivers\Esoif.sys
    2012-12-30 13:27 - 2012-12-30 13:27 - 00000000 ____A C:\Windows\System32\Drivers\Cspfn.sys
    2012-12-30 11:01 - 2012-12-30 11:01 - 00000000 ____A C:\Windows\System32\Drivers\Esogk.sys
    2012-12-29 21:52 - 2012-12-29 21:51 - 00000000 ____A C:\Windows\System32\Drivers\Dsogk.sys
    2012-12-29 20:18 - 2012-12-29 20:17 - 00000000 ____A C:\Windows\System32\Drivers\Dsoif.sys
    2012-12-29 20:13 - 2012-12-29 20:13 - 00000000 ____A C:\Windows\System32\Drivers\Btljo.sys
    2012-12-29 20:08 - 2012-12-29 20:08 - 00000000 ____A C:\Windows\System32\Drivers\Ctogk.sys
    2012-12-29 20:02 - 2012-12-29 20:02 - 00000000 ____A C:\Windows\System32\Drivers\Esolg.sys
    2012-12-28 05:51 - 2012-12-28 05:51 - 00000000 ____A C:\Windows\System32\Drivers\Dsolg.sys
    2012-12-27 20:27 - 2012-12-27 20:27 - 00000000 ____A C:\Windows\System32\Drivers\Dsoeo.sys
    2012-12-27 19:53 - 2012-12-27 19:53 - 00000000 ____A C:\Windows\System32\Drivers\Dsnln.sys
    2012-12-26 21:21 - 2012-12-26 21:21 - 00000000 ____A C:\Windows\System32\Drivers\Csojl.sys
    2012-12-26 21:19 - 2012-12-26 21:19 - 00000000 ____A C:\Windows\System32\Drivers\Csnln.sys
    2012-12-26 21:15 - 2012-12-26 21:15 - 00000000 ____A C:\Windows\System32\Drivers\Csoif.sys
    2012-12-26 21:04 - 2012-12-26 21:04 - 00000000 ____A C:\Windows\System32\Drivers\Csogk.sys
    2012-12-26 20:11 - 2012-12-26 20:10 - 00000000 ____A C:\Windows\System32\Drivers\Csolg.sys
    2012-12-26 18:56 - 2012-12-26 18:56 - 00000000 ____A C:\Windows\System32\Drivers\Dsnni.sys
    2012-12-26 18:45 - 2012-12-26 18:45 - 00000000 ____A C:\Windows\System32\Drivers\Btlii.sys
    2012-12-26 18:27 - 2012-12-26 18:27 - 00000000 ____A C:\Windows\System32\Drivers\Csoeo.sys
    2012-12-26 08:01 - 2012-12-26 08:01 - 00000000 ____A C:\Windows\System32\Drivers\Ctnhg.sys
    2012-12-26 07:55 - 2012-12-26 07:55 - 00000000 ____A C:\Windows\System32\Drivers\Csnni.sys
    2012-12-25 23:27 - 2012-10-07 22:01 - 00101552 ____A C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2012-12-25 23:27 - 2012-10-07 18:06 - 00065536 ____A C:\Windows\System32\config\TuneUp.evt
    2012-12-25 23:27 - 2008-11-09 23:57 - 00000012 ____A C:\Windows\bthservsdp.dat
    2012-12-25 23:27 - 2008-11-09 23:44 - 00000178 __ASH C:\Documents and Settings\Peter\ntuser.ini
    2012-12-25 23:27 - 2003-04-08 07:28 - 01382810 ____A C:\Windows\WindowsUpdate.log
    2012-12-25 23:27 - 2003-04-08 07:28 - 00524288 ____A C:\Windows\System32\config\ACEEvent.evt
    2012-12-25 23:27 - 2003-04-08 07:28 - 00032626 ____A C:\Windows\SchedLgU.Txt
    2012-12-25 23:27 - 2003-04-08 07:28 - 00000274 ____A C:\Windows\wiadebug.log
    2012-12-25 23:27 - 2003-04-08 07:28 - 00000050 ____A C:\Windows\wiaservc.log
    2012-12-25 23:27 - 2003-04-08 07:28 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-12-25 23:26 - 2012-06-25 23:12 - 00000234 ____A C:\Windows\Tasks\Scheduled Update for Ask Toolbar.job
    2012-12-25 22:15 - 2004-08-04 05:00 - 00150804 ____A C:\Windows\System32\Drivers\Flpydisk.sys
    2012-12-25 22:10 - 2012-02-19 10:34 - 00000442 ____A C:\Windows\System32\Drivers\etc\hosts.ics
    2012-12-25 22:09 - 2008-11-09 23:44 - 00000062 __ASH C:\Documents and Settings\Peter\Local Settings\desktop.ini
    2012-12-25 22:09 - 2003-04-08 06:55 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
    2012-12-25 22:09 - 2003-04-08 06:55 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini
    2012-12-25 07:53 - 2012-04-01 14:04 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2012-12-25 07:53 - 2012-02-18 14:06 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2012-12-22 22:39 - 2012-12-22 22:23 - 00007595 ____A C:\Documents and Settings\Peter\Desktop\All My gods.ods
    2012-12-22 21:59 - 2012-12-22 21:59 - 00000600 ____A C:\Documents and Settings\Peter\Desktop\All_My_Gods.lnk
    2012-12-22 17:57 - 2008-12-18 08:58 - 00000116 ____A C:\Windows\NeroDigital.ini
    2012-12-22 08:23 - 2012-12-22 08:23 - 00000127 __RSH C:\Windows\System32\dvsrec.ini
    2012-12-22 08:23 - 2012-12-22 08:23 - 00000000 ____D C:\Documents and Settings\Peter\Application Data\Realore All My Gods
    2012-12-21 19:55 - 2003-04-08 06:55 - 00158378 ____A C:\Windows\wmsetup.log
    2012-12-21 08:27 - 2008-11-21 14:24 - 00000754 ____A C:\Windows\WORDPAD.INI
    2012-12-17 18:20 - 2012-12-17 18:20 - 00000000 ____D C:\Documents and Settings\Peter\Desktop\mv
    2012-12-15 09:25 - 2003-04-08 07:28 - 01031015 ____A C:\Windows\setupapi.log
    2012-12-15 09:17 - 2012-12-15 09:17 - 00000555 ____A C:\Documents and Settings\Peter\Desktop\Day by Day.wpl.lnk
    2012-12-14 23:34 - 2003-04-04 02:57 - 00001433 ____A C:\Windows\win.ini
    2012-12-13 08:30 - 2012-12-13 08:30 - 00002227 ____A C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
    2012-12-13 08:30 - 2012-12-13 08:30 - 00002133 ____A C:\Documents and Settings\All Users\Desktop\Nero Home.lnk
    2012-12-11 20:19 - 2003-04-08 07:28 - 00001158 ____A C:\Windows\System32\wpa.dbl
    2012-12-09 11:37 - 2012-12-09 11:37 - 00000000 ____D C:\Program Files\Mozilla Firefox


    ==================== Known DLLs (Whitelisted) =================


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe
    [2004-08-04 05:00] - [2004-08-04 05:00] - 1032192 ____N (Microsoft Corporation) a0732187050030ae399b241436565e64

    C:\Windows\System32\winlogon.exe
    [2004-08-04 05:00] - [2004-08-04 05:00] - 0502272 ____N (Microsoft Corporation) 01c3346c241652f43aed8e2149881bfe

    C:\Windows\System32\svchost.exe
    [2004-08-04 05:00] - [2004-08-04 05:00] - 0014336 ____N (Microsoft Corporation) 8f078ae4ed187aaabc0a305146de6716

    C:\Windows\System32\services.exe
    [2004-08-04 05:00] - [2009-02-06 18:22] - 0110592 ____N (Microsoft Corporation) 4712531ab7a01b7ee059853ca17d39bd

    C:\Windows\System32\User32.dll
    [2004-08-04 05:00] - [2004-08-04 05:00] - 0577024 ____N (Microsoft Corporation) c72661f8552ace7c5c85e16a3cf505c4

    C:\Windows\System32\userinit.exe
    [2004-08-04 05:00] - [2004-08-04 05:00] - 0024576 ____N (Microsoft Corporation) 39b1ffb03c2296323832acbae50d2aff

    C:\Windows\System32\Drivers\volsnap.sys
    [2004-08-04 05:00] - [2004-08-04 05:00] - 0052352 ____A (Microsoft Corporation) ee4660083deba849ff6c485d944b379b


    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points (XP) =====================

    RP: -> 2012-12-24 21:49 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP125

    RP: -> 2012-12-23 09:32 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP124

    RP: -> 2012-12-21 21:33 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP123

    RP: -> 2012-12-20 18:27 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP122

    RP: -> 2012-12-18 19:23 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP121

    RP: -> 2012-12-16 21:48 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP120

    RP: -> 2012-12-13 08:29 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP119

    RP: -> 2012-12-13 08:19 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP118

    RP: -> 2012-12-12 19:30 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP117

    RP: -> 2012-12-10 22:06 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP116

    RP: -> 2012-12-08 19:45 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP115

    RP: -> 2012-12-06 21:16 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP114

    RP: -> 2012-12-04 18:54 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP113

    RP: -> 2012-12-04 18:54 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP112

    RP: -> 2012-12-02 09:00 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP111

    RP: -> 2012-11-30 19:43 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP110

    RP: -> 2012-11-29 19:10 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP109

    RP: -> 2012-11-27 19:40 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP108

    RP: -> 2012-11-25 07:28 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP107

    RP: -> 2012-11-23 22:15 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP106

    RP: -> 2012-11-22 21:11 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP105

    RP: -> 2012-11-21 18:59 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP104

    RP: -> 2012-11-19 07:17 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP103

    RP: -> 2012-11-17 21:07 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP102

    RP: -> 2012-11-16 20:56 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP101

    RP: -> 2012-11-15 20:04 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP100

    RP: -> 2012-11-12 20:41 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP99

    RP: -> 2012-11-10 19:07 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP98

    RP: -> 2012-11-08 21:06 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP97

    RP: -> 2012-11-07 20:04 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP96

    RP: -> 2012-11-06 19:22 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP95

    RP: -> 2012-11-05 09:29 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP94

    RP: -> 2012-11-05 09:21 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP93

    RP: -> 2012-11-05 09:14 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP92

    RP: -> 2012-11-04 23:59 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP91

    RP: -> 2012-10-30 20:25 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP90

    RP: -> 2012-10-28 12:02 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP89

    RP: -> 2012-10-25 23:58 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP88

    RP: -> 2012-10-25 23:57 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP87

    RP: -> 2012-10-22 00:31 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP86

    RP: -> 2012-10-22 00:31 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP85

    RP: -> 2012-10-22 00:11 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP84

    RP: -> 2012-10-22 00:10 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP83

    RP: -> 2012-10-21 23:43 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP82

    RP: -> 2012-10-21 23:42 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP81

    RP: -> 2012-10-21 15:49 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP80

    RP: -> 2012-10-21 15:49 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP79

    RP: -> 2012-10-21 15:33 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP78

    RP: -> 2012-10-21 15:33 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP77

    RP: -> 2012-10-19 23:59 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP76

    RP: -> 2012-10-19 23:59 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP75

    RP: -> 2012-10-19 23:58 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP74

    RP: -> 2012-10-19 23:58 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP73

    RP: -> 2012-10-19 23:52 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP72

    RP: -> 2012-10-14 01:10 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP71

    RP: -> 2012-10-14 01:09 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP70

    RP: -> 2012-10-14 01:06 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP69

    RP: -> 2012-10-12 03:17 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP68

    RP: -> 2012-10-12 02:53 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP67

    RP: -> 2012-10-12 02:53 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP66

    RP: -> 2012-10-12 02:50 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP65

    RP: -> 2012-10-12 02:50 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP64

    RP: -> 2012-10-12 02:26 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP63

    RP: -> 2012-10-12 02:25 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP62

    RP: -> 2012-10-09 19:26 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP61

    RP: -> 2012-10-07 17:36 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP60

    RP: -> 2012-10-07 17:35 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP59

    RP: -> 2012-10-06 23:55 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP58

    RP: -> 2012-10-06 23:52 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP57

    RP: -> 2012-10-06 23:27 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP56

    RP: -> 2012-10-06 23:26 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP55

    RP: -> 2012-10-06 23:23 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP54

    RP: -> 2012-10-06 23:22 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP53

    RP: -> 2012-10-06 23:06 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP52

    RP: -> 2012-10-06 08:23 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP50

    RP: -> 2012-10-06 07:16 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP49

    RP: -> 2012-10-05 08:15 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP48

    RP: -> 2012-10-03 23:14 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP47

    RP: -> 2012-10-03 22:58 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP46

    RP: -> 2012-10-02 20:56 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP45

    RP: -> 2012-10-01 09:18 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP44

    RP: -> 2012-10-01 07:57 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP43

    RP: -> 2012-09-30 00:54 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP42

    RP: -> 2012-09-30 00:12 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP41

    RP: -> 2012-09-30 00:10 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP40

    RP: -> 2012-09-28 20:15 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP39

    RP: -> 2012-09-26 21:39 - 024576 _restore{C174DC8D-D03B-4FB1-AE2D-E56D3A107BCF}\RP38


    ==================== Memory info ===========================

    Percentage of memory in use: 14%
    Total physical RAM: 1534.05 MB
    Available physical RAM: 1314.63 MB
    Total Pagefile: 1384.21 MB
    Available Pagefile: 1356.06 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 2004.79 MB

    ==================== Partitions =============================

    1 Drive b: (RAMDisk) (Fixed) (Total:0.03 GB) (Free:0.03 GB) FAT
    2 Drive c: (ACER) (Fixed) (Total:77.61 GB) (Free:18.14 GB) FAT32 ==>[Drive with boot components (Windows XP)]
    3 Drive d: () (Fixed) (Total:77.63 GB) (Free:15.42 GB) NTFS
    4 Drive e: (New Volume) (Fixed) (Total:77.62 GB) (Free:17.37 GB) NTFS
    5 Drive f: (KINGSTON) (Removable) (Total:1.87 GB) (Free:0.69 GB) FAT32
    7 Drive x: (BartPE) (CDROM) (Total:0.15 GB) (Free:0 GB) CDFS
    ????????????On computer: MININT-JVC

    ==================== End Of Log ============================
     
  13. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    No sign of any nasty infections on the system so I suspect there may be some corruption in the registry or damaged system files, or a damaged MBR.

    Could you take a little time to explain exactly what state the PC is in and what occurred before this problem happened, did you change or install something just before the problem started or did it just suddenly stop booting.

    In post 3 you said: If windows functioning well ..will boot into Windows desktop.

    Then in post 8 you said: Windows Normal Mode not running..Windows Safe Mode not running.. This contradicts what you said in post 3.

    So, does it boot at any time to the desktop or is it intermittent?

    When you do try and boot into Normal or Safe mode what happens, do you see any error messages, if so what are they?

    You must keep in mind that I cannot see what your PC is doing so it would help me to help you if you give me a detailed explanation as to the PC's behavior, I can then make a more informed decision as to what to try next.



    You have a lot of Restore Points going back to September, have you tried to use system restore? If so what happened?

    Could you list what you have tried.

    Please also tell me if you have a Retail copy of XP and what Service Pack it includes.
     
  14. peter_ks_lee

    peter_ks_lee Thread Starter

    Joined:
    Jan 30, 2006
    Messages:
    90
    Restore point 26-9 -> 24-12 not created by me ..
    26-12 -> 5-1 many unknown driver created ..

    Windows Normal Mode not running..Windows Safe Mode not running..
    means windows totally can't be used ..
     
  15. peter_ks_lee

    peter_ks_lee Thread Starter

    Joined:
    Jan 30, 2006
    Messages:
    90
    Under windows\prefetch

    Files created 18/12/2012 -> 25/12/2012 ...
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1082973

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice