WiredWX Hobby Weather ToolsLog in

 


descriptionNT authority system.... EmptyNT authority system....

more_horiz
shuts down my computer ever 15-60 minutes. Please help. I have no idea what to do.
something about a damn DCOM service process launcher service and then a 60 second countdown and then bam...computer resets

Thanks Guys

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
Please download ComboFix NT authority system.... Combofix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

NT authority system.... Query_RC
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
NT authority system.... RC_successful

  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
here's my log.....


ComboFix 10-02-09.03 - Diana 02/09/2010 18:18:58.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.478.140 [GMT -8:00]
Running from: c:\documents and settings\Diana\desktop\commy.exe
Command switches used :: /stepdel
.

((((((((((((((((((((((((( Files Created from 2010-01-10 to 2010-02-10 )))))))))))))))))))))))))))))))
.

2010-01-23 08:00 . 2010-01-23 08:00 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2010-01-13 06:37 . 2009-11-21 16:36 470528 -c----w- c:\windows\system32\dllcache\aclayers.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 07:00 . 2007-08-19 19:41 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-15 06:59 . 2007-01-09 18:14 -------- d-----w- c:\program files\Bodog Poker
2009-12-25 23:46 . 2009-02-10 04:44 36072 ----a-w- c:\documents and settings\Diana\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-22 05:42 . 2005-05-18 16:56 662016 ------w- c:\windows\system32\wininet.dll
2009-12-22 05:42 . 2005-05-18 16:54 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-15 07:45 . 2009-12-15 07:46 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-15 07:45 . 2006-05-19 22:59 -------- d-----w- c:\program files\Java
2009-12-15 07:44 . 2009-12-15 07:44 152576 ----a-w- c:\documents and settings\Diana\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-15 07:44 . 2009-12-15 07:44 79488 ----a-w- c:\documents and settings\Diana\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-09 14:34 . 2009-04-16 02:46 31296 ---ha-w- c:\windows\system32\mlfcache.dat
2009-11-21 16:36 . 2005-05-18 16:53 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2007-04-08 22:24 . 2006-11-23 21:31 177152 ----a-w- c:\program files\utorrent.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-02-10_01.54.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-10 02:00 . 2010-02-10 02:00 16384 c:\windows\Temp\Perflib_Perfdata_7d0.dat
- 2010-01-22 09:07 . 2010-02-10 01:31 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-22 09:07 . 2010-02-10 02:00 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2005-05-18 17:33 . 2010-02-10 02:00 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2005-05-18 17:33 . 2010-02-10 01:31 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2005-05-18 17:33 . 2010-02-10 02:00 49152 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2005-05-18 17:33 . 2010-02-10 01:31 49152 c:\windows\system32\config\systemprofile\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EasyLinkAdvisor"="c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe" [2007-03-16 454784]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-06-03 251240]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-11-21 3289088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-01-06 344064]
"IndicatorUtility"="c:\program files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2005-02-28 81920]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2005-02-25 242688]
"LoadBtnHnd"="c:\program files\Fujitsu\BtnHnd\BtnHnd.exe" [2005-02-25 61440]
"Rosary Reminder"="c:\progra~1\VIRTUA~1\reminder.exe" [2001-07-10 46080]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2007-05-11 2512392]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-14 177472]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-15 149280]

c:\documents and settings\Diana\Start Menu\Programs\Startup\
GoZone iSync.lnk - c:\program files\GoZone\GoZone_iSync.exe [2009-7-26 425984]
Rainlendar.lnk - c:\program files\Rainlendar\Rainlendar.exe [2005-10-23 118784]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-27 199184]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Diana^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk]
path=c:\documents and settings\Diana\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk
backup=c:\windows\pss\OpenOffice.org 2.0.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2004-12-20 06:10 88358 ----a-r- c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
2006-10-23 12:50 71216 ----a-r- c:\program files\Common Files\AOL\ACS\AOLDial.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2004-07-02 11:48 163840 ----a-r- c:\program files\Apoint2K\Apoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FJUPDNV_Chitose]
2005-02-11 07:10 249856 ----a-w- c:\program files\Fujitsu\fjdvrupd\fjdvrupd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2006-09-26 00:52 50736 ----a-w- c:\program files\Common Files\AOL\1171340783\ee\aolsoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LoadFUJ02E3]
2005-02-25 17:13 69632 ----a-w- c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 --sh--w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-27 00:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2006-05-19 22:35 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files\Java\jre1.5.0_06\bin\jusched.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
c:\program files\Winamp\Winampa.exe [BU]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\utorrent.exe"=
"c:\\Program Files\\Common Files\\AOL\\1171340783\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=

R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [5/18/2005 10:55 AM 32320]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [5/18/2005 10:55 AM 23200]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [6/3/2009 4:46 AM 92008]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [5/18/2005 9:43 AM 4864]
S3 ADVNTDRV;ADVNTDRV;c:\windows\system32\drivers\ADVNTDRV.SYS [11/18/1999 12:20 AM 3872]
.
Contents of the 'Scheduled Tasks' folder

2009-02-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 20:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.aimtoday.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride =
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
FF - ProfilePath - c:\documents and settings\Diana\Application Data\Mozilla\Firefox\Profiles\w4zln4ne.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\documents and settings\Diana\Application Data\Mozilla\Firefox\Profiles\w4zln4ne.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\WinampPlayer.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - hȋdden: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-09 18:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x850DC618]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7592fc3
\Driver\ACPI -> ACPI.sys @ 0xf7405cb8
\Driver\atapi -> atapi.sys @ 0xf739f7b4
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x8057807e
ParseProcedure -> ntkrnlpa.exe @ 0x80576ce0
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x8057807e
ParseProcedure -> ntkrnlpa.exe @ 0x80576ce0
NDIS: Broadcom 440x 10/100 Integrated Controller -> SendCompleteHandler -> NDIS.sys @ 0xf7293ba0
PacketIndicateHandler -> NDIS.sys @ 0xf7282a0b
SendHandler -> NDIS.sys @ 0xf7296b31
user & kernel MBR OK

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="97301180042AFD7144904671E355841BA1D61C8888175F86B8F822E235D9BFDEEF16E9695CC7269FC4625EC4BCF1EA994C9670E44E0F097A8A7087980244C3F292C853B447FC92DE03B2DCC46F5A6287C1B273D954A92C70177B63DADB6FC9370DC27E6F3C86310028A576719FC171F6E81901778B31005AA2EED56A21615E201FE1F1ABA641079A9040B54C6602ADBE5B1A4750591853722584510BA34525E6BD69857FE43129074FEF78DCCE1443FA676A4A7D9472873449599E852AE65308907FE405C97CC464A982EF2DD899F40B11A0DF9A0DF9915F6FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC7933C038D530D6EB3452A6A0AC4980AC793308F245903858DFDE80DEDBADF1F4D630219D31BAE318B1B594DE1140B7066DAA94C051341A07C32498B29AA8B47B792798B3BDC83B393C8EDED9972382C1113B6D278D45A9BD529EED360F2EDD4EC209B3AEAB031AAC25525292BDA2069E6E4C3A539E7CE035838870B9EB41FCD90BECCDA160DAC733C4175181B8BEE453FE8E07BF2A065A391251F4DEEA5B47216D2021F4C436342439A4A273C16AE8AA83E8C240DA0256A97C1B341DC56995384A205164C5EF70E962F7EE89968C79047AF341796004B8FB073D4A3FBCCDE4C8C6A163FD53D4B282E641C637F88027D22E7EB8E4EB1508B7B7C038E3945CD610CA0C3F2762A75480AFE51B46AE94A41FA588C552B32F72F9DA64E0FD925F2EDF81FAB4976B1ED309E87E43D3020CC8832FC7E6E0744547F07E9A8D538511D51DDB3D73DA6BE252D80555F7503F1E8F2E5EA50109EB387A62F68BEB7FB9255ABF8D561251631396BB376D590138F5956589C059125CE2A227DA100A7185C06B568FFE882D56420A94FAF9E9FC43321F7D49E99D9B0D0FFCAA05375EEBBF7ADE829CA135784E74BBD90BE40FB2BAE593E2FC265B95C7FD686D14C33F85C2E1AE79375F598C57265B96EA4894637A987D15C5B08748DBE36A036D2CEAA86F777683A0091B1B8342BFE7DDF6272165C48A260B7478CA9CE72994351A81952A2E767E632902A6652D64806EF459D7E1D98F3EF516E90D5FA6F05ED96C86DC5971155BCAF8FC07973C64A7E97AA2C257B9829AF468F9CF7EB03330073763E6E81EDA20E5E85CE8B5398436DFF3DD7234BDFD07BA762E295B88826F333F62EC488374E50B9C57CC60E2289BA68147CBEAAFC068BC7D6D03D42716929380B600EB68B2D950EA8504BB695B58D6788388714DAEB6B56F821AD4794BA723287301CA050A3C13E0653771F5CA844E6196B440CB4E7BA2F09C8143DDA1CDA21912A7E08614E4F33CD7E32E9FC8C92DF7ED30D5D04B58C65BD01E91293CB91369EC7E2E8D0E3AD571A157A1F5CA66D9"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(760)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-02-09 18:33:18
ComboFix-quarantined-files.txt 2010-02-10 02:33

Pre-Run: 16,061,222,912 bytes free
Post-Run: 16,026,402,816 bytes free

- - End Of File - - 443CE2561C9A8171C288537E4C46B6E6

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
Please download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any
"<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
I can't get the program to complete it's scan before the virus kicks in and resets my comp.

any suggestions?

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
Copy (Ctrl +C) and paste (Ctrl +V) the text in the code box below to Notepad.

Code:

@echo off
Copy /y gmer.exe ark.exe
Start ark.exe


Save it into the gmer folder as File name: ark.cmd
Save as type: All Files

Once done, double click ark.cmd to run it.

This should start GMER, follow the steps I have outlined earlier to save a log file, then post me the contents in your next reply.

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
ok thanks...i'll try that in a bit.

now i get a message come up when i start that says:

to help protect your computer, windows has closed this program.
name: generic host process for win32 services
publisher: microsoft corporation

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
now i'm completely incapable of starting windows...

i get some blue screen with text but it flashes to fast to make out what it says then the system restarts?

sounds like i'm gonna need a new comp Annoyed or Unimpress

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
The rootkit shut you down. Bah!

These are links to Anti-virus vendors that offer free LiveCD or Rescue CD files that are used to boot from for repair of unbootable and damaged systems, rescue data, scan the system for virus infections. Burn it as an image to a disk to get a bootable CD. All (except Avira) are in the ISO Image file format. Avira uses an EXE that has built-in CD burning capability.
  • Avira AntiVir Rescue System - Tutorial for Avira Rescue CD.
    If you encounter problems running the Rescue Disk, you can get further assistance at the Avira Support Forum.
  • Dr Web LiveCD. Be sure to print out and follow the instructions provided in the User Manual.
  • F-Secure Rescue CD - Rescue CD 3.01 released.
    Video: How to Remove Malware with F-Secure Rescue CD
    If you encounter problems running the Rescue CD, you can get further assistance at the F-Secure Support Forum.
  • BitDefender LiveCD - Index of /rescue_cd
    If you encounter problems running the Rescue CD, you can get further assistance at the BitDefender Support Forum.
  • Kaspersky RescueDisk - Index of /devbuilds/RescueDisk/
    If you encounter problems running the RescueDisk, you can get further assistance at the Kaspersky Support Forum.
If you are not sure how to burn an image, please read How to write a CD/DVD image or ISO. If you need a FREE utility to burn the ISO image, download and use ImgBurn.

Let me know how it goes.

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
sorry for the delay.

running a scan now but i didn't let me update. I downloaded the kaspersky rescue disk

I'll post the report shortly.

Thanks again.

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
Oh ok.

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
hmm....

after a few tries the computer just shuts off mid scan

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
First
ISOBurner this will allow you to burn OTLPE ISO to a cd and make it bootable. Just install the program, from there on in it is fairly automatic. Instructions

Second
  • Download OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 292Mb in size so it may take some time to download.
  • When downloaded double click and this will then open ISOBurner to burn the file to CD
  • Reboot your system using the boot CD you just created.

    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
    • Change Drivers to Non-Microsoft
    • Press Run Scan to start the scan.
    • When finished, the file will be saved in drive C:\_OTL\MovedFiles
    • Copy this file to your USB drive if you do not have internet connection on this system
    • Please post the contents of the OTL.txt file in your reply.

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
ok so computer now doesn't stay on long enough to even run the boot disk. anymore suggestions before it's time to pull the plug?

descriptionNT authority system.... EmptyRe: NT authority system....

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum