Malware and Virus RemovalProblems removing malware/viruses? Get help from our Malware removal experts.
Mission Statement
WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
Virus/Adware can only start in safe mode, registry errors?
I canot start windows xp normally, can only get into safe mode after a hitting esc key a few times when safe mode starts and is just full of text. I originally get some blue screen with an error about something can't see it long enough to pick anything out other than the 0x0000050 code. I have downloaded spyware doctor and it found stuff and deleted it, I downloaded spyeraser, registryBooster2 and they supposidly deleted stuff but on reboot it is the same ole story. Avast does not come up with anything. In reading some threads here I did download hijack and results are below if someone can make heads or tails out of it, note it is done from safe mode in my laptop as that is the only thing I can get into.
Logfile of HijackThis v1.99.1
Scan saved at 10:58:57 PM, on 05/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Let's start with a tool to give us a better look at things.
Note: You must be logged onto an account with administrator privileges to complete the following.
Download Deckard's System Scanner (dss.exe) to your desktop.
Close all applications and windows.
Double-click on dss.exe to run it and follow the prompts.
When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.
Post the contents of main.txt only for now.
It's late, so it may be tomorrow evening before I get back to you.
What exacly happens when you try to logon normally? Reboot on it's own?
hi, thanks for whatever you can help with.
firstly when I reboot the laptop it gives me screen to enter setup(f2) and then goes directly to option on how to start.
Normal option and last known config option gives me blue screen
a problem has been detected and shutdown done to protect damage...etc.etc..etc. cant see it long enough to read it but did manage to get "pagefault_in_nonpaged_area" and the error code at bottom 0x0000050.
If I choose safe mode or safe with networking I get a screen full of text listing various .sys files
muli(0) disk(0) Partion(2) windows\system32\drivers\"various".sys
this just fills the screen and I try and hit esc and other keys and then sometimes it lets me into the window screen to enter the administrator or my account.
I did receive blue screen this morning trying to reboot that said
STOP: c000021a fatal system error
the system manager initialization system procedd terminated unexpectedly with a status of 0xc000026c (0x00000000, 0x00000000).
The system has been shut down.
First time I saw that one. reboot and got into the safe mode as above by hitting alt and esc key a few times after text page loaded.
Here is the file you asked for I hope it helps...Thanks again!
Deckard's System Scanner v20070804.61
Run by Administrator on 2007-08-06 at 09:36:25
Computer is in Safe Mode with Networking.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...failed; computer is in safe mode.
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 503 MiB (512 MiB recommended).
-- HijackThis (run as Administrator.exe) ---------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 9:38:22 AM, on 06/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Not much going on there from what I see. Scan again with HijackThis, place a check next to the following entries, close all open programs and windows, then click Fix Checked.
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
Close HijackThis.
Reboot.
Upon startup, begin tapping the F8 key. This will enable the Advanced startup menu. Select Disable Automatic Restart. The computer will continue to boot normally and should at some point Blue Screen. This time it should remain displayed, and contain information about the error. Please make note of it and post the information here. You will need to hold the power button in until the computer shuts down. You can then boot again to safe mode. It's quite normal when booting into safe mode, for it to display a list of drivers. Those are the drivers being loaded for safe mode operation. No need to push escape or anything else, just be patient. Once the last of the drivers is loaded, it will go on to the login screen.
Don't know if I like the not much going on as you see? I think now I would have felt better at this point if you did see something.
did the HijackThis and rebooted:
Blue Screen message is as follows:
A problem has been detected and windows has been shut down to prevent damage to your computer.
PAGE_FAULT_IN_NONPAGED_AREA
If this is the first time you've seen this Stop error screen, restart your computer. If this screen appears again, follow these steps:
Check to make sure any new hardware or software is properly installed. If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need.
If problems continue, disable or remove any newly installed hardware or software. Disable BIOS memory options such as caching or shadowing. If you need to use safe mode to remove or disable components, restart your computer, press F8 to select advanced startup options, and then select safe mode.
Technical information:
***STOP: 0x00000050 (0xF7120000,0x00000001,0x80575E80,0x00000000)
END BLUE SCREEN
I have not installed any new software or hardware in I do not know how long, except as in original message I have downloaded the few virus programs to see what was going on since I have had this problem.
When going into safe mode....if I don't hit the esc key numerous times the computer just sits on the driver list screen....seems to freeze there, but as you said I am again patiently waiting for log in screen as I am sending this.
Well shucks, that's a pretty generic error message. Below are a couple of MS articles that offer possible cause and solutions. Truckload of hits on Google too.
1. Lets check for rootkit.
Download GMER and transfer it to the PC.
Unzip it to the desktop.
Open the program and click on the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
Click on Scan.
When the scan has completed, click Copy and Save it to notepad, then post the results (if any) into this topic.
2. Have a look at this topic about Data Dumps. The debugger needs an internet connection to properly debug the log, so it means transferring the minidump file to another computer to debug it. You can post the debugged log here.
Odd that it's hanging at the list of drivers too. Do whatever it is you've been doing to get around that and boot. BTW, you did try a Last Known Good boot? You should also try selecting Enable VGA mode.
All kinds of hits on google, I have tried searching for help on this stuff when finally I came across this site....Hopefully now with your help and more knowledge we can find out what is going on with this laptop, before it becomes a skipping rock in the Atlantic Ocean ! ! !
Part 1 of your instructions: (hope it helps) Part 2 not so good!
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-08-06 21:09:28
Windows 5.1.2600 Service Pack 2
PART 2 of your instructions:
I downloaded the debugging tool from windows, transferred it to the laptop, but it will not install...While unzipping get the message
the system administrator has set policies to prevent this installation.
BTW: Last know good config just gave me blue screen as the start windows normal.
PS: I sat on the driver screen all along while I was awaiting for your last reply.....It just gets hung up on that screen and won't pass unless I keep hitting the esc key. I waited two hours the other night when my patience finally got the better of me!
How do I enable the VGA mode? Where do I go? I need specifics my friend.
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 00000000, The address that the exception occurred at
Arg3: f86c420c, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".
Microsoft (R) Windows Debugger Version 6.7.0005.1
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Mini041107-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: H:\WINDOWS;H:\WINDOWS\system32;H:\WINDOWS\system32\drivers
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 2600.xpsp_sp2_gdr.061219-0316
Kernel base = 0x804d7000 PsLoadedModuleList = 0x805533a0
Debug session time: Wed Apr 11 14:15:39.062 2007 (GMT-3)
System Uptime: 0 days 1:01:47.640
Loading Kernel Symbols
........................................................................... ...............................................................
Loading User Symbols
Loading unloaded module list
...........
Unable to load image ialmnt5.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ialmnt5.sys
*** ERROR: Module load completed but symbols could not be loaded for ialmnt5.sys
*************************************************************************** ****
* *
* Bugcheck Analysis *
* *
*************************************************************************** ****
Use !analyze -v to get detailed debugging information.
BugCheck 1000007F, {8, 80042000, 0, 0}
Probably caused by : ialmnt5.sys ( ialmnt5+1bd50 )
UNEXPECTED_KERNEL_MODE_TRAP_M (1000007f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 00000008, EXCEPTION_DOUBLE_FAULT
Arg2: 80042000
Arg3: 00000000
Arg4: 00000000
Debugging Details:
------------------
BUGCHECK_STR: 0x7f_8
CUSTOMER_CRASH_COUNT: 2
DEFAULT_BUCKET_ID: DRIVER_FAULT
PROCESS_NAME: EXPLORER.EXE
LAST_CONTROL_TRANSFER: from f7e79754 to f7e0ad50
STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
aa70e008 f7e79754 81d33910 00000000 00000001 ialmnt5+0x1bd50
aa70e00c 81d33910 00000000 00000001 00000064 ialmnt5+0x8a754
aa70e010 00000000 00000001 00000064 81cb85a8 0x81d33910
STACK_COMMAND: kb
FOLLOWUP_IP:
ialmnt5+1bd50
f7e0ad50 6a01 push 1
SYMBOL_STACK_INDEX: 0
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: ialmnt5
IMAGE_NAME: ialmnt5.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 42090c3a
SYMBOL_NAME: ialmnt5+1bd50
FAILURE_BUCKET_ID: 0x7f_8_ialmnt5+1bd50
BUCKET_ID: 0x7f_8_ialmnt5+1bd50
Followup: MachineOwner
---------
eax=81f9a778 ebx=82060480 ecx=81f9a778 edx=81f9a778 esi=81cb85a8 edi=00000064
eip=f7e0ad50 esp=aa70e000 ebp=aa70e008 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
ialmnt5+0x1bd50:
f7e0ad50 6a01 push 1
ChildEBP RetAddr Args to Child
WARNING: Stack unwind information not available. Following frames may be wrong.
aa70e008 f7e79754 81d33910 00000000 00000001 ialmnt5+0x1bd50
aa70e00c 81d33910 00000000 00000001 00000064 ialmnt5+0x8a754
aa70e010 00000000 00000001 00000064 81cb85a8 0x81d33910
start end module name
804d7000 806cd580 nt ntkrnlpa.exe Tue Dec 19 08:55:36 2006 (4587E148)
806ce000 806ee380 hal halaacpi.dll Wed Aug 04 02:59:05 2004 (41107B29)
aa4fe000 aa500e40 mdmxsdk mdmxsdk.sys Wed Mar 17 16:04:10 2004 (4058A12A)
aa754000 aa768400 wdmaud wdmaud.sys Wed Jun 14 06:00:44 2006 (448FD03C)
aa7b9000 aa80a480 srv srv.sys Mon Aug 14 07:34:39 2006 (44E051BF)
aa80b000 aa81e180 epm_shd epm-shd.sys Thu Mar 24 05:54:06 2005 (4242802E)
aa86f000 aa884580 aswMon2 aswMon2.SYS Wed Nov 01 11:54:26 2006 (4548B522)
aa8ad000 aa8d9400 mrxdav mrxdav.sys Wed Aug 04 03:00:49 2004 (41107B91)
aab72000 aab80d80 sysaudio sysaudio.sys Wed Aug 04 03:15:54 2004 (41107F1A)
aabaa000 aabbf580 irda irda.sys Wed Aug 04 03:00:50 2004 (41107B92)
aac04000 aac07280 ndisuio ndisuio.sys Wed Aug 04 03:03:10 2004 (41107C1E)
aac3c000 aac3e8c0 s24trans s24trans.sys Fri Oct 15 15:20:02 2004 (417014D2)
aac44000 aac47be0 AegisP AegisP.sys Fri Sep 24 17:15:30 2004 (41548062)
aad50000 aad67480 dump_atapi dump_atapi.sys Wed Aug 04 02:59:41 2004 (41107B4D)
aae30000 aae50f00 ipnat ipnat.sys Wed Sep 29 19:28:36 2004 (415B3714)
aae51000 aaebfa00 mrxsmb mrxsmb.sys Fri May 05 06:41:42 2006 (445B1DD6)
aaec0000 aaeeaa00 rdbss rdbss.sys Fri May 05 06:47:55 2006 (445B1F4B)
aaeeb000 aaf0cd00 afd afd.sys Wed Aug 04 03:14:13 2004 (41107EB5)
aaf0d000 aaf34c00 netbt netbt.sys Wed Aug 04 03:14:36 2004 (41107ECC)
aaf35000 aaf8cd80 tcpip tcpip.sys Thu Apr 20 08:51:47 2006 (444775D3)
aaf8d000 aaf9f400 ipsec ipsec.sys Wed Aug 04 03:14:27 2004 (41107EC3)
bf800000 bf9c2180 win32k win32k.sys Thu Mar 08 09:47:34 2007 (45F013F6)
bf9c3000 bf9d4580 dxg dxg.sys Wed Aug 04 03:00:51 2004 (41107B93)
bf9d5000 bf9e3000 ialmrnt5 ialmrnt5.dll Tue Feb 08 14:52:30 2005 (42090A6E)
bf9e3000 bfa02000 ialmdnt5 ialmdnt5.dll Tue Feb 08 14:52:24 2005 (42090A68)
bfa02000 bfa2da20 ialmdev5 ialmdev5.DLL Tue Feb 08 14:52:14 2005 (42090A5E)
bfa2e000 bfb0b000 ialmdd5 ialmdd5.DLL Tue Feb 08 14:59:27 2005 (42090C0F)
f768f000 f76c2200 update update.sys Wed Aug 04 02:58:32 2004 (41107B08)
f776d000 f777de00 psched psched.sys Wed Aug 04 03:04:16 2004 (41107C60)
f777e000 f7794680 ndiswan ndiswan.sys Wed Aug 04 03:14:30 2004 (41107EC6)
f77ad000 f77af900 Dxapi Dxapi.sys Fri Aug 17 17:53:19 2001 (3B7D843F)
f77bd000 f77ea5e0 SynTP SynTP.sys Fri Oct 08 18:33:45 2004 (416707B9)
f77eb000 f7896c80 HSF_CNXT HSF_CNXT.sys Tue Jan 25 18:26:27 2005 (41F6C793)
f7897000 f7994780 HSF_DPV HSF_DPV.sys Tue Jan 25 18:27:10 2005 (41F6C7BE)
f7995000 f79c7b00 HSFHWICH HSFHWICH.sys Tue Jan 25 18:26:34 2005 (41F6C79A)
f79c8000 f79ea680 ks ks.sys Wed Aug 04 03:15:20 2004 (41107EF8)
f79eb000 f7a0e980 portcls portcls.sys Wed Aug 04 03:15:47 2004 (41107F13)
f7a0f000 f7a52800 camchal camchal.sys Fri Jun 25 19:31:05 2004 (40DCA7A9)
f7a53000 f7a7dd00 b57xp32 b57xp32.sys Wed May 21 22:47:11 2003 (3ECC2C1F)
f7a7e000 f7d90d00 w29n51 w29n51.sys Fri Oct 29 23:48:07 2004 (418300E7)
f7d91000 f7db7580 tifm21 tifm21.sys Fri Feb 11 02:52:35 2005 (420C5633)
f7db8000 f7ddae80 USBPORT USBPORT.SYS Wed Aug 04 03:08:34 2004 (41107D62)
f7ddb000 f7dee780 VIDEOPRT VIDEOPRT.SYS Wed Aug 04 03:07:04 2004 (41107D08)
f7def000 f7eb3660 ialmnt5 ialmnt5.sys Tue Feb 08 15:00:10 2005 (42090C3A)
f7edc000 f7edcb80 Null Null.SYS Fri Aug 17 17:47:39 2001 (3B7D82EB)
f7f0e000 f7f0ec00 audstub audstub.sys Fri Aug 17 17:59:40 2001 (3B7D85BC)
f81e9000 f81ecf60 HPZipr12 HPZipr12.sys Fri Dec 24 01:39:10 2004 (41CBAB7E)
f81f1000 f81f4b00 usbscan usbscan.sys Wed Aug 04 02:58:44 2004 (41107B14)
f823e000 f8258580 Mup Mup.sys Wed Aug 04 03:15:20 2004 (41107EF8)
f8259000 f8285a80 NDIS NDIS.sys Wed Aug 04 03:14:27 2004 (41107EC3)
f8286000 f829c780 KSecDD KSecDD.sys Wed Aug 04 02:59:45 2004 (41107B51)
f829d000 f82c0000 Fastfat Fastfat.sys Wed Aug 04 03:14:15 2004 (41107EB7)
f82c0000 f82df780 fltMgr fltMgr.sys Mon Aug 21 06:14:57 2006 (44E97991)
f82e0000 f82f7480 atapi atapi.sys Wed Aug 04 02:59:41 2004 (41107B4D)
f82f8000 f8316880 ftdisk ftdisk.sys Fri Aug 17 17:52:41 2001 (3B7D8419)
f8317000 f8334480 pcmcia pcmcia.sys Wed Aug 04 03:07:45 2004 (41107D31)
f8335000 f8345a80 pci pci.sys Wed Aug 04 03:07:45 2004 (41107D31)
f8346000 f8373d80 ACPI ACPI.sys Wed Aug 04 03:07:35 2004 (41107D27)
f8475000 f847dc00 isapnp isapnp.sys Fri Aug 17 17:58:01 2001 (3B7D8559)
f8485000 f8493e80 ohci1394 ohci1394.sys Wed Aug 04 03:10:05 2004 (41107DBD)
f8495000 f84a2000 1394BUS 1394BUS.SYS Wed Aug 04 03:10:03 2004 (41107DBB)
f84a5000 f84af500 MountMgr MountMgr.sys Wed Aug 04 02:58:29 2004 (41107B05)
f84b5000 f84c1c80 VolSnap VolSnap.sys Wed Aug 04 03:00:14 2004 (41107B6E)
f84c5000 f84cde00 disk disk.sys Wed Aug 04 02:59:53 2004 (41107B59)
f84d5000 f84e1200 CLASSPNP CLASSPNP.SYS Wed Aug 04 03:14:26 2004 (41107EC2)
f84f5000 f8504180 nic1394 nic1394.sys Wed Aug 04 02:58:28 2004 (41107B04)
f8505000 f850dd00 intelppm intelppm.sys Wed Aug 04 02:59:19 2004 (41107B37)
f8515000 f851d500 camcaud camcaud.sys Fri Jun 25 19:29:57 2004 (40DCA765)
f8525000 f8533b80 drmk drmk.sys Wed Aug 04 03:07:54 2004 (41107D3A)
f8535000 f8541e00 i8042prt i8042prt.sys Wed Aug 04 03:14:36 2004 (41107ECC)
f8545000 f854f380 imapi imapi.sys Wed Aug 04 03:00:12 2004 (41107B6C)
f8555000 f8561180 cdrom cdrom.sys Wed Aug 04 02:59:52 2004 (41107B58)
f8565000 f8573080 redbook redbook.sys Wed Aug 04 02:59:34 2004 (41107B46)
f8575000 f8581880 rasl2tp rasl2tp.sys Wed Aug 04 03:14:21 2004 (41107EBD)
f8585000 f858f200 raspppoe raspppoe.sys Wed Aug 04 03:05:06 2004 (41107C92)
f8595000 f85a0d00 raspptp raspptp.sys Wed Aug 04 03:14:26 2004 (41107EC2)
f85a5000 f85ad900 msgpc msgpc.sys Wed Aug 04 03:04:11 2004 (41107C5B)
f85b5000 f85bef00 termdd termdd.sys Wed Aug 04 02:58:52 2004 (41107B1C)
f85c5000 f85ce480 NDProxy NDProxy.SYS Fri Aug 17 17:55:30 2001 (3B7D84C2)
f85e5000 f85f3100 usbhub usbhub.sys Wed Aug 04 03:08:40 2004 (41107D68)
f8615000 f861d360 aswTdi aswTdi.SYS Mon Jan 15 13:25:22 2007 (45ABB902)
f8625000 f862d700 netbios netbios.sys Wed Aug 04 03:03:19 2004 (41107C27)
f8635000 f863d880 Fips Fips.SYS Fri Aug 17 22:31:49 2001 (3B7DC585)
f8645000 f864d700 wanarp wanarp.sys Wed Aug 04 03:04:57 2004 (41107C89)
f8655000 f8663d80 arp1394 arp1394.sys Wed Aug 04 02:58:28 2004 (41107B04)
f8675000 f8681200 HPZid412 HPZid412.sys Mon Jan 17 00:51:53 2005 (41EB4469)
f8685000 f8694900 Cdfs Cdfs.SYS Wed Aug 04 03:14:09 2004 (41107EB1)
f86f5000 f86fb200 PCIIDEX PCIIDEX.SYS Wed Aug 04 02:59:40 2004 (41107B4C)
f86fd000 f8701900 PartMgr PartMgr.sys Fri Aug 17 22:32:23 2001 (3B7DC5A7)
f8705000 f8709de0 PxHelp20 PxHelp20.sys Wed Jan 26 21:32:51 2005 (41F844C3)
f871d000 f8722000 usbuhci usbuhci.sys Wed Aug 04 03:08:34 2004 (41107D62)
f8725000 f872b800 usbehci usbehci.sys Wed Aug 04 03:08:34 2004 (41107D62)
f872d000 f8734580 Modem Modem.SYS Wed Aug 04 03:08:04 2004 (41107D44)
f8735000 f873c000 nscirda nscirda.sys Wed Aug 04 03:00:49 2004 (41107B91)
f873d000 f8741200 DKbFltr DKbFltr.sys Wed Dec 08 02:09:58 2004 (41B69AB6)
f8745000 f874b000 kbdclass kbdclass.sys Wed Aug 04 02:58:32 2004 (41107B08)
f874d000 f8752a00 mouclass mouclass.sys Wed Aug 04 02:58:32 2004 (41107B08)
f8755000 f8759c80 rasirda rasirda.sys Fri Aug 17 17:51:29 2001 (3B7D83D1)
f875d000 f8761880 TDI TDI.SYS Wed Aug 04 03:07:47 2004 (41107D33)
f8765000 f8769580 ptilink ptilink.sys Fri Aug 17 17:49:53 2001 (3B7D8371)
f876d000 f8771080 raspti raspti.sys Fri Aug 17 17:55:32 2001 (3B7D84C4)
f8795000 f879a200 vga vga.sys Wed Aug 04 03:07:06 2004 (41107D0A)
f879d000 f87a1a80 Msfs Msfs.SYS Wed Aug 04 03:00:37 2004 (41107B85)
f87a5000 f87ac880 Npfs Npfs.SYS Wed Aug 04 03:00:38 2004 (41107B86)
f87ad000 f87b4b80 usbccgp usbccgp.sys Wed Aug 04 03:08:45 2004 (41107D6D)
f87b5000 f87bab00 Aavmker4 Aavmker4.SYS Wed Dec 20 19:51:55 2006 (4589CC9B)
f87bd000 f87c3500 usbprint usbprint.sys Wed Aug 04 03:01:23 2004 (41107BB3)
f87c5000 f87ca440 HPZius12 HPZius12.sys Fri Dec 24 01:37:44 2004 (41CBAB28)
f87cd000 f87d3780 USBSTOR USBSTOR.SYS Wed Aug 04 03:08:44 2004 (41107D6C)
f87d5000 f87d9500 watchdog watchdog.sys Wed Aug 04 03:07:32 2004 (41107D24)
f8885000 f8888000 BOOTVID BOOTVID.dll Fri Aug 17 17:49:09 2001 (3B7D8345)
f8889000 f888b480 compbatt compbatt.sys Fri Aug 17 17:57:58 2001 (3B7D8556)
f888d000 f8890700 BATTC BATTC.SYS Fri Aug 17 17:57:52 2001 (3B7D8550)
f8891000 f8893d80 ACPIEC ACPIEC.sys Fri Aug 17 17:57:55 2001 (3B7D8553)
f8895000 f8897480 bsstor bsstor.sys Thu Jun 06 03:41:41 2002 (3CFF0425)
f8915000 f8917c00 irenum irenum.sys Wed Aug 04 03:00:45 2004 (41107B8D)
f891d000 f8920680 UBHelper UBHelper.SYS Fri Dec 17 05:00:25 2004 (41C2A029)
f8921000 f8923880 pfc pfc.sys Fri Sep 19 20:47:22 2003 (3F6B958A)
f8929000 f892c700 CmBatt CmBatt.sys Wed Aug 04 03:07:39 2004 (41107D2B)
f8931000 f8933580 ndistapi ndistapi.sys Fri Aug 17 17:55:29 2001 (3B7D84C1)
f893d000 f8940c80 mssmbios mssmbios.sys Wed Aug 04 03:07:47 2004 (41107D33)
f896d000 f896f280 rasacd rasacd.sys Fri Aug 17 17:55:39 2001 (3B7D84CB)
f8971000 f8973f00 ws2ifsl ws2ifsl.sys Fri Aug 17 17:55:58 2001 (3B7D84DE)
f8975000 f8976b80 kdcom kdcom.dll Fri Aug 17 17:49:10 2001 (3B7D8346)
f8977000 f8978100 WMILIB WMILIB.SYS Fri Aug 17 18:07:23 2001 (3B7D878B)
f8979000 f897a580 intelide intelide.sys Wed Aug 04 02:59:40 2004 (41107B4C)
f8983000 f8984280 USBD USBD.SYS Fri Aug 17 18:02:58 2001 (3B7D8682)
f8985000 f8986800 NTIDrvr NTIDrvr.sys Tue Dec 21 16:33:14 2004 (41C8888A)
f8987000 f8988a80 serscan serscan.sys Fri Aug 17 17:53:28 2001 (3B7D8448)
f8989000 f898a100 swenum swenum.sys Wed Aug 04 02:58:41 2004 (41107B11)
f8993000 f8994f00 Fs_Rec Fs_Rec.SYS Fri Aug 17 17:49:37 2001 (3B7D8361)
f8995000 f8996080 Beep Beep.SYS Fri Aug 17 17:47:33 2001 (3B7D82E5)
f8997000 f8998080 mnmdd mnmdd.SYS Fri Aug 17 17:57:28 2001 (3B7D8538)
f8999000 f899a080 RDPCDD RDPCDD.sys Fri Aug 17 17:46:56 2001 (3B7D82C0)
f899b000 f899c100 dump_WMILIB dump_WMILIB.SYS Fri Aug 17 18:07:23 2001 (3B7D878B)
f8a3d000 f8a3dd00 pciide pciide.sys Fri Aug 17 17:51:49 2001 (3B7D83E5)
f8a3e000 f8a3ed80 OPRGHDLR OPRGHDLR.SYS Fri Aug 17 17:57:55 2001 (3B7D8553)
f8a7a000 f8a7b000 epm_psd epm-psd.sys Mon Jul 19 17:10:49 2004 (40FC2AC9)
f8b30000 f8b30d00 dxgthk dxgthk.sys Fri Aug 17 17:53:12 2001 (3B7D8438)
I was hoping like you wouldn't believe.....
However i still get the same blue screen and options how to start...
Nothing has changed I am smelling the salt water for this thing!
Check the device manager for any errors. Let me know if you find any before continuing with the following.
Click Start>Run, type services.msc and hit enter. Locate each of these in the list and double click the entry. Click Stop if available. Set the startup type to disabled, click Apply and OK. They might not all be listed.
Remote Packet Capture Protocol
Speed Disk service
Spyware Doctor Auxiliary Service
Spyware Doctor Service
Norton Unerase Protection
lxbu_device - Lexmark International
LXBUCustomerConnect
avast! Web Scanner
avast! Mail Scanner
avast! Antivirus
Click Start>Run and type msconfig then hit enter. Uncheck everything on the Startup tab except for the Synaptics entries. Click OK and allow restart.
I am smelling the salt water for this thing!
