FAO Starbuck-A extremely slow PC

Starbuck · June 15, 2011

Ok, sorry, was that to speed things up or the boot partition thing?

The information was to help speed up the system

Running the System File Checker was to correct the Boot partition.

We can check if it's worked or not by running Combofix again ( let it update if it asks) and see if it will install the recovery console.

Slumdog · June 15, 2011

No, it won't install, it said the same thing again. Do you want the combofix report when it's done? (replying on my own laptop).

Slumdog · June 15, 2011

Here it is anyway. (It re-booted while I was away).

ComboFix 11-06-15.02 - Alan Smith 15/06/2011 19:54:04.3.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.758.283 [GMT 1:00]

Running from: c:\documents and settings\Alan Smith\Desktop\Combo-fix.exe

* Created a new restore point

.

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((( Files Created from 2011-05-15 to 2011-06-15 )))))))))))))))))))))))))))))))

.

2011-06-13 20:52 . 2008-04-14 00:12 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2011-06-13 20:52 . 2001-08-17 21:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2011-06-13 20:52 . 2008-04-14 00:12 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll

2011-06-13 20:51 . 2001-08-17 21:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe

2011-06-13 20:51 . 2001-08-17 21:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe

2011-06-13 20:49 . 2001-08-17 21:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe

2011-06-13 20:49 . 2001-08-17 11:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys

2011-06-13 20:49 . 2004-08-03 21:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys

2011-06-13 20:48 . 2004-08-03 21:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys

2011-06-13 20:47 . 2008-04-13 18:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys

2011-06-13 20:47 . 2004-08-03 21:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys

2011-06-13 20:47 . 2001-08-17 11:12 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys

2011-06-13 20:46 . 2001-08-17 12:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys

2011-06-13 20:45 . 2001-08-17 21:36 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll

2011-06-13 20:45 . 2001-08-17 21:36 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll

2011-06-13 20:45 . 2001-08-17 12:28 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys

2011-06-13 20:45 . 2004-08-03 21:29 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys

2011-06-13 20:45 . 2008-04-13 18:45 31744 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys

2011-06-13 20:44 . 2001-08-17 11:10 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys

2011-06-13 20:44 . 2004-08-03 21:29 33599 -c--a-w- c:\windows\system32\dllcache\watv04nt.sys

2011-06-13 20:44 . 2004-08-03 21:29 19551 -c--a-w- c:\windows\system32\dllcache\watv02nt.sys

2011-06-13 20:44 . 2004-08-03 21:29 29311 -c--a-w- c:\windows\system32\dllcache\watv01nt.sys

2011-06-13 20:44 . 2004-08-03 21:29 11775 -c--a-w- c:\windows\system32\dllcache\wadv05nt.sys

2011-06-13 20:44 . 2004-08-03 21:29 12127 -c--a-w- c:\windows\system32\dllcache\wadv02nt.sys

2011-06-13 20:44 . 2004-08-03 21:29 12415 -c--a-w- c:\windows\system32\dllcache\wadv01nt.sys

2011-06-13 20:43 . 2001-08-17 11:13 16925 -c--a-w- c:\windows\system32\dllcache\w940nd.sys

2011-06-13 20:43 . 2001-08-17 11:13 19016 -c--a-w- c:\windows\system32\dllcache\w926nd.sys

2011-06-13 20:43 . 2001-08-17 11:13 19528 -c--a-w- c:\windows\system32\dllcache\w840nd.sys

2011-06-13 20:42 . 2001-08-17 12:28 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys

2011-06-13 20:42 . 2001-08-17 12:28 397502 -c--a-w- c:\windows\system32\dllcache\vpctcom.sys

2011-06-13 20:42 . 2001-08-17 12:28 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys

2011-06-13 20:42 . 2001-08-17 11:14 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys

2011-06-13 20:41 . 2001-08-17 12:49 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys

2011-06-13 20:41 . 2008-04-13 18:40 5376 -c--a-w- c:\windows\system32\dllcache\viaide.sys

2011-06-13 20:41 . 2001-08-17 12:28 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys

2011-06-13 20:41 . 2001-08-17 12:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys

2011-06-13 20:40 . 2001-08-17 12:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys

2011-06-13 20:40 . 2001-08-17 12:28 7556 -c--a-w- c:\windows\system32\dllcache\usroslba.sys

2011-06-13 20:40 . 2001-08-17 12:28 224802 -c--a-w- c:\windows\system32\dllcache\usr1807a.sys

2011-06-13 20:40 . 2001-08-17 12:28 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys

2011-06-13 20:39 . 2001-08-17 12:28 793598 -c--a-w- c:\windows\system32\dllcache\usr1806.sys

2011-06-13 20:39 . 2001-08-17 12:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys

2011-06-13 20:39 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys

2011-06-13 20:39 . 2008-04-13 18:45 17152 -c--a-w- c:\windows\system32\dllcache\usbohci.sys

2011-06-13 20:39 . 2008-04-13 18:45 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys

2011-06-13 20:39 . 2004-08-03 21:31 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys

2011-06-13 20:38 . 2001-08-17 21:36 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll

2011-06-13 20:38 . 2001-08-17 21:36 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll

2011-06-13 20:38 . 2001-08-17 21:36 26624 -c--a-w- c:\windows\system32\dllcache\umaxu22.dll

2011-06-13 20:38 . 2001-08-17 21:36 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll

2011-06-13 20:37 . 2001-08-17 21:36 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll

2011-06-13 20:37 . 2001-08-17 12:58 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys

2011-06-13 20:37 . 2001-08-17 21:36 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll

2011-06-13 20:37 . 2001-08-17 21:36 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll

2011-06-13 20:37 . 2001-08-17 21:36 211968 -c--a-w- c:\windows\system32\dllcache\um54scan.dll

2011-06-13 20:36 . 2001-08-17 21:36 216064 -c--a-w- c:\windows\system32\dllcache\um34scan.dll

2011-06-13 20:36 . 2001-08-17 12:52 36736 -c--a-w- c:\windows\system32\dllcache\ultra.sys

2011-06-13 20:36 . 2001-08-17 12:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys

2011-06-13 20:35 . 2001-08-17 11:51 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys

2011-06-13 20:35 . 2001-08-17 21:36 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll

2011-06-13 20:35 . 2001-08-17 11:51 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys

2011-06-13 20:35 . 2001-08-17 13:56 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll

2011-06-13 20:35 . 2001-08-17 11:51 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys

2011-06-13 20:34 . 2001-08-17 13:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll

2011-06-13 20:34 . 2001-08-17 11:12 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys

2011-06-13 20:34 . 2001-08-17 21:35 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll

2011-06-13 20:34 . 2008-04-14 00:12 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe

2011-06-13 20:34 . 2001-08-17 21:36 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll

2011-06-13 20:33 . 2001-08-17 12:51 4992 -c--a-w- c:\windows\system32\dllcache\toside.sys

2011-06-13 20:33 . 2001-08-17 13:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys

2011-06-13 20:33 . 2001-08-17 13:01 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys

2011-06-13 20:33 . 2001-08-17 11:10 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys

2011-06-13 20:33 . 2001-08-17 11:14 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys

2011-06-13 20:32 . 2001-08-17 11:51 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys

2011-06-13 20:32 . 2001-08-17 13:56 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll

2011-06-13 20:32 . 2008-04-13 18:40 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys

2011-06-13 20:32 . 2001-08-17 11:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys

2011-06-13 20:31 . 2001-08-17 11:13 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys

2011-06-13 20:31 . 2001-08-17 12:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys

2011-06-13 20:31 . 2001-08-17 12:52 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys

2011-06-13 20:30 . 2001-08-17 11:50 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys

2011-06-13 20:30 . 2001-08-17 13:56 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll

2011-06-13 20:30 . 2001-08-17 13:07 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys

2011-06-13 20:30 . 2001-08-17 13:07 16256 -c--a-w- c:\windows\system32\dllcache\symc810.sys

2011-06-13 20:29 . 2001-08-17 13:07 30688 -c--a-w- c:\windows\system32\dllcache\sym_u3.sys

2011-06-13 20:29 . 2001-08-17 13:07 28384 -c--a-w- c:\windows\system32\dllcache\sym_hi.sys

2011-06-13 20:29 . 2001-08-17 21:36 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll

2011-06-13 20:29 . 2001-08-17 12:50 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys

2011-06-13 20:29 . 2001-08-17 13:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys

2011-06-13 20:29 . 2001-08-17 21:36 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll

2011-06-13 20:28 . 2001-08-17 21:36 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll

2011-06-13 20:28 . 2001-08-17 21:36 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll

2011-06-13 20:28 . 2001-08-17 21:36 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll

2011-06-13 20:28 . 2001-08-17 21:36 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll

2011-06-13 20:27 . 2001-08-17 21:36 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll

2011-06-13 20:27 . 2001-08-17 11:18 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys

2011-06-13 20:27 . 2001-08-17 12:51 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys

2011-06-13 20:27 . 2001-08-17 11:11 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys

2011-06-13 20:26 . 2001-08-17 21:36 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll

2011-06-13 20:26 . 2001-08-17 21:36 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll

2011-06-13 20:25 . 2001-08-17 12:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys

2011-06-13 20:25 . 2001-08-17 21:36 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll

2011-06-13 20:25 . 2001-08-17 13:07 19072 -c--a-w- c:\windows\system32\dllcache\sparrow.sys

2011-06-13 20:25 . 2001-08-17 12:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys

2011-06-13 20:25 . 2001-08-17 11:51 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys

2011-06-13 20:24 . 2001-08-17 21:36 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll

2011-06-13 20:24 . 2001-08-17 11:51 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys

2011-06-13 20:24 . 2001-08-17 12:53 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys

2011-06-13 20:24 . 2008-04-13 18:40 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys

2011-06-13 20:24 . 2004-08-04 12:00 143422 -c--a-w- c:\windows\system32\dllcache\softkey.dll

2011-06-13 20:24 . 2001-08-17 12:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys

2011-06-13 20:23 . 2001-08-17 11:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys

2011-06-13 20:23 . 2001-08-17 13:56 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll

2011-06-13 20:23 . 2001-08-17 11:12 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys

2011-06-13 20:22 . 2001-08-17 11:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys

2011-06-13 20:22 . 2001-08-17 12:57 6784 -c--a-w- c:\windows\system32\dllcache\smbhc.sys

2011-06-13 20:22 . 2008-04-13 18:36 6912 -c--a-w- c:\windows\system32\dllcache\smbclass.sys

2011-06-13 20:22 . 2008-04-13 18:36 16000 -c--a-w- c:\windows\system32\dllcache\smbbatt.sys

2011-06-13 20:22 . 2001-08-17 21:36 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll

2011-06-13 20:22 . 2001-08-17 21:36 33792 -c--a-w- c:\windows\system32\dllcache\smb0w.dll

2011-06-13 20:21 . 2001-08-17 21:36 28672 -c--a-w- c:\windows\system32\dllcache\sma0w.dll

2011-06-13 20:21 . 2001-08-17 21:36 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll

2011-06-13 20:21 . 2004-08-03 21:31 63547 -c--a-w- c:\windows\system32\dllcache\sla30nd5.sys

2011-06-13 20:20 . 2001-08-17 11:12 91294 -c--a-w- c:\windows\system32\dllcache\skfpwin.sys

2011-06-13 20:20 . 2001-08-17 11:12 94698 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TabletWizard"="c:\windows\help\SplshWrp.exe" [2008-04-14 16384]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-29 126976]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2004-07-02 163840]

"AGRSMMSG"="AGRSMMSG.exe" [2004-06-07 88363]

"FjDspMon"="c:\program files\Fujitsu\Utils\FjDspMon.exe" [2004-10-14 20480]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-09-13 172032]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\Alan Smith\Start Menu\Programs\Startup\

Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-11-6 368640]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

AntSwitch.lnk - c:\windows\AntSwitch.exe [2005-11-2 28748]

BTTray.lnk - c:\program files\Fujitsu Siemens\Bluetooth Software\BTTray.exe [2004-9-21 557123]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]

2008-04-14 00:11 47104 ----a-w- c:\program files\Common Files\Microsoft Shared\Ink\loginkey.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]

2002-08-29 10:41 11776 ----a-w- c:\windows\system32\tabbtnwl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]

2008-04-14 00:12 32256 ----a-w- c:\windows\system32\tpgwlnot.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FjEvents]

2004-12-16 14:08 20480 ----a-w- c:\program files\Fujitsu\Utils\FjEvents.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fujitsu Menu]

2004-12-16 14:10 32768 ----a-w- c:\program files\Fujitsu\Utils\FjMnuIco.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-05-08 15:24 54840 ----a-w- c:\program files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]

2006-06-26 08:46 497200 ----a-w- c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]

2006-06-26 09:34 614960 ----a-w- c:\program files\Logitech\QuickCam10\QuickCam10.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

2006-06-26 09:33 243248 ----a-w- c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]

2006-05-16 17:50 40960 ----a-w- c:\program files\OLYMPUS\OLYMPUS Master\FirstStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TabletTip]

2008-04-14 00:12 271872 ----a-w- c:\program files\Common Files\Microsoft Shared\Ink\tabtip.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WMPNetworkSvc"=3 (0x3)

"gusvc"=2 (0x2)

"gupdate1c9d31333ce2850"=2 (0x2)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"4635:TCP"= 4635:TCP:ppLive

"6329:UDP"= 6329:UDP:ppLive

.

R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [09/06/2010 17:43 11352]

R3 CONAN;CONAN;c:\windows\system32\drivers\o2mmb.sys [28/09/2005 21:35 192608]

R3 Fjbtndrv;Fujitsu LIFEBOOK T3000 Button Driver;c:\windows\system32\drivers\FjBtndrv.sys [20/06/2003 14:30 11392]

R3 FUJ02E1;%FUJ02E1.DeviceDesc%;c:\windows\system32\drivers\FUJ02E1.sys [28/09/2005 21:35 6000]

R3 hidpen;Wacom Serial Pen HID MiniDriver;c:\windows\system32\drivers\hidpen.sys [28/09/2005 21:35 31104]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [07/05/2010 12:06 32856]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02/11/2009 20:27 19472]

R3 OZSCR;O2Micro SmartCardBus Smartcard Reader;c:\windows\system32\drivers\ozscr.sys [28/09/2005 21:35 92550]

S2 gupdate1c9d31333ce2850;Google Update Service (gupdate1c9d31333ce2850);c:\program files\Google\Update\GoogleUpdate.exe [12/05/2009 16:06 133104]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/05/2009 16:06 133104]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [25/05/2011 11:53 39984]

S3 MbxStby;MbxStby;c:\windows\system32\drivers\MbxStby.sys [28/09/2005 21:35 6324]

S3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [13/08/2004 09:54 14208]

S4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [10/06/2011 21:50 229376]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

vvdsvc REG_MULTI_SZ vvdsvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]

2009-03-08 03:32 128512 ----a-w- c:\windows\system32\advpack.dll

.

Contents of the 'Scheduled Tasks' folder

.

2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-12 15:05]

.

2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-12 15:05]

.

2011-06-15 c:\windows\Tasks\User_Feed_Synchronization-{52548EC2-B4D7-439B-9623-1232966E9D66}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.co.uk/

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

TCP: DhcpNameServer = 192.168.0.1

.

------- File Associations -------

.

JSEFile=NOTEPAD.EXE %1

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-06-15 20:20

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(6928)

c:\windows\system32\WININET.dll

c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll

c:\program files\windows journal\nbmaptip.dll

c:\windows\IME\SPGRMR.DLL

c:\windows\system32\ieframe.dll

c:\windows\system32\BTNEIG~1.DLL

c:\windows\system32\wbtapi.dll

c:\windows\system32\btwpimif.dll

c:\windows\system32\btosif.dll

c:\windows\system32\btrez.dll

c:\windows\system32\CSH.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\btncopy.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe

c:\windows\SYSTEM32\WISPTIS.EXE

c:\windows\System32\tabbtnu.exe

c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

c:\windows\System32\SCardSvr.exe

c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

c:\program files\Fujitsu Siemens\Bluetooth Software\bin\btwdins.exe

c:\windows\System32\digtizer.exe

c:\windows\system32\igfxext.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\Common Files\Microsoft Shared\Ink\TCServer.exe

c:\windows\system32\HPZipm12.exe

c:\windows\AGRSMMSG.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\igfxext.exe

c:\windows\system32\wscntfy.exe

c:\program files\Apoint2K\HidFind.exe

c:\program files\Apoint2K\Apntex.exe

.

**************************************************************************

.

Completion time: 2011-06-15 20:28:28 - machine was rebooted

ComboFix-quarantined-files.txt 2011-06-15 19:28

ComboFix2.txt 2011-06-09 18:06

.

Pre-Run: 6,465,757,184 bytes free

Post-Run: 6,472,966,144 bytes free

.

- - End Of File - - 48E22F4D29EC1997795E4F50761E6D3C

Starbuck · June 15, 2011

No, it won't install, it said the same thing again.

Ok, seems we can't do it the easy way. :(

Open windows explorer (right click the Start button and click Explore)

At the top of windows explorer, click tools >> folder options >> click the

view tab

check Display the contents of system folders
check Show hidden files and folders
uncheck "Hide extensions for known file types" box
uncheck "Hide protecting operating system files" box

Click apply, click ok

Now Navigate to the C:\ folder and click on it.

In the right hand panel locate a file named boot.ini
right click it and click open or Open with
if prompted with Open with choose notepad

Please post the contents of the file in your next reply.

Thanks

Slumdog · June 15, 2011

"Now Navigate to the C:\ folder and click on it"

Again sorry, where is this?

Starbuck · June 15, 2011

If you click on Start >> My Computer

you will see Local Disc © ( under the Hard Disc Drives section)

this is the C:\ folder.

Slumdog · June 16, 2011

There isn't a boot.ini file there.

Starbuck · June 16, 2011

I had a strange feeling you was going to tell me that!

Oh Well, we now know why the Boot partition cannot be enumerated correctly. :o

As the boot.ini doesn't exist.... open Notepad

copy/paste the following text in the Code box below, into Notepad:

Do Not copy the word CODE

[boot loader]
timeout=30
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=1 /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS=2 /fastdetect
scsi(0)disk(0)rdisk(0)partition(1)\WINDOWS=3 /fastdetect
scsi(0)disk(0)rdisk(0)partition(2)\WINDOWS=4 /fastdetect
scsi(0)disk(0)rdisk(1)partition(2)\WINDOWS=5 /fastdetect
scsi(0)disk(0)rdisk(1)partition(2)\WINDOWS=6 /fastdetect
C:\WINDOWS=7 /fastdetect

Save the file you just created. Name it boot.ini & save it directly to C:\ drive

Do Not reboot yet!

notepad c:\boot.ini

note the space after notepad.

Please post the contents of the notepad that opens.

Thanks

Slumdog · June 16, 2011

Same as you gave me--

[boot loader]

timeout=30

[operating systems]

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=1 /fastdetect

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS=2 /fastdetect

scsi(0)disk(0)rdisk(0)partition(1)\WINDOWS=3 /fastdetect

scsi(0)disk(0)rdisk(0)partition(2)\WINDOWS=4 /fastdetect

scsi(0)disk(0)rdisk(1)partition(2)\WINDOWS=5 /fastdetect

scsi(0)disk(0)rdisk(1)partition(2)\WINDOWS=6 /fastdetect

C:\WINDOWS=7 /fastdetect

Starbuck · June 16, 2011

That's ok .... i just needed to check before we continue.

Please print or write down these instructions then reboot the computer.

You will only need to do this until you find the option that will boot to Windows. Once Windows has loaded please stop there and post back which option started the computer.

After the reboot, you'll have 30 seconds to choose from the boot menu.

Use your arrow key and select 1 /fastdetect in the list and press Enter
Wait for it to boot Windows.
If you receive an error, click OK to restart the system.

If you need to restart because of Windows failing to load you will see the boot menu again.

Arrow up to 2 /fastdetect and press Enter.
Wait for Windows to boot.
If you receive an error message, same as before, click OK to restart.
Continue using the arrow key, going in succession from 3 /fastdetect, etc., one at a time, until Windows boots up.

Who said life was dull? :)

Slumdog · June 16, 2011

Just before I do that,

I don't know if this has any bearing on the matter but every time the laptop starts or re-boots, on the first page-Fujitsu etc. it says

02F9: Thermal sensor error

Enter F1 To resume or F2 to set up.

It does this every time and will not proceed until F1 is pushed.

Starbuck · June 16, 2011

sounds like an over heating problem, but this isn't in my field.

Once we get this boot problem sorted i'll get some more experienced in this to assist you.

Slumdog · June 16, 2011

It worked on the first try

Starbuck · June 16, 2011

So that is:

1 /fastdetect

Slumdog · June 16, 2011

Yes

Starbuck · June 16, 2011

Ok thanks, i needed to be sure which option worked.

If we got it wrong!!! mmm doesn't bare thinking about.

OK good. Now that we know which partition Windows is located in, we need to set it one more time.

Right click the C:\boot.ini (you created earlier) & rename it to boot.old

Open Notepad then copy/paste the text in the Code box below, into that empty Notepad:

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Save this as boot.ini directly on the C:\ drive. (replacing the earlier one)

Let me know how you make out.

It should be ok now.

Slumdog · June 16, 2011

Okay, that is on C:\

notepad report the same again--

[boot loader]

timeout=30

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Starbuck · June 16, 2011

Reboot the system.

It should reboot ok now.

Starbuck · June 16, 2011

If the system reboots ok, you can edit the boot.ini we just created.

You can change:

timeout=30

to

timeout=3

it'll reboot a bit faster, it'll cut down the wait time from 30 seconds to 3 seconds.

Slumdog · June 16, 2011

Re-booted fine but slow.

Starbuck · June 16, 2011

Re-booted fine but slow.

Yes, that was my mistake Sorry.

i should have altered the new boot.ini script to say:

timeout=3

that's why i added the previous post.

Now to see if everything works.......

Run Combofix again and see if it will install the recovery console now.

if no deletions are found, you need not post the report.

Slumdog · June 16, 2011

One deletion:

ComboFix 11-06-15.02 - Alan Smith 16/06/2011 21:27:53.4.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.758.403 [GMT 1:00]

Running from: c:\documents and settings\Alan Smith\Desktop\Combo-fix.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\struct~.ini

.

((((((((((((((((((((((((( Files Created from 2011-05-16 to 2011-06-16 )))))))))))))))))))))))))))))))

.

2011-06-15 23:14 . 2011-06-16 14:04 -------- d-----w- c:\windows\SxsCaPendDel