WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


Blue screen of death.... sort of

3 posters

descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

more_horiz
So no Start menu pops up when you hit the Start key? will it open if you hit the Windows flag key on the keyboard?

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Blue screen of death.... sort of - Page 2 DXwU4
Blue screen of death.... sort of - Page 2 VvYDg

descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

more_horiz
No I Get nothing. Im at a loss.

descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

more_horiz
I actually responded to this question Wednesday morning. I have no idea why it did not post until yesterday. I understand you guys are very busy. Waiting anxiously for further instructions. Thanks!

descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

more_horiz
We may need to reset the permission on explorer.exe, looks like the malware has locked it.

Please download this file.

  • Please download Junction.zip and save it.
  • Unzip it and put junction.exe in the Windows directory (C:\Windows).
  • Go to File > New Task in Task Manager. Copy and paste the following command in the run box and click OK:

    cmd /c junction -s c:\ >log.txt&log.txt& del log.txt

  • A command window opens starting to scan the system. Wait until a log file opens. Copy and paste or attach the content of it.

descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

more_horiz
I am unable to unzip the file.

descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

more_horiz
I had this problem with another application. Can you direct me to an unzipped version?

descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

more_horiz
Try this: http://rapidshare.com/files/300622863/junction.exe.html

descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

more_horiz
Junction v1.05 - Windows junction creator and reparse point viewer
Copyright (C) 2000-2007 Mark Russinovich
Systems Internals - http://www.sysinternals.com


Failed to open \\?\c:\\hiberfil.sys: The process cannot access the file because it is being used by another process.



Failed to open \\?\c:\\pagefile.sys: The process cannot access the file because it is being used by another process.


...

...

...

...

...

...

...

...

...

...

...

...

...

.
Failed to open \\?\c:\\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe: Access is denied.



Failed to open \\?\c:\\Program Files\iolo\System Mechanic 7\SysMech7.exe: Access is denied.


..

...

...

...

...

...


Failed to open \\?\c:\\Program Files\Reg Tool\Reg Tool.exe: Access is denied.


...

...
Failed to open \\?\c:\\Program Files\Uniblue\DriverScanner\DriverScanner.exe: Access is denied.




...

...

.
Failed to open \\?\c:\\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2133\snapshot\_registry_machine_system.LOG: The file or directory is corrupted and unreadable.



Failed to open \\?\c:\\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2134\snapshot\_registry_machine_system.LOG: The file or directory is corrupted and unreadable.



Failed to open \\?\c:\\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2135\snapshot\_registry_machine_system.LOG: The file or directory is corrupted and unreadable.


..

...

...

..
Failed to open \\?\c:\\WINDOWS\explorer.exe: Access is denied.


.

...

...

...

..\\?\c:\\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a: JUNCTION
Print Name : C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
Substitute Name: C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790

\\?\c:\\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a: JUNCTION
Print Name : C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e
Substitute Name: C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e

.

...

...

...

...

...

...

...


Failed to open \\?\c:\\WINDOWS\SYSTEM32\MRT.exe: Access is denied.


...

...
Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET118.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET11F.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET12A.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET14F.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET171.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET175.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET179.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET1CB.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET1E7.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET3A.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET3B.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET3C.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET3D.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET3E.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET3E5.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET3F.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET40.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET41.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET42.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET43.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET44.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET45.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET4E.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET50.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET56.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET5E.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET67.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET77.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET80.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SET9E.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SETAA.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SETAD.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SETB9.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SETBA.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SETDB.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SETED.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SETF5.tmp: Access is denied.



Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\SETFF.tmp: Access is denied.





Failed to open \\?\c:\\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe: Access is denied.

descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

more_horiz
Please try this:

  1. Download Win32kDiag from any of the following locations and open it from its location.

  • Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
  • When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
  • Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.
  • descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Running from: C:\Documents and Settings\Aarons\Desktop\Win32kDiag.exe

    Log file at : C:\Documents and Settings\Aarons\Desktop\Win32kDiag.txt

    WARNING: Could not get backup privileges!

    Searching 'C:\WINDOWS'...



    Cannot access: C:\WINDOWS\explorer.exe

    [1] 2007-06-13 06:26:03 1033216 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe (Microsoft Corporation)

    [1] 2007-06-13 05:23:07 1033216 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe (Microsoft Corporation)

    [2] 2004-08-04 02:56:49 1032192 C:\WINDOWS\explorer(2).exe (Microsoft Corporation)

    [2] 2004-08-04 02:56:49 1032192 C:\WINDOWS\explorer(3).exe (Microsoft Corporation)

    [2] 2007-06-13 05:23:07 1033216 C:\WINDOWS\explorer(4).exe (Microsoft Corporation)

    [1] 2007-06-13 05:23:07 1033216 C:\WINDOWS\explorer.exe ()

    [1] 2004-08-04 02:56:49 1032192 C:\WINDOWS\ServicePackFiles\i386\explorer.exe (Microsoft Corporation)

    [1] 2008-04-13 19:12:19 1033728 C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\explorer.exe (Microsoft Corporation)

    [1] 2007-06-13 05:23:07 1033216 C:\WINDOWS\SYSTEM32\DLLCACHE\explorer.exe (Microsoft Corporation)



    Cannot access: C:\WINDOWS\SYSTEM32\MRT.exe

    [1] 2009-08-28 16:38:20 24689600 C:\WINDOWS\SYSTEM32\MRT.exe ()

    [2] 2009-07-29 19:49:14 24281536 C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2159\A0638429.exe (Microsoft Corporation)



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET118.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET118.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET11F.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET11F.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET12A.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET12A.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET14F.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET14F.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET171.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET171.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET175.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET175.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET179.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET179.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET1CB.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET1CB.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET1E7.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET1E7.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET3A.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET3A.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET3B.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET3B.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET3C.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET3C.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET3D.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET3D.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET3E.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET3E.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET3E5.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET3E5.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET3F.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET3F.tmp ()

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET40.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET40.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET41.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET41.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET42.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET42.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET43.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET43.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET44.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET44.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET45.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET45.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET4E.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET4E.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET50.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET50.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET56.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET56.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET5E.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET5E.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET67.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET67.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET77.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET77.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET80.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET80.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SET9E.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SET9E.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SETAA.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SETAA.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SETAD.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SETAD.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SETB9.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SETB9.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SETBA.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SETBA.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SETDB.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SETDB.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SETED.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SETED.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SETF5.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SETF5.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\SETFF.tmp

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\SETFF.tmp ()



    Cannot access: C:\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe

    [1] 2009-02-06 04:41:05 227840 C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\wmiprvse.exe (Microsoft Corporation)

    [1] 2009-02-06 05:10:02 227840 C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\wmiprvse.exe (Microsoft Corporation)

    [1] 2009-02-06 05:15:13 227840 C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\wmiprvse.exe (Microsoft Corporation)

    [1] 2004-08-04 02:56:57 218112 C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe (Microsoft Corporation)

    [1] 2004-08-04 02:56:57 218112 C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe (Microsoft Corporation)

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\wmiprvse.exe (Microsoft Corporation)

    [1] 2009-02-06 04:41:05 227840 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\wmiprvse.exe (Microsoft Corporation)

    [1] 2009-02-06 05:10:02 227840 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\wmiprvse.exe (Microsoft Corporation)

    [1] 2009-02-06 05:15:13 227840 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\wmiprvse.exe (Microsoft Corporation)

    [1] 2008-04-13 19:12:40 218112 C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\wmiprvse.exe (Microsoft Corporation)

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\DLLCACHE\wmiprvse.exe (Microsoft Corporation)

    [1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe ()

    [2] 2004-08-04 02:56:57 218112 C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2147\A0638152.exe (Microsoft Corporation)

    [1] 2002-08-29 06:00:00 203776 C:\i386\WMIPRVSE.EXE (Microsoft Corporation)





    Finished!

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that are highly damaged to remove viruses.
    • Download The Avira AntiVir Rescue System from Antivir.de.
    • Just double-click on the rescue system package to burn it to a CD/DVD.
    • Then please use that CD/DVD with Avira Rescue System to boot your computer.
    You'll get a boot option to either boot from hard drive or AntiVir Rescue System.
    Blue screen of death.... sort of - Page 2 2i8vzwo

    Press the number 2 on your keyboard to boot into AntiVir Rescue System.

    Please wait until drivers are loaded and Main menu shows. Then please select the second option “Scan your system with AntiVir” and hit Enter.
    Blue screen of death.... sort of - Page 2 33dxve1

    Under Configuration, please select Scan all files, Try to repair infected files and Rename files if they cannot be removed?.
    Blue screen of death.... sort of - Page 2 2aaby46

    Then please start the scan.

    The Avira AntiVir Rescue System wil now

    • repair a damaged system,
    • rescue data,
    • scan the system for virus infections.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Once i boot from the cd , the application loads but does not give me any options for running a scan or anything. I thought maybe i did something wrondg so i burned a new cd and tried again and i get the same thing.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Can you boot in to Safe Mode (no Rescue, just normal boot), at least? Do you see a Desktop and different objects?

    Your system is highly damaged, and certain objects are locked, so removing this beast will be rough. If we can work in Safe Mode with Networking, I can assist in resetting a lot of those locked items (shown in the Win32KDiag log above).

    (To reboot to Safe Mode with Networking (tap the F8 key just before Windows starts to load and select the Safe Mode with Networking option from the menu).)

    Reply back here if you are there successfully. Or if you had any issues in getting in to Safe Mode.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Safe mode with networking is a no go. As soon as it is time for password the system just locks up. I believe i can boot in regular safe mode.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Please download the Kaspersky AVP Tool from Kaspersky-labs.com.
    • Save it to your desktop.
    • Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).
    • Double click the setup file to run it.
    • Click Next to continue.
    • It will by default install it to your desktop folder.Click Next.
    • Hit ok at the prompt for scanning in Safe Mode.
    • It will then open a box There will be a tab that says Automatic scan.
    • Under Automatic scan make sure these are checked:

      • System Memory
      • Startup Objects
      • Disk Boot Sectors.
      • My Computer.
      • Also any other drives (Removable that you may have)

    After that click on Security level then choose Customize then click on the tab that says Heuristic Analyzer then choose Enable Deep rootkit search then choose ok.
    Then choose OK again then you are back to the main screen.

    • Then click on Scan at the to right hand Corner.
    • It will automatically Neutralize any objects found.
    • If some objects are left un-neutralized then click the button that says Neutralize all
    • If it says it cannot be Neutralized then chooose The delete option when prompted.
    • After that is done click on the reports button at the bottom and save it to file name it Kas.
    • Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.
    Note: This tool will self uninstall when you close it so please save the log before closing it.

    If some of the options are not available, use as many as possible, and do the scan.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Im sorry I did not follow directions fully. My scan is in two parts because I forgot about the heuristic analyzer part and had to re-do it.

    Scan
    ----
    Scanned: 596346
    Detected: 71
    Untreated: 0
    Start time: 11/4/2009 7:26:14 AM
    Duration: 12:44:16
    Finish time: 11/4/2009 8:10:30 PM


    Detected
    --------
    Status Object
    ------ ------
    will be deleted when the computer is restarted: Trojan program Trojan.Win32.Cosmu.cmc File: C:\Program Files\SafetyCenter\start.exe//PE_Patch.UPX//UPX
    deleted: Trojan program Trojan.BAT.Agent.tf File: C:\HzG.bat
    deleted: Trojan program Trojan.Win32.Buzus.cknw File: C:\Documents and Settings\Aarons\Application Data\Sun\Java\Deployment\cache\6.0\57\9d50e39-7ff9e4a0
    deleted: Trojan program Trojan.Win32.Buzus.cknw File: C:\Documents and Settings\Aarons\Local Settings\temp\0.2865700287181637.exe
    deleted: Trojan program Trojan.Win32.Cosmu.cmc File: C:\Program Files\mozilla.org\SeaMonkey\temp.exe//PE_Patch.UPX//UPX
    deleted: Trojan program Trojan.Win32.Cosmu.cmc File: C:\Program Files\SafetyCenter\new.exe//PE_Patch.UPX//UPX
    deleted: Trojan program Trojan.Win32.Cosmu.cmc File: C:\Program Files\SafetyCenter\protector.exe//PE_Patch.UPX//UPX
    deleted: Trojan program Trojan.Win32.FraudPack.yja File: C:\Program Files\SafetyCenter\tst.exe/big.dll
    deleted: Trojan program Trojan.Win32.Cosmu.cmc File: C:\Program Files\SafetyCenter\uninstall.exe//PE_Patch.UPX//UPX
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2159\A0638432.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2159\A0638433.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2160\A0638474.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2160\A0638475.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2161\A0638515.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2161\A0638516.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2161\A0639515.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2161\A0639516.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2162\A0639566.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2162\A0639567.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2163\A0639611.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2163\A0639612.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2164\A0639656.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2164\A0639657.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2164\A0639669.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2164\A0639670.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2165\A0639711.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2165\A0639712.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2166\A0639754.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2166\A0639755.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2167\A0639799.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2167\A0639800.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2168\A0639838.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2168\A0639839.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2169\A0640080.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2169\A0640081.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2170\A0640124.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2170\A0640125.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2171\A0640163.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2171\A0640164.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2172\A0640203.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2172\A0640204.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2173\A0640243.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2173\A0640244.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2173\A0641243.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2173\A0641244.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2174\A0641286.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2174\A0641287.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2175\A0641335.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2175\A0641336.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2176\A0641375.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2176\A0641376.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2177\A0641416.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2177\A0641417.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2178\A0641468.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2178\A0641469.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2178\A0641481.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2178\A0641482.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2178\A0641491.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2178\A0641492.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2179\A0641535.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2179\A0641536.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2180\A0641572.exe
    deleted: Trojan program Trojan-Downloader.Win32.FraudLoad.fhv File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2180\A0641573.exe
    deleted: Trojan program Backdoor.Win32.Agent.akmn File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2180\A0641737.dll
    deleted: Trojan program Trojan.BAT.Agent.tf File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2200\A0644035.bat
    deleted: Trojan program Trojan.Win32.Cosmu.cmc File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2200\A0644036.exe//PE_Patch.UPX//UPX
    deleted: Trojan program Trojan.Win32.Cosmu.cmc File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2200\A0644037.exe//PE_Patch.UPX//UPX
    deleted: Trojan program Trojan.Win32.Cosmu.cmc File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2200\A0644038.exe//PE_Patch.UPX//UPX
    deleted: Trojan program Trojan.Win32.FraudPack.yja File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2200\A0644039.exe/big.dll
    deleted: Trojan program Trojan.Win32.Cosmu.cmc File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2200\A0644040.exe//PE_Patch.UPX//UPX
    deleted: Trojan program Trojan.Win32.FraudPack.yja File: c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp2200\a0644039.exe


    Events
    ------
    Time Name Status Reason
    ---- ---- ------ ------
    11/4/2009 7:27:48 AM Running module: smss.exe\smss.exe ok scanned


    Statistics
    ----------
    Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
    ------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------


    Settings
    --------
    Parameter Value
    --------- -----
    Security Level Recommended
    Action Prompt for action when the scan is complete
    Run mode Manually
    File types Scan all files
    Scan only new and changed files No
    Scan archives All
    Scan embedded OLE objects All
    Skip if object is larger than No
    Skip if scan takes longer than No
    Parse email formats No
    Scan password-protected archives No
    Enable iChecker technology No
    Enable iSwift technology No
    Show detected threats on "Detected" tab Yes
    Rootkits search Yes
    Deep rootkits search No
    Use heuristic analyzer Yes


    Quarantine
    ----------
    Status Object Size Added
    ------ ------ ---- -----


    Backup
    ------
    Status Object Size
    ------ ------ ----

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Scan
    ----
    Scanned: 574767
    Detected: 1
    Untreated: 0
    Start time: 11/4/2009 8:36:17 PM
    Duration: 1 days 00:37:10
    Finish time: 11/5/2009 9:13:27 PM


    Detected
    --------
    Status Object
    ------ ------
    deleted: Trojan program Trojan.Win32.Cosmu.cmc File: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP2200\A0644042.exe//PE_Patch.UPX//UPX


    Events
    ------
    Time Name Status Reason
    ---- ---- ------ ------
    11/4/2009 8:37:14 PM Running module: smss.exe\smss.exe ok scanned
    11/4/2009 8:37:22 PM File: C:\WINDOWS\System32\smss.exe ok scanned
    11/4/2009 8:37:22 PM Running module: smss.exe\ntdll.dll ok scanned
    11/4/2009 8:37:24 PM File: C:\WINDOWS\system32\ntdll.dll ok scanned
    11/4/2009 8:37:24 PM Running module: csrss.exe\csrss.exe ok scanned
    11/4/2009 8:37:24 PM File: C:\WINDOWS\system32\csrss.exe ok scanned
    11/4/2009 8:37:24 PM Running module: csrss.exe\ntdll.dll ok scanned
    11/4/2009 8:37:24 PM File: C:\WINDOWS\system32\ntdll.dll ok scanned
    11/4/2009 8:37:24 PM Running module: csrss.exe\CSRSRV.dll ok scanned
    11/4/2009 8:37:25 PM File: C:\WINDOWS\system32\CSRSRV.dll ok scanned
    11/4/2009 8:37:25 PM Running module: csrss.exe\basesrv.dll ok scanned
    11/4/2009 8:37:25 PM File: C:\WINDOWS\system32\basesrv.dll ok scanned
    11/4/2009 8:37:25 PM Running module: csrss.exe\winsrv.dll ok scanned
    11/4/2009 8:37:27 PM File: C:\WINDOWS\system32\winsrv.dll ok scanned
    11/4/2009 8:37:27 PM Running module: csrss.exe\GDI32.dll ok scanned
    11/4/2009 8:37:28 PM File: C:\WINDOWS\system32\GDI32.dll ok scanned
    11/4/2009 8:37:28 PM Running module: csrss.exe\KERNEL32.dll ok scanned
    11/4/2009 8:37:30 PM File: C:\WINDOWS\system32\KERNEL32.dll ok scanned
    11/4/2009 8:37:30 PM Running module: csrss.exe\USER32.dll ok scanned
    11/4/2009 8:37:33 PM File: C:\WINDOWS\system32\USER32.dll ok scanned
    11/4/2009 8:37:33 PM Running module: csrss.exe\sxs.dll ok scanned
    11/4/2009 8:37:34 PM File: C:\WINDOWS\system32\sxs.dll ok scanned
    11/4/2009 8:37:34 PM Running module: csrss.exe\ADVAPI32.dll ok scanned


    Statistics
    ----------
    Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
    ------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------


    Settings
    --------
    Parameter Value
    --------- -----
    Security Level Custom
    Action Prompt for action when the scan is complete
    Run mode Manually
    File types Scan all files
    Scan only new and changed files No
    Scan archives All
    Scan embedded OLE objects All
    Skip if object is larger than No
    Skip if scan takes longer than No
    Parse email formats No
    Scan password-protected archives No
    Enable iChecker technology No
    Enable iSwift technology No
    Show detected threats on "Detected" tab Yes
    Rootkits search Yes
    Deep rootkits search Yes
    Use heuristic analyzer Yes


    Quarantine
    ----------
    Status Object Size Added
    ------ ------ ---- -----


    Backup
    ------
    Status Object Size
    ------ ------ ----

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
    • Select Start > All Programs > Accessories > System tools > System Restore.
    • On the dialogue box that appears select Create a Restore Point
    • Click NEXT
    • Enter a name e.g. Clean
    • Click CREATE

    You now have a clean restore point, to get rid of the bad ones:
    • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
    • In the Drop down box that appears select your main drive e.g. C
    • Click OK
    • The System will do some calculation and the display a dialogue box with TABS
    • Select the More Options Tab.
    • At the bottom will be a system restore box with a CLEANUP button click this
    • Accept the Warning and select OK again, the program will close and you are done


    ==
    Hopefully this will be the final check, please do the following:
    Download SuperAntiSpyware

    • Load SuperAntiSpyware and click the Check for updates button.
    • Once the update is finished click the Scan your computer button.
    • Check Perform Complete Scan and then next.
    • SuperAntiSpyware will now scan your computer and when its finished it will list all the infections it has found.
    • Make sure that they all have a check next to them and press next.
    • Click finish and you will be taken back to the main interface.
    • Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
    • Copy and paste the log onto the forum.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    I am unable to access my start menu because of the blue scree. Can I get to it from task manager somehow? I don't want to go any further with your instructions until I know I'm not going mess things up further. I know you guys have put alot of time into helping me with this, and i hate to sabotage it now!

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Download WhoCrashed from here
    This program checks for any drivers which may have been causing your computer to crash....

    Click on the file you just downloaded and run it.
    Put a tick in Accept then click on Next
    Put a tick in the Don't create a start menu folder then click Next
    Put a tick in Create a Desktop Icon then click on Install and make sure there is a tick in Launch Whocrashed before clicking Finish
    Click Analyze
    It will want to download the Debugger and install it Say Yes

    WhoCrashed will create report but you have to scroll down to see it
    Copy and paste it into your next reply

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    --------------------------------------------------------------------------------
    Analysis
    --------------------------------------------------------------------------------

    Crash dump directory: C:\WINDOWS\Minidump

    Crash dumps are enabled on your computer.


    No valid crash dumps have been found on your computer


    --------------------------------------------------------------------------------
    Conclusion
    --------------------------------------------------------------------------------

    Crash dumps are enabled and no valid crash dumps have been found on your computer. In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it's located on a hard surface. Otherwise it's suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Run chkdsk:

    1. Right-click the Start button and select Explore (alternatively, hit WINDOWS key E on your keyboard).
    2. Using Windows Explorer, navigate to your C:\ drive, then right-click the drive and select Properties
    3. In the Properties window that pops up, click the Tools tab and then, under "Error-checking", click on the button that says Check Now...
    4. In the Check disk options window that pops up, place a checkmark in both boxes:

      • Automatically fix file system errors
      • Scan for and attempt recovery of bad sectors

  • Now click on Start in that window.
      A new window will pop up saying, "Windows can't check the disk while it's in use".

  • Click Yes to schedule the disk check.
  • Now shut down (do NOT restart!) your computer, and then turn your computer back on with its power button.
      When your computer turns on, you will see a black screen with white lettering, this is chkdsk running.

  • Let chkdsk run through its five stages. When the utility finishes, Windows will boot to the Desktop.
    NOTE: Running chkdsk may take some time to complete. Please be patient and do NOT use the computer, press any keys, or try to stop the chkdsk scan once it has started!


  • ==

    Locate the chkdsk log and post it here:

    1. Click on Start, then click Run...
    2. Copy and paste the following text into the "Open:" box: eventvwr.msc /s
      NOTE there is a space between "eventvwr.msc" and "/s"!
    3. Click OK (or hit Enter).
        This will bring up the Event Viewer window.

  • In the left panel, click on Application
  • The chkdsk log should be the first entry, with a source of Winlogon
    NOTE: If it is not the first log, click on View, and then on Newest First: that should place the chkdsk log at the top of the list.
  • Click on the entry once.
  • Right-click on the entry and choose Properties
  • In the window that pops up, click on Blue screen of death.... sort of - Page 2 EventViewerPropertiesCopybutton to copy the log.
  • Paste the log in a reply to this topic.
  • descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    I cannot find the log once i click the button to save it.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    OK. Did CHKDSK run completely?

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Yes it ran completely.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Restore Permissions for explorer.exe

    Please download Inherit by sUBs

    1. Drag and drop explorer.exe onto Inherit
    2. This shall restore permissions to the application
    3. The application should now run normally
    Please indicate in your next post if this was successful.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    It appears to be working fine. Still blue screen though.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Please read the following: [url="http://www.cpusolutions.com/mm8004744CPU/HTML/Guides/memtest86.htm"]set up Memtest[/url], then download Memtest86+ from [url="http://www.memtest.org/#downiso"]here[/url].

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Once i download the memtest i am unable to unzip the file.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Try the ISO version please, it is the best to burn to CD.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    I tried the ISO version. I get a message saying my machine doesnt know what app created it. When i choose use web service to fine it , explorer opens up but then nothing further happens

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Try to use this iso burner, which can burn the iso for you: http://www.freeisoburner.com/

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Thank you. Im sorry to keep being such a pain in the a ##!

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Any luck with it?

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Unfortunately no. I tried to boot with the burned disc and the system went to blue screen with a message to restart if it was the first time I'd seen the message and to restart in safe mode etc etc. It also had a stop message at the bottom but I didn t write it down. Sorry. Unfortunately i cannot even boot in safe mode now, the warning just keeps coming up so i am now using my work computer which has a different e-mail attached so if you could reply to mapexmonster@yahoo.com until we can get my system going again. Thanks !!!

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Please get Ubuntu Linux from http://www.ubuntu.com

    then use this tutorial to burn it:
    https://help.ubuntu.com/community/BurningIsoHowto

    ==

    When you are able to boot in to Ubuntu, reply back here, and I can help you rescue your files, and do a virus scan for the other operating system.
    This is a safe, easier process if a rescue disk does not work.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    I have burned the disc at work. i will take it home and run it and then report back.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Very well.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Okay I have been able to open it on my machine. Whats next oh wise one?

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Has Ubuntu been fully installed, you are able to boot in to it?

    While on Ubuntu, please download avast! Linux Home Edition and install it.

    When you have it installed, please let me know so we can continue the next step.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Yes Im able to boot to it. I will download avast tonight at home and report back tomorrow.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Ok.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Okay. I'm now back on my home computer thru ubuntu. Curious as to which version of the avast program to download. There are 3 options for the linux home edition. Thanks

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Go ahead with the DEB version.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Just out of curiosity, when I installed ubuntu,I was not supposed to install it over windows was I? I chose the option, most continuous free space or something to that effect, now it says I dont have enough space to download avast.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    No. It was to be merged in to a partition you would have created before installing it.

    It would look like

    Windows | Unallocated

    ==

    We will now need to look at the partition editor.

    At the beginning, upon boot, do you see something like this:

    Blue screen of death.... sort of - Page 2 Bootmenu

    If so, can you choose Windows and boot in to it?

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    I will try to boot to windows and see what happens.

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    I cannot access windows at all and ubuntu will only run with the disc in. Should I reinstall it?

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    Try to boot in to Windows installation. Is that possible?

    descriptionBlue screen of death.... sort of - Page 2 EmptyRe: Blue screen of death.... sort of

    more_horiz
    privacy_tip Permissions in this forum:
    You cannot reply to topics in this forum