Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Access of normal mode of Windows blocked by blue screen!!!!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Access of normal mode of Windows blocked by blue screen!!!!!

Unread postby wealthluck » September 19th, 2009, 9:56 am

Hi there,

My raised SOS is after 3 days now, and am now quoting my request below for your kind and prompt assistance please!

Thanks a million....

wealthluck wrote:Hi there,

I'm seriously and cordially calling for help of yours, the respectable and generous experts out here please! The problem I've got is before, I thnk for about 2 weeks, every now and then I could still start Windows in normal mode, most of the time after the running of the Windows Logo, what comes up would only be a blue screen, the later the worse. Until now I can't boot into normal mode at all, except for safe mode where I'm now in.

I've always admired the enormous IT knowledge you guys have and your greatness of willingness to help, and with my Hijackthis Log as below, I'll be longing to hear from you and for your kind assistance!

My sincerest regards and heartiest thanks to you great guys!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:25:44, on 16/9/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Tools\StrokeIt\strokeit.exe
C:\Tools\ShellEnhancer\ShellEnhancer.exe
C:\Tools\Symbol Commander Pro\Sensiva.exe
C:\Tools\TaskSwitchXP2011\TaskSwitchXP.exe
C:\Tools\Crazy Browser\Crazy Browser.exe
C:\Tools\ccCleaner223\CCleaner.exe
C:\Program Files\Free Internet Window Washer\Clearpch.exe
C:\Tools\NetTransport2.80.441\FTPTransport.exe
C:\Program Files\BitComet\BitComet.exe
C:\Tools\eMule0.49c\emule.exe
C:\Program Files\a-squared Free\a2free.exe
C:\Program Files\Avast4\ashDisp.exe
C:\Program Files\ExpressMenuBullzip\exmenu.exe
C:\Tools\Ditto\Ditto.exe
C:\Tools\WinSplit Revolution\WinSplit.exe
C:\Program Files\AutoHotkey\AutoHotkey.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Tools\ZoomIt.exe
C:\Program Files\GridService\peeradapter.exe
C:\Program Files\GridService\peer.exe
C:\Tools\RightClick\RightClick.exe
C:\Program Files\Avast4\ashSimp2.exe
C:\Program Files\ClocX\ClocX.exe
E:\~Sundries-Nec\~ToPutIntoCd\E-Installers\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\USE\Application Data\FlashGetBHO\FlashGetBHO3.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [CHotkey] C:\APPS\Chicony\chicony.bat
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [PostOOBE] C:\WINDOWS\system32\wscript.exe C:\DRIVERS\POSTOOBE.NEC //E:VBS
O4 - HKLM\..\Run: [BtnMovie] 1152 x 864 @ 1Hz 32bit colors
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Grid Service] "C:\Program Files\GridService\peer.exe" -n Grid
O4 - HKLM\..\Run: [AutoShutdown] C:\WINDOWS\zenotib\zenotib.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [Free Internet Window Washer] C:\Program Files\Free Internet Window Washer\Clearpch.exe -Start
O4 - HKCU\..\Run: [Sensiva] "C:\Tools\Symbol Commander Pro\Sensiva.exe"
O4 - HKCU\..\Run: [Winsplit] C:\Tools\WinSplit Revolution\WinSplit.exe
O4 - HKCU\..\Run: [Mmm] "C:\Program Files\MmmHACE\Mmm.exe"
O4 - HKCU\..\Run: [DW6] "C:\PROGRA~1\THEWEA~1\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [FontLoader] C:\Program Files\ShellToolsMoonSoftware\FontLoaderSysTray.exe
O4 - HKCU\..\Run: [$Volumouse$] "C:\Tools\VolumeMouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Wallpaper Manager] C:\Program Files\WallpaperChangerAdolix\AWC.exe -startup
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [ccleaner] "C:\Tools\ccCleaner223\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Dictionary - http://files.db3nf.com/scripts/ie.htm
O8 - Extra context menu item: &Encyclopedia - http://files.db3nf.com/scripts/ie-e.htm
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZC
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Use ViDown to download - C:\Program Files\ViDown\vd_link.htm
O8 - Extra context menu item: 妏蚚辦陬3狟婥 - C:\Documents and Settings\USE\Application Data\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: 妏蚚辦陬3狟婥窒蟈諉 - C:\Documents and Settings\USE\Application Data\FlashGetBHO\GetAllUrl.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: iSiloX Clipper - {C86027A6-12A1-4298-B6EA-A42AC6EE6C7C} - C:\Program Files\iSilo\iSiloX\iSiloXIE.dll (HKCU)
O9 - Extra 'Tools' menuitem: iSiloX Clipper... - {C86027A6-12A1-4298-B6EA-A42AC6EE6C7C} - C:\Program Files\iSilo\iSiloX\iSiloXIE.dll (HKCU)
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://games.bigfishgames.com/en_burger ... yer_v4.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\wbsys.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 9147 bytes
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am
Advertisement
Register to Remove

Re: Access of normal mode of Windows blocked by blue screen!!!!!

Unread postby wealthluck » September 19th, 2009, 10:19 am

Sorry, it's me again, just found I should've provided the link of my previously raised request instead which is as below.

http://www.malwareremoval.com/forum/viewtopic.php?f=11&t=45873

Tons of thanks....

wealthluck wrote:Hi there,

My raised SOS is after 3 days now, and am now quoting my request below for your kind and prompt assistance please!

Thanks a million....
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am

Re: Access of normal mode of Windows blocked by blue screen!!!!!

Unread postby wealthluck » September 19th, 2009, 10:33 am

Really sorry to be replying my own post again, as I'm worried that this self-replied thread of mine may draw no attention so I put up another post here:-
http://www.malwareremoval.com/forum/viewtopic.php?f=166&t=45955&sid=4e7ae920611b7eae4bc2d51c0a2be771

I apologize for the confusion and inconvenience caused and again, many many thanks indeed!
wealthluck
Regular Member
 
Posts: 32
Joined: September 16th, 2009, 6:11 am


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 73 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware