Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Fail to boot and Startup repair Offline say Bad Driver


  • This topic is locked This topic is locked
11 replies to this topic

#1 gnarlita

gnarlita

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 13 March 2013 - 06:37 AM

Hello when this problem started i have tryed to fix it with startup repair but with no luck and i tryed to make a system restore also but it said it hasnt fount any restore points. I have created a log with Farbar Recovery Scan Tool. Can you please have a look and tell me what i should do ?

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-03-2013 01
Ran by SYSTEM at 13-03-2013 13:29:25
Running from F:\FRST
Windows 7 Ultimate   (X86) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [10996368 2012-06-11] (Realtek Semiconductor)
HKU\User\...\Run: [AdobeBridge]  [x]
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

==================== Services (Whitelisted) ===================

2 Autodesk Content Service; "C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe" [19232 2012-01-31] (Autodesk, Inc.)
3 cphs; C:\Windows\System32\IntelCpHeciSvc.exe [277024 2012-10-10] (Intel Corporation)
3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [1044816 2013-02-04] (Flexera Software, Inc.)
3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [115608 2013-02-28] (Mozilla Foundation)
2 SepMasterService; "C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe" /s "Symantec Endpoint Protection" /m "C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\sms.dll" /prefetch:1 [168912 2012-11-22] (Symantec Corporation)
3 SmcService; "C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\Smc.exe" /prefetch:1 [1785792 2012-11-22] (Symantec Corporation)
3 SNAC; "C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\snac.exe" [288208 2012-11-22] (Symantec Corporation)
2 VIAKaraokeService; C:\Windows\System32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

1 BHDrvx86; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\BASHDefs\20130208.011\BHDrvx86.sys [997464 2013-01-15] (Symantec Corporation)
1 ccSettings_{29AC8EDB-F22A-46D3-9D66-4244585EAD0A}; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x86\ccSetx86.sys [134304 2012-11-22] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2013-02-04] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2013-02-04] (Symantec Corporation)
1 IDSVix86; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\IPSDefs\20130227.011\IDSvix86.sys [386720 2013-02-01] (Symantec Corporation)
3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [91760 2012-04-25] (Qualcomm Atheros Co., Ltd.)
3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41216 2011-09-21] (Intel Corporation)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-12] ()
3 NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20130227.032\NAVENG.SYS [93296 2013-02-04] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20130227.032\NAVEX15.SYS [1603824 2013-02-04] (Symantec Corporation)
1 SRTSP; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x86\SRTSP.SYS [585888 2012-11-22] (Symantec Corporation)
1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x86\SRTSPX.SYS [32888 2012-11-22] (Symantec Corporation)
3 SyDvCtrl; \??\C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\SyDvCtrl32.sys [28136 2012-11-22] (Symantec Corporation)
0 SymDS; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x86\SYMDS.SYS [368288 2012-11-22] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x86\SYMEFA.SYS [927904 2012-11-22] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-02-04] (Symantec Corporation)
1 SymIRON; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x86\Ironx86.SYS [175264 2012-11-22] (Symantec Corporation)
1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C0107DF\07DF.105\x86\SYMNETS.SYS [338592 2012-11-22] (Symantec Corporation)
1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [111584 2013-02-04] (Symantec Corporation)
3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1806448 2011-06-14] (VIA Technologies, Inc.)
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-03-13 13:29 - 2013-03-13 13:29 - 00000000 ____D C:\FRST
2013-03-04 03:40 - 2013-03-04 03:40 - 00000000 ____D C:\Windows\System32\RTCOM
2013-03-04 03:39 - 2013-03-04 03:39 - 00000000 ____D C:\Program Files\Realtek
2013-03-04 03:39 - 2012-06-19 06:54 - 03240400 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHDA.sys
2013-03-04 03:39 - 2012-06-19 03:30 - 00293889 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-03-04 03:39 - 2012-06-14 03:43 - 05096448 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes.dat
2013-03-04 03:39 - 2012-06-08 06:18 - 03173008 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO.dll
2013-03-04 03:39 - 2012-06-06 00:44 - 00645776 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApoApi.dll
2013-03-04 03:39 - 2012-05-31 23:37 - 02417808 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkPgExt.dll
2013-03-04 03:39 - 2012-05-31 08:08 - 00087696 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoInstII.dll
2013-03-04 03:39 - 2012-05-25 08:06 - 01706640 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-03-04 03:39 - 2012-05-17 01:29 - 07161696 ____A (Dolby Laboratories) C:\Windows\System32\R4EEP32A.dll
2013-03-04 03:39 - 2012-05-17 01:29 - 00351072 ____A (Dolby Laboratories) C:\Windows\System32\R4EED32A.dll
2013-03-04 03:39 - 2012-05-17 01:29 - 00105824 ____A (Dolby Laboratories) C:\Windows\System32\R4EEL32A.dll
2013-03-04 03:39 - 2012-05-17 01:29 - 00091488 ____A (Dolby Laboratories) C:\Windows\System32\R4EEA32A.dll
2013-03-04 03:39 - 2012-05-17 01:29 - 00061792 ____A (Dolby Laboratories) C:\Windows\System32\R4EEG32A.dll
2013-03-04 03:39 - 2012-04-10 04:40 - 02193472 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO.dll
2013-03-04 03:39 - 2012-04-03 08:41 - 01185112 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioRealtek2.dll
2013-03-04 03:39 - 2012-04-03 08:41 - 00709976 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPOShell.dll
2013-03-04 03:39 - 2012-03-08 01:47 - 00176736 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTACap.dll
2013-03-04 03:39 - 2012-03-08 01:47 - 00095840 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTARen.dll
2013-03-04 03:39 - 2012-02-21 09:45 - 01725784 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib.dll
2013-03-04 03:39 - 2012-02-17 05:54 - 00350552 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxVolumeSDAPO.dll
2013-03-04 03:39 - 2012-02-13 12:36 - 07783768 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioRealtek.dll
2013-03-04 03:39 - 2012-01-30 01:42 - 00819648 ____A (TOSHIBA Corporation) C:\Windows\System32\tadefxapo2.dll
2013-03-04 03:39 - 2012-01-23 12:28 - 00421744 ____A (DTS) C:\Windows\System32\DTSU2PLFX32.dll
2013-03-04 03:39 - 2012-01-23 12:28 - 00398192 ____A (DTS) C:\Windows\System32\DTSU2PGFX32.dll
2013-03-04 03:39 - 2012-01-23 12:28 - 00335216 ____A (DTS) C:\Windows\System32\DTSU2PREC32.dll
2013-03-04 03:39 - 2012-01-10 00:20 - 00058264 ____A (TOSHIBA CORPORATION.) C:\Windows\System32\TepeqAPO.dll
2013-03-04 03:39 - 2011-12-19 19:43 - 00192104 ____A (Sony Corporation) C:\Windows\System32\SFSS_APO.dll
2013-03-04 03:39 - 2011-12-18 07:57 - 01836376 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioEQ.dll
2013-03-04 03:39 - 2011-12-13 06:58 - 01497704 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSndMgr.cpl
2013-03-04 03:39 - 2011-11-22 06:28 - 00013416 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoLDR.dll
2013-03-04 03:39 - 2011-09-02 04:21 - 00214368 ____A (Synopsys, Inc.) C:\Windows\System32\SFNHK.dll
2013-03-04 03:39 - 2011-09-02 04:21 - 00074080 ____A (Synopsys, Inc.) C:\Windows\System32\SFCOM.dll
2013-03-04 03:39 - 2011-09-02 04:21 - 00068960 ____A (Synopsys, Inc.) C:\Windows\System32\SFAPO.dll
2013-03-04 03:39 - 2011-08-23 07:00 - 00357712 ____A (Knowles Acoustics ) C:\Windows\System32\KAAPORT.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 01509480 ____A (DTS) C:\Windows\System32\DTSS2SpeakerDLL.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 01292904 ____A (DTS) C:\Windows\System32\DTSS2HeadphoneDLL.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 01220200 ____A (DTS) C:\Windows\System32\DTSBoostDLL.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 00654952 ____A (DTS) C:\Windows\System32\DTSBassEnhancementDLL.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 00631400 ____A (DTS) C:\Windows\System32\DTSSymmetryDLL.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 00601704 ____A (DTS) C:\Windows\System32\DTSVoiceClarityDLL.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 00458344 ____A (DTS) C:\Windows\System32\DTSNeoPCDLL.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 00389736 ____A (DTS) C:\Windows\System32\DTSGainCompensatorDLL.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 00375400 ____A (DTS) C:\Windows\System32\DTSLimiterDLL.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 00218728 ____A (DTS) C:\Windows\System32\DTSGFXAPONS.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 00218728 ____A (DTS) C:\Windows\System32\DTSGFXAPO.dll
2013-03-04 03:39 - 2011-05-30 23:42 - 00218216 ____A (DTS) C:\Windows\System32\DTSLFXAPO.dll
2013-03-04 03:39 - 2011-03-17 02:16 - 01379760 ____A (TOSHIBA Corporation) C:\Windows\System32\tosade.dll
2013-03-04 03:39 - 2011-03-07 07:03 - 00134584 ____A (TOSHIBA Corporation) C:\Windows\System32\tadefxapo.dll
2013-03-04 03:39 - 2010-11-07 21:31 - 00359768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP32A.dll
2013-03-04 03:39 - 2010-11-07 21:31 - 00295768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT32.dll
2013-03-04 03:39 - 2010-11-07 21:31 - 00295768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA32.dll
2013-03-04 03:39 - 2010-11-07 21:31 - 00170840 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED32A.dll
2013-03-04 03:39 - 2010-11-07 21:31 - 00078680 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL32A.dll
2013-03-04 03:39 - 2010-11-07 21:31 - 00064856 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG32A.dll
2013-03-04 03:39 - 2010-10-03 03:45 - 00259928 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO30.dll
2013-03-04 03:39 - 2010-09-26 23:34 - 00232792 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO20.dll
2013-03-04 03:39 - 2009-12-04 05:43 - 00132368 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO.dll
2013-03-04 03:39 - 2009-11-23 23:55 - 00345328 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSXT.dll
2013-03-04 03:39 - 2009-11-23 23:55 - 00185584 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSHD.dll
2013-03-04 03:39 - 2009-11-23 23:55 - 00173296 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSHP360.dll
2013-03-04 03:39 - 2009-11-23 23:55 - 00140528 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSWOW.dll
2013-03-04 03:39 - 2009-11-18 08:42 - 01783056 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesLib.dll
2013-03-04 03:38 - 2013-03-04 03:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-03-04 03:36 - 2013-03-04 03:37 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-03-04 03:36 - 2010-03-04 08:04 - 00758784 ____A (NVIDIA Corporation) C:\Windows\System32\cohelper.dll
2013-03-04 03:36 - 2010-02-21 21:45 - 00010084 ____A C:\Windows\System32\Drivers\nvphy.bin
2013-03-04 03:35 - 2013-03-04 03:35 - 00000000 ____D C:\NVIDIA
2013-02-28 01:14 - 2013-02-28 01:23 - 00000000 ____D C:\CADW85
2013-02-28 01:14 - 2013-02-28 01:14 - 00017920 ____A (Aladdin Knowledge Systems) C:\Windows\System32\Drivers\aksusb.sys
2013-02-28 01:14 - 2009-06-10 13:42 - 00002577 ____A C:\Windows\System32\config.hsp
2013-02-28 01:01 - 2013-02-28 01:01 - 00000000 ____D C:\Program Files\WexTech
2013-02-28 01:01 - 2013-02-28 01:01 - 00000000 ____D C:\Program Files\Common Files\LHSPF
2013-02-28 01:01 - 2000-05-02 00:03 - 00225280 ____A (WexTech Systems, Inc.) C:\Windows\System32\awrtl30.dll
2013-02-28 01:01 - 1998-10-02 09:00 - 00327168 ____A (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2013-02-28 01:01 - 1998-08-04 01:22 - 00111616 ____N (Lernout & Hauspie) C:\Windows\System32\Ltih30tb.dll
2013-02-28 01:00 - 2013-02-28 01:01 - 00000000 ____D C:\Program Files\Volo View Express
2013-02-28 01:00 - 2000-10-20 03:25 - 00487184 ____A (Microsoft Corporation) C:\Windows\System32\Mrt7enu.dll
2013-02-28 01:00 - 2000-10-20 03:25 - 00446464 ____A (Blue Sky Software Corporation.) C:\Windows\System32\hhactivex.dll
2013-02-28 01:00 - 2000-10-20 03:25 - 00079360 ____A C:\Windows\System32\acdbres.dll
2013-02-28 01:00 - 2000-10-20 03:25 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\Hlp95en.dll
2013-02-28 00:59 - 2013-02-28 00:59 - 00000000 _RASH C:\MSDOS.SYS
2013-02-28 00:59 - 2013-02-28 00:59 - 00000000 _RASH C:\IO.SYS
2013-02-28 00:59 - 2000-10-20 03:25 - 00299520 ____A (InstallShield Corporation, Inc.) C:\Windows\uninst.exe
2013-02-28 00:58 - 2013-02-28 01:11 - 00000000 ____D C:\Program Files\AutoCAD 2002
2013-02-28 00:58 - 2013-02-28 01:01 - 00000000 ____D C:\Program Files\Common Files\Wextech Shared
2013-02-28 00:34 - 2013-02-28 00:34 - 00007626 ____A C:\Users\User\AppData\Local\Resmon.ResmonCfg
2013-02-28 00:29 - 2013-02-28 00:30 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders ========

2013-03-13 13:29 - 2013-03-13 13:29 - 00000000 ____D C:\FRST
2013-03-13 11:58 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-03-04 03:59 - 2013-01-31 02:49 - 01779659 ____A C:\Windows\WindowsUpdate.log
2013-03-04 03:51 - 2009-07-13 20:34 - 00020800 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-03-04 03:51 - 2009-07-13 20:34 - 00020800 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-03-04 03:48 - 2013-01-31 02:59 - 01491184 ____A C:\Windows\System32\PerfStringBackup.INI
2013-03-04 03:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\DriverStore
2013-03-04 03:44 - 2013-02-04 07:11 - 00001168 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-03-04 03:43 - 2013-01-31 10:58 - 00008362 ____A C:\Windows\PFRO.log
2013-03-04 03:43 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-03-04 03:43 - 2009-07-13 20:39 - 00021715 ____A C:\Windows\setupact.log
2013-03-04 03:40 - 2013-03-04 03:40 - 00000000 ____D C:\Windows\System32\RTCOM
2013-03-04 03:39 - 2013-03-04 03:39 - 00000000 ____D C:\Program Files\Realtek
2013-03-04 03:39 - 2013-02-04 09:27 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-03-04 03:39 - 2013-02-01 08:04 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-03-04 03:38 - 2013-03-04 03:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-03-04 03:37 - 2013-03-04 03:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-03-04 03:37 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Help
2013-03-04 03:35 - 2013-03-04 03:35 - 00000000 ____D C:\NVIDIA
2013-03-04 03:27 - 2013-02-04 07:11 - 00001172 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-03-04 02:48 - 2013-01-31 02:58 - 00141296 ____A C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2013-02-28 01:23 - 2013-02-28 01:14 - 00000000 ____D C:\CADW85
2013-02-28 01:14 - 2013-02-28 01:14 - 00017920 ____A (Aladdin Knowledge Systems) C:\Windows\System32\Drivers\aksusb.sys
2013-02-28 01:14 - 2009-07-13 18:04 - 00002624 ____A C:\Windows\System32\config.nt
2013-02-28 01:11 - 2013-02-28 00:58 - 00000000 ____D C:\Program Files\AutoCAD 2002
2013-02-28 01:04 - 2009-07-13 20:33 - 03842464 ____A C:\Windows\System32\FNTCACHE.DAT
2013-02-28 01:02 - 2013-02-06 07:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-02-28 01:01 - 2013-02-28 01:01 - 00000000 ____D C:\Program Files\WexTech
2013-02-28 01:01 - 2013-02-28 01:01 - 00000000 ____D C:\Program Files\Common Files\LHSPF
2013-02-28 01:01 - 2013-02-28 01:00 - 00000000 ____D C:\Program Files\Volo View Express
2013-02-28 01:01 - 2013-02-28 00:58 - 00000000 ____D C:\Program Files\Common Files\Wextech Shared
2013-02-28 01:00 - 2013-02-04 08:41 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-02-28 00:59 - 2013-02-28 00:59 - 00000000 _RASH C:\MSDOS.SYS
2013-02-28 00:59 - 2013-02-28 00:59 - 00000000 _RASH C:\IO.SYS
2013-02-28 00:58 - 2013-02-04 04:16 - 00000000 ____D C:\Program Files\Microsoft Office
2013-02-28 00:34 - 2013-02-28 00:34 - 00007626 ____A C:\Users\User\AppData\Local\Resmon.ResmonCfg
2013-02-28 00:30 - 2013-02-28 00:29 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 2558.49 MB
Available physical RAM: 2147.25 MB
Total Pagefile: 2556.77 MB
Available Pagefile: 2151.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1954.3 MB

==================== Partitions =============================

2 Drive c: () (Fixed) (Total:48.83 GB) (Free:21.98 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
3 Drive d: (Save) (Fixed) (Total:25.69 GB) (Free:25.6 GB) NTFS
5 Drive f: (KINGSTON) (Removable) (Total:14.93 GB) (Free:1.73 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online           74 GB  1024 KB         
  Disk 1    Online           14 GB      0 B         

Partitions of Disk 0:
===============

Disk ID: E869E869

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary             48 GB    31 KB
  Partition 2    Primary             25 GB    48 GB

=========================================================

Disk: 0
Partition 1
Type  : 07
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     C                NTFS   Partition     48 GB  Healthy            

=========================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     D   Save         NTFS   Partition     25 GB  Healthy            

=========================================================

Partitions of Disk 1:
===============

Disk ID: 000C1B0F

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary             14 GB    31 KB

=========================================================

Disk: 1
Partition 1
Type  : 0C
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     F   KINGSTON     FAT32  Removable     14 GB  Healthy            

=========================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: E869E869

Partition 1:
=========
Hex: 8001010007FEFFFF3F000000E8B71A06
Active: YES
Type: 07 (NTFS)
Size: 49 GB

Partition 2:
=========
Hex: 0000C1FF07FEFFFF27B81A069A2C3603
Active: NO
Type: 07 (NTFS)
Size: 26 GB

==============================
Partitions of Disk 1:
===============
Disk ID: 000C1B0F

Partition 1:
=========
Hex: 800101000CFEFF9D3F000000C13FDE01
Active: YES
Type: 0C
Size: 15 GB


Last Boot: 2013-02-25 05:43

==================== End Of Log ============================



BC AdBot (Login to Remove)

 


#2 gnarlita

gnarlita
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 15 March 2013 - 02:35 AM

can someone help me please ?



#3 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:46 AM

Posted 16 March 2013 - 09:47 AM

Hello gnarlita and welcome to BC forum

If Windows normal mode is not useable, force a system restart/reboot, and right away start tapping F8 function key.
When get Advanced Boot Menu, select Safe Mode with Networking.

Download DDS and save it to your desktop from http://download.bleepingcomputer.com/sUBs/dds.com here
or http://download.bleepingcomputer.com/sUBs/dds.scr or
http://www.infospyware.net/sUBs/dds

Disable any script blocker if your antivirus/antimalware has it.
On Vista/ Windows 7/ Windows 8 do a RIGHT-click on dds and select Run As Administrator :excl:
On Windows XP double click dds to run the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.
Follow and answer the prompts as appropriate.
  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.
  • Please Copy & Paste contents of the following logs in your next reply:
    DDS.txt
    Attach.txt


    Please read carefully and follow these steps.
    • Download TDSSKiller and save it to your Desktop.
    • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
      If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
    • If an infected file is detected, the default action will be Cure, click on Continue.


      TDSSKillerMal-1.png
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
      Skip and click on Continue
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


      TDSSKillerCompleted.png
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#4 gnarlita

gnarlita
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 16 March 2013 - 10:30 AM

Hello Maurice Naggar and thank you for your reply. Unfortunately i cannot boot in to windows normal moder or any of the safe modes because the computer is rebooting every time windows logo shows up. That's my issue and i dont know what i can do.


Edited by gnarlita, 16 March 2013 - 10:30 AM.


#5 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:46 AM

Posted 16 March 2013 - 11:41 AM

Not good, eh?

Power off the system. Disconnect any external attached devices like printer, copier, scanner ( but -not- keyboard, mouse, monitor).
You have to tap & retap F8 Function key as soon as system is rebooting .... well before Windows tries to even load !!
Wait a minute while pc is powered off.

Then power on pc and right away do the F8-function key taps
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#6 gnarlita

gnarlita
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 17 March 2013 - 03:19 AM

I have removed all the devices on the computer only has : motherboard, cpu, video card, ram, hdd, dvdrom, keyboard, mouse, i even reset the bios to defaults. Still cant login to windows and even if i try to go safe mode or anything else on the list it reboots. As i said to a previous post i have tryed to make a startup repair but with no luck and all it said was Bad Driver. Btw from the post i made above with the Farbar Recovery Scan Tool log any chance to have a look at it ? maybe you can understand if anything is wrong there. Thanks again for helping me!


Edited by gnarlita, 17 March 2013 - 03:20 AM.


#7 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:46 AM

Posted 17 March 2013 - 09:06 AM

The FRST log does not show malware. And it is minimal report, in any event.

The fact that you cannot get to Safe mode or Safe mode with Networking is regretfull.
There are very limited choices here.

Tell us if you have the Windows 7 operating system DVD ?

Tell us if you had made a system image backup from before this situation?

Tell us the brand & model of the pc. You could well be looking at doing a factory restore, which would reset the system to the state where it was on Day 1 out of the factory. You would lose any personal files & documents unless you had saved them to Offline media, like external storage drive, or CD or DVD, or USB flash-thumb-drive.

Tell us, just before this problem cropped up, what happened (what was running) before the failure?
~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#8 gnarlita

gnarlita
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 17 March 2013 - 04:55 PM

Hello mate. Everything in this computer worked fine i have spend many days to install many programs and this computer unfortunately has sensitive data i wish not to loose. Everything was working fine but motherboard was faulty so i was forced to change it that means the hardware has changed. So every time i try to boot on to windows the pc reboots cause as i suspect of a driver of the previous motherboard. So my question is can i edit the registry and delete all previous drivers so i can login to windows and then install new ones ? and yes i have the windows 7 dvd and i tryed to fix the installation from there with no success.



#9 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:46 AM

Posted 17 March 2013 - 06:58 PM

You should have mentioned the motherboard change way at the start !!

When their is a change of motherboard, one has to do a Windows repair install.

Not having done that, that is why Windows fails to load.

 

Absolutely NO on any registry messing-about.  No way.  No how. 

 

You'll have to set the pc to boot from DVD  drive.  Place Windows 7 o.s. DVD in the drive.

Restart the system, booting off the DVD.

Then do a repair.

 

http://www.bleepingcomputer.com/tutorials/windows-7-recovery-environment-command-prompt/

 

IF that fails, you likely will need to do a factory restore, which means resetting the system back to Day 1 as it came out of the factory.

 

This case then is not malware-related.  This is due to having removed & put on a new systemboard.

 

BTW, if Windows came preloaded from the factory, ie, an OEM install, that may be tied to the original board & BIOS  and you may be barred from re-installing Windows.  It's best that you really check with your computer manufacturer.  Check their web support site.  !!!

 

Resetting the system to Day 1 results in all data being wiped  (lost personal data , etc).

So before starting all that, if you have not already done so....

Copy all personal data & personal files while in the Command prompt Recovery Environment onto Offline media, such as external USB drive, DVD, CD, etc


Edited by Maurice Naggar, 17 March 2013 - 07:03 PM.

~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#10 gnarlita

gnarlita
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 19 March 2013 - 10:17 PM

Hello and thank you for your response the computer was build in by me with parts. I have bought windows 7 ultimate dvd and installed it. All was working perfect and i installed many programs and i was using the computer fine. After a motherboard malfunction i was forsed to change it. I already have tried to use the dvd to repair the installation with no luck and as i said windows didn't find any restore points so i can roll back. I can do a clean windows 7 setup from the beginning but i am trying to avoid it because of the pain to install again all the programs and the data i have also the updates. That's why i am asking if there is a way to disable the old drivers so i can boot windows normally and then install the new drivers. There seems to be a conflict of the old motherboard drivers and that's why windows give blue screen and reboot. Is there anyway to make them boot ?



#11 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:46 AM

Posted 20 March 2013 - 10:16 AM

You will most likely (still) new to do a new clean install.   Save your efforts and do a new install is my advice.


~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)

#12 Maurice Naggar

Maurice Naggar

    Eradicator de malware


  • Malware Response Team
  • 1,088 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:46 AM

Posted 21 March 2013 - 08:38 AM

I would suggest you see this page How to Do a Clean Installation with Windows 7.
I suggest you delete all existing partitions on the HDD as part of the new Windows 7 install.

Since a clean install will result in the loss of all your personal files & documents, you will want to back them up / copy to Offline media beforehand. {you can copy your documents while in Command Prompt.}

For all the files, documents, personal stuff you back-up..... after all is done & you have the new Windows setup, and Antivirus installed, and MBAM.....
then I would scan any files you restore with 1) antivirus, 2) MBAM.

If you have the Windows 7 operating system DVD, set pc to boot from it, restart the system and boot from DVD. You'll want to first delete the existing Wdinows 7 partition, then do a new install of Windows 7.

If you do not have the Windows 7 DVD, check with your pc maker's support site for the directions on doing a factory restore.

Once you have Windows restored, be sure if the OEM included any antivirus that you un-install it, and install your own.
Be sure you make a visit to Windows Update to insure your Windows is all up-to-date.

Keep your pc disconnected from internet before & during the Windows clean install.
Only reconnect after the antivirus program is installed.
IF and only if your OEM or vendor included a pre-installed antivirus, be sure to Uninstall it before installing your antivirus.

Best to you. Good luck.

Backups are your pc's best friend.

 

How to create a Windows system image in Windows 7 and Windows 8
http://www.bleepingcomputer.com/tutorials/create-system-image-in-windows-7-8/

How to use System Image Recovery in the Windows 7 and Windows 8 Recovery Environment
http://www.bleepingcomputer.com/tutorials/system-image-recovery-in-windows-7-8/


~Maurice Naggar
MS-MVP (Oct 2002 - Sept 2010)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users