| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 103492 | 2009-09-25 05:36:00 | Virus Problem after update! | JOYBEBA6679 (10686) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 813755 | 2009-09-27 05:46:00 | Ok the BSOD gives me this error: "IQRL_NOT_LESS_OR_EQUAL" then it tells me some information but I could only see the error since I too a photo of the BSOD. It goes away so fast gives no time to actually see what it is. Checked on control pannel for newly installed software but found none. Also, if it was drivers or malware, wasnt it supposed to fix when I did a system restore for a date 2 weeks before the problem? Right Click My Computer>Properties>Advanced>Under Startup and recovery select "Settings">Untick Auto restart. The PC won't restart straight after the BSOD now, so you can note down some more info, such as the driver/file name |
Blam (54) | ||
| 813756 | 2009-09-27 05:48:00 | Bit slow blam :p Already suggested that in post 18 :) | wainuitech (129) | ||
| 813757 | 2009-09-27 05:48:00 | Ok, first option didnt work as it gave me the BSOD before chkdsk could run. So I tried second option and the error number it gives me is: STOP: 0x0000000A (0x00000000,0x00000002,0x00000001,0x804DC11D) Mesage says: Check to make sure any new hardware or software is properly installed. If problem continue, disable or remove any newly installed hardware or software. Disable BIOS memory options such as caching or shadowing. And after those instructions just gives me that error number I mention before. I will post the starup log in a min. |
JOYBEBA6679 (10686) | ||
| 813758 | 2009-09-27 06:01:00 | This is the startup log hijackthis gave me: StartupList report, 9/27/2009, 1:30:46 AM StartupList version: 1.52.2 Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v8.00 (8.00.6001.17184) * Using default options ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SYSTEM32\WISPTIS.EXE C:\WINDOWS\System32\tabbtnu.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run MSConfig = C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] = -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\INKSCR~1.SCR drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} (no name) - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6} (no name) - C:\Program Files\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9} JQSIEStartDetectorImpl - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -------------------------------------------------- Enumerating Task Scheduler jobs: 1-Click Maintenance.job -------------------------------------------------- Enumerating Download Program Files: [Windows Genuine Advantage Validation Tool] InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL CODEBASE = download.microsoft.com [Shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx CODEBASE = download.macromedia.com -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: 0aMCPClient: *Registry key not found* PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- End of report, 4,530 bytes Report generated in 0.381 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only |
JOYBEBA6679 (10686) | ||
| 813759 | 2009-09-27 06:01:00 | Follow the instructions here: www.bay-wolf.com Then download "Pre-Compiled EXE file for USB Key (Pure DOS)" from here: www.memtest.org Takes around 5-10mins Then boot from the USB and perform the memory test Blam |
Blam (54) | ||
| 813760 | 2009-09-27 06:08:00 | Looks like that exact stop error is a common one. Some sites way it is a driver (it maybe hidden in device manager). Or ram. Go to device manager / view / show hidden devices. Look for any entries with a X or !. Tell us what it is | Speedy Gonzales (78) | ||
| 813761 | 2009-09-27 06:16:00 | Ok there is a network adapter with a red X called Intel PRO/100 VE Network Connection and there is also a hidden driver with a yellow ! called sptd, if I right click it and choose properties it says device type: non-plug and play drivers, manufacturer and location are unknown, Device status says: This device is not present, is not working properly or does not have all its drivers installed (code 24). On start up type it says boot. status stopped. | JOYBEBA6679 (10686) | ||
| 813762 | 2009-09-27 06:21:00 | Was daemon tools or alcohol installed on this previously?? If they were, (doesnt look like theyre installed now), delete that entry, then reboot | Speedy Gonzales (78) | ||
| 813763 | 2009-09-27 06:42:00 | By delete that entry you mean right click the sptd driver and click uninstall on the device manager? then reboot? BTW, a daemon tools lite appears installed on the laptop, but doesnt appear on the add remove list, it has an uninstall option, do I uninstall that too? |
JOYBEBA6679 (10686) | ||
| 813764 | 2009-09-27 06:43:00 | Yup or press the delete key | Speedy Gonzales (78) | ||
| 1 2 3 4 | |||||