After running a scan with AVG and removing threats that it showed, and then restarting as it directed I have not been able to restart my computer. It just continuously goes to the screen that gives you options on how to start: Safe Mode, etc. I have tried all options to restart my computer and it always returns to the same screen. I would like to find a way to get this back to working condition so I can back up my files as I have not done so in several weeks. Any suggestions would be greatly appreciated. Thank You
Computer stuck in continuous reboot cycle.
- Thread starter dpwyatt
- Start date
- Mar 8, 2013
- 22,627
Hello,
They call me TwinHeadedEagle around here, and I'll be working with you.
Before we start please read and note the following:
Please print these instruction out so that you know what you are doing
They call me TwinHeadedEagle around here, and I'll be working with you.
Before we start please read and note the following:
- At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
- Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
- Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
- Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
- All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
- If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
- I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like everyone and I cannot be here 24/7. So please be patient with me. Also, some infections require less, and some more time to be removed completely, so bear this in mind and be patient.
- Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. If you solved your problem yourself, set aside two minutes to let me know.
- Please attach all report using
button below. Doing this, you make it easier for me to analyze and fix your problem.
- Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
- If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Please print these instruction out so that you know what you are doing
- Download OTLPENet.exe to your desktop
- Download Farbar Recovery Scan Tool and save it to a flash drive.
- Ensure that you have a blank CD in the drive
- Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
- Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here - Wait for the CD to detect your hardware and load the operating system
- Your system should now display a Reatogo desktop
Note : as you are running from CD it is not exactly speedy - Insert the USB with FRST
- Locate the flash drive with FRST and double click
- The tool will start to run.
- When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
Here is what I got. Am I suppose to shut my desktop running or shut it down?
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01
Ran by SYSTEM on REATOGO on 22-09-2014 22:06:19
Running from H:\
Platform: Microsoft Windows XP (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [] => [X]
HKLM\...\Run: [CHotkey] => C:\Windows\zHotkey.exe [543232 2004-05-17] ()
HKLM\...\Run: [ShowWnd] => C:\Windows\ShowWnd.exe [36864 2003-09-19] ()
HKLM\...\Run: [SunKistEM] => C:\Program Files\Digital Media Reader\shwiconem.exe [135168 2004-03-11] (Alcor Micro, Corp.)
HKLM\...\Run: [Microsoft Works Update Detection] => C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [50688 2003-06-07] (Microsoft® Corporation)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [72192 2008-01-16] (ArcSoft)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2680344 2014-09-03] ()
HKLM\...\runonceex: [] => [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\Default User\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\Owner\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\Owner\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [1041736 2012-10-16] ()
HKU\Owner\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -update plugin
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: "autocheck autochk * "C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [104960 2008-01-16] (ArcSoft)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S4 getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33176 2009-03-03] (NOS Microsystems Ltd.)
S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-12-04] (Sun Microsystems, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195400 2012-09-25] (NETGEAR)
S2 vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-09-03] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 .afd; \* [167416 2013-05-28] ()
S3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S1 archlp; C:\Windows\System32\Drivers\archlp.sys [10624 2008-01-25] ()
S2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2003-01-03] (Windows (R) 2000 DDK provider)
S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriverl; C:\Windows\System32\DRIVERS\avgidsdriverlx.sys [191256 2014-07-21] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-09-03] (AVG Technologies)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
S3 ltmodem5; C:\Windows\System32\DRIVERS\ltmdmnt.sys [606684 2008-04-14] (LT)
S3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35088 2013-02-16] (CACE Technologies, Inc.)
S3 nvax; C:\Windows\System32\drivers\nvax.sys [36864 2003-09-02] (NVIDIA Corporation)
S3 NVENET; C:\Windows\System32\DRIVERS\NVENET.sys [72771 2003-08-15] (NVIDIA Corporation)
S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [312704 2003-09-02] (NVIDIA Corporation)
S0 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [18688 2003-03-19] (NVIDIA Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation)
S3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [40564 2004-03-22] (Alcor Micro Corp.)
S3 SunkFilt39; C:\WINDOWS\System32\Drivers\sunkfilt39.sys [42936 2004-03-22] (Alcor Micro Corp.)
S0 Achernar; System32\Drivers\Achernar.sys [X]
S3 AFGMp50; System32\Drivers\AFGMp50.sys [X]
S3 AFGSp50; System32\Drivers\AFGSp50.sys [X]
S4 IntelIde; No ImagePath
S5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 Sunkfiltp; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys [X]
S3 udfpt; system32\drivers\udfpt.sys [X]
S3 usbbus; System32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; System32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; System32\DRIVERS\lgusbmodem.sys [X]
S3 wanatw; System32\DRIVERS\wanatw4.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-22 22:05 - 2014-09-22 22:05 - 00000000 ____D () C:\FRST
2014-09-12 17:59 - 2014-09-12 18:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-22 22:05 - 2014-09-22 22:05 - 00000000 ____D () C:\FRST
2014-09-12 21:18 - 2009-03-03 20:36 - 02054640 _____ () C:\Windows\WindowsUpdate.log
2014-09-12 21:18 - 2003-01-03 09:00 - 00032582 _____ () C:\Windows\SchedLgU.Txt
2014-09-12 21:17 - 2003-01-03 00:52 - 00000268 _____ () C:\Windows\wiadebug.log
2014-09-12 21:16 - 2014-07-07 01:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-09-12 21:11 - 2004-08-10 23:42 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2014-09-12 19:46 - 2014-07-07 00:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-09-12 19:46 - 2013-02-10 19:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-12 18:01 - 2014-09-12 17:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-12 09:08 - 2013-09-26 09:03 - 00000000 ____D () C:\Windows\System32\MRT
2014-09-12 09:01 - 2009-08-13 20:16 - 98758480 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-09-11 20:52 - 2013-11-09 18:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-09-11 20:52 - 2013-03-16 09:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-09-11 19:52 - 2003-01-03 10:06 - 00003731 _____ () C:\Windows\System32\nvapps.xml
2014-09-11 19:50 - 2003-01-03 00:52 - 00000049 _____ () C:\Windows\wiaservc.log
2014-09-11 01:45 - 2013-08-14 08:04 - 00104830 _____ () C:\Windows\setupapi.log
2014-09-11 01:40 - 2003-01-03 07:42 - 00001158 _____ () C:\Windows\System32\wpa.dbl
2014-09-03 14:51 - 2014-07-09 00:00 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2014-09-03 14:50 - 2014-07-09 00:01 - 00042784 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys
2014-09-02 10:46 - 2014-07-07 01:34 - 00000702 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2014-08-28 07:11 - 2014-07-09 00:01 - 00000000 _____ () C:\Program Files\Mozilla Firefoxwtu-secure-search.xml
2014-08-24 01:01 - 2002-01-01 12:33 - 00000000 ____D () C:\QBOOKSW
Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Owner\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Owner\Local Settings\Temp\drm_dyndata_7350007.dll
C:\Documents and Settings\Owner\Local Settings\Temp\EAInstall.dll
C:\Documents and Settings\Owner\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Owner\Local Settings\Temp\The Sims Castaway Stories_uninst.exe
C:\Documents and Settings\Owner\Local Settings\Temp\uninst.dll
C:\Documents and Settings\Owner\Local Settings\Temp\VP6Install.exe
C:\Documents and Settings\Owner\Local Settings\Temp\VP6VFW.dll
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points (XP) =====================
RP: -> 2014-09-12 09:00 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1426
RP: -> 2014-09-12 02:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1425
RP: -> 2014-09-11 02:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1424
RP: -> 2014-09-09 04:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1423
RP: -> 2014-09-08 04:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1422
RP: -> 2014-09-07 03:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1421
RP: -> 2014-09-06 02:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1420
RP: -> 2014-09-05 02:10 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1419
RP: -> 2014-09-04 01:59 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1418
RP: -> 2014-09-03 01:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1417
RP: -> 2014-08-31 15:45 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1416
RP: -> 2014-08-28 09:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1415
RP: -> 2014-08-26 23:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1414
RP: -> 2014-08-25 21:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1413
RP: -> 2014-08-24 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1412
RP: -> 2014-08-23 00:34 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1411
RP: -> 2014-08-21 22:13 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1410
RP: -> 2014-08-20 21:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1409
RP: -> 2014-08-19 20:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1408
RP: -> 2014-08-18 19:14 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1407
RP: -> 2014-08-17 18:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1406
RP: -> 2014-08-16 18:32 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1405
RP: -> 2014-08-15 18:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1404
RP: -> 2014-08-14 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1403
RP: -> 2014-08-14 01:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1402
RP: -> 2014-08-12 09:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1401
RP: -> 2014-08-11 09:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1400
RP: -> 2014-08-10 08:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1399
RP: -> 2014-08-09 07:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1398
RP: -> 2014-08-08 01:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1397
RP: -> 2014-08-07 00:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1396
RP: -> 2014-08-05 22:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1395
RP: -> 2014-08-04 22:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1394
RP: -> 2014-08-03 22:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1393
RP: -> 2014-08-03 17:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1392
RP: -> 2014-08-02 17:42 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1391
RP: -> 2014-08-01 16:58 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1390
RP: -> 2014-08-01 16:46 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1389
RP: -> 2014-08-01 05:47 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1388
RP: -> 2014-07-31 04:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1387
RP: -> 2014-07-30 04:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1386
RP: -> 2014-07-29 03:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1385
RP: -> 2014-07-28 03:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1384
RP: -> 2014-07-27 02:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1383
RP: -> 2014-07-26 01:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1382
RP: -> 2014-07-25 00:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1381
RP: -> 2014-07-24 00:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1380
RP: -> 2014-07-22 23:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1379
RP: -> 2014-07-21 23:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1378
RP: -> 2014-07-20 22:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1377
RP: -> 2014-07-19 21:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1376
RP: -> 2014-07-18 20:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1375
RP: -> 2014-07-17 19:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1374
RP: -> 2014-07-16 18:52 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1373
RP: -> 2014-07-15 18:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1372
RP: -> 2014-07-13 04:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1371
RP: -> 2014-07-12 03:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1370
RP: -> 2014-07-11 02:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1369
RP: -> 2014-07-10 01:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1368
RP: -> 2014-07-09 00:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1367
RP: -> 2014-07-08 02:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1366
RP: -> 2014-07-07 01:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1365
RP: -> 2014-07-07 01:30 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1364
RP: -> 2014-07-06 22:12 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1363
RP: -> 2014-07-04 05:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1362
RP: -> 2014-07-03 08:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1361
RP: -> 2014-07-02 08:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1360
RP: -> 2014-07-01 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1359
RP: -> 2014-06-30 05:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1358
RP: -> 2014-06-29 04:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1357
RP: -> 2014-06-28 03:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1356
RP: -> 2014-06-27 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1355
RP: -> 2014-06-27 00:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1354
RP: -> 2014-06-26 00:22 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1353
RP: -> 2014-06-23 09:27 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1352
RP: -> 2014-06-22 08:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1351
RP: -> 2014-06-20 08:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1350
RP: -> 2014-06-17 03:06 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1349
RP: -> 2014-06-16 17:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1348
RP: -> 2014-06-15 17:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1347
==================== Memory info ===========================
Percentage of memory in use: 60%
Total physical RAM: 447.48 MB
Available physical RAM: 174.64 MB
Total Pagefile: 363.32 MB
Available Pagefile: 269.28 MB
Total Virtual: 2047.88 MB
Available Virtual: 2000.05 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
Drive c: () (Fixed) (Total:149.05 GB) (Free:91.3 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive h: (KINGSTON) (Removable) (Total:1.87 GB) (Free:0.12 GB) FAT
Drive x: (ReatogoPE) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: BD01E960)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 1.9 GB) (Disk ID: 2D55086E)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06)
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01
Ran by SYSTEM on REATOGO on 22-09-2014 22:06:19
Running from H:\
Platform: Microsoft Windows XP (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [] => [X]
HKLM\...\Run: [CHotkey] => C:\Windows\zHotkey.exe [543232 2004-05-17] ()
HKLM\...\Run: [ShowWnd] => C:\Windows\ShowWnd.exe [36864 2003-09-19] ()
HKLM\...\Run: [SunKistEM] => C:\Program Files\Digital Media Reader\shwiconem.exe [135168 2004-03-11] (Alcor Micro, Corp.)
HKLM\...\Run: [Microsoft Works Update Detection] => C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [50688 2003-06-07] (Microsoft® Corporation)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [72192 2008-01-16] (ArcSoft)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2680344 2014-09-03] ()
HKLM\...\runonceex: [] => [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\Default User\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\Owner\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\Owner\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [1041736 2012-10-16] ()
HKU\Owner\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -update plugin
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: "autocheck autochk * "C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [104960 2008-01-16] (ArcSoft)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S4 getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33176 2009-03-03] (NOS Microsystems Ltd.)
S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-12-04] (Sun Microsystems, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195400 2012-09-25] (NETGEAR)
S2 vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-09-03] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 .afd; \* [167416 2013-05-28] ()
S3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S1 archlp; C:\Windows\System32\Drivers\archlp.sys [10624 2008-01-25] ()
S2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2003-01-03] (Windows (R) 2000 DDK provider)
S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriverl; C:\Windows\System32\DRIVERS\avgidsdriverlx.sys [191256 2014-07-21] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-09-03] (AVG Technologies)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
S3 ltmodem5; C:\Windows\System32\DRIVERS\ltmdmnt.sys [606684 2008-04-14] (LT)
S3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35088 2013-02-16] (CACE Technologies, Inc.)
S3 nvax; C:\Windows\System32\drivers\nvax.sys [36864 2003-09-02] (NVIDIA Corporation)
S3 NVENET; C:\Windows\System32\DRIVERS\NVENET.sys [72771 2003-08-15] (NVIDIA Corporation)
S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [312704 2003-09-02] (NVIDIA Corporation)
S0 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [18688 2003-03-19] (NVIDIA Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation)
S3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [40564 2004-03-22] (Alcor Micro Corp.)
S3 SunkFilt39; C:\WINDOWS\System32\Drivers\sunkfilt39.sys [42936 2004-03-22] (Alcor Micro Corp.)
S0 Achernar; System32\Drivers\Achernar.sys [X]
S3 AFGMp50; System32\Drivers\AFGMp50.sys [X]
S3 AFGSp50; System32\Drivers\AFGSp50.sys [X]
S4 IntelIde; No ImagePath
S5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 Sunkfiltp; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys [X]
S3 udfpt; system32\drivers\udfpt.sys [X]
S3 usbbus; System32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; System32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; System32\DRIVERS\lgusbmodem.sys [X]
S3 wanatw; System32\DRIVERS\wanatw4.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-22 22:05 - 2014-09-22 22:05 - 00000000 ____D () C:\FRST
2014-09-12 17:59 - 2014-09-12 18:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-22 22:05 - 2014-09-22 22:05 - 00000000 ____D () C:\FRST
2014-09-12 21:18 - 2009-03-03 20:36 - 02054640 _____ () C:\Windows\WindowsUpdate.log
2014-09-12 21:18 - 2003-01-03 09:00 - 00032582 _____ () C:\Windows\SchedLgU.Txt
2014-09-12 21:17 - 2003-01-03 00:52 - 00000268 _____ () C:\Windows\wiadebug.log
2014-09-12 21:16 - 2014-07-07 01:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-09-12 21:11 - 2004-08-10 23:42 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2014-09-12 19:46 - 2014-07-07 00:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-09-12 19:46 - 2013-02-10 19:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-12 18:01 - 2014-09-12 17:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-12 09:08 - 2013-09-26 09:03 - 00000000 ____D () C:\Windows\System32\MRT
2014-09-12 09:01 - 2009-08-13 20:16 - 98758480 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-09-11 20:52 - 2013-11-09 18:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-09-11 20:52 - 2013-03-16 09:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-09-11 19:52 - 2003-01-03 10:06 - 00003731 _____ () C:\Windows\System32\nvapps.xml
2014-09-11 19:50 - 2003-01-03 00:52 - 00000049 _____ () C:\Windows\wiaservc.log
2014-09-11 01:45 - 2013-08-14 08:04 - 00104830 _____ () C:\Windows\setupapi.log
2014-09-11 01:40 - 2003-01-03 07:42 - 00001158 _____ () C:\Windows\System32\wpa.dbl
2014-09-03 14:51 - 2014-07-09 00:00 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2014-09-03 14:50 - 2014-07-09 00:01 - 00042784 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys
2014-09-02 10:46 - 2014-07-07 01:34 - 00000702 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2014-08-28 07:11 - 2014-07-09 00:01 - 00000000 _____ () C:\Program Files\Mozilla Firefoxwtu-secure-search.xml
2014-08-24 01:01 - 2002-01-01 12:33 - 00000000 ____D () C:\QBOOKSW
Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Owner\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Owner\Local Settings\Temp\drm_dyndata_7350007.dll
C:\Documents and Settings\Owner\Local Settings\Temp\EAInstall.dll
C:\Documents and Settings\Owner\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Owner\Local Settings\Temp\The Sims Castaway Stories_uninst.exe
C:\Documents and Settings\Owner\Local Settings\Temp\uninst.dll
C:\Documents and Settings\Owner\Local Settings\Temp\VP6Install.exe
C:\Documents and Settings\Owner\Local Settings\Temp\VP6VFW.dll
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points (XP) =====================
RP: -> 2014-09-12 09:00 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1426
RP: -> 2014-09-12 02:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1425
RP: -> 2014-09-11 02:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1424
RP: -> 2014-09-09 04:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1423
RP: -> 2014-09-08 04:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1422
RP: -> 2014-09-07 03:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1421
RP: -> 2014-09-06 02:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1420
RP: -> 2014-09-05 02:10 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1419
RP: -> 2014-09-04 01:59 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1418
RP: -> 2014-09-03 01:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1417
RP: -> 2014-08-31 15:45 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1416
RP: -> 2014-08-28 09:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1415
RP: -> 2014-08-26 23:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1414
RP: -> 2014-08-25 21:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1413
RP: -> 2014-08-24 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1412
RP: -> 2014-08-23 00:34 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1411
RP: -> 2014-08-21 22:13 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1410
RP: -> 2014-08-20 21:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1409
RP: -> 2014-08-19 20:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1408
RP: -> 2014-08-18 19:14 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1407
RP: -> 2014-08-17 18:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1406
RP: -> 2014-08-16 18:32 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1405
RP: -> 2014-08-15 18:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1404
RP: -> 2014-08-14 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1403
RP: -> 2014-08-14 01:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1402
RP: -> 2014-08-12 09:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1401
RP: -> 2014-08-11 09:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1400
RP: -> 2014-08-10 08:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1399
RP: -> 2014-08-09 07:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1398
RP: -> 2014-08-08 01:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1397
RP: -> 2014-08-07 00:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1396
RP: -> 2014-08-05 22:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1395
RP: -> 2014-08-04 22:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1394
RP: -> 2014-08-03 22:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1393
RP: -> 2014-08-03 17:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1392
RP: -> 2014-08-02 17:42 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1391
RP: -> 2014-08-01 16:58 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1390
RP: -> 2014-08-01 16:46 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1389
RP: -> 2014-08-01 05:47 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1388
RP: -> 2014-07-31 04:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1387
RP: -> 2014-07-30 04:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1386
RP: -> 2014-07-29 03:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1385
RP: -> 2014-07-28 03:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1384
RP: -> 2014-07-27 02:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1383
RP: -> 2014-07-26 01:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1382
RP: -> 2014-07-25 00:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1381
RP: -> 2014-07-24 00:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1380
RP: -> 2014-07-22 23:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1379
RP: -> 2014-07-21 23:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1378
RP: -> 2014-07-20 22:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1377
RP: -> 2014-07-19 21:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1376
RP: -> 2014-07-18 20:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1375
RP: -> 2014-07-17 19:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1374
RP: -> 2014-07-16 18:52 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1373
RP: -> 2014-07-15 18:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1372
RP: -> 2014-07-13 04:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1371
RP: -> 2014-07-12 03:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1370
RP: -> 2014-07-11 02:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1369
RP: -> 2014-07-10 01:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1368
RP: -> 2014-07-09 00:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1367
RP: -> 2014-07-08 02:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1366
RP: -> 2014-07-07 01:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1365
RP: -> 2014-07-07 01:30 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1364
RP: -> 2014-07-06 22:12 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1363
RP: -> 2014-07-04 05:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1362
RP: -> 2014-07-03 08:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1361
RP: -> 2014-07-02 08:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1360
RP: -> 2014-07-01 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1359
RP: -> 2014-06-30 05:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1358
RP: -> 2014-06-29 04:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1357
RP: -> 2014-06-28 03:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1356
RP: -> 2014-06-27 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1355
RP: -> 2014-06-27 00:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1354
RP: -> 2014-06-26 00:22 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1353
RP: -> 2014-06-23 09:27 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1352
RP: -> 2014-06-22 08:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1351
RP: -> 2014-06-20 08:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1350
RP: -> 2014-06-17 03:06 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1349
RP: -> 2014-06-16 17:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1348
RP: -> 2014-06-15 17:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1347
==================== Memory info ===========================
Percentage of memory in use: 60%
Total physical RAM: 447.48 MB
Available physical RAM: 174.64 MB
Total Pagefile: 363.32 MB
Available Pagefile: 269.28 MB
Total Virtual: 2047.88 MB
Available Virtual: 2000.05 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
Drive c: () (Fixed) (Total:149.05 GB) (Free:91.3 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive h: (KINGSTON) (Removable) (Total:1.87 GB) (Free:0.12 GB) FAT
Drive x: (ReatogoPE) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: BD01E960)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 1.9 GB) (Disk ID: 2D55086E)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06)
==================== End Of Log ============================
- Mar 8, 2013
- 22,627
Let's try to restore your PC to working condition:
Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt
>> Boot into Recovery Environment
Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
>> Exit out of Recovery Environment and post me the log please.
Try to boot Windows normally...
Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt
>> Boot into Recovery Environment
Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
- Press the Fix button once and wait.
- FRST will process fixlist.txt
- When finished, it will produce a log fixlog.txt on your USB flashdrive.
>> Exit out of Recovery Environment and post me the log please.
Try to boot Windows normally...
Here is my log. Computer is still stuck in the reboot mode.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-09-2014 01
Ran by SYSTEM at 2014-09-23 09:09:07 Run:1
Running from I:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
RP: -> 2014-09-11 02:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1424
*****************
SAM hive was successfully restored from Restore Point.
SECURITY hive was successfully restored from Restore Point.
Software hive was successfully restored from Restore Point.
System hive was successfully restored from Restore Point.
Default hive was successfully restored from Restore Point.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-09-2014 01
Ran by SYSTEM at 2014-09-23 09:09:07 Run:1
Running from I:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
RP: -> 2014-09-11 02:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1424
*****************
SAM hive was successfully restored from Restore Point.
SECURITY hive was successfully restored from Restore Point.
Software hive was successfully restored from Restore Point.
System hive was successfully restored from Restore Point.
Default hive was successfully restored from Restore Point.
==== End of Fixlog ====
- Mar 8, 2013
- 22,627
Let's try one more time until we try something else:
Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt
>> Boot into Recovery Environment
Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
>> Exit out of Recovery Environment and post me the log please.
Try to boot Windows normally...
Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt
>> Boot into Recovery Environment
Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
- Press the Fix button once and wait.
- FRST will process fixlist.txt
- When finished, it will produce a log fixlog.txt on your USB flashdrive.
>> Exit out of Recovery Environment and post me the log please.
Try to boot Windows normally...
Sorry had to work a double shift last night. Here is the log. Unfortunately it is still not booting.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-09-2014 01
Ran by SYSTEM at 2014-09-24 12:37:10 Run:2
Running from I:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
RP: -> 2014-09-11 02:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1424
*****************
SAM hive was successfully restored from Restore Point.
SECURITY hive was successfully restored from Restore Point.
Software hive was successfully restored from Restore Point.
System hive was successfully restored from Restore Point.
Default hive was successfully restored from Restore Point.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-09-2014 01
Ran by SYSTEM at 2014-09-24 12:37:10 Run:2
Running from I:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
RP: -> 2014-09-11 02:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1424
*****************
SAM hive was successfully restored from Restore Point.
SECURITY hive was successfully restored from Restore Point.
Software hive was successfully restored from Restore Point.
System hive was successfully restored from Restore Point.
Default hive was successfully restored from Restore Point.
==== End of Fixlog ====
Last edited:
- Mar 8, 2013
- 22,627
OK I will go through all of your steps again later. I have to leave for my first job at the moment. Thank you.
Here is what I got this time. I am still stuck in boot loop.
ix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-09-2014 01
Ran by SYSTEM at 2014-09-27 00:21:22 Run:3
Running from I:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
RP: -> 2014-09-09 04:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1423
*****************
SAM hive was successfully restored from Restore Point.
SECURITY hive was successfully restored from Restore Point.
Software hive was successfully restored from Restore Point.
System hive was successfully restored from Restore Point.
Default hive was successfully restored from Restore Point.
==== End of Fixlog ====
ix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-09-2014 01
Ran by SYSTEM at 2014-09-27 00:21:22 Run:3
Running from I:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
RP: -> 2014-09-09 04:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1423
*****************
SAM hive was successfully restored from Restore Point.
SECURITY hive was successfully restored from Restore Point.
Software hive was successfully restored from Restore Point.
System hive was successfully restored from Restore Point.
Default hive was successfully restored from Restore Point.
==== End of Fixlog ====
- Mar 8, 2013
- 22,627
Okay, we will try something else:
Boot to recovery again. Choose Command Prompt and type this command:
chkdsk c: /r
On completion try a normal boot
Boot to recovery again. Choose Command Prompt and type this command:
chkdsk c: /r
On completion try a normal boot
- Mar 8, 2013
- 22,627
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-09-2014 01
Ran by SYSTEM at 2014-09-27 00:21:22 Run:3
Running from I:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
RP: -> 2014-09-09 04:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1423
*****************
SAM hive was successfully restored from Restore Point.
SECURITY hive was successfully restored from Restore Point.
Software hive was successfully restored from Restore Point.
System hive was successfully restored from Restore Point.
Default hive was successfully restored from Restore Point.
==== End of Fixlog ====
Ran by SYSTEM at 2014-09-27 00:21:22 Run:3
Running from I:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
RP: -> 2014-09-09 04:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1423
*****************
SAM hive was successfully restored from Restore Point.
SECURITY hive was successfully restored from Restore Point.
Software hive was successfully restored from Restore Point.
System hive was successfully restored from Restore Point.
Default hive was successfully restored from Restore Point.
==== End of Fixlog ====
- Mar 8, 2013
- 22,627
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01
Ran by SYSTEM on REATOGO on 30-09-2014 03:31:29
Running from I:\
Platform: Microsoft Windows XP (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [] => [X]
HKLM\...\Run: [CHotkey] => C:\Windows\zHotkey.exe [543232 2004-05-17] ()
HKLM\...\Run: [ShowWnd] => C:\Windows\ShowWnd.exe [36864 2003-09-19] ()
HKLM\...\Run: [SunKistEM] => C:\Program Files\Digital Media Reader\shwiconem.exe [135168 2004-03-11] (Alcor Micro, Corp.)
HKLM\...\Run: [Microsoft Works Update Detection] => C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [50688 2003-06-07] (Microsoft® Corporation)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [72192 2008-01-16] (ArcSoft)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2680344 2014-09-03] ()
HKLM\...\runonceex: [] => [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\Default User\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\Owner\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\Owner\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [1041736 2012-10-16] ()
HKU\Owner\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -update plugin
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: "autocheck autochk * "C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [104960 2008-01-16] (ArcSoft)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S4 getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33176 2009-03-03] (NOS Microsystems Ltd.)
S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-12-04] (Sun Microsystems, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195400 2012-09-25] (NETGEAR)
S2 vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-09-03] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 .afd; \* [167416 2013-05-28] ()
S3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S1 archlp; C:\Windows\System32\Drivers\archlp.sys [10624 2008-01-25] ()
S2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2003-01-03] (Windows (R) 2000 DDK provider)
S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriverl; C:\Windows\System32\DRIVERS\avgidsdriverlx.sys [191256 2014-07-21] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-09-03] (AVG Technologies)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
S3 ltmodem5; C:\Windows\System32\DRIVERS\ltmdmnt.sys [606684 2008-04-14] (LT)
S3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35088 2013-02-16] (CACE Technologies, Inc.)
S3 nvax; C:\Windows\System32\drivers\nvax.sys [36864 2003-09-02] (NVIDIA Corporation)
S3 NVENET; C:\Windows\System32\DRIVERS\NVENET.sys [72771 2003-08-15] (NVIDIA Corporation)
S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [312704 2003-09-02] (NVIDIA Corporation)
S0 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [18688 2003-03-19] (NVIDIA Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation)
S3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [40564 2004-03-22] (Alcor Micro Corp.)
S3 SunkFilt39; C:\WINDOWS\System32\Drivers\sunkfilt39.sys [42936 2004-03-22] (Alcor Micro Corp.)
S0 Achernar; System32\Drivers\Achernar.sys [X]
S3 AFGMp50; System32\Drivers\AFGMp50.sys [X]
S3 AFGSp50; System32\Drivers\AFGSp50.sys [X]
S4 IntelIde; No ImagePath
S5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 Sunkfiltp; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys [X]
S3 udfpt; system32\drivers\udfpt.sys [X]
S3 usbbus; System32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; System32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; System32\DRIVERS\lgusbmodem.sys [X]
S3 wanatw; System32\DRIVERS\wanatw4.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-22 22:05 - 2014-09-29 17:04 - 00000000 ____D () C:\FRST
2014-09-12 17:59 - 2014-09-12 18:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-29 17:04 - 2014-09-22 22:05 - 00000000 ____D () C:\FRST
2014-09-12 21:18 - 2009-03-03 20:36 - 02054640 _____ () C:\Windows\WindowsUpdate.log
2014-09-12 21:18 - 2003-01-03 09:00 - 00032582 _____ () C:\Windows\SchedLgU.Txt
2014-09-12 21:17 - 2003-01-03 00:52 - 00000268 _____ () C:\Windows\wiadebug.log
2014-09-12 21:16 - 2014-07-07 01:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-09-12 21:11 - 2004-08-10 23:42 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2014-09-12 19:46 - 2014-07-07 00:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-09-12 19:46 - 2013-02-10 19:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-12 18:01 - 2014-09-12 17:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-12 09:08 - 2013-09-26 09:03 - 00000000 ____D () C:\Windows\System32\MRT
2014-09-12 09:01 - 2009-08-13 20:16 - 98758480 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-09-11 20:52 - 2013-11-09 18:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-09-11 20:52 - 2013-03-16 09:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-09-11 19:52 - 2003-01-03 10:06 - 00003731 _____ () C:\Windows\System32\nvapps.xml
2014-09-11 19:50 - 2003-01-03 00:52 - 00000049 _____ () C:\Windows\wiaservc.log
2014-09-11 01:45 - 2013-08-14 08:04 - 00104830 _____ () C:\Windows\setupapi.log
2014-09-11 01:40 - 2003-01-03 07:42 - 00001158 _____ () C:\Windows\System32\wpa.dbl
2014-09-03 14:51 - 2014-07-09 00:00 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2014-09-03 14:50 - 2014-07-09 00:01 - 00042784 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys
2014-09-02 10:46 - 2014-07-07 01:34 - 00000702 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Owner\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Owner\Local Settings\Temp\drm_dyndata_7350007.dll
C:\Documents and Settings\Owner\Local Settings\Temp\EAInstall.dll
C:\Documents and Settings\Owner\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Owner\Local Settings\Temp\The Sims Castaway Stories_uninst.exe
C:\Documents and Settings\Owner\Local Settings\Temp\uninst.dll
C:\Documents and Settings\Owner\Local Settings\Temp\VP6Install.exe
C:\Documents and Settings\Owner\Local Settings\Temp\VP6VFW.dll
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points (XP) =====================
RP: -> 2014-09-12 09:00 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1426
RP: -> 2014-09-12 02:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1425
RP: -> 2014-09-11 02:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1424
RP: -> 2014-09-09 04:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1423
RP: -> 2014-09-08 04:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1422
RP: -> 2014-09-07 03:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1421
RP: -> 2014-09-06 02:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1420
RP: -> 2014-09-05 02:10 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1419
RP: -> 2014-09-04 01:59 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1418
RP: -> 2014-09-03 01:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1417
RP: -> 2014-08-31 15:45 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1416
RP: -> 2014-08-28 09:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1415
RP: -> 2014-08-26 23:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1414
RP: -> 2014-08-25 21:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1413
RP: -> 2014-08-24 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1412
RP: -> 2014-08-23 00:34 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1411
RP: -> 2014-08-21 22:13 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1410
RP: -> 2014-08-20 21:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1409
RP: -> 2014-08-19 20:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1408
RP: -> 2014-08-18 19:14 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1407
RP: -> 2014-08-17 18:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1406
RP: -> 2014-08-16 18:32 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1405
RP: -> 2014-08-15 18:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1404
RP: -> 2014-08-14 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1403
RP: -> 2014-08-14 01:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1402
RP: -> 2014-08-12 09:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1401
RP: -> 2014-08-11 09:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1400
RP: -> 2014-08-10 08:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1399
RP: -> 2014-08-09 07:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1398
RP: -> 2014-08-08 01:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1397
RP: -> 2014-08-07 00:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1396
RP: -> 2014-08-05 22:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1395
RP: -> 2014-08-04 22:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1394
RP: -> 2014-08-03 22:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1393
RP: -> 2014-08-03 17:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1392
RP: -> 2014-08-02 17:42 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1391
RP: -> 2014-08-01 16:58 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1390
RP: -> 2014-08-01 16:46 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1389
RP: -> 2014-08-01 05:47 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1388
RP: -> 2014-07-31 04:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1387
RP: -> 2014-07-30 04:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1386
RP: -> 2014-07-29 03:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1385
RP: -> 2014-07-28 03:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1384
RP: -> 2014-07-27 02:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1383
RP: -> 2014-07-26 01:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1382
RP: -> 2014-07-25 00:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1381
RP: -> 2014-07-24 00:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1380
RP: -> 2014-07-22 23:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1379
RP: -> 2014-07-21 23:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1378
RP: -> 2014-07-20 22:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1377
RP: -> 2014-07-19 21:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1376
RP: -> 2014-07-18 20:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1375
RP: -> 2014-07-17 19:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1374
RP: -> 2014-07-16 18:52 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1373
RP: -> 2014-07-15 18:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1372
RP: -> 2014-07-13 04:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1371
RP: -> 2014-07-12 03:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1370
RP: -> 2014-07-11 02:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1369
RP: -> 2014-07-10 01:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1368
RP: -> 2014-07-09 00:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1367
RP: -> 2014-07-08 02:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1366
RP: -> 2014-07-07 01:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1365
RP: -> 2014-07-07 01:30 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1364
RP: -> 2014-07-06 22:12 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1363
RP: -> 2014-07-04 05:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1362
RP: -> 2014-07-03 08:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1361
RP: -> 2014-07-02 08:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1360
RP: -> 2014-07-01 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1359
RP: -> 2014-06-30 05:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1358
RP: -> 2014-06-29 04:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1357
RP: -> 2014-06-28 03:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1356
RP: -> 2014-06-27 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1355
RP: -> 2014-06-27 00:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1354
RP: -> 2014-06-26 00:22 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1353
RP: -> 2014-06-23 09:27 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1352
RP: -> 2014-06-22 08:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1351
RP: -> 2014-06-20 08:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1350
RP: -> 2014-06-17 03:06 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1349
RP: -> 2014-06-16 17:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1348
RP: -> 2014-06-15 17:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1347
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 447.48 MB
Available physical RAM: 171.14 MB
Total Pagefile: 363.32 MB
Available Pagefile: 269.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 2000.05 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
Drive c: () (Fixed) (Total:149.05 GB) (Free:91.3 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive i: (KINGSTON) (Removable) (Total:1.87 GB) (Free:0.11 GB) FAT
Drive x: (ReatogoPE) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: BD01E960)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 1.9 GB) (Disk ID: 2D55086E)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06)
==================== End Of Log ============================
Ran by SYSTEM on REATOGO on 30-09-2014 03:31:29
Running from I:\
Platform: Microsoft Windows XP (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [] => [X]
HKLM\...\Run: [CHotkey] => C:\Windows\zHotkey.exe [543232 2004-05-17] ()
HKLM\...\Run: [ShowWnd] => C:\Windows\ShowWnd.exe [36864 2003-09-19] ()
HKLM\...\Run: [SunKistEM] => C:\Program Files\Digital Media Reader\shwiconem.exe [135168 2004-03-11] (Alcor Micro, Corp.)
HKLM\...\Run: [Microsoft Works Update Detection] => C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [50688 2003-06-07] (Microsoft® Corporation)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [72192 2008-01-16] (ArcSoft)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2680344 2014-09-03] ()
HKLM\...\runonceex: [] => [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\Default User\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\Owner\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\Owner\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [1041736 2012-10-16] ()
HKU\Owner\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -update plugin
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: "autocheck autochk * "C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [104960 2008-01-16] (ArcSoft)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S4 getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33176 2009-03-03] (NOS Microsystems Ltd.)
S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2010-12-04] (Sun Microsystems, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195400 2012-09-25] (NETGEAR)
S2 vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-09-03] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 .afd; \* [167416 2013-05-28] ()
S3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S1 archlp; C:\Windows\System32\Drivers\archlp.sys [10624 2008-01-25] ()
S2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2003-01-03] (Windows (R) 2000 DDK provider)
S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriverl; C:\Windows\System32\DRIVERS\avgidsdriverlx.sys [191256 2014-07-21] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-09-03] (AVG Technologies)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
S3 ltmodem5; C:\Windows\System32\DRIVERS\ltmdmnt.sys [606684 2008-04-14] (LT)
S3 ms_mpu401; C:\Windows\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35088 2013-02-16] (CACE Technologies, Inc.)
S3 nvax; C:\Windows\System32\drivers\nvax.sys [36864 2003-09-02] (NVIDIA Corporation)
S3 NVENET; C:\Windows\System32\DRIVERS\NVENET.sys [72771 2003-08-15] (NVIDIA Corporation)
S3 nvnforce; C:\Windows\System32\drivers\nvapu.sys [312704 2003-09-02] (NVIDIA Corporation)
S0 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [18688 2003-03-19] (NVIDIA Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-14] (Realtek Semiconductor Corporation)
S3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [40564 2004-03-22] (Alcor Micro Corp.)
S3 SunkFilt39; C:\WINDOWS\System32\Drivers\sunkfilt39.sys [42936 2004-03-22] (Alcor Micro Corp.)
S0 Achernar; System32\Drivers\Achernar.sys [X]
S3 AFGMp50; System32\Drivers\AFGMp50.sys [X]
S3 AFGSp50; System32\Drivers\AFGSp50.sys [X]
S4 IntelIde; No ImagePath
S5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 Sunkfiltp; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys [X]
S3 udfpt; system32\drivers\udfpt.sys [X]
S3 usbbus; System32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; System32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; System32\DRIVERS\lgusbmodem.sys [X]
S3 wanatw; System32\DRIVERS\wanatw4.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-22 22:05 - 2014-09-29 17:04 - 00000000 ____D () C:\FRST
2014-09-12 17:59 - 2014-09-12 18:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-29 17:04 - 2014-09-22 22:05 - 00000000 ____D () C:\FRST
2014-09-12 21:18 - 2009-03-03 20:36 - 02054640 _____ () C:\Windows\WindowsUpdate.log
2014-09-12 21:18 - 2003-01-03 09:00 - 00032582 _____ () C:\Windows\SchedLgU.Txt
2014-09-12 21:17 - 2003-01-03 00:52 - 00000268 _____ () C:\Windows\wiadebug.log
2014-09-12 21:16 - 2014-07-07 01:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-09-12 21:11 - 2004-08-10 23:42 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2014-09-12 19:46 - 2014-07-07 00:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-09-12 19:46 - 2013-02-10 19:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-12 18:01 - 2014-09-12 17:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-12 09:08 - 2013-09-26 09:03 - 00000000 ____D () C:\Windows\System32\MRT
2014-09-12 09:01 - 2009-08-13 20:16 - 98758480 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-09-11 20:52 - 2013-11-09 18:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-09-11 20:52 - 2013-03-16 09:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-09-11 19:52 - 2003-01-03 10:06 - 00003731 _____ () C:\Windows\System32\nvapps.xml
2014-09-11 19:50 - 2003-01-03 00:52 - 00000049 _____ () C:\Windows\wiaservc.log
2014-09-11 01:45 - 2013-08-14 08:04 - 00104830 _____ () C:\Windows\setupapi.log
2014-09-11 01:40 - 2003-01-03 07:42 - 00001158 _____ () C:\Windows\System32\wpa.dbl
2014-09-03 14:51 - 2014-07-09 00:00 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2014-09-03 14:50 - 2014-07-09 00:01 - 00042784 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys
2014-09-02 10:46 - 2014-07-07 01:34 - 00000702 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Owner\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Owner\Local Settings\Temp\drm_dyndata_7350007.dll
C:\Documents and Settings\Owner\Local Settings\Temp\EAInstall.dll
C:\Documents and Settings\Owner\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Owner\Local Settings\Temp\The Sims Castaway Stories_uninst.exe
C:\Documents and Settings\Owner\Local Settings\Temp\uninst.dll
C:\Documents and Settings\Owner\Local Settings\Temp\VP6Install.exe
C:\Documents and Settings\Owner\Local Settings\Temp\VP6VFW.dll
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points (XP) =====================
RP: -> 2014-09-12 09:00 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1426
RP: -> 2014-09-12 02:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1425
RP: -> 2014-09-11 02:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1424
RP: -> 2014-09-09 04:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1423
RP: -> 2014-09-08 04:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1422
RP: -> 2014-09-07 03:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1421
RP: -> 2014-09-06 02:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1420
RP: -> 2014-09-05 02:10 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1419
RP: -> 2014-09-04 01:59 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1418
RP: -> 2014-09-03 01:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1417
RP: -> 2014-08-31 15:45 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1416
RP: -> 2014-08-28 09:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1415
RP: -> 2014-08-26 23:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1414
RP: -> 2014-08-25 21:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1413
RP: -> 2014-08-24 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1412
RP: -> 2014-08-23 00:34 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1411
RP: -> 2014-08-21 22:13 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1410
RP: -> 2014-08-20 21:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1409
RP: -> 2014-08-19 20:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1408
RP: -> 2014-08-18 19:14 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1407
RP: -> 2014-08-17 18:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1406
RP: -> 2014-08-16 18:32 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1405
RP: -> 2014-08-15 18:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1404
RP: -> 2014-08-14 08:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1403
RP: -> 2014-08-14 01:26 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1402
RP: -> 2014-08-12 09:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1401
RP: -> 2014-08-11 09:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1400
RP: -> 2014-08-10 08:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1399
RP: -> 2014-08-09 07:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1398
RP: -> 2014-08-08 01:02 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1397
RP: -> 2014-08-07 00:03 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1396
RP: -> 2014-08-05 22:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1395
RP: -> 2014-08-04 22:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1394
RP: -> 2014-08-03 22:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1393
RP: -> 2014-08-03 17:43 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1392
RP: -> 2014-08-02 17:42 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1391
RP: -> 2014-08-01 16:58 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1390
RP: -> 2014-08-01 16:46 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1389
RP: -> 2014-08-01 05:47 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1388
RP: -> 2014-07-31 04:54 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1387
RP: -> 2014-07-30 04:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1386
RP: -> 2014-07-29 03:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1385
RP: -> 2014-07-28 03:37 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1384
RP: -> 2014-07-27 02:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1383
RP: -> 2014-07-26 01:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1382
RP: -> 2014-07-25 00:49 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1381
RP: -> 2014-07-24 00:38 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1380
RP: -> 2014-07-22 23:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1379
RP: -> 2014-07-21 23:39 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1378
RP: -> 2014-07-20 22:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1377
RP: -> 2014-07-19 21:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1376
RP: -> 2014-07-18 20:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1375
RP: -> 2014-07-17 19:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1374
RP: -> 2014-07-16 18:52 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1373
RP: -> 2014-07-15 18:09 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1372
RP: -> 2014-07-13 04:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1371
RP: -> 2014-07-12 03:48 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1370
RP: -> 2014-07-11 02:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1369
RP: -> 2014-07-10 01:50 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1368
RP: -> 2014-07-09 00:57 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1367
RP: -> 2014-07-08 02:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1366
RP: -> 2014-07-07 01:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1365
RP: -> 2014-07-07 01:30 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1364
RP: -> 2014-07-06 22:12 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1363
RP: -> 2014-07-04 05:56 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1362
RP: -> 2014-07-03 08:25 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1361
RP: -> 2014-07-02 08:24 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1360
RP: -> 2014-07-01 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1359
RP: -> 2014-06-30 05:05 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1358
RP: -> 2014-06-29 04:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1357
RP: -> 2014-06-28 03:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1356
RP: -> 2014-06-27 02:51 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1355
RP: -> 2014-06-27 00:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1354
RP: -> 2014-06-26 00:22 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1353
RP: -> 2014-06-23 09:27 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1352
RP: -> 2014-06-22 08:53 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1351
RP: -> 2014-06-20 08:04 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1350
RP: -> 2014-06-17 03:06 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1349
RP: -> 2014-06-16 17:31 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1348
RP: -> 2014-06-15 17:19 - 024576 _restore{AB52BD40-7182-4E6D-A2D3-98415849E1A9}\RP1347
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 447.48 MB
Available physical RAM: 171.14 MB
Total Pagefile: 363.32 MB
Available Pagefile: 269.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 2000.05 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
Drive c: () (Fixed) (Total:149.05 GB) (Free:91.3 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive i: (KINGSTON) (Removable) (Total:1.87 GB) (Free:0.11 GB) FAT
Drive x: (ReatogoPE) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: BD01E960)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 1.9 GB) (Disk ID: 2D55086E)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06)
==================== End Of Log ============================
- Mar 8, 2013
- 22,627
Opens up to the black screen that says: We apologize for the inconvenience.........
Select; Safe Mode
Safe Mode w/networking
etc
I have tried all modes but after it tries to boot it comes back to this same screen.
Select; Safe Mode
Safe Mode w/networking
etc
I have tried all modes but after it tries to boot it comes back to this same screen.
- Mar 8, 2013
- 22,627
We will try one more fix:
Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt
>> Boot into Recovery Environment
Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
>> Exit out of Recovery Environment and post me the log please.
Try to boot Windows normally...
Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt
>> Boot into Recovery Environment
Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
- Press the Fix button once and wait.
- FRST will process fixlist.txt
- When finished, it will produce a log fixlog.txt on your USB flashdrive.
>> Exit out of Recovery Environment and post me the log please.
Try to boot Windows normally...
Similar threads
- Locked
