Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Can't boot into normal mode - keeps giving me blue screen!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby wealthluck » October 13th, 2009, 2:11 am

Bootlog :-
=========================================

Service Pack 310 13 2009 11:42:15.375
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\system32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver pciide.sys
Loaded driver \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Loaded driver aliide.sys
Loaded driver cmdide.sys
Loaded driver toside.sys
Loaded driver viaide.sys
Loaded driver intelide.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver cpqarray.sys
Loaded driver \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
Loaded driver atapi.sys
Loaded driver aha154x.sys
Loaded driver sparrow.sys
Loaded driver symc810.sys
Loaded driver aic78xx.sys
Loaded driver dac960nt.sys
Loaded driver ql10wnt.sys
Loaded driver amsint.sys
Loaded driver asc.sys
Loaded driver asc3550.sys
Loaded driver mraid35x.sys
Loaded driver i2omp.sys
Loaded driver ini910u.sys
Loaded driver ql1240.sys
Loaded driver aic78u2.sys
Loaded driver symc8xx.sys
Loaded driver sym_hi.sys
Loaded driver sym_u3.sys
Loaded driver ABP480N5.SYS
Loaded driver asc3350p.sys
Loaded driver cd20xrnt.sys
Loaded driver ultra.sys
Loaded driver adpu160m.sys
Loaded driver dpti2o.sys
Loaded driver ql1080.sys
Loaded driver ql1280.sys
Loaded driver ql12160.sys
Loaded driver perc2.sys
Loaded driver perc2hib.sys
Loaded driver hpn.sys
Loaded driver cbidf2k.sys
Loaded driver dac2w2k.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver PxHelp20.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver sisagp.sys
Loaded driver viaagp.sys
Loaded driver Mup.sys
Loaded driver alim1541.sys
Loaded driver amdagp.sys
Loaded driver agp440.sys
Loaded driver agpCPQ.sys
Did not load driver ACPI Multiprocessor PC
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Loaded driver \SystemRoot\system32\DRIVERS\HDAudBus.sys
Loaded driver \SystemRoot\system32\DRIVERS\l251x86.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbuhci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Did not load driver ASUSTeK Silicon BDA Video Capture
Loaded driver \SystemRoot\system32\DRIVERS\fdc.sys
Did not load driver ECP 印表機連接埠
Loaded driver \SystemRoot\system32\DRIVERS\ASACPI.sys
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Did not load driver 通訊連接埠
Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\system32\DRIVERS\fsvga.sys
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\system32\DRIVERS\psched.sys
Loaded driver \SystemRoot\system32\DRIVERS\ptilink.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspti.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\update.sys
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Loaded driver \SystemRoot\system32\DRIVERS\flpydisk.sys
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver ECP 印表機連接埠
Loaded driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Did not load driver 視訊轉碼器
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Did not load driver PPEN.SYS
Did not load driver i8042prt.SYS
Did not load driver kbdhid.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Did not load driver mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\system32\DRIVERS\tcpip.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\System32\Drivers\aswTdi.SYS
Loaded driver \SystemRoot\system32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Did not load driver Serial.SYS
Did not load driver Processor.SYS
Did not load driver intelppm.SYS
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Did not load driver WS2IFSL.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Did not load driver PCLEPCI.SYS
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Did not load driver Fips.SYS
Did not load driver aswSP.SYS
Did not load driver Aavmker4.SYS
Did not load driver Wanarp.SYS
Loaded driver \SystemRoot\system32\DRIVERS\USBSTOR.SYS
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Loaded driver \SystemRoot\system32\DRIVERS\usbccgp.sys
Loaded driver \SystemRoot\system32\DRIVERS\hidusb.sys
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Loaded driver \SystemRoot\system32\DRIVERS\mouhid.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdhid.sys
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Loaded driver \SystemRoot\System32\Drivers\Fastfat.SYS
Did not load driver Intel Processor
Did not load driver Intel Processor
Did not load driver Radeon X1300/X1550 Series
Did not load driver Radeon X1300/X1550 Series Secondary
Did not load driver Realtek High Definition Audio
Did not load driver ASUSTeK Silicon BDA Video Capture
Did not load driver ECP 印表機連接埠
Did not load driver 通訊連接埠
Did not load driver 音訊轉碼器
Did not load driver Legacy 音訊驅動程式
Did not load driver 媒體控制裝置
Did not load driver Legacy 視訊擷取裝置
Did not load driver 視訊轉碼器
Loaded driver \SystemRoot\system32\DRIVERS\ndisuio.sys
Did not load driver \SystemRoot\system32\DRIVERS\rdbss.sys
Did not load driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Did not load driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\system32\DRIVERS\srv.sys
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am
Advertisement
Register to Remove

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby wealthluck » October 13th, 2009, 2:12 am

OTL logfile created on: 13/10/2009 13:23:38 - Run 3
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\USE\桌面
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000C04 | Country: 香港特別行政區 | Language: ZHH | Date Format: d/M/yyyy

1023.17 Mb Total Physical Memory | 413.20 Mb Available Physical Memory | 40.38% Memory free
2.40 Gb Paging File | 1.93 Gb Available in Paging File | 80.31% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 172.56 Gb Total Space | 54.53 Gb Free Space | 31.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 465.65 Gb Total Space | 3.28 Gb Free Space | 0.70% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SNNECCAP
Current User Name: USE
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2005/05/10 12:31:22 | 00,241,664 | ---- | M] (Stardock) -- C:\Program Files\Common Files\Stardock\SDMCP.exe
PRC - [2008/04/15 18:54:48 | 00,978,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/02/18 03:13:10 | 00,021,504 | ---- | M] () -- C:\Tools\StrokeIt\strokeit.exe
PRC - [2006/12/16 11:45:48 | 02,125,824 | ---- | M] (NuonSoft) -- C:\Tools\ShellEnhancer\ShellEnhancer.exe
PRC - [2007/05/10 04:33:52 | 00,106,904 | ---- | M] (Alexander Avdonin) -- C:\Tools\TaskSwitchXP2011\TaskSwitchXP.exe
PRC - [2009/03/17 10:39:50 | 01,541,120 | ---- | M] () -- C:\Program Files\Free Internet Window Washer\Clearpch.exe
PRC - [2009/10/07 10:47:31 | 03,968,112 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2free.exe
PRC - [2008/09/21 12:24:48 | 00,036,864 | ---- | M] (Bullzip) -- C:\Program Files\ExpressMenuBullzip\exmenu.exe
PRC - [2008/01/16 19:45:46 | 00,684,032 | ---- | M] () -- C:\Tools\Ditto\Ditto.exe
PRC - [2008/06/05 04:41:18 | 03,825,152 | ---- | M] () -- C:\Tools\WinSplit Revolution\WinSplit.exe
PRC - [2009/04/16 01:27:04 | 00,244,736 | ---- | M] () -- C:\Program Files\AutoHotkey\AutoHotkey.exe
PRC - [2009/03/27 09:24:10 | 00,252,288 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Tools\ZoomIt.exe
PRC - [2005/11/29 08:09:18 | 01,185,280 | ---- | M] (Kana Solution) -- C:\Tools\Reminder.exe
PRC - [2009/04/19 19:30:52 | 00,877,568 | ---- | M] () -- C:\Program Files\MmmHACE\Mmm.exe
PRC - [2009/09/05 16:06:38 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\javaw.exe
PRC - [2009/02/11 08:35:14 | 00,801,904 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
PRC - [2008/11/09 15:35:40 | 00,988,160 | ---- | M] (Lux Aeterna Software) -- C:\Program Files\Speaking Clock\spclock.exe
PRC - [2009/09/15 18:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/01/26 15:31:12 | 05,365,592 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
PRC - [2008/12/31 01:53:14 | 00,249,856 | ---- | M] (FS2YOU) -- C:\Program Files\GridService\peeradapter.exe
PRC - [2008/12/31 01:45:08 | 04,993,024 | ---- | M] (FS2YOU) -- C:\Program Files\GridService\peer.exe
PRC - [2007/04/16 12:50:50 | 00,245,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.exe
PRC - [2009/09/25 21:06:14 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\USE\桌面\OTL.exe
PRC - [2008/04/04 20:56:12 | 00,436,736 | ---- | M] (www.CrazyBrowser.com) -- C:\Tools\Crazy Browser\Crazy Browser.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/09/26 01:28:32 | 01,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe -- (a2free [Auto | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009/09/15 18:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Stopped])
SRV - [2009/02/26 05:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Stopped])
SRV - [2009/02/25 15:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2009/09/15 18:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Stopped])
SRV - [2009/09/15 18:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Stopped])
SRV - [2009/09/15 18:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/04/15 18:54:36 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/09/05 16:06:40 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/03/02 17:56:10 | 00,262,247 | ---- | M] () -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo [Auto | Stopped])
SRV - [2007/11/07 04:22:26 | 00,092,792 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd [On_Demand | Stopped])
SRV - [2007/11/30 19:18:51 | 00,026,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe -- (spupdsvc [Auto | Stopped])

========== Driver Services (SafeList) ==========

DRV - [2006/04/16 13:53:00 | 02,825,088 | ---- | M] (ASUSTek) -- C:\WINDOWS\System32\DRIVERS\3xHybrid.sys -- (3xHybrid [On_Demand | Stopped])
DRV - [2009/09/15 18:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Stopped])
DRV - [2001/08/17 13:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
DRV - [2008/04/14 02:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Boot | Running])
DRV - [2006/11/29 14:46:24 | 00,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\Drivers\APLMp50.sys -- (APLMp50 [On_Demand | Stopped])
DRV - [2001/08/17 13:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Boot | Running])
DRV - [2001/08/17 13:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Boot | Running])
DRV - [2009/09/15 18:55:19 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Stopped])
DRV - [2009/09/15 18:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Stopped])
DRV - [2009/09/15 18:54:21 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Stopped])
DRV - [2009/09/15 18:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Stopped])
DRV - [2009/09/15 18:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2007/10/17 20:12:00 | 00,030,720 | ---- | M] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\DRIVERS\l251x86.sys -- (AtcL002 [On_Demand | Running])
DRV - [2009/02/26 06:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Stopped])
DRV - [2004/10/08 16:58:00 | 00,751,104 | ---- | M] (Asus) -- C:\WINDOWS\System32\DRIVERS\Cap713x.sys -- (Cap713x [On_Demand | Stopped])
DRV - [2001/08/31 19:16:32 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Boot | Running])
DRV - [2001/08/17 13:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Boot | Running])
DRV - [2004/08/12 20:00:00 | 00,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\fsvga.sys -- (FsVga [System | Running])
DRV - [2008/04/14 00:36:05 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2007/04/16 14:16:26 | 05,760,096 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\DRIVERS\igxpmp32.sys -- (ialm [On_Demand | Stopped])
DRV - [2007/06/14 16:41:00 | 04,429,312 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Stopped])
DRV - [2003/12/17 09:50:00 | 00,051,729 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\L8042pr2.Sys -- (L8042pr2 [On_Demand | Stopped])
DRV - [2003/12/17 09:50:00 | 00,025,505 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LHidFlt2.Sys -- (LHidFlt2 [On_Demand | Stopped])
DRV - [2003/12/17 09:50:00 | 00,070,801 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\DRIVERS\LMouFlt2.Sys -- (LMouFlt2 [On_Demand | Stopped])
DRV - [2008/04/14 02:46:22 | 00,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\MPE.sys -- (MPE [On_Demand | Stopped])
DRV - [2001/08/17 13:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Boot | Running])
DRV - [2004/08/13 10:56:20 | 00,005,810 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])
DRV - [2008/04/14 02:53:09 | 00,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\NMnt.sys -- (nm [On_Demand | Stopped])
DRV - [2007/11/07 04:22:06 | 00,034,064 | ---- | M] (CACE Technologies) -- C:\WINDOWS\System32\drivers\npf.sys -- (NPF [On_Demand | Stopped])
DRV - [2002/03/19 10:29:16 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\WINDOWS\System32\drivers\pclepci.sys -- (PCLEPCI [System | Stopped])
DRV - [1998/12/24 07:10:00 | 00,013,440 | ---- | M] (PenPower Tech LTD.) -- C:\WINDOWS\System32\DRIVERS\ppen.sys -- (PPEN [System | Stopped])
DRV - [2004/08/12 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2005/04/25 02:03:00 | 00,020,640 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2001/08/17 13:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Boot | Running])
DRV - [2001/08/17 13:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Boot | Running])
DRV - [2001/08/17 13:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Boot | Running])
DRV - [2006/01/18 18:41:58 | 00,080,512 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp [On_Demand | Stopped])
DRV - [2008/04/14 00:39:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008/04/14 02:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Boot | Running])
DRV - [2001/08/17 14:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Boot | Running])
DRV - [2001/08/17 14:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Boot | Running])
DRV - [2001/08/17 14:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Boot | Running])
DRV - [2001/08/17 14:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Boot | Running])
DRV - [2001/08/17 14:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Boot | Running])
DRV - [2001/08/17 13:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Boot | Running])
DRV - [2005/10/21 09:47:05 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])
DRV - [2006/11/06 18:04:56 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\wceusbsh.sys -- (wceusbsh [On_Demand | Stopped])
DRV - [2009/10/10 11:32:18 | 00,035,363 | ---- | M] () -- C:\WINDOWS\System32\windrvNT.sys -- (windrvNT [Auto | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://10minutemail.com/10MinuteMail/index.html
IE - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

IE - HKU\S-1-5-21-1192798999-1536786436-3313207897-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1192798999-1536786436-3313207897-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-1192798999-1536786436-3313207897-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 10:30:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/09/05 16:06:46 | 00,000,000 | ---D | M]


O1 HOSTS File: (343689 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11784 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Tools(E)\HoTsoy1.1\tools\bitcometbho.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\USE\Application Data\FlashGetBHO\FlashGetBHO3.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O3 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\..\Toolbar\WebBrowser: (no name) - {CB789373-04D5-4EF4-9C16-871463FD0830} - No CLSID value found.
O4 - HKLM..\Run: [AutoShutdown] C:\WINDOWS\zenotib\zenotib.exe (Barefoot Productions, Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [BtnMovie] File not found
O4 - HKLM..\Run: [CHotkey] C:\APPS\Chicony\chicony.bat ()
O4 - HKLM..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe (BonSoft)
O4 - HKLM..\Run: [Grid Service] C:\Program Files\GridService\peer.exe (FS2YOU)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\Logi_MwX.Exe (Logitech Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems)
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [$Volumouse$] C:\Tools\VolumeMouse\volumouse.exe (NirSoft)
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [ccleaner] C:\Tools\ccCleaner223\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [FontLoader] C:\Program Files\ShellToolsMoonSoftware\FontLoaderSysTray.exe (Moon Software)
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [Free Internet Window Washer] C:\Program Files\Free Internet Window Washer\Clearpch.exe ()
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [Kana Reminder] C:\Tools\Reminder.exe (Kana Solution)
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [Mmm] C:\Program Files\MmmHACE\Mmm.exe ()
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [Sensiva] C:\Tools\Symbol Commander Pro\Sensiva.exe File not found
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [UberIcon] C:\Program Files\UberIcon\UberIcon Manager.exe ()
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [Wallpaper Manager] C:\Program Files\WallpaperChangerAdolix\AWC.exe ()
O4 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006..\Run: [Winsplit] C:\Tools\WinSplit Revolution\WinSplit.exe ()
O4 - Startup: C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\#VotingPersonOfTheYear.url ()
O4 - Startup: C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\37.com.url ()
O4 - Startup: C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\捷徑 - EmailAddresses(Numbered).lnk = E:\NgohDeiGeh\Misc\EmailAddresses(Numbered).txt ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\PE_C_ALL USERS\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1192798999-1536786436-3313207897-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1192798999-1536786436-3313207897-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &D&ownload &with BitComet - E:\Tools(E)\HoTsoy1.1\HoTsoy1.1.exe File not found
O8 - Extra context menu item: &D&ownload all video with BitComet - E:\Tools(E)\HoTsoy1.1\HoTsoy1.1.exe File not found
O8 - Extra context menu item: &D&ownload all with BitComet - E:\Tools(E)\HoTsoy1.1\HoTsoy1.1.exe File not found
O8 - Extra context menu item: &Dictionary - File not found
O8 - Extra context menu item: &Encyclopedia - File not found
O8 - Extra context menu item: &Search - File not found
O8 - Extra context menu item: &U使用米人下?并收藏 - Reg Error: Value error. File not found
O8 - Extra context menu item: &U使用米人下载并收藏 - C:\Program Files\NamiRobot\Data\du.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE File not found
O8 - Extra context menu item: Use ViDown to download - C:\Program Files\ViDown\vd_link.htm File not found
O8 - Extra context menu item: 妏蚚辦陬3狟婥 - C:\Documents and Settings\USE\Application Data\FlashGetBHO\GetUrl.htm File not found
O8 - Extra context menu item: 妏蚚辦陬3狟婥窒蟈諉 - C:\Documents and Settings\USE\Application Data\FlashGetBHO\GetAllUrl.htm File not found
O8 - Extra context menu item: 使用 Mega 管理器下??接... - Reg Error: Value error. File not found
O8 - Extra context menu item: 使用 Mega 管理器下载链接... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm File not found
O8 - Extra context menu item: 使用快?3下? - Reg Error: Value error. File not found
O8 - Extra context menu item: 使用快?3下?全部?接 - Reg Error: Value error. File not found
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\USE\Application Data\FlashGetBHO\GetUrl.htm File not found
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\USE\Application Data\FlashGetBHO\GetAllUrl.htm File not found
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - E:\Tools(E)\HoTsoy1.1\tools\bitcometbho.dll File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1192798999-1536786436-3313207897-500\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} Reg Error: Value error. (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Reg Error: Value error. (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.4.2_05)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 61.10.1.146 203.83.112.1 203.83.113.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\MCPClient: DllName - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll - C:\Program Files\Common Files\Stardock\MCPStub.dll (Stardock)
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files\Common Files\Stardock\MCPCore.dll (Stardock)
O24 - Desktop Components:0 (目前的首頁) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (aswBoot.exe) - C:\WINDOWS\System32\aswBoot.exe (ALWIL Software)
O34 - HKLM BootExecute: (/A:"*") - File not found
O34 - HKLM BootExecute: (/L:"English") - File not found
O34 - HKLM BootExecute: (/KBD:3) - File not found

========== Files/Folders - Created Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/10/13 12:22:54 | 00,514,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\USE\桌面\OTL.exe
[2009/10/13 11:36:13 | 00,000,508 | ---- | C] () -- C:\Documents and Settings\USE\桌面\Restart.exe.lnk
[2009/10/13 09:59:11 | 00,000,258 | ---- | C] () -- C:\Tools(E).lnk
[2009/10/11 14:13:15 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/10/11 05:18:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\USE\Application Data\AccurateRip
[2009/10/10 21:40:41 | 00,000,000 | ---D | C] -- C:\Program Files\FlashMov
[2009/10/09 18:04:03 | 00,000,000 | ---D | C] -- C:\Program Files\Megaupload,Etc-ManagerTucan3.8
[2009/10/06 11:44:17 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/10/06 11:44:17 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\桌面\avast! Antivirus.lnk
[2009/10/06 11:44:16 | 00,052,368 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/10/06 11:44:15 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/10/06 11:44:12 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/10/06 11:44:11 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/10/06 11:44:11 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/10/06 11:44:11 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/10/06 11:44:11 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/10/06 11:43:40 | 01,279,968 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/10/06 11:43:36 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/10/06 10:56:23 | 00,061,440 | ---- | C] ( ) -- C:\Documents and Settings\USE\桌面\VEW.exe
[2009/10/05 17:41:18 | 00,000,373 | ---- | C] () -- C:\Documents and Settings\USE\My Documents\~~~Pictures.lnk
[2009/10/05 17:33:45 | 00,000,373 | ---- | C] () -- C:\~~~Pictures.lnk
[2009/10/03 11:14:27 | 00,000,496 | ---- | C] () -- C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\捷徑 - EmailAddresses(Numbered).lnk
[2009/10/03 03:08:22 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/10/03 03:02:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/10/03 02:54:07 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/10/03 02:52:34 | 00,000,000 | ---D | C] -- C:\wealthluckCF
[2009/09/30 16:27:05 | 00,000,000 | ---D | C] -- C:\output
[2009/09/30 14:13:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\USE\Application Data\YCanPDF
[2009/09/30 14:13:41 | 00,000,000 | ---D | C] -- C:\tmp
[2009/09/30 11:28:54 | 00,000,000 | ---D | C] -- C:\Program Files\Real Alternative
[2009/09/29 18:06:54 | 00,000,000 | ---D | C] -- C:\Program Files\fuzzydir2txt
[2009/09/28 13:25:32 | 00,000,618 | ---- | C] () -- C:\Documents and Settings\USE\桌面\strokeit.lnk
[2009/09/28 03:59:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\USE\Application Data\dvdcss
[2009/09/26 22:56:34 | 00,000,423 | ---- | C] () -- C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\37.com.url
[2009/09/26 22:55:47 | 00,000,171 | ---- | C] () -- C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\#VotingPersonOfTheYear.url
[2009/09/25 22:10:01 | 00,288,768 | ---- | C] () -- C:\Documents and Settings\USE\桌面\nxikksup.exe
[2009/09/25 21:06:50 | 00,288,768 | ---- | C] () -- C:\Documents and Settings\USE\桌面\31mxp7db.exe
[2009/09/24 12:56:10 | 00,000,186 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\IMATION (E).lnk
[2009/09/22 18:12:36 | 00,000,467 | ---- | C] () -- C:\Documents and Settings\USE\My Documents\~~~~GasReading.lnk
[2009/09/22 04:08:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Mpeg
[2009/09/22 02:11:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\USE\My Documents\OJOsoft Corporation
[2009/09/22 02:10:53 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Common Share
[2009/09/21 19:05:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood.Tmp
[2009/09/21 19:05:36 | 00,033,846 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp
[2009/09/21 19:05:36 | 00,003,400 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2009/09/21 16:10:20 | 00,033,846 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp FLAC Codec.bmp
[2009/09/21 16:10:20 | 00,002,989 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp FLAC Codec.dat
[2009/09/21 16:09:53 | 00,027,958 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dMC Power Pack.bmp
[2009/09/21 16:09:53 | 00,010,840 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dMC Power Pack.dat
[2009/09/20 18:47:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\USE\Application Data\RealHideIP
[2009/09/20 18:47:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RealHideIP
[2009/09/20 03:41:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\USE\Application Data\Zcom4158515
[2009/09/18 18:42:43 | 00,162,816 | ---- | C] (Firelight Technologies Pty, Ltd) -- C:\WINDOWS\System32\fmod.dll
[2009/09/17 22:03:11 | 00,003,482 | ---- | C] () -- C:\Documents and Settings\USE\My Documents\~~Wallpapers.awc
[2009/09/17 17:50:03 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/09/17 16:16:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\USE\Application Data\Kana Solution
[2009/09/16 19:58:32 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/09/16 19:58:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/09/16 13:19:43 | 03,324,455 | ---- | C] () -- C:\Documents and Settings\USE\My Documents\ComboFix.exe
[2009/09/16 12:51:20 | 00,229,888 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/09/16 12:51:20 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/09/16 12:51:20 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/09/16 12:51:20 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/09/16 12:51:20 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/09/16 12:51:20 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/09/16 12:51:20 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/09/16 12:51:20 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/09/16 12:51:15 | 00,000,000 | ---D | C] -- C:\ComboFix
[2009/09/16 12:50:52 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/09/15 16:03:59 | 00,006,344 | ---- | C] () -- C:\WINDOWS\System32\gafilter.sti
[2009/09/15 16:03:57 | 00,010,208 | ---- | C] () -- C:\WINDOWS\System32\gaeffect.sti
[2009/09/15 16:01:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\Ulead.dat
[2009/09/15 16:01:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\Noslip
[2009/09/15 16:01:28 | 00,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2009/09/15 15:59:43 | 00,000,317 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2009/09/15 15:59:38 | 01,056,768 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\ROBOEX32.DLL
[2009/09/15 15:59:37 | 00,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\INETWH32.dll
[2009/09/15 03:03:17 | 00,000,517 | ---- | C] () -- C:\Documents and Settings\USE\My Documents\~~YouKu.lnk
[2009/09/15 03:02:56 | 00,000,517 | ---- | C] () -- C:\~~YouKu.lnk
[2009/09/14 22:25:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\USE\Local Settings\Application Data\Apple Computer
[2009/09/13 18:54:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\USE\Application Data\gtk-2.0
[2009/09/13 03:32:47 | 00,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2009/09/12 09:02:10 | 00,000,023 | ---- | C] () -- C:\WINDOWS\DownloadStudio.INI
[2009/09/10 09:15:59 | 01,936,528 | ---- | C] () -- C:\WINDOWS\System32\ltmm15.dll
[2009/08/30 10:51:29 | 00,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2009/08/22 09:41:10 | 00,000,033 | ---- | C] () -- C:\WINDOWS\DownloadStudioScheduleMonitor.INI
[2009/08/02 09:21:03 | 00,000,136 | ---- | C] () -- C:\WINDOWS\pdf2html.INI
[2009/07/26 02:27:15 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/07/26 02:27:12 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/07/26 02:27:12 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/06/30 11:36:08 | 00,000,115 | ---- | C] () -- C:\WINDOWS\TrayServerData.ini
[2009/05/28 11:42:46 | 00,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009/05/06 10:51:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ViDown.INI
[2009/04/26 14:07:55 | 00,338,944 | ---- | C] () -- C:\WINDOWS\System32\ppword.dll
[2009/04/25 17:40:28 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ANNOTATE.INI
[2009/04/25 15:23:54 | 00,001,053 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2009/04/22 22:25:01 | 00,000,917 | ---- | C] () -- C:\WINDOWS\System32\CLWatson.ini
[2009/04/21 10:06:39 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\suppdll.dll
[2009/04/21 10:06:39 | 00,035,363 | ---- | C] () -- C:\WINDOWS\System32\windrvNT.sys
[2009/04/17 12:36:26 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/04/17 12:36:17 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/04/17 02:13:20 | 00,000,081 | ---- | C] () -- C:\WINDOWS\WB.ini
[2009/04/16 12:44:21 | 00,000,027 | ---- | C] () -- C:\WINDOWS\SDAddressBox16a5ed0525716.ini
[2009/03/24 11:39:28 | 00,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009/03/24 11:38:47 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2007/11/07 04:19:28 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2006/08/07 14:49:40 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/07 14:32:32 | 00,000,102 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/08/07 14:29:51 | 00,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2006/08/07 14:29:51 | 00,000,491 | ---- | C] () -- C:\WINDOWS\Instit.ini
[2006/08/07 14:29:03 | 00,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2006/08/07 14:17:18 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/08/07 14:15:21 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2005/08/03 10:49:52 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/05/13 08:20:52 | 00,001,982 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/18 08:55:38 | 00,000,797 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/01/18 08:31:07 | 00,000,808 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/01/18 08:31:02 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/03/18 07:44:29 | 01,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2004/01/07 00:48:20 | 00,000,073 | ---- | C] () -- C:\WINDOWS\System32\adultpdf_Decrypt_reg.ini
[2004/01/07 00:47:06 | 00,000,076 | ---- | C] () -- C:\WINDOWS\System32\adultreg.ini

========== Files - Modified Within 30 Days ==========

[4 C:\WINDOWS\System32\*.tmp files]
[2 C:\WINDOWS\*.tmp files]
[2009/10/13 12:40:59 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/13 11:42:51 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/13 10:39:15 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/10/13 10:31:44 | 00,119,808 | ---- | M] () -- C:\Documents and Settings\USE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/13 10:06:14 | 00,000,027 | ---- | M] () -- C:\WINDOWS\SDAddressBox16a5ed0525716.ini
[2009/10/13 09:59:11 | 00,000,258 | ---- | M] () -- C:\Tools(E).lnk
[2009/10/13 09:46:57 | 00,059,864 | ---- | M] () -- C:\Documents and Settings\USE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/11 08:51:14 | 03,397,456 | -H-- | M] () -- C:\Documents and Settings\USE\Local Settings\Application Data\IconCache.db
[2009/10/11 08:49:24 | 00,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/11 06:14:04 | 00,000,317 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI
[2009/10/10 11:32:18 | 00,035,363 | ---- | M] () -- C:\WINDOWS\System32\windrvNT.sys
[2009/10/10 11:00:49 | 00,343,689 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/06 11:44:17 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\桌面\avast! Antivirus.lnk
[2009/10/06 10:56:30 | 00,061,440 | ---- | M] ( ) -- C:\Documents and Settings\USE\桌面\VEW.exe
[2009/10/05 17:33:45 | 00,000,373 | ---- | M] () -- C:\Documents and Settings\USE\My Documents\~~~Pictures.lnk
[2009/10/05 17:33:45 | 00,000,373 | ---- | M] () -- C:\~~~Pictures.lnk
[2009/10/04 09:16:57 | 03,324,455 | ---- | M] () -- C:\Documents and Settings\USE\My Documents\ComboFix.exe
[2009/10/04 09:10:35 | 00,338,137 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091010-110049.backup
[2009/10/03 11:14:27 | 00,000,496 | ---- | M] () -- C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\捷徑 - EmailAddresses(Numbered).lnk
[2009/10/03 03:00:22 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/03 02:54:14 | 00,000,281 | RHS- | M] () -- C:\Boot.ini
[2009/10/01 15:39:11 | 00,338,137 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091004-091035.backup
[2009/09/30 13:26:01 | 00,000,136 | ---- | M] () -- C:\WINDOWS\pdf2html.INI
[2009/09/25 22:10:05 | 00,288,768 | ---- | M] () -- C:\Documents and Settings\USE\桌面\nxikksup.exe
[2009/09/25 21:06:55 | 00,288,768 | ---- | M] () -- C:\Documents and Settings\USE\桌面\31mxp7db.exe
[2009/09/25 21:06:14 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\USE\桌面\OTL.exe
[2009/09/24 19:54:32 | 00,335,225 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091001-153910.backup
[2009/09/24 12:56:10 | 00,000,186 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\IMATION (E).lnk
[2009/09/22 18:12:36 | 00,000,467 | ---- | M] () -- C:\Documents and Settings\USE\My Documents\~~~~GasReading.lnk
[2009/09/22 17:38:47 | 00,000,664 | ---- | M] () -- C:\Documents and Settings\USE\My Documents\~~~~GasReading.rtf.lnk
[2009/09/21 21:03:58 | 00,002,989 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp FLAC Codec.dat
[2009/09/21 21:03:20 | 00,033,846 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp FLAC Codec.bmp
[2009/09/21 21:00:22 | 00,515,760 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall.exe
[2009/09/21 19:05:36 | 00,003,400 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
[2009/09/21 19:05:27 | 00,033,846 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.bmp
[2009/09/21 16:10:50 | 00,010,840 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall-dMC Power Pack.dat
[2009/09/21 16:10:46 | 00,027,958 | ---- | M] () -- C:\WINDOWS\System32\SpoonUninstall-dMC Power Pack.bmp
[2009/09/18 18:52:18 | 00,162,816 | ---- | M] (Firelight Technologies Pty, Ltd) -- C:\WINDOWS\System32\fmod.dll
[2009/09/18 14:04:25 | 00,000,171 | ---- | M] () -- C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\#VotingPersonOfTheYear.url
[2009/09/17 22:05:15 | 01,440,054 | ---- | M] () -- C:\WINDOWS\WPCWallpaper.bmp
[2009/09/17 22:03:17 | 00,003,482 | ---- | M] () -- C:\Documents and Settings\USE\My Documents\~~Wallpapers.awc
[2009/09/16 20:06:42 | 00,331,165 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090924-195432.backup
[2009/09/16 11:17:46 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/09/15 18:59:36 | 01,279,968 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/09/15 18:56:21 | 00,093,424 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/09/15 18:56:14 | 00,094,160 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/09/15 18:55:30 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/09/15 18:55:19 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/09/15 18:54:30 | 00,052,368 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/09/15 18:54:21 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/09/15 18:53:24 | 00,027,408 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/09/15 18:53:01 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/09/15 16:03:59 | 00,006,344 | ---- | M] () -- C:\WINDOWS\System32\gafilter.sti
[2009/09/15 16:03:57 | 00,010,208 | ---- | M] () -- C:\WINDOWS\System32\gaeffect.sti
[2009/09/15 16:01:54 | 00,000,102 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2009/09/14 02:12:36 | 00,229,888 | ---- | M] () -- C:\WINDOWS\PEV.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:5C321E34
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:3BF63E4A
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:57EE48CA
< End of report >
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby wealthluck » October 13th, 2009, 2:13 am

OTL Extras logfile created on: 13/10/2009 13:23:38 - Run 3
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Documents and Settings\USE\桌面
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000C04 | Country: 香港特別行政區 | Language: ZHH | Date Format: d/M/yyyy

1023.17 Mb Total Physical Memory | 413.20 Mb Available Physical Memory | 40.38% Memory free
2.40 Gb Paging File | 1.93 Gb Available in Paging File | 80.31% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 172.56 Gb Total Space | 54.53 Gb Free Space | 31.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 465.65 Gb Total Space | 3.28 Gb Free Space | 0.70% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SNNECCAP
Current User Name: USE
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [Browse with XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Tools\itudou\iTudou.exe" = C:\Tools\itudou\iTudou.exe:*:Enabled:iTudou -- (土豆网)
"C:\Program Files\My Mobile\MyMobiler\MyMobiler.exe" = C:\Program Files\My Mobile\MyMobiler\MyMobiler.exe:*:Enabled:My Mobile - My Mobiler -- ()
"C:\Tools\NetTransport2.80.441\NetTransport.exe" = C:\Tools\NetTransport2.80.441\NetTransport.exe:*:Enabled:NetXfer Download Manager -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Tools\TeamViewerPortable_en\TeamViewer.exe" = C:\Tools\TeamViewerPortable_en\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- File not found
"C:\Program Files\GridService\peer.exe" = C:\Program Files\GridService\peer.exe:*:Enabled:muse peer -- (FS2YOU)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"$INSTDIR\FlvDetector.exe" = C:\Tools\FlashGet 3.0 Portable\FlvDetector.exe:*:Enabled:FGFlvDetector -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0A755762-EED8-47AB-A446-505766F93D43}" = Atheros Communications Inc.(R) L2 Fast Ethernet Driver
"{0C9B0475-F65F-45AB-8D88-2AE7C195E907}" = Microsoft .NET Framework 1.1 Chinese (Traditional) Lang. Pack
"{1473BF77-AD54-4241-8624-340726E9E77B}" = AXPDF Converter
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.1
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{350C97B6-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E41C2E-9111-44AA-B8C4-20D4D59DD990}" = RealWorld Change Cursor
"{4324BC93-C82F-ED16-BA86-5E34B9E05303}" = ccc-core-static
"{4ED118EE-785C-CC18-5D2E-D5CA4BAA03F0}" = Catalyst Control Center Graphics Full New
"{539475B7-44B7-8B0A-134C-F01B9C8B7569}" = ccc-core-preinstall
"{5AC7AE54-55DF-1126-076C-623F008D40B6}" = Catalyst Control Center Graphics Full Existing
"{5DC0DF76-3B2F-4C38-BE34-58627949BC1A}" = Mega Manager
"{6350DFD0-01B0-11DE-87AF-0800200C9A66}" = Livestation
"{6351D217-3EE3-1967-29BE-6A77635FE485}" = Skins
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{6AB9CD3A-F91F-233B-923B-6C59BA63524D}" = Catalyst Control Center HydraVision Full
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{80851370-07CF-477B-837D-F2E488916CFE}" = OpenOffice.org 2.4
"{85A91C22-C369-FCFB-5F1F-D59EB21AD0E1}" = CCC Help English
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9B49BFC8-D0C0-42E9-8460-40733DCE3648}_is1" = Tucan Manager 0.3.8
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A68C605C-D997-44E5-B29D-BC0E5E740BF7}" = DownloadStudio
"{A6D0140F-E62F-9D1E-2408-9CFF91FF6FC8}" = ccc-utility
"{AC76BA86-7AD7-1028-7B44-A70700000002}" = Adobe Reader 7.0.7 - Chinese Traditional
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C44A7422-E380-44BE-79FE-1C032D8A03A7}" = Catalyst Control Center Core Implementation
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D4C7AD43-8E0A-4E0B-8291-9710F4D42ADE}" = CyberLink Live Codec Pack
"{E5D24929-91A4-B0A1-DE00-AFC453921EF7}" = Catalyst Control Center Graphics Light
"{E6C09BFB-BA75-15C7-5B18-A2CE31C4F42B}" = Catalyst Control Center Graphics Previews Common
"{EDD68B48-E14C-4DB0-B30F-B7A15C44E71C}" = Shell Tools
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"03A5D259B3018EB0DA1A61DC077382FEDF551A43" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)
"0406547057933D9804DEC02F27CA9B7A5F4BBE1F" = Windows Driver Package - Intel System (02/06/2007 8.3.0.1011)
"05C95B74F98DE3CFF4D710EAAAA7E7AAF587AC69" = Windows Driver Package - Intel System (02/06/2007 8.3.0.1011)
"069028742E076ED93DD1BAA9E1ED7EFDF77D872A" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)
"077EEA4E5490F32ED5FA1C5F4E9EE425420E1919" = Windows Driver Package - Intel hdc (02/05/2007 8.3.0.1011)
"0E1D95024DADE1CF31A5889E7105B00FE74E28AE" = Windows Driver Package - Intel System (01/10/2005 7.0.0.1011)
"11DC20852D47052BEF583908C84D8B92DE34C370" = Windows Driver Package - Intel System (02/06/2007 8.3.0.1011)
"157D8D755B5773E5E4764F37125BCC14F16A7B77" = Windows Driver Package - Intel System (08/25/2003 5.1.0.1006)
"15ABB80B2DE947F4B30AF453D66552D76BE589C0" = Windows Driver Package - Intel System (01/10/2005 7.0.0.1011)
"19E5E67F3BBBAC2C396F95A754CEBBE0D84F497A" = Windows Driver Package - Intel System (01/10/2005 7.0.0.1011)
"1BA616419FE97AD2C3A3D0B86F55E2A51D366986" = Windows Driver Package - Intel System (02/06/2007 8.3.0.1011)
"29C374B5E1EFE5340CEB8AAF699DB210FAB225AE" = Windows Driver Package - Intel System (03/10/2005 7.0.0.1019)
"2B6D818F3939804B01D509A4234EFE979CAAADCA" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)
"3467A68D3474BCB811069FF862E97C99D961D7B2" = Windows Driver Package - Intel System (05/26/2004 6.1.0.1008)
"38C8E8384B1D0355BE6B7A0EE5ACD9EA7122E268" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)
"38DD94E8E6C72C839A50F7A7AC75F5CCF79F1E74" = Windows Driver Package - Intel System (02/06/2007 8.3.0.1011)
"41354D334FF04D96CEECC6C9318A774417289CD9" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)
"464CE3922A214073AAEE00DEB23EA5C750AF8CE8" = Windows Driver Package - Intel USB (02/05/2007 8.3.0.1011)
"52C3DD2886518E59EFCABD2613C5B65DBAFC4ED6" = Windows Driver Package - Intel System (03/09/2006 7.3.0.1013)
"52E82464361E3BEF41DF10AAAD67A99B96503421" = Windows Driver Package - Intel System (01/10/2005 7.0.0.1011)
"530B366ABB8F4E0087E6FB2DE3609611DF9D8D27" = Windows Driver Package - Intel USB (09/15/2006 8.0.0.1008)
"55A70DD10E74D09B728586875FA4E7292C3AD199" = Windows Driver Package - Intel System (05/23/2005 7.1.0.1011)
"560270EE7689071CE3EBE598A400A8BB54BC41A7" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)
"56A66DF95E25E69FDBC453F4C6D064E5BDACA196" = Windows Driver Package - Intel System (09/13/2005 7.2.2.1001)
"639ADB4E5574000C7EB7635F85892B4DFC6D521D" = Windows Driver Package - Intel System (02/22/2006 8.1.0.1002)
"6AF3DB1E47C2FB8060218ECD7C6BC24EC07AF9CC" = Windows Driver Package - Intel System (04/10/2006 8.0.0.1008)
"6B0871F586FDF05439973F79398D0C8F54883509" = Windows Driver Package - Intel System (02/05/2007 8.3.0.1011)
"6B2D8C73D098BEE5A98B76EC5129EBFAA562EDA6" = Windows Driver Package - Intel System (12/06/2006 8.2.0.1002)
"708C7D1FC4337825C3EE8F52E4916B928EDB0B67" = Windows Driver Package - Intel USB (09/13/2006 8.2.0.1008)
"73501D040246FD1119FF9BD02EAA9CA1541A9E01" = Windows Driver Package - Intel USB (09/13/2006 8.2.0.1008)
"7BE0C2739D20748EA44AC0D0EFEEBC437581417D" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)
"9AC3F4DC0EBF5E96B39B89EE1838775695511567" = Windows Driver Package - Intel System (01/13/2007 8.3.0.1008)
"AA4988082D53DDFFD0732FD315248A82A62EB15A" = Windows Driver Package - Intel USB (09/13/2006 8.2.0.1008)
"ADD9148E09287DC9FED76E28632EA8199F032820" = Windows Driver Package - Intel System (02/28/2007 8.3.0.1013)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adolix Wallpaper Changer_is1" = Adolix Wallpaper Changer 2.2
"All ATI Software" = ATI - Software Uninstall Utility
"a-squared Free_is1" = a-squared Free 4.0
"ATI Display Driver" = ATI Display Driver
"AutoHotkey" = AutoHotkey 1.0.48.01
"AutoShutdown" = AutoShutdown
"avast!" = avast! Antivirus
"B6352A8B6E6888E294E97F6B61C28CC6B50DBB78" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)
"BE3FEA48CED26ECE01CC8EE0326CA7F3BC5666AC" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)
"Bullzip Express Menu_is1" = Bullzip Express Menu 2.0.3186.20544
"C3540E3115555DFC712CBDACCF8EF42B1A9370B6" = Windows Driver Package - Intel System (10/11/2002 4.20.1007)
"ClickOff_is1" = ClickOff version 1.82
"ClocX" = ClocX (1.5b2)
"Cool Timer_is1" = Cool Timer 3.6
"CursorFX" = CursorFX
"DafiTech.Copy2Clip" = Copy2Clip 1.0.7
"DBEF16AF480DAF08022CD5CF2AFCC77A13BC5683" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)
"dBpoweramp FLAC Codec" = dBpoweramp FLAC Codec
"dBpowerAMP WMA V9.1 Codec" = dBpowerAMP WMA V9.1 Codec
"DF30C24B66078DFBDCEC781CB08AC73CC6B4CEBC" = Windows Driver Package - Intel hdc (02/05/2007 8.3.0.1011)
"dMC Power Pack" = dMC Power Pack
"E8CC5DBEDF908775835695BA4EC7CA57E4868EA5" = Windows Driver Package - Intel System (03/25/2004 5.1.0.1009)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON Printer Software
"F23440D1946B041AB1E8E98F3E97A4982890BF52" = Windows Driver Package - Intel System (02/06/2007 8.3.0.1011)
"F6FF53611EF96933CA50D420CA298B60A5456FD7" = Windows Driver Package - Intel USB (05/15/2006 7.4.0.1005)
"FileNote" = FileNote (Remove Only)
"FlashMov" = FlashMov
"Fomine NetSend" = Fomine NetSend (remove only)
"Free Internet Window Washer" = Free Internet Window Washer
"Fuzzydirectory 2 text" = Fuzzydirectory 2 text 0.9.5 Beta
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"iKu" = 蚥蹄 i蹄
"InfoTag Magic 1.0" = InfoTag Magic 1.0
"InstallShield_{D4C7AD43-8E0A-4E0B-8291-9710F4D42ADE}" = CyberLink Live Codec Pack
"iSiloX" = iSiloX
"iWisoft Flash SWF Downloader_is1" = iWisoft Flash SWF Downloader 1.8
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.0.0 (Full)
"Lakeridge Software WisBar Advance 3 for WM6_is1" = Lakeridge Software WisBar Advance 3 for WM6 v3.0.0.2
"MediaInfo" = MediaInfo 0.7.15
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Multilingual Speaking Clock_is1" = Multilingual Speaking Clock ver 2.6
"OpenAL" = OpenAL
"Piky Basket_is1" = Piky Basket 2.0
"QuicktimeAlt_is1" = QuickTime Alternative 2.9.2
"RaySource" = RaySource 2.1.10.8366
"RealAlt_is1" = Real Alternative 2.0.0
"Shapez 3.0 Freeware" = Shapez 3.0 Freeware
"Spb Pocket Plus" = Spb Pocket Plus
"SpywareBlaster_is1" = SpywareBlaster 4.2
"Squeaky Clean" = Squeaky Clean
"Stardock Central" = Stardock Central
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"UberIcon_is1" = UberIcon 1.0.4
"Video Cutter_is1" = Video Cutter 1.0
"VLC media player" = VLC media player 0.9.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"XnView Shell Extension_is1" = XnView Shell Extension 2.6.0
"XnView_is1" = XnView 1.96

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mmm" = Mmm

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 9/7/2009 8:05:20 | Computer Name = SNNECCAP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\ZenGemsSetup.exe failed, 0000001E.

Error - 9/7/2009 8:12:31 | Computer Name = SNNECCAP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\WeddingDash2Setup.exe failed, 0000001E.

Error - 9/7/2009 18:24:23 | Computer Name = SNNECCAP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\StandOFood2Setup.exe failed, 0000001E.

Error - 9/7/2009 19:01:41 | Computer Name = SNNECCAP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
D:\TheGreatChocolateChaseSetup.exe failed, 0000001E.

Error - 22/8/2009 19:07:29 | Computer Name = SNNECCAP | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function A0000111.

Error - 28/8/2009 2:53:25 | Computer Name = SNNECCAP | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.

Error - 28/8/2009 3:20:53 | Computer Name = SNNECCAP | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function 00000002.

Error - 28/8/2009 7:55:58 | Computer Name = SNNECCAP | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function A0000111.

Error - 28/8/2009 12:14:12 | Computer Name = SNNECCAP | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
function A0000111.

Error - 12/9/2009 23:39:41 | Computer Name = SNNECCAP | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\HijackThis.exe failed, 00000005.

[ Application Events ]
Error - 10/10/2009 4:01:52 | Computer Name = SNNECCAP | Source = Application Error | ID = 1000
Description = 失敗的應用程式 spybotsd.exe,版本 1.6.2.46,失敗的模組 spybotsd.exe,版本 1.6.2.46,錯誤位址
0x0002a936。

Error - 10/10/2009 15:41:27 | Computer Name = SNNECCAP | Source = Application Error | ID = 1000
Description = 失敗的應用程式 crazy browser.exe,版本 3.0.0.0,失敗的模組 crazy browser.exe,版本 3.0.0.0,錯誤位址
0x00030246。

Error - 10/10/2009 17:05:37 | Computer Name = SNNECCAP | Source = Application Error | ID = 1000
Description = 失敗的應用程式 ditto.exe,版本 3.15.4.0,失敗的模組 ntdll.dll,版本 5.1.2600.5755,錯誤位址
0x0000100b。

Error - 10/10/2009 17:29:22 | Computer Name = SNNECCAP | Source = Application Error | ID = 1000
Description = 失敗的應用程式 explorer.exe,版本 6.0.2900.5512,失敗的模組 unknown,版本 0.0.0.0,錯誤位址
0x01ca4c5e。

Error - 10/10/2009 17:44:55 | Computer Name = SNNECCAP | Source = Application Error | ID = 1000
Description = 失敗的應用程式 spclock.exe,版本 2.6.0.0,失敗的模組 spclock.exe,版本 2.6.0.0,錯誤位址 0x00024ab6。

Error - 10/10/2009 18:03:59 | Computer Name = SNNECCAP | Source = Application Error | ID = 1000
Description = 失敗的應用程式 rightclick.exe,版本 1.2.0.739,失敗的模組 rightclick.exe,版本 1.2.0.739,錯誤位址
0x00020aaa。

Error - 10/10/2009 18:05:17 | Computer Name = SNNECCAP | Source = Application Error | ID = 1000
Description = 失敗的應用程式 explorer.exe,版本 6.0.2900.5512,失敗的模組 unknown,版本 0.0.0.0,錯誤位址
0x012423a0。

Error - 11/10/2009 2:01:46 | Computer Name = SNNECCAP | Source = Application Error | ID = 1000
Description = 失敗的應用程式 strokeit.exe,版本 0.9.5.0,失敗的模組 ntdll.dll,版本 5.1.2600.5755,錯誤位址
0x0002b736。

Error - 11/10/2009 14:48:11 | Computer Name = SNNECCAP | Source = Application Error | ID = 1000
Description = 失敗的應用程式 crazy browser.exe,版本 3.0.0.0,失敗的模組 crazy browser.exe,版本 3.0.0.0,錯誤位址
0x00030246。

Error - 11/10/2009 15:08:41 | Computer Name = SNNECCAP | Source = Application Error | ID = 1000
Description = 失敗的應用程式 reminder.exe,版本 2.0.0.120,失敗的模組 reminder.exe,版本 2.0.0.120,錯誤位址
0x0004a22a。

[ System Events ]
Error - 11/10/2009 14:41:48 | Computer Name = SNNECCAP | Source = Service Control Manager | ID = 7011
Description = Dnscache 服務的異動回應等候逾時 (30000 毫秒)。

Error - 11/10/2009 17:41:17 | Computer Name = SNNECCAP | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1084",是當嘗試啟動服務 EventSystem 而引數為 "", 為了執行伺服器: {1BE1F766-5536-11D1-B726-00C04FB926AF}
之時

Error - 11/10/2009 21:43:47 | Computer Name = SNNECCAP | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1084",是當嘗試啟動服務 EventSystem 而引數為 "", 為了執行伺服器: {1BE1F766-5536-11D1-B726-00C04FB926AF}
之時

Error - 11/10/2009 21:44:46 | Computer Name = SNNECCAP | Source = Service Control Manager | ID = 7026
Description = 下列開機啟動或系統啟動驅動程式無法載入: Aavmker4 aswSP Fips i8042prt intelppm PCLEPCI

Error - 12/10/2009 12:54:36 | Computer Name = SNNECCAP | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1084",是當嘗試啟動服務 EventSystem 而引數為 "", 為了執行伺服器: {1BE1F766-5536-11D1-B726-00C04FB926AF}
之時

Error - 12/10/2009 21:12:25 | Computer Name = SNNECCAP | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1084",是當嘗試啟動服務 EventSystem 而引數為 "", 為了執行伺服器: {1BE1F766-5536-11D1-B726-00C04FB926AF}
之時

Error - 12/10/2009 21:13:18 | Computer Name = SNNECCAP | Source = Service Control Manager | ID = 7026
Description = 下列開機啟動或系統啟動驅動程式無法載入: Aavmker4 aswSP Fips i8042prt intelppm PCLEPCI

Error - 12/10/2009 23:37:06 | Computer Name = SNNECCAP | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1084",是當嘗試啟動服務 EventSystem 而引數為 "", 為了執行伺服器: {1BE1F766-5536-11D1-B726-00C04FB926AF}
之時

Error - 12/10/2009 23:43:46 | Computer Name = SNNECCAP | Source = DCOM | ID = 10005
Description = DCOM 遇到錯誤 "%1084",是當嘗試啟動服務 EventSystem 而引數為 "", 為了執行伺服器: {1BE1F766-5536-11D1-B726-00C04FB926AF}
之時

Error - 12/10/2009 23:44:26 | Computer Name = SNNECCAP | Source = Service Control Manager | ID = 7026
Description = 下列開機啟動或系統啟動驅動程式無法載入: Aavmker4 aswSP Fips i8042prt intelppm PCLEPCI


< End of report >
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby Jack&Jill » October 15th, 2009, 1:22 am

Hello wealthluck :),

I need you to upload a few suspicious files to Jotti for an online scan. Click here.
  • Click the white box beside the Browse box.
  • Copy and paste the following file and its path to upload:
    Code: Select all
    C:\Documents and Settings\USE\桌面\nxikksup.exe
  • Press Submit. The file will be submitted for testing.
  • Please wait for all the scanners to finish, then copy and paste the result into Notepad and save it to a convenient place.
  • Repeat for
    Code: Select all
    C:\Documents and Settings\USE\桌面\31mxp7db.exe
  • Post the results in your next response.

Alternatively, if Jotti is busy or inaccessible, you may try VirusTotal or VirScan with similar steps.

A result from either one of the above scanners would be sufficient. Do you use these files or have any idea what they are?

Please download ATF (Atribune Temp File) Cleaner© by Atribune from one of the links below and save it to your desktop.

Link 1
Link 2
Link 3

Run ATF Cleaner
  • Double-click ATF Cleaner.exe to open it.
  • Click Run if prompted.
  • At the bottom of the list, check (tick) Select All.
  • Note: If you would like to keep your cookies, please uncheck this option as it will remove all cookies, including the useful ones you may want to keep.
  • Then click the Empty Selected button.
  • Firefox:
    • Click Firefox at the top and choose: Select All. Uncheck the cookies option if you want to keep them.
    • Click the Empty Selected button.
    • Note: If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.

Please download Malwarebytes' Anti-Malware (MBAM)© from Malwarebytes and save it to your desktop. Click here.

Run MBAM
  • Double click on mbam-setup.exe and follow the prompts to install the program.
  • At the end of installation, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • MBAM will now check for updates. If your firewall prompts, please allow it. If you can't update it, select the Update tab. Under Update mirror, select one of the websites and click on Check for Updates.
  • Upon completion of update and loading, select the Scanner tab. Click on Perform full scan, then click on Scan.
  • Leave the default options as it is and click on Start Scan.
  • If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process.
  • When done, you will be prompted. Click OK, then click on Show Results.
  • Check (tick) all items except items in the C:\System Volume Information folder and click on Remove Selected.
  • After it has removed the items, a log in Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.

If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware. If you receive an (Error Loading) error on reboot, please reboot a second time . It is normal for this error to occur once and does not need to be reported unless it returns on future reboots.

Do an online scan with ESET Online Scanner.
Please be patient as scanning will take quite some time. If you have problem running the scan, you might want to disable any real time protection that you have.
  • Click here to go to ESET Online Scanner page.
  • Click on ESET Online Scanner. A new window will open.
    For FireFox user, you will need to download and install esetsmartinstaller_enu.exe. Click on it and save the file to a convenient location. Double click on it to install and a new window will open.
  • After reading through the Terms of Use, check YES, I accept the Terms of Use and click Start to begin scan.
  • You will be prompted to install an ActiveX Control from ESET. Please install.
  • At the Computer scan settings section, uncheck (untick) Remove found threats and then check Scan archives.
  • Now, click on Advanced settings and make sure all these are checked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click on Scan to proceed.
  • Click Finish and close the window.
  • Navigate to C:\Program Files\ESET\ESET Online Scanner using Windows Explorer and look for log.txt.
  • Post the contents of log.txt in your reply.

Please post back:
1. scan results on the two files
2. MBAM report
3. ESET online scan log
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby wealthluck » October 16th, 2009, 4:57 am

Hi Jack&Jill,

Here my notes are :-

1)
[An error occurred. Please report the following error code to the Malwarebytes' Anti-Malware support team.

Error code: 731 (0, 6)]

2)
Both files on the desktop to be scanned online are the same thing and are actually GMER. GMER downloading generates different name every time while I don't quite remember why I downloaded more than 1. It's strange but I guessed it not quite important so I didn't mention that the 2 files actually just stuck there firm on the desktop ever since downloaded, it got my computer crashed when I tried to remove it. So it's natural that the scan results below for both of them are about the same, if not exactly.

What follow are the MBAM report and ESET online scan log.

Billions of thanks to you and your team....


Jotti's result ~ C:\Documents and Settings\USE\桌面\nxikksup.exe :-
===============================

Jotti's malware scan
This file has been scanned before. The results for this previous scan are listed below.
--------------------------------------------------------------------------------
Filename: 9pq788ik.exe
Status: Scan finished. 1 out of 21 scanners reported malware.
Scan taken on: Fri 2 Oct 2009 09:08:42 (CET) Permalink
--------------------------------------------------------------------------------
Additional info
File size: 288768 bytes
Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5: 8484be03f56aebe9eff1295ea18504c9
SHA1: a33e1d9a8f977e6039c68a966bfb99dd9c285a96
Packer (Avast): UPX
Packer (Drweb): UPX
Packer (Kaspersky): PE_Patch.UPX, UPX
Scanners
2009-10-01 Found nothing 2009-10-02 Found nothing
2009-10-02 Found nothing 2009-10-02 Found nothing
2009-10-01 Found nothing 2009-10-02 Found nothing
2009-10-01 Found nothing 2009-10-01 Found nothing
2009-10-01 Found nothing 2009-10-01 Found nothing
2009-10-02 Found nothing 2009-10-01 Found nothing
2009-10-02 Found nothing 2009-10-01 Found nothing
2009-10-02 Found nothing 2009-10-02 Found nothing
2009-10-02 Found nothing 2009-09-30 Win32 Shadow Driver Install
2009-10-01 Found nothing 2009-10-01 Found nothing
2009-10-02 Found nothing
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby wealthluck » October 16th, 2009, 4:59 am

Jotti's result for the other file [31mxp7db.exe] :-
=========================================
Jotti's malware scan
This file has been scanned before. The results for this previous scan are listed below.
--------------------------------------------------------------------------------
Filename: 9pq788ik.exe
Status: Scan finished. 1 out of 21 scanners reported malware.
Scan taken on: Fri 2 Oct 2009 09:08:42 (CET) Permalink
--------------------------------------------------------------------------------
Additional info
File size: 288768 bytes
Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5: 8484be03f56aebe9eff1295ea18504c9
SHA1: a33e1d9a8f977e6039c68a966bfb99dd9c285a96
Packer (Avast): UPX
Packer (Drweb): UPX
Packer (Kaspersky): PE_Patch.UPX, UPX
Scanners
2009-10-01 Found nothing 2009-10-02 Found nothing
2009-10-02 Found nothing 2009-10-02 Found nothing
2009-10-01 Found nothing 2009-10-02 Found nothing
2009-10-01 Found nothing 2009-10-01 Found nothing
2009-10-01 Found nothing 2009-10-01 Found nothing
2009-10-02 Found nothing 2009-10-01 Found nothing
2009-10-02 Found nothing 2009-10-01 Found nothing
2009-10-02 Found nothing 2009-10-02 Found nothing
2009-10-02 Found nothing 2009-09-30 Win32 Shadow Driver Install
2009-10-01 Found nothing 2009-10-01 Found nothing
2009-10-02 Found nothing
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby wealthluck » October 16th, 2009, 5:00 am

Malwarebytes' Anti-Malware 1.41
Database version: 2970
Windows 5.1.2600 Service Pack 3 (Safe Mode)

16/10/2009 13:59:19
mbam-log-2009-10-16 (13-59-19).txt

Scan type: Full Scan (C:\|E:\|)
Objects scanned: 237471
Time elapsed: 1 hour(s), 24 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby wealthluck » October 16th, 2009, 5:03 am

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# Crazy Browser.exe=3.0.0.0
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=b7528485a928aa43a6cec9694a6628d6
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-10-16 08:32:14
# local_time=2009-10-16 04:32:14 )
# country="Hong Kong S.A.R."
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=769 61 100 93 91538593750
# scanned=107236
# found=6
# cleaned=0
# scan_time=8898
E:\System Volume Information\_restore{B3E7A0EC-3E07-400D-8ACB-06782AB0048D}\RP115\A0106744.exe Win32/Toolbar.AskSBar application 00000000000000000000000000000000 I
E:\System Volume Information\_restore{B3E7A0EC-3E07-400D-8ACB-06782AB0048D}\RP115\A0106765.exe probably a variant of Win32/Agent trojan 00000000000000000000000000000000 I
E:\System Volume Information\_restore{B3E7A0EC-3E07-400D-8ACB-06782AB0048D}\RP115\A0110429.exe probably a variant of Win32/Agent trojan 00000000000000000000000000000000 I
E:\System Volume Information\_restore{B3E7A0EC-3E07-400D-8ACB-06782AB0048D}\RP115\A0115775.exe probably a variant of Win32/Agent trojan 00000000000000000000000000000000 I
E:\System Volume Information\_restore{B3E7A0EC-3E07-400D-8ACB-06782AB0048D}\RP115\A0115777.exe probably a variant of Win32/Agent trojan 00000000000000000000000000000000 I
E:\System Volume Information\_restore{B3E7A0EC-3E07-400D-8ACB-06782AB0048D}\RP115\A0115781.exe probably a variant of Win32/Agent trojan 00000000000000000000000000000000 I
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby Jack&Jill » October 17th, 2009, 10:15 pm

Hello wealthluck :),

No more signs of malware. Your problem is most likely a hardware/software/driver related one. Let do a few more steps and I will point you to different forums that deal with such issues.

Uninstall outdated programs
  • Go to Control Panel > Add/Remove Programs.
  • Please uninstall the following programs one by one:

    Java 2 Runtime Environment, SE v1.4.2_05
    Macromedia Flash Player 8


    You may want to try uninstalling these as well to rule out the possibility if any of them is giving you problems:

    NamiRobot
    Replay AV8
    QuickTime Alternative 2.9.2
    Ulead GIF Animator 5

Your Adobe Reader is outdated. Older versions have security vulnerabilities that can be exploited.

Please update your Adobe Reader to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

Adobe Reader 7.0.7 - Chinese Traditional

  • Go to the Adobe download page. Click here.
  • If your OS is not the same as stated, click on Different language or operating system? link.
    • Under the Select an operating system title, click on Select an OS... box and choose the OS that you have.
    • Change the language if you want by clicking on English below the Select a language title.
    • Press Continue.
    • Uncheck (untick) Free McAfee Security Scan (optional).
    • Click the Download now button after selecting the latest version.
    • Allow if prompted and save the file to a convenient location.
    • Run the downloaded file to continue with the installation.
  • If your OS is the same, uncheck (untick) Free McAfee Security Scan (optional).
  • Click Download to proceed. Allow if prompted and save the file to a convenient location.
  • Run the downloaded file to continue with the installation.

Please download ERUNT© by Lars Hederer from one of the links below and save it to your desktop.

Link 1
Link 2
Link 3

Backup your registry with ERUNT
  • Double click on erunt-setup.exe and run the installation setup.
  • Follow the setup instructions until you reach Select Additional Tasks, uncheck (untick) Create NTREGOPT desktop icon.
  • Continue until you get prompted to run ERUNT at startup. Choose No.
  • Next, make sure Launch ERUNT is checked (ticked) and click Finish.
  • Click OK when ERUNT is launched, and accept all default setting. ERUNT will then backup the registry.

Fix with OTL
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here.
  • Double click on OTL.exe to run it.
  • Copy and paste the following text into the white box below Custom Scans/Fixes:
    Code: Select all
    :otl
    O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Tools(E)\HoTsoy1.1\tools\bitcometbho.dll File not found
    O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
    O3 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
    O3 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
    O3 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\..\Toolbar\WebBrowser: (no name) - {CB789373-04D5-4EF4-9C16-871463FD0830} - No CLSID value found.
    O4 - Startup: C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\37.com.url ()
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\PE_C_ALL USERS\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1192798999-1536786436-3313207897-1006_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1192798999-1536786436-3313207897-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &D&ownload &with BitComet - E:\Tools(E)\HoTsoy1.1\HoTsoy1.1.exe File not found
    O8 - Extra context menu item: &D&ownload all video with BitComet - E:\Tools(E)\HoTsoy1.1\HoTsoy1.1.exe File not found
    O8 - Extra context menu item: &D&ownload all with BitComet - E:\Tools(E)\HoTsoy1.1\HoTsoy1.1.exe File not found
    O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - E:\Tools(E)\HoTsoy1.1\tools\bitcometbho.dll File not found
    
    :files
    c:\program files\BitComet
    @C:\Documents and Settings\All Users\Application Data\Temp:5C321E34
    @C:\Documents and Settings\All Users\Application Data\Temp:3BF63E4A
    @C:\Documents and Settings\All Users\Application Data\Temp:57EE48CA
  • Click Run Fix.
  • Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
  • Enable back your security softwares as soon as you completed the OTL fix steps.

Please post back:
1. the OTL fix log
2. new HijackThis log
3. still BSOD after removing those programs?
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby wealthluck » October 19th, 2009, 3:46 pm

Hi Jack&Jill,

I can almost done none of the uninstallation except QuickTime Alternative 2.9.2.

I've actually uninstalled the following 3 items before posting my last reply and I can find them nowhere, neither in Program Files nor Programs Remover for perhaps sorta reuninstallation :-

NamiRobot
Replay AV8
Ulead GIF Animator 5

I can't find Macromedia Flash Player 8 anywhere either, while Java 2 Runtime Environment, SE v1.4.2_05 uninstallation got rejected with a popped up error telling it can't be done in safe mode.

Adobe Reader is also not listed in Programs Remover, I can only find it in [C:\Program Files\Adobe\Acrobat 7.0] where I can't find an uninstaller to proceed.

Yes, still BSOD, as expected since I can only have done so little of the uninstallation part.

I've done the required backup, the created logs are as follows.

Thank you heartily for all your help....

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E0E899AB-F487-11D5-8D29-0050BA6940E3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0E899AB-F487-11D5-8D29-0050BA6940E3}\ not found.
Registry value HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Registry value HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\ not found.
Registry value HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CB789373-04D5-4EF4-9C16-871463FD0830} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CB789373-04D5-4EF4-9C16-871463FD0830}\ not found.
C:\Documents and Settings\USE\「開始」功能表\程式集\啟動\37.com.url moved successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\PE_C_ALL USERS\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-500\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&D&ownload &with BitComet\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&D&ownload all video with BitComet\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&D&ownload all with BitComet\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}\ not found.
========== FILES ==========
File\Folder c:\program files\BitComet not found.
ADS C:\Documents and Settings\All Users\Application Data\Temp:5C321E34 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:3BF63E4A deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Temp:57EE48CA deleted successfully.

OTL by OldTimer - Version 3.0.21.0 log created on 10202009_030414
Last edited by wealthluck on October 19th, 2009, 4:23 pm, edited 4 times in total.
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby wealthluck » October 19th, 2009, 3:47 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:38:20, on 20/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Tools\StrokeIt\strokeit.exe
C:\Tools\Ditto\Ditto.exe
C:\Tools\Crazy Browser\Crazy Browser.exe
C:\Program Files\Free Internet Window Washer\Clearpch.exe
C:\WINDOWS\system32\notepad.exe
C:\Tools\WinSplit Revolution\WinSplit.exe
C:\Documents and Settings\USE\Application Data\Microsoft\Internet Explorer\Quick Launch\Antis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\USE\Application Data\FlashGetBHO\FlashGetBHO3.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [CHotkey] C:\APPS\Chicony\chicony.bat
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [PostOOBE] C:\WINDOWS\system32\wscript.exe C:\DRIVERS\POSTOOBE.NEC //E:VBS
O4 - HKLM\..\Run: [BtnMovie] 1152 x 864 @ 1Hz 32bit colors
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Grid Service] "C:\Program Files\GridService\peer.exe" -n Grid
O4 - HKLM\..\Run: [AutoShutdown] C:\WINDOWS\zenotib\zenotib.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Anti-MalwareMalwarebytes'\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Free Internet Window Washer] C:\Program Files\Free Internet Window Washer\Clearpch.exe -Start
O4 - HKCU\..\Run: [Sensiva] "C:\Tools\Symbol Commander Pro\Sensiva.exe"
O4 - HKCU\..\Run: [Winsplit] C:\Tools\WinSplit Revolution\WinSplit.exe
O4 - HKCU\..\Run: [Mmm] "C:\Program Files\MmmHACE\Mmm.exe"
O4 - HKCU\..\Run: [DW6] "C:\PROGRA~1\THEWEA~1\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [FontLoader] C:\Program Files\ShellToolsMoonSoftware\FontLoaderSysTray.exe
O4 - HKCU\..\Run: [$Volumouse$] "C:\Tools\VolumeMouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Wallpaper Manager] C:\Program Files\WallpaperChangerAdolix\AWC.exe -startup
O4 - HKCU\..\Run: [ccleaner] "C:\Tools\ccCleaner223\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [Kana Reminder] "C:\Tools\Reminder.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Dictionary - http://files.db3nf.com/scripts/ie.htm
O8 - Extra context menu item: &Encyclopedia - http://files.db3nf.com/scripts/ie-e.htm
O8 - Extra context menu item: &Search - ?p=ZC
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Use ViDown to download - C:\Program Files\ViDown\vd_link.htm
O8 - Extra context menu item: 妏蚚辦陬3狟婥 - C:\Documents and Settings\USE\Application Data\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: 妏蚚辦陬3狟婥窒蟈諉 - C:\Documents and Settings\USE\Application Data\FlashGetBHO\GetAllUrl.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: iSiloX Clipper - {C86027A6-12A1-4298-B6EA-A42AC6EE6C7C} - C:\Program Files\iSilo\iSiloX\iSiloXIE.dll (HKCU)
O9 - Extra 'Tools' menuitem: iSiloX Clipper... - {C86027A6-12A1-4298-B6EA-A42AC6EE6C7C} - C:\Program Files\iSilo\iSiloX\iSiloXIE.dll (HKCU)
O15 - Trusted Zone: http://abc.go.com
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_16) -
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} -
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} -
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} (Java Plug-in 1.4.2_05) -
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} (Java Plug-in 1.6.0_16) -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_16) -
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 8329 bytes
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby Jack&Jill » October 20th, 2009, 7:56 pm

Hello wealthluck :),

A word of warning: Please do not run ComboFix on your own. This tool is not a toy and not for everyday use.

Run ComboFix script
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily when running ComboFix. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here.
  • Open Notepad. Copy and paste the following text into it:
    Code: Select all
    Regnull::
    [HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35219C1F-B9FE-8680-CEE4-8C51B28ED9C3}*]
    

  • Save it as CFScript.txt at the desktop. Make sure the Save as type: is All Files (*.*).

    Image
  • Referring to the screenshot above, drag CFScript.txt into wealthluckCF.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, a log will be produced as C:\ComboFix.txt. Copy and paste the contents of the log in your next reply.
  • If you lose Internet connection after running ComboFix, unplug the cable you use to connect to the Internet and plug it back in.
  • Enable back your security softwares as soon as you completed the ComboFix steps.

Do not mouse click on ComboFix while it is running. That may cause it to stall.

Please post back:
1. the ComboFix log
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby wealthluck » October 20th, 2009, 11:23 pm

Thanks a lot Jack&Jill!!
=========================================

ComboFix 09-10-20.03 - USE 0/2009 Wed 11:06.3.2 - NTFSx86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.950.852.1028.18.1023.711 [GMT 8:00]
執行位置: c:\documents and settings\USE\桌面\wealthluckCF.exe
Command switches used :: c:\documents and settings\USE\桌面\CFScript.txt
.

((((((((((((((((((((((((( 2009-09-21 至 2009-10-21 的新的檔案 )))))))))))))))))))))))))))))))
.

2009-10-19 18:56 . 2009-10-19 18:58 -------- d-----w- c:\program files\ERUNT
2009-10-15 16:20 . 2009-10-15 16:20 -------- d-----w- c:\documents and settings\USE\Application Data\Malwarebytes
2009-10-15 16:20 . 2009-09-10 06:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-15 16:20 . 2009-10-15 16:20 -------- d-----w- c:\program files\Anti-MalwareMalwarebytes'
2009-10-15 16:20 . 2009-10-15 16:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-15 16:20 . 2009-09-10 06:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-10 21:18 . 2009-10-10 21:18 -------- d-----w- c:\documents and settings\USE\Application Data\AccurateRip
2009-10-10 13:40 . 2009-10-10 13:40 -------- d-----w- c:\program files\FlashMov
2009-10-06 03:44 . 2009-09-15 10:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-10-06 03:44 . 2009-09-15 10:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-10-06 03:44 . 2009-09-15 10:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-10-06 03:44 . 2009-09-15 10:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-10-06 03:44 . 2009-09-15 10:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-10-06 03:44 . 2009-09-15 10:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-10-06 03:44 . 2009-09-15 10:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-10-06 03:44 . 2009-09-15 10:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-10-06 03:43 . 2009-09-15 10:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-10-06 03:43 . 2009-10-06 03:43 -------- d-----w- c:\program files\Alwil Software
2009-10-02 18:52 . 2009-10-02 19:02 -------- d-----w- C:\wealthluckCF
2009-09-30 08:27 . 2009-09-30 08:42 -------- d-----w- C:\output
2009-09-30 06:13 . 2009-09-30 06:13 -------- d-----w- c:\documents and settings\USE\Application Data\YCanPDF
2009-09-30 06:13 . 2009-09-30 06:13 -------- d-----w- C:\tmp
2009-09-30 03:28 . 2009-09-30 03:36 -------- d-----w- c:\program files\Real Alternative
2009-09-29 10:06 . 2009-09-29 10:06 -------- d-----w- c:\program files\fuzzydir2txt
2009-09-27 19:59 . 2009-10-19 13:43 -------- d-----w- c:\documents and settings\USE\Application Data\dvdcss
2009-09-21 20:08 . 2009-09-21 20:09 -------- d-----w- c:\windows\system32\Mpeg
2009-09-21 18:10 . 2009-09-21 18:10 -------- d-----w- c:\program files\Common Files\Common Share
2009-09-21 11:05 . 2009-09-21 11:05 -------- d-----w- c:\windows\LastGood.Tmp
2009-09-21 11:05 . 2009-09-21 11:05 3400 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
2009-09-21 08:10 . 2009-09-21 13:03 2989 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
2009-09-21 08:09 . 2009-09-21 08:10 10840 ----a-w- c:\windows\system32\SpoonUninstall-dMC Power Pack.dat

.
(((((((((((((((((((((((((((((((((((((((( 在三個月內被修改的檔案 ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-20 18:05 . 2009-09-16 11:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-20 16:11 . 2009-04-16 06:03 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-10-20 08:51 . 2009-04-21 08:58 -------- d-----w- c:\documents and settings\USE\Application Data\XnView
2009-10-20 03:16 . 2009-04-22 11:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\Temp
2009-10-20 03:13 . 2009-09-17 09:50 -------- d-----w- c:\program files\SpywareBlaster
2009-10-20 03:10 . 2009-04-18 01:38 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-18 01:51 . 2009-05-19 05:14 -------- d-----w- c:\program files\a-squared Free
2009-10-16 17:53 . 2009-10-16 17:53 664 ----a-w- c:\documents and settings\USE\Local Settings\Application Data\d3d9caps.tmp
2009-10-13 01:46 . 2009-04-14 10:00 59864 ----a-w- c:\documents and settings\USE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-10 22:14 . 2009-03-25 00:49 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-10 03:32 . 2009-04-21 02:06 35363 ----a-w- c:\windows\system32\windrvNT.sys
2009-10-09 05:07 . 2009-09-05 10:32 -------- d-----w- c:\documents and settings\USE\Application Data\Thinstall
2009-10-02 06:23 . 2009-07-08 06:11 -------- d-----w- c:\program files\GridService
2009-09-30 19:27 . 2009-03-25 00:49 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-09-30 19:27 . 2009-03-25 00:49 -------- d-----w- c:\program files\CyberLink
2009-09-29 10:30 . 2009-05-12 10:08 -------- d-----w- c:\documents and settings\USE\Application Data\OpenOffice.org2
2009-09-25 21:51 . 2009-08-05 02:49 -------- d-----w- c:\documents and settings\All Users\Application Data\GoBit Games
2009-09-25 08:51 . 2009-04-26 16:24 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{DE032019-B933-4DF4-9174-48C52613DA13}
2009-09-21 13:00 . 2009-04-25 07:32 515760 ----a-w- c:\windows\system32\SpoonUninstall.exe
2009-09-20 11:30 . 2009-09-20 10:47 -------- d-----w- c:\documents and settings\All Users\Application Data\RealHideIP
2009-09-20 10:47 . 2009-09-20 10:47 -------- d-----w- c:\documents and settings\USE\Application Data\RealHideIP
2009-09-19 19:42 . 2009-09-19 19:41 -------- d-----w- c:\documents and settings\USE\Application Data\Zcom4158515
2009-09-18 10:52 . 2009-09-18 10:42 162816 ----a-w- c:\windows\system32\fmod.dll
2009-09-17 08:16 . 2009-09-17 08:16 -------- d-----w- c:\documents and settings\USE\Application Data\Kana Solution
2009-09-16 12:03 . 2009-09-16 11:58 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-13 10:54 . 2009-09-13 10:54 -------- d-----w- c:\documents and settings\USE\Application Data\gtk-2.0
2009-09-12 19:26 . 2009-09-12 09:42 1477 ----a-w- c:\windows\system32\secushr.dat
2009-09-12 08:59 . 2009-03-25 00:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Ulead Systems
2009-09-10 12:16 . 2009-04-16 05:55 -------- d-----w- c:\documents and settings\All Users\Application Data\ClickOff
2009-09-10 01:11 . 2009-09-10 01:07 737280 ----a-w- c:\windows\iun6002.exe
2009-09-05 08:06 . 2009-04-30 11:49 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-05 08:06 . 2009-03-25 00:49 -------- d-----w- c:\program files\Java
2009-08-30 01:33 . 2009-08-30 01:33 -------- d-----w- c:\documents and settings\USE\Application Data\Megaupload
2009-08-22 18:01 . 2009-08-22 04:33 -------- d-----w- c:\documents and settings\USE\Application Data\Orbit
2009-08-22 15:58 . 2009-08-22 05:47 0 ----a-w- c:\windows\system32\Infob.dat
2009-08-22 15:58 . 2009-08-22 05:47 0 ----a-w- c:\windows\system32\Infoa.dat
2009-08-22 05:49 . 2009-08-22 05:41 330 ----a-w- c:\windows\system32\treeinfo.dat
2009-08-22 04:34 . 2009-08-22 04:34 -------- d-----w- c:\documents and settings\USE\Application Data\GrabPro
2009-08-21 13:27 . 2005-01-18 00:31 358494 ----a-w- c:\windows\system32\prfh0404.dat
2009-08-21 13:27 . 2005-01-18 00:31 132422 ----a-w- c:\windows\system32\prfc0404.dat
2009-08-12 16:05 . 2009-08-12 16:05 1367 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP WMA V9.1 Codec.dat
2009-08-05 08:59 . 2005-01-18 00:30 201728 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 16:50 . 2009-07-29 16:50 75776 ----a-w- c:\windows\cadkasdeinst01e.exe
2002-07-26 09:02 . 2009-05-03 16:43 153088 ----a-w- c:\program files\UNWISE.EXE
.

((((((((((((((((((((((((((((( SnapShot@2009-09-16_05.00.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-21 20:09 . 2009-08-04 06:51 60456 c:\windows\system32\Mpeg\mcstdh264vout.dll
+ 2009-09-21 20:09 . 2009-08-04 06:51 20520 c:\windows\system32\Mpeg\mcmpgvout.dll
+ 2009-04-19 08:12 . 2009-09-16 19:54 88589 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-09-21 20:08 . 2009-08-04 06:51 232488 c:\windows\system32\Mpeg\mcmpgmux.dll
+ 2009-09-21 20:08 . 2009-08-04 06:51 244776 c:\windows\system32\Mpeg\mcmpgaout.dll
+ 2009-07-18 03:12 . 2009-07-18 03:12 257440 c:\windows\system32\Macromed\Flash\FlashUtil10c.exe
+ 2005-01-18 00:39 . 2009-10-11 00:49 268600 c:\windows\system32\FNTCACHE.DAT
- 2006-08-07 06:29 . 2008-10-22 17:22 198144 c:\windows\system32\_psisdecd.dll
+ 2006-08-07 06:29 . 2007-03-02 09:55 198144 c:\windows\system32\_psisdecd.dll
+ 2009-10-19 18:58 . 2009-10-19 18:58 200704 c:\windows\ERDNT\20-10-2009\Users\00000002\UsrClass.dat
+ 2009-10-19 18:58 . 2005-10-20 04:02 163328 c:\windows\ERDNT\20-10-2009\ERDNT.EXE
+ 2009-10-19 18:58 . 2009-10-19 18:58 9445376 c:\windows\ERDNT\20-10-2009\Users\00000001\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( 重要登入點 ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白與合法缺省登錄將不會被顯示
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"Free Internet Window Washer"="c:\program files\Free Internet Window Washer\Clearpch.exe" [2009-03-17 1541120]
"Winsplit"="c:\tools\WinSplit Revolution\WinSplit.exe" [2008-06-04 3825152]
"Mmm"="c:\program files\MmmHACE\Mmm.exe" [2009-04-19 877568]
"DW6"="c:\progra~1\THEWEA~1\Desktop\DesktopWeather.exe" [2009-02-11 801904]
"FontLoader"="c:\program files\ShellToolsMoonSoftware\FontLoaderSysTray.exe" [2007-12-27 120048]
"$Volumouse$"="c:\tools\VolumeMouse\volumouse.exe" [2008-11-10 31744]
"UberIcon"="c:\program files\UberIcon\UberIcon Manager.exe" [2007-08-17 159744]
"Wallpaper Manager"="c:\program files\WallpaperChangerAdolix\AWC.exe" [2008-03-14 1946624]
"ccleaner"="c:\tools\ccCleaner223\CCleaner.exe" [2009-08-26 1681208]
"Kana Reminder"="c:\tools\Reminder.exe" [2005-11-29 1185280]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BtnMovie"="1152 x 864 @ 1Hz 32bit colors" [X]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-12 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-12 59392]
"CHotkey"="c:\apps\Chicony\chicony.bat" [2005-09-28 54]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-16 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-16 155648]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-16 131072]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-12 44032]
"PostOOBE"="c:\windows\system32\wscript.exe" [2008-05-08 155648]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440]
"USBToolTip"="c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2004-04-23 192512]
"ClocX"="c:\program files\ClocX\ClocX.exe" [2007-07-26 270336]
"Grid Service"="c:\program files\GridService\peer.exe" [2008-12-30 4993024]
"AutoShutdown"="c:\windows\zenotib\zenotib.exe" [2008-04-13 1376768]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-05 149280]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"Logitech Utility"="Logi_MwX.Exe" - c:\windows\Logi_MwX.Exe [2003-12-17 19968]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-06-13 16377344]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-05-28 1826816]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

c:\documents and settings\USE\「開始」功能表\程式集\啟動\
#VotingPersonOfTheYear.url [2009-9-18 171]
捷徑 - EmailAddresses(Numbered).lnk - e:\ngohdeigeh\Misc\EmailAddresses(Numbered).txt [2009-10-1 1018]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 06:13 49152 ----a-w- c:\progra~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:English /KBD:3

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Tools\\itudou\\iTudou.exe"=
"c:\\Program Files\\My Mobile\\MyMobiler\\MyMobiler.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\GridService\\peer.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"$INSTDIR\\FlvDetector.exe"= c:\\Tools\\FlashGet 3.0 Portable\\FlvDetector.exe
"c:\\Tools\\JDownloader 0.8\\JDownloader.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6/10/2009 11:44 114768]
S1 PPEN;PenPower Tablet Driver;c:\windows\system32\drivers\PPEN.SYS [26/4/2009 14:07 13440]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/10/2009 11:44 20560]
S3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [7/8/2006 14:15 2825088]
S3 Cap713x;Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [8/10/2004 16:58 751104]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [7/11/2007 4:22 34064]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{28681820-917D-11d5-8177-005056FDDA4B}]
rundll32.exe c:\windows\system32\ShellExt\DafiTech\Cpy2Clip\cpy2clip.dll,CreateUserSettings
.
.
------- 而外的掃描 -------
.
uStart Page = hxxp://www.mailinator.com/maildir.jsp?e ... inator.com
mStart Page = hxxp://www.microsoft.com
uInternet Settings,ProxyOverride = local
IE: &D&ownload &with BitComet - e:\tools(e)\HoTsoy1.1\HoTsoy1.1.exe/AddLink.htm
IE: &D&ownload all video with BitComet - e:\tools(e)\HoTsoy1.1\HoTsoy1.1.exe/AddVideo.htm
IE: &D&ownload all with BitComet - e:\tools(e)\HoTsoy1.1\HoTsoy1.1.exe/AddAllLink.htm
IE: &Dictionary - http://files.db3nf.com/scripts/ie.htm
IE: &Encyclopedia - http://files.db3nf.com/scripts/ie-e.htm
IE: &Search - ?p=ZC
IE: &U使用米人下?并收藏
IE: &U使用米人下?并收藏 - c:\program files\NamiRobot\Data\du.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Use ViDown to download - c:\program files\ViDown\vd_link.htm
IE: 使用 Mega 管理器下??接...
IE: 使用 Mega 管理器下??接... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: 使用快?3下?
IE: 使用快?3下?全部?接
IE: 使用快?3下? - c:\documents and settings\USE\Application Data\FlashGetBHO\GetUrl.htm
IE: 使用快?3下?全部?接 - c:\documents and settings\USE\Application Data\FlashGetBHO\GetAllUrl.htm
IE: 妏蚚辦陬3狟婥 - c:\documents and settings\USE\Application Data\FlashGetBHO\GetUrl.htm
IE: 妏蚚辦陬3狟婥窒蟈諉 - c:\documents and settings\USE\Application Data\FlashGetBHO\GetAllUrl.htm
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429}
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Sensiva - c:\tools\Symbol Commander Pro\Sensiva.exe
AddRemove-Lakeridge Software WisBar Advance 3 for WM6_is1 - c:\program files\Microsoft ActiveSync\WisBar Advance 3 for WM6 v3.0.0.2\unins000.exe
AddRemove-Spb Pocket Plus - c:\program files\Microsoft ActiveSync\Spb Pocket Plus\Uninstall.exe
AddRemove-Stardock Central - c:\progra~1\Stardock\SDCENT~1\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-21 11:10
Windows 5.1.2600 Service Pack 3 NTFS

掃描被隱藏的進程 ...

掃描被隱藏的啟動組 ...

掃描被隱藏的文件 ...

掃描完成
被隱藏的檔案: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Microsoft\Internet Explorer\MenuExt\O(u螒f?* N}
@="c:\\Documents and Settings\\USE\\Application Data\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Microsoft\Internet Explorer\MenuExt\O(u螒f?* N}Q??卉]
@="c:\\Documents and Settings\\USE\\Application Data\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Microsoft\Internet Explorer\MenuExt\??l?*腤eZ]
@="c:\\Documents and Settings\\USE\\Application Data\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-1192798999-1536786436-3313207897-1006\Software\Microsoft\Internet Explorer\MenuExt\??l?*腤eZ蘙??]
@="c:\\Documents and Settings\\USE\\Application Data\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_LOCAL_MACHINE\software\Classes\B*D*A*T*u*n*e*r*.*CQ譸\CLSID]
@="{809B6661-94C4-49E6-B6EC-3F0F862215AA}"

[HKEY_LOCAL_MACHINE\software\Classes\B*D*A*T*u*n*e*r*.*CQ譸\CurVer]
@="BDATuner.元件.1"
.
--------------------- 運行進程下的動態鏈接庫 ---------------------

- - - - - - - > 'winlogon.exe'(640)
c:\windows\system32\Ati2evxx.dll
c:\progra~1\COMMON~1\Stardock\mcpstub.dll
c:\windows\system32\PPIME_TW.IME

- - - - - - - > 'explorer.exe'(1520)
c:\windows\system32\PPIME_TW.IME
.
完成時間: 2009-10-21 11:12
ComboFix-quarantined-files.txt 2009-10-21 03:12
ComboFix2.txt 2009-09-16 05:02

Pre-Run: 37,149,704,192 位元組可用
Post-Run: 37,106,528,256 位元組可用

- - End Of File - - 10215CB4AC451DEFB9E289A0A0379F2A
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am

Re: Can't boot into normal mode - keeps giving me blue screen!!

Unread postby Carolyn » October 21st, 2009, 1:48 pm

wealthluck, your logs indicate that you have resumed the use of one or more P2P programs.

As you have chosen to disregard this forum's P2P policy, this topic is now closed and will not be reopened.

You can help support this site from this link :
Donations For Malware Removal
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 505 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware