Jump to content

Windows XP won't boot past windows xp logo


Recommended Posts

Hello, again

I tried to remove Mcafee antivirus plus so I could install microsoft security essentials using Revo uninstaller program, because the windows uninstaller was being blocked by mcafee with a access denied message. When I restarted the computer it would only boot to the windows logo, when using normal or safe modes.

I have the windows xp recovery console loaded on the computer, but not sure of it's use. Is there another way to recover so I can restore to a previous restore point.

My machine was infected with the fbi virus and cleaned up about a week ago with the help of Mr Charlie here in the forum.

Please help.

Thank you.

Link to post
Share on other sites

Welcome back to the forum, see if you can do this:

You'll need a usb flash drive and be able to burn a cd.

The cd I would like you to create is OTLPE:

Download OTLPE from HERE

Now put a blank cd-r in your burner and double click on OTLPEStd.exe, it will automatically burn the cd. (burn it at a slow speed to avoid errors)

You will also need to download Farbar Recovery Scan Tool, or FRST and copy it to your flash drive.

Once you have the cd created, boot the computer up using it.

Note : If you do not know how to set your computer to boot from CD follow the steps here

Plug in the flash drive and navigate to it.

Run FRST and click on Scan

When the scan completes.....

It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

MrC

Link to post
Share on other sites

Hi MrC,

Thanks for your help again, here is the scan log.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-05-2013

Ran by SYSTEM on 06-05-2013 19:57:28

Running from F:\

Microsoft Windows XP (X86) OS Language: English(US)

Internet Explorer Version 8

Boot Mode: Recovery

The current controlset is ControlSet004

ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE [45056 2003-06-18] (Creative Technology Ltd)

HKLM\...\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r [45056 2002-12-03] (Creative Technology Ltd)

HKLM\...\Run: [updReg] C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)

HKLM\...\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)

HKLM\...\Run: [iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe [32768 2000-06-02] (Iomega Corporation)

HKLM\...\Run: [iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe [36864 2000-06-13] (Iomega Corp.)

HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [155648 2006-01-28] (Apple Computer, Inc.)

HKLM\...\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [90112 2006-05-10] ()

HKLM\...\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [49152 2003-05-08] (ScanSoft, Inc.)

HKLM\...\Run: [CTHelper] CTHELPER.EXE [x]

HKLM\...\Run: [CTxfiHlp] CTXFIHLP.EXE [x]

HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [278528 2005-12-20] (Apple Computer, Inc.)

HKLM\...\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [63712 2007-03-09] (Adobe Systems Incorporated)

HKLM\...\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [288080 2009-07-17] (Microsoft Corporation)

HKLM\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1278648 2012-09-12] (McAfee, Inc.)

HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)

HKLM\...\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)

HKLM\...\Winlogon: [system]

Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]

Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)

Winlogon\Notify\WB: C:\Program Files\AlienGUIse\fastload.dll [X]

Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)

HKU\Administrator\...\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE [ 2003-06-12] (Creative Technology Ltd)

HKU\Bob Doeringer\...\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE [ 2003-06-12] (Creative Technology Ltd)

HKU\Bob Doeringer\...\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R [ 2004-12-02] (Creative Technology Ltd)

HKU\Bob Doeringer\...\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [ 2013-04-10] (SlySoft, Inc.)

HKU\Bob Doeringer\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]

HKU\Bob Doeringer\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [ 2011-10-17] (SUPERAntiSpyware.com)

HKU\Default User\...\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE [ 2003-06-12] (Creative Technology Ltd)

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DVD@ccess.lnk

ShortcutTarget: DVD@ccess.lnk -> C:\Program Files\Apple Computer\DVD@ccess\DVDAccess.exe (Apple Computer)

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Live Menu.lnk

ShortcutTarget: Live Menu.lnk -> C:\Program Files\PaperMaster Messenger\Dllcmd32.exe (No File)

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk

ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

Startup: C:\Documents and Settings\Bob Doeringer\Start Menu\Programs\Startup\CM Control Center.lnk

ShortcutTarget: CM Control Center.lnk -> C:\Program Files\CH Products\Control Manager\CMCtlCtr.exe (CH Products)

Startup: C:\Documents and Settings\Bob Doeringer\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()

SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - No File

SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No File

SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - No File

SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - No File

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - No File

========================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com)

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2006-10-11] ()

S2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd)

S2 InCDsrv; C:\Program Files\Ahead\InCD\InCDsrv.exe [1192050 2004-09-13] (Ahead Software AG)

S2 IomegaAccess; C:\WINDOWS\system32\IomegaAccess.exe [352256 2000-02-10] ( Iomega Corporation)

S3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [323584 2005-12-20] (Apple Computer, Inc.)

S2 mcmscsvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)

S2 McNaiAnn; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)

S2 McNASvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)

S2 McProxy; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)

S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [203400 2012-12-26] (McAfee, Inc.)

S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [168880 2012-12-26] (McAfee, Inc.)

S2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [171976 2012-12-26] (McAfee, Inc.)

S2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [223088 2011-04-26] ()

S2 WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation)

S2 ZipToA; C:\WINDOWS\system32\ZipToA.exe [356352 2000-02-10] (Iomega Corporation)

S2 asusgsb; %systemroot%\system32\nvcap.dll [x]

S2 ATWPKT2; %systemroot%\system32\ssscsisv.dll [x]

S2 cdr4_2k; %systemroot%\system32\mup.dll [x]

S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]

S2 HWSCtrl; %systemroot%\system32\PEVSystemStart.dll [x]

S2 iaimtv1; %systemroot%\system32\Eplpdx02.dll [x]

S2 id2scaps; %systemroot%\system32\co_mon.dll [x]

S2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

S2 lxcf_device; %systemroot%\system32\RalinkRegistryWriter.dll [x]

S3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [x]

S2 mf; %systemroot%\system32\symmpi.dll [x]

S2 mwlsvc; %systemroot%\system32\iAimFP7.dll [x]

S2 Ndismeetro; %systemroot%\system32\mstee.dll [x]

S2 NWSNS; %systemroot%\system32\USBAAPL.dll [x]

S2 regmanserv; %systemroot%\system32\freepops.dll [x]

S2 roxwatch; %systemroot%\system32\pptpminiport.dll [x]

S2 ScFBPNT3; %systemroot%\system32\npfs.dll [x]

S2 snac; %systemroot%\system32\NVNET.dll [x]

S2 SQLWriter; %systemroot%\system32\cdrom.dll [x]

S2 tosrfusb; %systemroot%\system32\tcpip.dll [x]

S2 TUWinStylerThemeSvc; %systemroot%\system32\symtdi.dll [x]

S2 USRpdA; %systemroot%\system32\ctxcpubal.dll [x]

S2 VICESYS; %systemroot%\system32\icepack.dll [x]

S2 windowblinds; %systemroot%\system32\w810mgmt.dll [x]

S2 wlluc48; %systemroot%\system32\USBCamera.dll [x]

==================== Drivers (Whitelisted) ====================

S3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [124504 2013-03-18] (SlySoft, Inc.)

S3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [1777152 2006-10-11] (ATI Technologies Inc.)

S3 ATIAVAIW; C:\Windows\System32\DRIVERS\atinavt2.sys [168832 2006-09-05] (ATI Technologies Inc.)

S3 atinrvxx; C:\Windows\System32\DRIVERS\atinrvxx.sys [105984 2004-08-03] (ATI Technologies Inc.)

S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)

S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60480 2012-12-26] (McAfee, Inc.)

S3 chdrvr01; C:\Windows\System32\DRIVERS\chdrvr01.sys [202560 2006-03-17] (CH Products)

S3 chdrvr02; C:\Windows\System32\DRIVERS\chdrvr02.sys [3744 2005-12-22] (CH Products)

S3 chdrvr03; C:\Windows\System32\DRIVERS\chdrvr03.sys [9024 2005-12-22] (CH Products)

S3 ctdvda2k; C:\Windows\System32\drivers\ctdvda2k.sys [340704 2005-11-10] (Creative Technology Ltd)

S2 DVDAccss; C:\Windows\System32\drivers\DVDAccss.sys [29156 2003-11-21] (Apple Computer, Inc.)

S1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)

S3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [766976 2006-08-11] (Creative Technology Ltd)

S3 hap16v2k; C:\Windows\System32\drivers\hap16v2k.sys [154112 2006-08-11] (Creative Technology Ltd)

S3 hap17v2k; C:\Windows\System32\drivers\hap17v2k.sys [180224 2006-08-11] (Creative Technology Ltd)

S3 hidgame; C:\Windows\System32\DRIVERS\hidgame.sys [8576 2001-08-17] (Microsoft Corporation)

S4 InCDfs; C:\Windows\System32\Drivers\InCDfs.sys [93440 2004-09-13] (Ahead Software AG)

S1 InCDPass; C:\Windows\System32\DRIVERS\InCDPass.sys [28672 2004-09-13] (Ahead Software AG)

S1 InCDrec; C:\Windows\System32\Drivers\InCDrec.sys [7680 2004-09-13] (Ahead Software AG)

S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [132976 2012-12-26] (McAfee, Inc.)

S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [234824 2012-12-26] (McAfee, Inc.)

S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65488 2012-12-26] (McAfee, Inc.)

S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [362640 2012-12-26] (McAfee, Inc.)

S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [565416 2012-12-26] (McAfee, Inc.)

S3 mfendisk; C:\Windows\System32\DRIVERS\mfendisk.sys [84464 2012-12-26] (McAfee, Inc.)

S3 mfendiskmp; C:\Windows\System32\DRIVERS\mfendisk.sys [84464 2012-12-26] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [92192 2012-12-26] (McAfee, Inc.)

S1 mfetdi2k; C:\Windows\System32\drivers\mfetdi2k.sys [91200 2012-12-26] (McAfee, Inc.)

S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)

S3 MVDCODEC; C:\Windows\System32\DRIVERS\atinmdxx.sys [13824 2004-08-03] (ATI Technologies Inc.)

S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)

S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)

S3 pfc; C:\Windows\System32\drivers\pfc.sys [14572 2002-02-11] (Padus, Inc.)

S0 ppa3; C:\Windows\System32\DRIVERS\ppa3.sys [17664 2008-04-13] (Microsoft Corporation)

S1 PStrip; C:\Windows\System32\Drivers\PStrip.sys [21968 2004-11-09] (EnTech Taiwan)

S3 RTL8023xp; C:\Windows\System32\DRIVERS\Rtlnicxp.sys [70144 2004-04-13] (Realtek Semiconductor Corporation )

S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)

S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)

S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)

S4 Abiosdsk; No ImagePath

S4 abp480n5; No ImagePath

S4 adpu160m; No ImagePath

S4 Aha154x; No ImagePath

S4 aic78u2; No ImagePath

S4 aic78xx; No ImagePath

S4 AliIde; No ImagePath

S4 amsint; No ImagePath

S4 asc; No ImagePath

S4 asc3350p; No ImagePath

S4 asc3550; No ImagePath

S4 Atdisk; No ImagePath

S4 cd20xrnt; No ImagePath

S3 cdiskdun; \??\C:\DOCUME~1\BOBDOE~1\LOCALS~1\Temp\cdiskdun.sys [x]

S1 Changer; No ImagePath

S4 CmdIde; No ImagePath

S4 Cpqarray; No ImagePath

S4 dac2w2k; No ImagePath

S4 dac960nt; No ImagePath

S4 dpti2o; No ImagePath

S4 hpn; No ImagePath

S1 i2omgmt; No ImagePath

S4 i2omp; No ImagePath

S4 ini910u; No ImagePath

S1 lbrtfdc; No ImagePath

S4 mraid35x; No ImagePath

S2 mrtRate; No ImagePath

S1 PCIDump; No ImagePath

S3 PDCOMP; No ImagePath

S3 PDFRAME; No ImagePath

S3 PDRELI; No ImagePath

S3 PDRFRAME; No ImagePath

S4 perc2; No ImagePath

S4 perc2hib; No ImagePath

S4 ql1080; No ImagePath

S4 Ql10wnt; No ImagePath

S4 ql12160; No ImagePath

S4 ql1240; No ImagePath

S4 ql1280; No ImagePath

S4 Simbad; No ImagePath

S4 Sparrow; No ImagePath

S4 symc810; No ImagePath

S4 symc8xx; No ImagePath

S4 sym_hi; No ImagePath

S4 sym_u3; No ImagePath

S4 TosIde; No ImagePath

S4 ultra; No ImagePath

S4 ViaIde; No ImagePath

S3 WDICA; No ImagePath

==================== NetSvcs (Whitelisted) ===================

NETSVC: mwlsvc -> C:\Windows\system32\iAimFP7.dll ==> No File.

NETSVC: PNDIS5 -> No Registry Path.

NETSVC: regmanserv -> C:\Windows\system32\freepops.dll ==> No File.

NETSVC: wlluc48 -> C:\Windows\system32\USBCamera.dll ==> No File.

NETSVC: id2scaps -> C:\Windows\system32\co_mon.dll ==> No File.

NETSVC: cdr4_2k -> C:\Windows\system32\mup.dll ==> No File.

NETSVC: nmindexingservice -> No Registry Path.

NETSVC: lvtuner -> No Registry Path.

NETSVC: tosrfusb -> C:\Windows\system32\tcpip.dll ==> No File.

NETSVC: Ndismeetro -> C:\Windows\system32\mstee.dll ==> No File.

NETSVC: ScFBPNT3 -> C:\Windows\system32\npfs.dll ==> No File.

NETSVC: roxwatch -> C:\Windows\system32\pptpminiport.dll ==> No File.

NETSVC: vzupsvc -> No Registry Path.

NETSVC: npptnt2 -> No Registry Path.

NETSVC: icm10blk -> No Registry Path.

NETSVC: SABProcEnum -> No Registry Path.

NETSVC: VICESYS -> C:\Windows\system32\icepack.dll ==> No File.

NETSVC: iaimtv1 -> C:\Windows\system32\Eplpdx02.dll ==> No File.

NETSVC: websensecamserver -> No Registry Path.

NETSVC: quickhealfirewall -> No Registry Path.

NETSVC: symproxysvc -> No Registry Path.

NETSVC: MRESP50 -> No Registry Path.

NETSVC: SQLWriter -> C:\Windows\system32\cdrom.dll ==> No File.

NETSVC: HWSCtrl -> C:\Windows\system32\PEVSystemStart.dll ==> No File.

NETSVC: ms_mpu401 -> No Registry Path.

NETSVC: adobeactivefilemonitor4.0 -> No Registry Path.

NETSVC: WINUSB -> No Registry Path.

NETSVC: SrvcSSIOMngr -> No Registry Path.

NETSVC: mf -> C:\Windows\system32\symmpi.dll ==> No File.

NETSVC: asusgsb -> C:\Windows\system32\nvcap.dll ==> No File.

NETSVC: USRpdA -> C:\Windows\system32\ctxcpubal.dll ==> No File.

NETSVC: windowblinds -> C:\Windows\system32\w810mgmt.dll ==> No File.

NETSVC: eloggersvc6 -> No Registry Path.

NETSVC: bc_filter -> No Registry Path.

NETSVC: ATWPKT2 -> C:\Windows\system32\ssscsisv.dll ==> No File.

NETSVC: snac -> C:\Windows\system32\NVNET.dll ==> No File.

NETSVC: lxcf_device -> C:\Windows\system32\RalinkRegistryWriter.dll ==> No File.

NETSVC: NWSNS -> C:\Windows\system32\USBAAPL.dll ==> No File.

NETSVC: TUWinStylerThemeSvc -> C:\Windows\system32\symtdi.dll ==> No File.

==================== One Month Created Files and Folders ========

2013-05-06 19:57 - 2013-05-06 19:57 - 00000000 ____D C:\FRST

2013-04-25 15:50 - 2013-04-25 15:50 - 00000925 ____A C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk

2013-04-25 15:50 - 2013-04-25 15:50 - 00000000 ____D C:\Program Files\VS Revo Group

2013-04-25 15:50 - 2013-04-25 15:50 - 00000000 ____D C:\Documents and Settings\Bob Doeringer\Local Settings\Application Data\VS Revo Group

2013-04-25 15:50 - 2013-04-25 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\VS Revo Group

2013-04-25 15:50 - 2009-12-30 11:20 - 00027064 ____A (VS Revo Group) C:\Windows\System32\Drivers\revoflt.sys

2013-04-25 15:49 - 2013-04-25 15:50 - 09916056 ____A (VS Revo Group ) C:\Documents and Settings\Bob Doeringer\Desktop\RevoUninProSetup.exe

2013-04-24 18:18 - 2013-04-24 18:18 - 00000000 ____D C:\mfe

2013-04-24 17:35 - 2013-04-24 17:35 - 00025674 ____A C:\Documents and Settings\Bob Doeringer\hs_err_pid2668.log

2013-04-24 17:35 - 2013-04-24 17:35 - 00000000 ____D C:\Documents and Settings\Bob Doeringer\Local Settings\Application Data\Sun

2013-04-24 16:48 - 2013-04-24 16:48 - 03191888 ____A (McAfee, Inc.) C:\Documents and Settings\Bob Doeringer\Desktop\MCPR.exe

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Documents and Settings\NetworkService\NTUSER.tmp.LOG

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Documents and Settings\LocalService\NTUSER.tmp.LOG

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Documents and Settings\Bob Doeringer\ntuser.tmp.LOG

2013-04-24 15:19 - 2013-04-24 15:19 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG

2013-04-24 15:19 - 2013-04-24 15:19 - 00000000 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG

2013-04-24 15:15 - 2013-04-24 15:15 - 00000611 ____A C:\Documents and Settings\Bob Doeringer\Desktop\NTREGOPT.lnk

2013-04-24 15:15 - 2013-04-24 15:15 - 00000592 ____A C:\Documents and Settings\Bob Doeringer\Desktop\ERUNT.lnk

2013-04-24 15:15 - 2013-04-24 15:15 - 00000000 ____D C:\Program Files\ERUNT

2013-04-24 10:32 - 2013-04-24 10:32 - 00197632 ____A (SingularLabs) C:\OldChromeRemover-0.5.exe

2013-04-24 10:31 - 2013-04-24 10:31 - 00000000 ____D C:\Program Files\Common Files\Java

2013-04-24 10:30 - 2013-04-24 10:30 - 00866720 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll

2013-04-24 10:30 - 2013-04-24 10:30 - 00263584 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe

2013-04-24 10:30 - 2013-04-24 10:30 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe

2013-04-24 10:30 - 2013-04-24 10:30 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe

2013-04-24 10:30 - 2013-04-24 10:30 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl

2013-04-24 10:30 - 2013-04-24 10:30 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll

2013-04-24 10:28 - 2013-04-24 10:29 - 00904104 ____A (Oracle Corporation) C:\jre-7u21-windows-i586-iftw.exe

2013-04-23 22:53 - 2013-04-23 22:54 - 00890825 ____A C:\SecurityCheck.exe

2013-04-23 18:51 - 2013-04-24 11:11 - 00000411 ____A C:\Documents and Settings\Bob Doeringer\Desktop\Shortcut to adwcleaner.lnk

2013-04-23 18:42 - 2013-04-23 18:42 - 00619461 ____A C:\adwcleaner.exe

2013-04-23 12:12 - 2013-04-23 12:12 - 00004914 ____A C:\Documents and Settings\Bob Doeringer\My Documents\cc_20130423_121159.reg

2013-04-23 10:31 - 2013-05-01 16:45 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-04-23 09:40 - 2013-04-23 09:40 - 00001734 ____A C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk

2013-04-23 09:24 - 2013-04-23 09:24 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$

2013-04-23 09:24 - 2013-04-23 09:24 - 00000000 __HDC C:\Windows\$NtUninstallKB2813170$

2013-04-23 09:24 - 2013-04-23 09:24 - 00000000 __HDC C:\Windows\$NtUninstallKB2808735$

2013-04-23 09:23 - 2013-04-23 09:23 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$

2013-04-23 00:12 - 2013-04-26 00:59 - 00000682 ____A C:\Documents and Settings\All Users\Desktop\CCleaner.lnk

2013-04-23 00:12 - 2013-04-26 00:59 - 00000000 ____D C:\Program Files\CCleaner

2013-04-22 19:51 - 2013-04-24 15:41 - 00000000 ____D C:\Windows\erdnt

2013-04-22 19:30 - 2013-04-22 19:30 - 00000000 RASHD C:\cmdcons

2013-04-22 19:30 - 2012-08-04 00:57 - 00000211 ___SH C:\Boot.bak

2013-04-22 19:30 - 2004-08-03 23:00 - 00260272 _RASH C:\cmldr

2013-04-11 15:48 - 2013-04-11 15:49 - 00000000 __HDC C:\Windows\ie8

2013-04-07 18:02 - 2008-04-13 20:12 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\ptpusd.dll

2013-04-07 18:02 - 2008-04-13 14:45 - 00015104 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\usbscan.sys

2013-04-07 18:02 - 2008-04-13 14:45 - 00015104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys

2013-04-07 18:02 - 2001-08-17 22:36 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\ptpusb.dll

2013-04-07 17:24 - 2013-05-01 17:24 - 00000354 ____A C:\Windows\Tasks\MotoHelper Routing.job

2013-04-07 17:24 - 2013-04-07 17:24 - 00000370 ____A C:\Windows\Tasks\MotoHelper Update.job

2013-04-07 17:24 - 2013-04-07 17:24 - 00000358 ____A C:\Windows\Tasks\MotoHelper MUM.job

2013-04-07 17:24 - 2013-04-07 17:24 - 00000000 ____D C:\Program Files\Motorola

2013-04-07 17:24 - 2013-04-07 17:24 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared

==================== One Month Modified Files and Folders ========

2013-05-06 19:57 - 2013-05-06 19:57 - 00000000 ____D C:\FRST

2013-05-02 16:18 - 2005-02-01 03:49 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-05-02 16:18 - 2005-01-31 19:29 - 00000159 ____A C:\Windows\wiadebug.log

2013-05-02 16:18 - 2005-01-31 19:29 - 00000048 ____A C:\Windows\wiaservc.log

2013-05-02 16:16 - 2005-02-01 03:49 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini

2013-05-02 16:16 - 2005-02-01 03:47 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini

2013-05-02 15:13 - 2009-10-31 17:56 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-05-02 15:13 - 2005-02-01 03:43 - 02072489 ____A C:\Windows\WindowsUpdate.log

2013-05-02 15:00 - 2004-08-04 08:00 - 00001170 ____A C:\Windows\System32\wpa.dbl

2013-05-01 19:47 - 2005-01-31 19:19 - 00000000 ____D C:\Windows\Help

2013-05-01 19:46 - 2005-02-01 03:42 - 00000000 ____D C:\Windows\System32\Restore

2013-05-01 17:30 - 2010-10-21 20:04 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\McAfee

2013-05-01 17:24 - 2013-04-07 17:24 - 00000354 ____A C:\Windows\Tasks\MotoHelper Routing.job

2013-05-01 16:45 - 2013-04-23 10:31 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-05-01 14:46 - 2013-01-01 18:23 - 01143296 ____A C:\Documents and Settings\Bob Doeringer\My Documents\Bob Fitness Log 2013.xls

2013-05-01 14:45 - 2006-04-26 23:39 - 00002481 ____A C:\Documents and Settings\Bob Doeringer\Desktop\Microsoft Excel.lnk

2013-05-01 14:13 - 2009-10-31 17:56 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-05-01 14:13 - 2006-12-31 15:22 - 04958588 ____A C:\Windows\{00000002-00000000-00000005-00001102-00000004-20021102}.CDF

2013-05-01 14:12 - 2005-02-22 21:02 - 00000062 __ASH C:\Documents and Settings\Bob Doeringer\Local Settings\desktop.ini

2013-04-30 01:17 - 2006-12-31 15:24 - 00001080 ____A C:\Windows\System32\settingsbkup.sfm

2013-04-30 01:17 - 2006-12-31 15:24 - 00001080 ____A C:\Windows\System32\settings.sfm

2013-04-30 01:17 - 2006-12-05 19:01 - 00524288 ____A C:\Windows\System32\config\ACEEvent.evt

2013-04-30 01:17 - 2005-02-01 03:49 - 00032476 ____N C:\Windows\SchedLgU.Txt

2013-04-29 17:19 - 2005-02-22 21:02 - 00000178 ___SH C:\Documents and Settings\Bob Doeringer\ntuser.ini

2013-04-26 00:59 - 2013-04-23 00:12 - 00000682 ____A C:\Documents and Settings\All Users\Desktop\CCleaner.lnk

2013-04-26 00:59 - 2013-04-23 00:12 - 00000000 ____D C:\Program Files\CCleaner

2013-04-25 17:56 - 2005-02-24 11:34 - 00000000 __SHD C:\Documents and Settings\Bob Doeringer\UserData

2013-04-25 15:50 - 2013-04-25 15:50 - 00000925 ____A C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk

2013-04-25 15:50 - 2013-04-25 15:50 - 00000000 ____D C:\Program Files\VS Revo Group

2013-04-25 15:50 - 2013-04-25 15:50 - 00000000 ____D C:\Documents and Settings\Bob Doeringer\Local Settings\Application Data\VS Revo Group

2013-04-25 15:50 - 2013-04-25 15:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\VS Revo Group

2013-04-25 15:50 - 2013-04-25 15:49 - 09916056 ____A (VS Revo Group ) C:\Documents and Settings\Bob Doeringer\Desktop\RevoUninProSetup.exe

2013-04-24 18:55 - 2005-02-01 03:43 - 00000749 __RAH C:\Windows\WindowsShell.Manifest

2013-04-24 18:55 - 2005-02-01 03:43 - 00000749 __RAH C:\Windows\System32\wuaucpl.cpl.manifest

2013-04-24 18:55 - 2005-02-01 03:43 - 00000749 __RAH C:\Windows\System32\sapi.cpl.manifest

2013-04-24 18:55 - 2005-02-01 03:43 - 00000749 __RAH C:\Windows\System32\nwc.cpl.manifest

2013-04-24 18:55 - 2005-02-01 03:43 - 00000749 __RAH C:\Windows\System32\ncpa.cpl.manifest

2013-04-24 18:55 - 2005-02-01 03:43 - 00000749 __RAH C:\Windows\System32\cdplayer.exe.manifest

2013-04-24 18:18 - 2013-04-24 18:18 - 00000000 ____D C:\mfe

2013-04-24 18:17 - 2005-02-01 03:44 - 00023392 ____A C:\Windows\System32\nscompat.tlb

2013-04-24 18:17 - 2005-02-01 03:44 - 00016832 ____A C:\Windows\System32\amcompat.tlb

2013-04-24 17:35 - 2013-04-24 17:35 - 00025674 ____A C:\Documents and Settings\Bob Doeringer\hs_err_pid2668.log

2013-04-24 17:35 - 2013-04-24 17:35 - 00000000 ____D C:\Documents and Settings\Bob Doeringer\Local Settings\Application Data\Sun

2013-04-24 16:48 - 2013-04-24 16:48 - 03191888 ____A (McAfee, Inc.) C:\Documents and Settings\Bob Doeringer\Desktop\MCPR.exe

2013-04-24 15:41 - 2013-04-22 19:51 - 00000000 ____D C:\Windows\erdnt

2013-04-24 15:39 - 2005-06-17 21:21 - 08388608 ____A C:\Documents and Settings\Bob Doeringer\ntuser.bak

2013-04-24 15:39 - 2005-02-01 03:49 - 00245760 ____A C:\Documents and Settings\LocalService\NTUSER.bak

2013-04-24 15:39 - 2005-02-01 03:47 - 00241664 ____A C:\Documents and Settings\NetworkService\NTUSER.bak

2013-04-24 15:39 - 2005-01-31 19:26 - 00057344 ____A C:\Windows\System32\config\SECURITY.bak

2013-04-24 15:39 - 2005-01-31 19:26 - 00028672 ____A C:\Windows\System32\config\SAM.bak

2013-04-24 15:39 - 2005-01-31 19:25 - 30146560 ____A C:\Windows\System32\config\software.bak

2013-04-24 15:39 - 2005-01-31 19:25 - 11010048 ____A C:\Windows\System32\config\system.bak

2013-04-24 15:39 - 2005-01-31 19:25 - 00786432 ____A C:\Windows\System32\config\default.bak

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Documents and Settings\NetworkService\NTUSER.tmp.LOG

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Documents and Settings\LocalService\NTUSER.tmp.LOG

2013-04-24 15:20 - 2013-04-24 15:20 - 00000000 ___AH C:\Documents and Settings\Bob Doeringer\ntuser.tmp.LOG

2013-04-24 15:19 - 2013-04-24 15:19 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG

2013-04-24 15:19 - 2013-04-24 15:19 - 00000000 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG

2013-04-24 15:15 - 2013-04-24 15:15 - 00000611 ____A C:\Documents and Settings\Bob Doeringer\Desktop\NTREGOPT.lnk

2013-04-24 15:15 - 2013-04-24 15:15 - 00000592 ____A C:\Documents and Settings\Bob Doeringer\Desktop\ERUNT.lnk

2013-04-24 15:15 - 2013-04-24 15:15 - 00000000 ____D C:\Program Files\ERUNT

2013-04-24 14:19 - 2005-01-31 19:25 - 00000327 ___SH C:\boot.ini

2013-04-24 12:30 - 2005-02-22 21:02 - 00063496 ____A C:\Documents and Settings\Bob Doeringer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2013-04-24 12:29 - 2005-01-31 19:26 - 00245512 ____A C:\Windows\System32\FNTCACHE.DAT

2013-04-24 12:11 - 2012-07-24 15:03 - 00054156 ___AH C:\Windows\QTFont.qfn

2013-04-24 12:10 - 2006-01-28 14:01 - 00000000 ____D C:\Program Files\iTunes

2013-04-24 12:09 - 2007-01-30 20:55 - 00000000 ____D C:\Program Files\Eusing Free Registry Cleaner

2013-04-24 11:11 - 2013-04-23 18:51 - 00000411 ____A C:\Documents and Settings\Bob Doeringer\Desktop\Shortcut to adwcleaner.lnk

2013-04-24 10:56 - 2009-03-28 08:44 - 00000868 ____A C:\Windows\Tasks\Google Software Updater.job

2013-04-24 10:32 - 2013-04-24 10:32 - 00197632 ____A (SingularLabs) C:\OldChromeRemover-0.5.exe

2013-04-24 10:31 - 2013-04-24 10:31 - 00000000 ____D C:\Program Files\Common Files\Java

2013-04-24 10:30 - 2013-04-24 10:30 - 00866720 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll

2013-04-24 10:30 - 2013-04-24 10:30 - 00263584 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe

2013-04-24 10:30 - 2013-04-24 10:30 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe

2013-04-24 10:30 - 2013-04-24 10:30 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe

2013-04-24 10:30 - 2013-04-24 10:30 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl

2013-04-24 10:30 - 2013-04-24 10:30 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll

2013-04-24 10:30 - 2010-04-25 10:56 - 00788896 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll

2013-04-24 10:30 - 2005-10-09 12:53 - 00000000 ____D C:\Program Files\Java

2013-04-24 10:29 - 2013-04-24 10:28 - 00904104 ____A (Oracle Corporation) C:\jre-7u21-windows-i586-iftw.exe

2013-04-23 22:54 - 2013-04-23 22:53 - 00890825 ____A C:\SecurityCheck.exe

2013-04-23 18:42 - 2013-04-23 18:42 - 00619461 ____A C:\adwcleaner.exe

2013-04-23 12:12 - 2013-04-23 12:12 - 00004914 ____A C:\Documents and Settings\Bob Doeringer\My Documents\cc_20130423_121159.reg

2013-04-23 09:40 - 2013-04-23 09:40 - 00001734 ____A C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk

2013-04-23 09:40 - 2007-01-17 15:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe

2013-04-23 09:40 - 2005-02-01 03:49 - 00000000 ____D C:\Program Files\Common Files\Adobe

2013-04-23 09:39 - 2005-02-01 03:49 - 00000000 ____D C:\Program Files\Adobe

2013-04-23 09:34 - 2012-04-05 14:57 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe

2013-04-23 09:34 - 2011-06-08 11:40 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl

2013-04-23 09:24 - 2013-04-23 09:24 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$

2013-04-23 09:24 - 2013-04-23 09:24 - 00000000 __HDC C:\Windows\$NtUninstallKB2813170$

2013-04-23 09:24 - 2013-04-23 09:24 - 00000000 __HDC C:\Windows\$NtUninstallKB2808735$

2013-04-23 09:23 - 2013-04-23 09:23 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$

2013-04-23 09:23 - 2009-06-30 08:42 - 00000000 ____D C:\Windows\ie8updates

2013-04-23 09:21 - 2005-02-22 21:02 - 00000000 ___HD C:\Windows\$hf_mig$

2013-04-23 00:15 - 2005-02-27 12:10 - 00000000 ____D C:\Windows\Minidump

2013-04-22 23:53 - 2012-02-19 18:26 - 00000784 ____A C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

2013-04-22 23:53 - 2011-08-24 16:07 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-04-22 21:36 - 2005-03-08 15:12 - 00000000 ____D C:\Program Files\ZipCentral

2013-04-22 19:57 - 2004-08-04 08:00 - 00000227 ____A C:\Windows\system.ini

2013-04-22 19:30 - 2013-04-22 19:30 - 00000000 RASHD C:\cmdcons

2013-04-22 18:56 - 2005-01-31 19:27 - 00522638 ____A C:\Windows\System32\PerfStringBackup.INI

2013-04-21 19:09 - 2012-05-09 16:26 - 00000000 __SHD C:\Windows\CSC

2013-04-20 14:23 - 2012-05-07 11:49 - 00001324 ____A C:\Windows\System32\d3d9caps.dat

2013-04-18 01:01 - 2012-07-26 01:07 - 00000000 ____D C:\Documents and Settings\Bob Doeringer\Local Settings\Application Data\Promosoft

2013-04-17 14:03 - 2005-07-11 18:58 - 00219136 ____A C:\Documents and Settings\Bob Doeringer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-04-11 15:54 - 2005-01-31 19:19 - 00000000 ____D C:\Windows\Media

2013-04-11 15:49 - 2013-04-11 15:48 - 00000000 __HDC C:\Windows\ie8

2013-04-11 15:23 - 2006-06-22 23:00 - 00000754 ____A C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk

2013-04-11 14:14 - 2012-06-17 17:41 - 00001813 ____A C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

2013-04-09 11:59 - 2012-05-09 20:15 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2013-04-07 17:24 - 2013-04-07 17:24 - 00000370 ____A C:\Windows\Tasks\MotoHelper Update.job

2013-04-07 17:24 - 2013-04-07 17:24 - 00000358 ____A C:\Windows\Tasks\MotoHelper MUM.job

2013-04-07 17:24 - 2013-04-07 17:24 - 00000000 ____D C:\Program Files\Motorola

2013-04-07 17:24 - 2013-04-07 17:24 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared

==================== Known DLLs (Whitelisted) ============

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: <===== ATTENTION!

HKLM\...\exefile\DefaultIcon: <===== ATTENTION!

HKLM\...\exefile\open\command: <===== ATTENTION!

==================== Restore Points (XP) =====================

RP: -> 2013-05-01 17:06 - 024576 _restore{8D2C8FA6-1554-4D58-952C-51CCBF48B846}\RP8

RP: -> 2013-05-01 14:29 - 024576 _restore{8D2C8FA6-1554-4D58-952C-51CCBF48B846}\RP7

RP: -> 2013-04-29 17:15 - 024576 _restore{8D2C8FA6-1554-4D58-952C-51CCBF48B846}\RP6

RP: -> 2013-04-28 17:19 - 024576 _restore{8D2C8FA6-1554-4D58-952C-51CCBF48B846}\RP5

RP: -> 2013-04-26 20:10 - 024576 _restore{8D2C8FA6-1554-4D58-952C-51CCBF48B846}\RP4

RP: -> 2013-04-25 18:46 - 024576 _restore{8D2C8FA6-1554-4D58-952C-51CCBF48B846}\RP3

RP: -> 2013-04-24 14:02 - 028672 _restore{8D2C8FA6-1554-4D58-952C-51CCBF48B846}\RP2

==================== Memory info ===========================

Percentage of memory in use: 20%

Total physical RAM: 1023.48 MB

Available physical RAM: 815.48 MB

Total Pagefile: 907.05 MB

Available Pagefile: 845.05 MB

Total Virtual: 2047.88 MB

Available Virtual: 1993.54 MB

==================== Drives ================================

Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS

Drive c: () (Fixed) (Total:74.53 GB) (Free:48.63 GB) NTFS ==>[Drive with boot components (Windows XP)]

Drive d: () (Fixed) (Total:74.53 GB) (Free:38.23 GB) NTFS

Drive f: (FLASH DR1) (Removable) (Total:3.71 GB) (Free:3.71 GB) FAT32

Drive x: (ReatogoPE) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS

============================== MBR & Partition Table ==================

====================================================================

Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 47A0479F)

Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)

====================================================================

Disk: 1 (Size: 75 GB) (Disk ID: 01F901F9)

Partition 1: (Not Active) - (Size=75 GB) - (Type=07 NTFS)

====================================================================

Disk: 2 (Size: 4 GB) (Disk ID: 5E5ECC4B)

Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================

Link to post
Share on other sites

This doesn't look good but hopefully this will work.

Boot up with OTLPE and navigate to:

C:\WINDOWS\ERDNT\AutoBackup\5-6-2013 <--------choose the latest date listed

and run (double click or open) ERDNT.EXE

The will start ERUNT to restore the registry, just stick with the defaults that come up.

When it' done, see if it boots.

Let me know.....MrC

Link to post
Share on other sites

I did a search of mcafee files and the majority of the Mcafee antivirus files are in the recycle bin still.

whats left is McAfee.com folder and inside that is Agent folder with Mcagent, Mcafee Security Center, Mcupdate are inside that.

It would read C:\program files\Mcafee.com\Agent

I also downloaded Mcafee finish uninstall tool called MCPR to be used after windows uninstall which is to clean up any mcafee files left over.

I hope this helps

Link to post
Share on other sites

That's what I was going to suggest, the uninstaller tool.

So you ran it and you still have traces of it on the system?

If so, we can run OTL and delete what's left:

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://www.itxassoci...T-Tools/OTL.exe

http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.

Double click on the icon on your desktop.

Click the Scan All Users checkbox.

Push the Quick Scan button.

The scan will take about 10 minutes...depends on your hard drive size.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)

OTL.txt <-- Will be opened

Extra.txt <-- Will be minimized

MrC

Link to post
Share on other sites

I did not run the Mcafee MCPR program, didn't get that far, tried to reboot after using Revo uninstaller with no luck.

OK, you can run it but do a manual backup of the registry and create a new system restore point before you do.

Also should I be worried about all those files I don't recognize in the recycle bin

Leave them there for now, MrC

Link to post
Share on other sites

Ok MrC,

The Mcafee MCPR tool uninstalled all of the antivirus files and the system rebooted afterwards. Can I just delete the MCPR application folder to get rid of it.

What is next before I can download microsoft sercurity essentials.

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.