WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93125 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
Google redirects & spybot,hijack this problems
Started by
arfon.jones
, Oct 11 2009 04:59 PM
133 replies to this topic
#46
noahdfear
-
- Visiting Fellow
-
- 465 posts
Silver Member
Posted 03 November 2009 - 04:30 PM
Dave
Register to Remove
#47
arfon.jones
-
- Authentic Member
-
- 71 posts
Authentic Member
Posted 03 November 2009 - 04:51 PM
Hi
Tried re-booting sorry no luck still goes to a grey screen with mouse cursor , Tried going to safe mode, also going to grey screen with safe mode in the corners and mouse cursor
#48
noahdfear
-
- Visiting Fellow
-
- 465 posts
Silver Member
Posted 03 November 2009 - 05:02 PM
Lets see how many copies of explorer.exe are on the computer. Boot back into MiniXP and execute the following command in a command window.
dir c:\explorer.exe /s >"%userprofile%\desktop\look.txt"
When the search is done it will return to the command prompt.
Close the command window and post the contents of look.txt on the desktop.
dir c:\explorer.exe /s >"%userprofile%\desktop\look.txt"
When the search is done it will return to the command prompt.
Close the command window and post the contents of look.txt on the desktop.
Dave
#49
arfon.jones
-
- Authentic Member
-
- 71 posts
Authentic Member
Posted 03 November 2009 - 05:14 PM
hi this is the look file
Volume in drive C is system
Volume Serial Number is 4C24-1144
Directory of c:\WINDOWS
04/14/2008 12:12 AM 1033728 explorer.exe
1 File(s) 1033728 bytes
Directory of c:\WINDOWS\$hf_mig$\KB938828\SP2QFE
06/13/2007 11:26 AM 1033216 explorer.exe
1 File(s) 1033216 bytes
Directory of c:\WINDOWS\$NtServicePackUninstall$
06/13/2007 10:23 AM 1033216 explorer.exe
1 File(s) 1033216 bytes
Directory of c:\WINDOWS\$NtUninstallKB938828$
08/04/2004 07:56 AM 1032192 explorer.exe
1 File(s) 1032192 bytes
Directory of c:\WINDOWS\ServicePackFiles\i386
04/14/2008 12:12 AM 1033728 explorer.exe
1 File(s) 1033728 bytes
Total Files Listed:
5 File(s) 5166080 bytes
0 Dir(s) 139848187904 bytes free
#50
noahdfear
-
- Visiting Fellow
-
- 465 posts
Silver Member
Posted 03 November 2009 - 05:25 PM
Lets see if disabling the AVG services helps.
In MiniXP, once again run Registry Editor PE to load the system hives. No need to load a user profile hive.
Minimize the editor to the taskbar, open a command window, then copy and paste the contents of the code box below into the command window.
Post the contents of peek.txt on the desktop.
In MiniXP, once again run Registry Editor PE to load the system hives. No need to load a user profile hive.
Minimize the editor to the taskbar, open a command window, then copy and paste the contents of the code box below into the command window.
@echo off reg save HKLM\_REMOTE_SYSTEM\ControlSet005\Services\avg8wd c:\avg8wd.hiv reg save HKLM\_REMOTE_SYSTEM\ControlSet005\Services\avg8wd c:\AvgLdx86.hiv reg save HKLM\_REMOTE_SYSTEM\ControlSet005\Services\avg8wd c:\AvgTdiX.hiv reg save "HKLM\_REMOTE_SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter" c:\avgrsstarter.hiv reg add HKLM\_REMOTE_SYSTEM\ControlSet005\Services\avg8wd /v Start /t REG_DWORD /d 00000004 /f reg add HKLM\_REMOTE_SYSTEM\ControlSet005\Services\AvgLdx86 /v Start /t REG_DWORD /d 00000004 /f reg add HKLM\_REMOTE_SYSTEM\ControlSet005\Services\AvgTdiX /v Start /t REG_DWORD /d 00000004 /f reg delete "HKLM\_REMOTE_SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter" /f reg query "HKLM\_REMOTE_SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v shell >"%userprofile%\desktop\peek.txt" reg query "HKLM\_REMOTE_SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit >>"%userprofile%\desktop\peek.txt" exit cls
Post the contents of peek.txt on the desktop.
Dave
#51
arfon.jones
-
- Authentic Member
-
- 71 posts
Authentic Member
Posted 03 November 2009 - 05:31 PM
hi here is the peek.txt
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\_REMOTE_SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
shell REG_SZ Explorer.exe
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\_REMOTE_SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
#52
noahdfear
-
- Visiting Fellow
-
- 465 posts
Silver Member
Posted 03 November 2009 - 05:38 PM
Those are fine. Close Registry Editor PE and wait for the All Finished message, then reboot and see if logon is normal. If you still have no taskbar and background, please press the Ctrl Alt and Del keys simultaneously to see if the task manager will open.
Dave
#53
arfon.jones
-
- Authentic Member
-
- 71 posts
Authentic Member
Posted 03 November 2009 - 05:53 PM
Hi sorry still wont boot up properly. tried ctr alt del task manager wont open
#54
noahdfear
-
- Visiting Fellow
-
- 465 posts
Silver Member
Posted 03 November 2009 - 06:05 PM
Please repeat the Enable Boot Logging steps and post the new c:\windows\ntbtlog.txt
Leave MiniXP loaded once you're back there, and load Registry Editor PE once more. I have something else in mind after I see the bootlog.
Dave
#55
arfon.jones
-
- Authentic Member
-
- 71 posts
Authentic Member
Posted 03 November 2009 - 06:27 PM
hi here is my new ntbtlog
Service Pack 311 3 2009 14:21:16.500
Loaded driver \WINDOWS\system32\ntkrnlpa.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver sptd.sys
Loaded driver \WINDOWS\System32\Drivers\WMILIB.SYS
Loaded driver \WINDOWS\System32\Drivers\SPTDDRV1.SYS
Loaded driver ACPI.sys
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver compbatt.sys
Loaded driver \WINDOWS\system32\DRIVERS\BATTC.SYS
Loaded driver pciide.sys
Loaded driver \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Loaded driver aliide.sys
Loaded driver cmdide.sys
Loaded driver toside.sys
Loaded driver viaide.sys
Loaded driver intelide.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver cpqarray.sys
Loaded driver \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
Loaded driver atapi.sys
Loaded driver aha154x.sys
Loaded driver sparrow.sys
Loaded driver symc810.sys
Loaded driver aic78xx.sys
Loaded driver dac960nt.sys
Loaded driver ql10wnt.sys
Loaded driver amsint.sys
Loaded driver asc.sys
Loaded driver asc3550.sys
Loaded driver mraid35x.sys
Loaded driver i2omp.sys
Loaded driver ini910u.sys
Loaded driver ql1240.sys
Loaded driver aic78u2.sys
Loaded driver symc8xx.sys
Loaded driver sym_hi.sys
Loaded driver sym_u3.sys
Loaded driver ABP480N5.SYS
Loaded driver asc3350p.sys
Loaded driver cd20xrnt.sys
Loaded driver ultra.sys
Loaded driver adpu160m.sys
Loaded driver dpti2o.sys
Loaded driver ql1080.sys
Loaded driver ql1280.sys
Loaded driver ql12160.sys
Loaded driver perc2.sys
Loaded driver perc2hib.sys
Loaded driver hpn.sys
Loaded driver cbidf2k.sys
Loaded driver dac2w2k.sys
Loaded driver VIAMRAID.SYS
Loaded driver disk.sys
Loaded driver \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver PCTCore.sys
Loaded driver PxHelp20.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver sisagp.sys
Loaded driver viaagp.sys
Loaded driver viaagp1.sys
Loaded driver ohci1394.sys
Loaded driver \WINDOWS\system32\DRIVERS\1394BUS.SYS
Loaded driver Mup.sys
Loaded driver alim1541.sys
Loaded driver amdagp.sys
Loaded driver agp440.sys
Loaded driver agpCPQ.sys
Loaded driver \SystemRoot\system32\DRIVERS\nic1394.sys
Loaded driver \SystemRoot\system32\DRIVERS\processr.sys
Loaded driver \SystemRoot\system32\DRIVERS\nv4_mini.sys
Loaded driver \SystemRoot\system32\DRIVERS\Intels51.sys
Loaded driver \SystemRoot\System32\Drivers\Modem.SYS
Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\System32\Drivers\ElbyDelay.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbuhci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\system32\DRIVERS\point32.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\system32\drivers\ALCXWDM.SYS
Loaded driver \SystemRoot\system32\drivers\ALCXSENS.SYS
Loaded driver \SystemRoot\system32\DRIVERS\fetnd5bv.sys
Loaded driver \SystemRoot\system32\DRIVERS\fdc.sys
Loaded driver \SystemRoot\system32\DRIVERS\serial.sys
Loaded driver \SystemRoot\system32\DRIVERS\serenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\parport.sys
Loaded driver \SystemRoot\system32\DRIVERS\audstub.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\system32\DRIVERS\psched.sys
Loaded driver \SystemRoot\system32\DRIVERS\ptilink.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspti.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\update.sys
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\system32\drivers\MODEMCSA.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Loaded driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Did not load driver \systemroot\system32\drivers\gasfkybbgiujrw.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\system32\DRIVERS\tcpip.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Did not load driver \SystemRoot\system32\DRIVERS\p3.sys
Loaded driver \SystemRoot\System32\Drivers\StarOpen.SYS
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\system32\DRIVERS\wanarp.sys
Loaded driver \SystemRoot\system32\DRIVERS\arp1394.sys
Loaded driver \SystemRoot\System32\Drivers\Fips.SYS
Loaded driver \SystemRoot\System32\Drivers\avgmfx86.sys
Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS
Register to Remove
#56
noahdfear
-
- Visiting Fellow
-
- 465 posts
Silver Member
Posted 03 November 2009 - 06:41 PM
With Registry Editor PE loaded and minimized, paste the following into a command window.
Close the registry editor and restart to see if there's any change.
@echo off reg add "HKLM\_REMOTE_SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit /t REG_SZ /d C:\Windows\explorer.exe /f reg add HKLM\_REMOTE_SYSTEM\ControlSet005\Services\AvgMfx86 /v Start /t REG_DWORD /d 00000004 /f exit cls
Close the registry editor and restart to see if there's any change.
Dave
#57
arfon.jones
-
- Authentic Member
-
- 71 posts
Authentic Member
Posted 03 November 2009 - 06:58 PM
Hi sorry but still no differance
#58
noahdfear
-
- Visiting Fellow
-
- 465 posts
Silver Member
Posted 03 November 2009 - 07:12 PM
Load MiniXP and Registry Editor PE once more, then paste the following into a command window.
Close the editor and restart once more.
If still no luck, post another new bootlog.
@echo off reg add HKLM\_REMOTE_SYSTEM\ControlSet005\Services\Cdfs /v Start /t REG_DWORD /d 00000004 /f exit cls
Close the editor and restart once more.
If still no luck, post another new bootlog.
Dave
#59
arfon.jones
-
- Authentic Member
-
- 71 posts
Authentic Member
Posted 04 November 2009 - 05:26 PM
hello as you can see i have posted a new boot log as i still havent succesfuly booted up
Service Pack 311 4 2009 06:16:45.500
Loaded driver \WINDOWS\system32\ntkrnlpa.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver sptd.sys
Loaded driver \WINDOWS\System32\Drivers\WMILIB.SYS
Loaded driver \WINDOWS\System32\Drivers\SPTDDRV1.SYS
Loaded driver ACPI.sys
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver compbatt.sys
Loaded driver \WINDOWS\system32\DRIVERS\BATTC.SYS
Loaded driver pciide.sys
Loaded driver \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Loaded driver aliide.sys
Loaded driver cmdide.sys
Loaded driver toside.sys
Loaded driver viaide.sys
Loaded driver intelide.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver cpqarray.sys
Loaded driver \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
Loaded driver atapi.sys
Loaded driver aha154x.sys
Loaded driver sparrow.sys
Loaded driver symc810.sys
Loaded driver aic78xx.sys
Loaded driver dac960nt.sys
Loaded driver ql10wnt.sys
Loaded driver amsint.sys
Loaded driver asc.sys
Loaded driver asc3550.sys
Loaded driver mraid35x.sys
Loaded driver i2omp.sys
Loaded driver ini910u.sys
Loaded driver ql1240.sys
Loaded driver aic78u2.sys
Loaded driver symc8xx.sys
Loaded driver sym_hi.sys
Loaded driver sym_u3.sys
Loaded driver ABP480N5.SYS
Loaded driver asc3350p.sys
Loaded driver cd20xrnt.sys
Loaded driver ultra.sys
Loaded driver adpu160m.sys
Loaded driver dpti2o.sys
Loaded driver ql1080.sys
Loaded driver ql1280.sys
Loaded driver ql12160.sys
Loaded driver perc2.sys
Loaded driver perc2hib.sys
Loaded driver hpn.sys
Loaded driver cbidf2k.sys
Loaded driver dac2w2k.sys
Loaded driver VIAMRAID.SYS
Loaded driver disk.sys
Loaded driver \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver PCTCore.sys
Loaded driver PxHelp20.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver sisagp.sys
Loaded driver viaagp.sys
Loaded driver viaagp1.sys
Loaded driver ohci1394.sys
Loaded driver \WINDOWS\system32\DRIVERS\1394BUS.SYS
Loaded driver Mup.sys
Loaded driver alim1541.sys
Loaded driver amdagp.sys
Loaded driver agp440.sys
Loaded driver agpCPQ.sys
Loaded driver \SystemRoot\system32\DRIVERS\nic1394.sys
Loaded driver \SystemRoot\system32\DRIVERS\processr.sys
Loaded driver \SystemRoot\system32\DRIVERS\nv4_mini.sys
Loaded driver \SystemRoot\system32\DRIVERS\Intels51.sys
Loaded driver \SystemRoot\System32\Drivers\Modem.SYS
Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\System32\Drivers\ElbyDelay.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbuhci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\system32\DRIVERS\point32.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\system32\drivers\ALCXWDM.SYS
Loaded driver \SystemRoot\system32\drivers\ALCXSENS.SYS
Loaded driver \SystemRoot\system32\DRIVERS\fetnd5bv.sys
Loaded driver \SystemRoot\system32\DRIVERS\fdc.sys
Loaded driver \SystemRoot\system32\DRIVERS\serial.sys
Loaded driver \SystemRoot\system32\DRIVERS\serenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\parport.sys
Loaded driver \SystemRoot\system32\DRIVERS\audstub.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\system32\DRIVERS\psched.sys
Loaded driver \SystemRoot\system32\DRIVERS\ptilink.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspti.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\update.sys
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\system32\drivers\MODEMCSA.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Loaded driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Did not load driver \systemroot\system32\drivers\gasfkybbgiujrw.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\system32\DRIVERS\tcpip.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Did not load driver \SystemRoot\system32\DRIVERS\p3.sys
Loaded driver \SystemRoot\System32\Drivers\StarOpen.SYS
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\system32\DRIVERS\wanarp.sys
Loaded driver \SystemRoot\system32\DRIVERS\arp1394.sys
Loaded driver \SystemRoot\System32\Drivers\Fips.SYS
Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS
#60
noahdfear
-
- Visiting Fellow
-
- 465 posts
Silver Member
Posted 04 November 2009 - 11:52 PM
Boot back to MiniXP and run Regsitry Editor PE. No need to load a user hive.
Minimize the editor to the taskbar then open a command window, copy the contents of the code box below and paste it into the command window.
Post the contents of the log that opens.
Minimize the editor to the taskbar then open a command window, copy the contents of the code box below and paste it into the command window.
@echo off echo Please Wait reg query "HKLM\_REMOTE_SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v ShowLogonOptions>"%userprofile%\desktop\look.txt" reg query HKLM\_REMOTE_SOFTWARE\Microsoft\Windows\CurrentVersion\Setup>>"%userprofile%\desktop\look.txt" echo.>>"%userprofile%\desktop\look.txt" dir c:\i386 /a D /s>>"%userprofile%\desktop\look.txt" start notepad "%userprofile%\desktop\look.txt" exit cls
Post the contents of the log that opens.
Dave
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
