Jump to content

My Network Connections Folder is empty. Can't connect to the net. Antivirus/Firewall some how disabled along with my Sound Control Panel...No sound.

Recommended Posts

I haven't forgot you. This has been really time consuming. The only days I can get anything done on my pc is friday and sat. This is all making my head spin. I ran Dial A Fix but have not called the number yet. I have been using so infected operating system since we've been trouble shooting. At F-1 I go into Windows Advanced Options and select '' Last Known Good Configuration '' and have no problems booting my os this way. Go figure! I notice that when I go into Safe Mode to do a scan, my admin. rights icon appears. Don't know if this is normal. Now, when I reboot after my scan this is where my problems start. Connections folder empty, no sound, AV/Firewall turned off ect.... yet I find no virus. Malware did corrupt my os in some ways. I need to run. I'll keep you posted. Just don't close my case yet? Thanks

I'm still trying to get this all completed.



Link to post
Share on other sites
  • Replies 63
  • Created
  • Last Reply

Top Posters In This Topic

  • 3 weeks later...

I did all I was given to do in for the problems I have with my pc. The Dial A Fix doesn't support IE 8.

Having a hell of a time getting sound fixed. Uninstalled/Reinstalled 4x. I'll contact Creative Labs. I don't know. I've no known issues on my other drive for the sound issue. IE8 is crap anyways! Easy way around this browser problem, is simply do not run IE, period. Mozilla is better. If I choose a onboard reinstall of my OS, like yoy mentioned earlier, exactly how would I go about that? Boot to the Windows disk and go into ''Repair''? If so, will this overwrite all the crap on my HD? Also, is this considered to be a ''Dirty Install'' , which is known to be unstable? Can't think of anything else.

Pc is running ok. Rebooting from ''Safe Mode'', to normal mode is what gives me problems. So, as a workaround, I come out of safe mode, when F1 comes up, I select it and then I go to F-8 then straight to my options. I then select something like ''return to last known good configuration''. I'm now into windows now and all seems ok. WTH?

Also...When I input ''Ctl, Alt, Delete'' I get no menu/toolbar on the interface while in Windows normal mode. Funny, when I go to ''Safe mode'' I can get a full menu at the top of the UI. Should be the other way around. Are there work arounds for these issues? Oh, I already had 3 accounts with full admin. rights. Got this idea from a friend. Thought it may reduce threats some how with you password. Anything else? Thanks for waiting.



Link to post
Share on other sites

Ok, as of today,

1] sound problem is fixed. Installed correct/new drivers. Do you need another DDS report on this to check for corrupted

sound files? Swagger originally asked for it and I did send it to him. I have another I ran today just in case.

2] Windows Taks Manager is fixed. Simple fix. Ran more scans-nothing in the neagtive was found.

3] Dial a Fix doesn't support my IE8 issues-I'll use Mozilla instead. I'll work on IE8 later, maybe with Microsoft. It works!

4] Installed MS Security Essentials.

5] Ran CHKDSK again

That's it!



Link to post
Share on other sites

@ AdvancedSetup,

I forgot to note that ''I still have issues rebooting from Safe Mode back into Normal Mode''.

When returning to Normal Mode-Win XP SP3, I see a red x on my Creative Volume Control and My Network Connections folder is empty. This was all fixed. Is Windows for some reason not loading something correctly? What is going on with this? Ok, so I just reboot once more and @ F-1, then F-8, I select the option that states something like ''Boot to last known good settings''. I don't remember. After this I'm fine. Something wrong with my boot files? This isn't the normal protocol, but it's what I have to do. This happened after I got the Malware and I need a fix for it.

After this I feel I'll be ok. Knock on wood!



Link to post
Share on other sites

Forgot to note that my support for Dial - A - Fix just came and they noted, even though IE8 isn't supported, they looked at my log anyway's and said not to worry, they have the same issues. In other words...I'm good to go.

I'll check out MS Forums on any known issues.



Link to post
Share on other sites
Thank You! I'm running the FREE version of the MSSE's. I'll keep an eye on it at any rate. You just never know. I did read sect. I as well about adding the exceptions.


Dave, MSE is free! From Microsoft, you might mean Malwarebytes Free version... regards....

Link to post
Share on other sites
  • 3 weeks later...

@ AdvancedSetup,

I still have issues rebooting from Safe Mode back into Normal Mode.

When returning to Normal Mode-Win XP SP3, I see a ''red x'' on my Creative Volume Control and My Network Connections folder is empty. This was all fixed. Is Windows, for some reason, not loading these drivers or something correctly? What is going on with this? Ok, so I just reboot once more and @ F-1, then F-8, I select the option that states something like ''Boot to last known good configurations''. I don't remember. After this I'm fine. Something wrong with my boot files? This isn't the normal protocol, but it's what I have to do. This happened after I got the Malware and I need a fix for it.

After this I feel I'll be ok. Knock on wood! Now...I have the same issue on my daughters pc and the threat is: Win32/Nugel.LE as of last night! Can the company be taken to court? Who is reporting this activity? I ask questions and I get no reply. WTF IS RESPONSIBLE?

So, now I have to repost another virus. By now, I know the procedures. Hjt log and MWB log to the correct post and I get support, hopefully! Let me ask you this; when will these companies be liable for screwing up our pc's? And this question, I would like an answer on, please! I simply do not have time for this type of stuff!!!! Sorry. I feel there's a monopoly here and all gets their cut while you guys are busting your asses! I feel ''ALL'' programs are a waste of money and time. You have cometition to the MAX! I'll post my logs tonight.



Link to post
Share on other sites

There is no real central repository of who/when/where to report them and even if you did it's very difficult to track down who wrote it and where it was released from.

I would keep your computers off of the same network at the same time just in case they're infecting each other which is possible.

What I need to know is you say that AFTER using Last Known Good Configuration the computer goes into normal mode okay and seems okay. Well if you shut down and restart again does it go into normal mode okay still or is it messed up every time you restart?

Link to post
Share on other sites

It's fine. I found this work-around by using my head. Did not know if it would work and for how long! I'm ok...for now. Now my daughters pc is infectedand is at another part of the city. I'm trying to restore it as we speak.I posted to the appropriate post, I think.

Thank you!


Link to post
Share on other sites

I realize this may be stressful but your answers don't make sense. In one reply you say you're okay then a few minutes later you seem to indicate that your not.

As for your other post, no it's not in the right place because we don't work on Malware detection and removal except in one forum where I've moved your post for you.

Your post in the HJT forum can be found here: http://forums.malwarebytes.org/index.php?showtopic=69783

As soon as someone is available they will assist you with it.

Link to post
Share on other sites

Sorry for the confusion. I should not have brought my daughters pc into play here a sI forgot I was not in the Malware section for my problem.

I'll quote here from an earlier reply:

''I still have issues rebooting from Safe Mode back into Normal Mode.

When returning to Normal Mode-Win XP SP3, I see a ''red x'' on my Creative Volume Control and My Network Connections folder is empty. This was all fixed. Is Windows, for some reason, not loading these drivers or something correctly? What is going on with this? Ok, so I just reboot once more and @ F-1, then F-8, I select the option that states something like ''Boot to last known good configurations''. I don't remember. After this I'm fine. Something wrong with my boot files? This isn't the normal protocol, but it's what I have to do. This happened after I got the Malware and I need a fix for it''.

Now I'm answering your latest question: Quote: ''What I need to know is you say that AFTER using Last Known Good Configuration the computer goes into normal mode okay and seems okay. Well if you shut down and restart again does it go into normal mode okay still or is it messed up every time you restart?''

My reply was ''YES''.

The only issue I seem to have at this time, is going from safe mode to normal mode. My workaround, again, is the F-1 then to F-8, then selecting Last known good config. to get a normal boot going. I'm good after this. I suppose if and when I restore my operating system, all will be NORMAL once again. I'm trying not to have to do a reinstall. The only time I will use safe mode is for scanning purposes only. So, each day I boot my pc up I have ''no known issues''. I'm sorry I got you mixed up. That's all I can think of for now. For some reason I thought I was in the malware section, again. Too much going on and I apologize again.



Link to post
Share on other sites

Normally if you can go back in to normal mode after a Last Known Good Configuration selection it will mark that session as good so that the next time the computer restarts it uses that same session.

Please go ahead and run a DDS scan from Normal mode and post that back please.

and save it to your desktop

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click
to run the tool.

When done, the
will open.

Click Yes at the next prompt for Optional Scan.

    When done, DDS will open two (2) logs:

  1. DDS.txt

  2. Attach.txt

  • Save both reports to your desktop

  • Please include the following logs in your next reply:

Link to post
Share on other sites

DDS (Ver_10-10-05.01) - NTFSx86

Run by DAVE at 13:50:26.90 on Wed 12/08/2010

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1383 [GMT -5:00]

AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

============== Running Processes ===============


C:\WINDOWS\system32\svchost -k DcomLaunch


C:\Program Files\Microsoft Security Essentials\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs






C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files\Bonjour\mDNSResponder.exe


C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe


C:\Program Files\Retrospect\Retrospect 7.5\retrorun.exe


C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe


C:\Program Files\Skyhook Wireless\Wi-Fi Driver\WPSScannerSvc.exe

C:\Program Files\Iomega\AutoDisk\ADService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Iomega\DriveIcons\ImgIcon.exe


C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Iomega\AutoDisk\ADUserMon.exe



C:\Program Files\Dell\Media Experience\PCMService.exe

C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe

C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe

C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE

C:\Program Files\Microsoft Security Essentials\msseces.exe


C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe


C:\Program Files\Common Files\Intellisync\PushSyncService\PushSyncService.exe

C:\Documents and Settings\DAVE\Desktop\Malware Removal Tools\dds.pif

============== Pseudo HJT Report ===============

uStart Page = hxxp://msn.com/

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll

mURLSearchHooks: H - No File

mURLSearchHooks: H - No File

BHO: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Nexus Radio Toolbar: {2462d2d8-b36e-44ab-84bf-c5a9383d2429} - c:\program files\nexus_radio\tbNexu.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: Cooliris Plug-In for Internet Explorer: {eaee5c74-6d0d-4aca-9232-0da4a7b866ba} - c:\program files\piclensie\cooliris.dll

TB: Nexus Radio Toolbar: {2462d2d8-b36e-44ab-84bf-c5a9383d2429} - c:\program files\nexus_radio\tbNexu.dll

TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: {C17590D2-ECB4-4B15-8820-F58798DCC118} - No File

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [iomega Drive Icons] c:\program files\iomega\driveicons\ImgIcon.exe

mRun: [hplampc] c:\windows\system32\hplampc.exe

mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"

mRun: [Deskup] c:\program files\iomega\driveicons\deskup.exe /IMGSTART

mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"

mRun: [ADUserMon] c:\program files\iomega\autodisk\ADUserMon.exe

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [WD Button Manager] WDBtnMgr.exe

mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe"

mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0417.0\mswinext.exe"

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [CTSysVol] c:\program files\creative\sbaudigy2\surround mixer\CTSysVol.exe

mRun: [CTDVDDet] c:\program files\creative\sbaudigy2\dvdaudio\CTDVDDet.EXE

mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey



dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

dRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\yahoo! autosync\AutosyncForYahoo.exe

IE: &Add animation to IncrediMail Style Box - c:\program files\incredimail\bin\resources\WebMenuImg.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {3437D640-C91A-458f-89F5-B9095EA4C28B} - {04F93351-81D2-4484-9982-0D55DEFFFAE6} - c:\program files\piclensie\cooliris.dll

IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab

DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1237662207234

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab


DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab


DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

LSA: Notification Packages = :\windows\system32\srrstr.dll cli scecli scecli

Hosts: www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\dave\applic~1\mozilla\firefox\profiles\tpgzersa.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://my.msn.com/

FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search=

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\program files\google\update\\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}


FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 0

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-11-14 54760]

R2 MotoConnect Service;MotoConnect Service;c:\program files\motorola\motoconnectservice\MotoConnectService.exe [2010-4-23 91456]

S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]

S2 Auto File Backup Service;AutoBAUP Service;c:\program files\autobaup\autobaup.exe --> c:\program files\autobaup\AutoBAUP.exe [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-11-12 135664]

S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2010-3-18 99416]

S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2010-3-18 99416]

S3 cpuz132;cpuz132;\??\c:\docume~1\dave\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\dave\locals~1\temp\cpuz132\cpuz132_x32.sys [?]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;"c:\program files\common files\creative labs shared\service\ctaelicensing.exe" --> c:\program files\common files\creative labs shared\service\CTAELicensing.exe [?]

S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2010-3-18 555096]

S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2010-3-18 555096]

S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2010-3-18 100952]

S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2010-3-18 100952]

S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2010-3-18 566360]

S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2010-3-18 566360]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

S3 hp4200c;%usbscan.SvcDesc%;c:\windows\system32\drivers\hp4200c.sys [2008-9-22 9312]

S3 mamotou;mamotou;c:\windows\system32\drivers\mamotou.sys [2010-9-9 49377]

S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2010-4-9 42752]

S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?]

=============== Created Last 30 ================

2010-12-04 21:40:41 -------- d-----w- c:\windows\system32\wbem\repository\FS

2010-12-04 21:40:41 -------- d-----w- c:\windows\system32\wbem\Repository

2010-11-27 21:02:30 -------- d-----w- C:\Previews

2010-11-27 21:02:23 -------- d-----w- C:\Presets

2010-11-27 21:02:21 -------- d-----w- C:\Required

2010-11-27 21:02:21 -------- d-----w- C:\Plug-Ins

2010-11-27 21:02:21 -------- d-----w- C:\Helpers

2010-11-27 21:02:20 23024 ----a-w- C:\shfolder.dll

2010-11-27 21:02:20 150540 ----a-w- C:\TypeLibrary.tlb

2010-11-27 20:50:19 -------- d-----w- c:\windows\_ISTMP2.DIR

2010-11-27 20:50:19 -------- d-----w- c:\windows\_ISTMP1.DIR

2010-11-26 23:02:03 -------- d-----w- c:\program files\Oxford Semiconductor

2010-11-26 21:27:52 -------- d-----w- C:\sj655

2010-11-14 23:42:34 -------- d-----w- c:\documents and settings\dave\Tracing

2010-11-14 23:41:26 54760 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys

2010-11-14 23:39:32 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2010-11-14 23:36:23 -------- d-----w- c:\program files\Windows Live SkyDrive

2010-11-14 23:27:44 -------- d-----w- c:\program files\common files\Windows Live

2010-11-13 19:02:54 -------- d-----w- c:\windows\9EFA732347A048E28F7735DB5EED500A.TMP

2010-11-13 19:02:52 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2010-11-13 01:09:30 109144 ----a-w- c:\windows\system32\OpenAL32.dll

2010-11-13 01:08:14 10240 ----a-w- c:\windows\CTDCRES.DLL

2010-11-13 00:30:39 -------- d-----w- c:\program files\Microsoft Security Essentials

2010-11-12 22:39:05 -------- d-----w- C:\Emergency Utils

2010-11-11 04:46:01 -------- d-----w- c:\windows\system32\CatRoot2

==================== Find3M ====================

2010-11-29 22:42:18 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-11-29 22:42:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-11-13 01:09:31 445016 ----a-w- c:\windows\system32\wrap_oal.dll

2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll

2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll

2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll

2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll

2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll

2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl

============= FINISH: 13:52:32.54 ===============

Link to post
Share on other sites

Well I don't see anything obvious there that would be causing normal mode not to load but it could easily be a single driver that you've updated recently that is causing it.

It's up to you and how much time you want to try and put into fixing it. We can start removing things from auto startup and see if that helps and uninstall software as well to see.

You could also try an in-place Windows Repair but that can be quite time consuming as well because when done you'd need to go back and reinstall all the Windows updates all over again.

This can take days to do so let me know if you're up for that or not or what you'd like to do and we can go from there.

Link to post
Share on other sites

Ok, we can do the start up removal process first.

I lost my ''quick keys''? and ''volume control'' on my multi media keyboard, due to some updates as well. I researched this and found more complaints on this matter. I see how some updates from MS can alter things on our operating system. Didn't find a fix for this and I use my quick keys and volume control all the time. Oh well. I got this utility from Microsoft called ''Fix It'' and it won't run. Again, others complained about MS Updates! At least I tried.

I've a question on the in-place Windows Repair, is this considered to be a dirty install? That's what I think Dell calls it or Microsoft? Can it cause more problems down the road in some cases? I remember this from Win 98se.

I started having the boot problem after my virus, but like you said, It can be an update. I mean I can deal with it as long as there will be no long term side effects. I don't go into safe mode much. I do keep my ''start up list'' to a minimum.

Also, I've backed up anyway and have another hd to use a as backup.

So, I'll go for it.

Thank You!


Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.