TechSpot

Won't boot... Windows Failed to Start....

By skrapgiarc
Jul 2, 2013
  1. My computer won't boot. I get
    File: \Windows\System32\Drivers\aswVmm.sys
    Status: 0xc000000d
    Info: Windows failed to load because a system driver is missing or corrupt.

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-07-2013
    Ran by SYSTEM on 02-07-2013 08:33:22
    Running from J:\
    Windows 7 Home Premium (X86) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Recovery

    The current controlset is ControlSet001
    ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
    HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
    HKLM\...\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe [17920 2008-02-28] ( )
    HKLM\...\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup [30192 2010-09-01] (Google)
    HKLM\...\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
    HKLM\...\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [63048 2010-01-27] (LogMeIn, Inc.)
    HKLM\...\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [128296 2008-05-23] (CyberLink Corp.)
    HKLM\...\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup [2786104 2013-05-31] (Intuit Inc. All rights reserved.)
    HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
    HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
    HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [262656 2010-11-20] (Microsoft Corporation)
    Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [X]
    HKU\Dee\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [ 2010-11-20] (Microsoft Corporation)
    HKU\Dee\...\Run: [OnlineBackupScheduler] C:\Program Files\QuickBooks Online Backup\OnlineBackup.exe [ 2007-11-02] (SwapDrive, Inc.)
    HKU\Dee\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
    HKU\Dee\...\Run: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN26MBK03M05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 [ 2011-09-09] (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Start Menu\Programs\Startup\Digital Line Detect.lnk
    ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
    Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Start Menu\Programs\Startup\Intuit Data Protect.lnk
    ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
    Startup: C:\ProgramData\Start Menu\Programs\Startup\Online Backup Scheduler.lnk
    ShortcutTarget: Online Backup Scheduler.lnk -> C:\Windows\Installer\{A9255718-8A40-45F9-B738-93655FBD4F6F}\_C90BDFE323B95CEE248723.exe ()
    Startup: C:\ProgramData\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
    ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
    Startup: C:\ProgramData\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
    ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files\Intuit\QuickBooks 2009\QBW32.EXE (Intuit Inc.)
    Startup: C:\ProgramData\Start Menu\Programs\Startup\VideoBrowser Camera Monitor.lnk
    ShortcutTarget: VideoBrowser Camera Monitor.lnk -> C:\Program Files\PIXELA\VideoBrowser\CameraMonitor.exe (PIXELA CORPORATION)
    Startup: C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
    ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    Startup: C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
    ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll (Hewlett-Packard Co.)
    Startup: C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
    Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
    ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
    ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

    ========================== Services (Whitelisted) =================

    S2 AERTFilters; C:\Windows\system32\AERTSrv.exe [73728 2008-07-18] (Andrea Electronics Corporation)
    S2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
    S2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [137960 2013-05-09] (AVAST Software)
    S2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-05-02] (Stardock Corporation)
    S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-01] (Google)
    S2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2012-01-10] (Intuit Inc.)

    ==================== Drivers (Whitelisted) ====================

    S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
    S1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [104752 2013-05-09] (AVAST Software)
    S0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
    S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
    S0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2011-11-28] (ALWIL Software)
    S0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [204784 2013-05-09] (AVAST Software)
    S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
    S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
    S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
    S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
    S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
    S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [137674 2013-06-28] ()
    S2 LMIInfo; C:\Program Files\LogMeIn\x86\RaInfo.sys [13624 2013-06-04] (LogMeIn, Inc.)
    S2 LMIRfsDriver; C:\Windows\system32\drivers\LMIRfsDriver.sys [47640 2010-01-27] (LogMeIn, Inc.)
    S2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-07-21] (Windows (R) Codename Longhorn DDK provider)
    S4 LMIRfsClientNP; No ImagePath
    S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-07-02 08:33 - 2013-07-02 08:33 - 00000000 ____D C:\FRST
    2013-07-02 07:11 - 2013-07-02 07:11 - 00032768 ____A C:\bcd_backup
    2013-07-02 07:11 - 2013-07-02 07:11 - 00029696 __ASH C:\bcd_backup.LOG
    2013-06-28 03:33 - 2013-06-28 03:34 - 00000000 ____D C:\Users\Dee\AppData\Local\{5D5F4BCF-7962-422B-8E28-82289F616290}
    2013-06-27 06:44 - 2013-06-27 06:45 - 00000000 ____D C:\Users\Dee\AppData\Local\{9980E143-B5C1-46AA-B415-019E041147D8}
    2013-06-26 18:44 - 2013-06-26 18:44 - 00000000 ____D C:\Users\Dee\AppData\Local\{3331B4EB-B791-4BB3-8C13-45A33FFE3ED4}
    2013-06-26 16:11 - 2013-06-28 03:15 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
    2013-06-26 16:11 - 2013-06-28 03:15 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
    2013-06-26 07:21 - 2013-06-26 07:21 - 00156394 ____A C:\Users\Dee\Documents\Antonio Ortiz Wage History.xlsx
    2013-06-26 06:44 - 2013-06-26 06:44 - 00000000 ____D C:\Users\Dee\AppData\Local\{2E03039E-086E-47AB-9507-9ED2180BCED3}
    2013-06-25 18:43 - 2013-06-25 18:43 - 00000000 ____D C:\Users\Dee\AppData\Local\{D2967EC1-CA8D-4527-A45E-998E77BCB222}
    2013-06-25 18:02 - 2013-06-25 18:02 - 00023169 ____A C:\Users\Dee\Documents\Homeland.xlsx
    2013-06-25 06:43 - 2013-06-25 06:43 - 00000000 ____D C:\Users\Dee\AppData\Local\{342F5C96-5498-464E-B735-20B256259112}
    2013-06-24 03:02 - 2013-06-24 03:02 - 00000000 ____D C:\Users\Dee\AppData\Local\{F217DFAC-0BFD-48FE-8BE5-5DFB37BC7E4A}
    2013-06-14 03:58 - 2013-06-14 03:59 - 00000000 ____D C:\Users\Dee\AppData\Local\{56C94669-A47C-46C8-9185-B7436A33E8D5}
    2013-06-13 15:58 - 2013-06-13 15:58 - 00000000 ____D C:\Users\Dee\AppData\Local\{62EDCE18-BE44-4C48-A6C5-B5A6052CECBE}
    2013-06-13 03:58 - 2013-06-13 03:58 - 00000000 ____D C:\Users\Dee\AppData\Local\{4449526C-C0CB-41FB-818E-F473A9228800}
    2013-06-12 09:55 - 2013-06-08 03:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-06-12 09:55 - 2013-06-08 03:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-06-12 09:55 - 2013-06-08 03:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-06-12 09:54 - 2013-06-08 03:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-06-12 09:54 - 2013-06-08 03:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-06-12 09:54 - 2013-06-08 03:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-06-12 09:54 - 2013-05-16 17:26 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2013-06-12 09:54 - 2013-05-16 17:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-06-12 09:54 - 2013-05-16 17:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-06-12 09:54 - 2013-05-16 17:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-06-12 09:54 - 2013-05-16 17:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-06-12 09:54 - 2013-05-16 17:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2013-06-12 09:54 - 2013-05-16 17:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2013-06-12 09:54 - 2013-05-16 17:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-06-12 09:54 - 2013-05-16 17:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2013-06-12 09:54 - 2013-05-14 00:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2013-06-12 06:09 - 2013-06-12 06:09 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
    2013-06-12 06:08 - 2013-05-09 19:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
    2013-06-12 06:08 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
    2013-06-12 06:07 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
    2013-06-12 06:07 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
    2013-06-12 06:07 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
    2013-06-12 06:07 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
    2013-06-12 06:07 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
    2013-06-12 06:07 - 2013-05-07 21:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2013-06-12 06:07 - 2013-05-05 21:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
    2013-06-12 06:07 - 2013-05-05 21:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2013-06-12 06:07 - 2013-04-25 15:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
    2013-06-12 06:07 - 2013-04-16 23:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
    2013-06-12 06:04 - 2013-06-12 06:05 - 00000000 ____D C:\Users\Dee\AppData\Local\{1D43DDB8-4252-4214-BE0E-4DD3FA29318E}
    2013-06-11 04:54 - 2013-06-11 04:54 - 00000000 ____D C:\Users\Dee\AppData\Local\{4624A1C2-7003-4BCD-912F-9B5EFB4EF871}
    2013-06-10 05:20 - 2013-06-10 05:21 - 00000000 ____D C:\Users\Dee\AppData\Local\{50783215-A0E4-4675-BB9B-97082E48B251}
    2013-06-07 08:00 - 2013-06-07 08:00 - 00000000 ____D C:\Users\Dee\AppData\Local\{84BDC057-94AC-4328-90EB-639053340D22}
    2013-06-06 06:13 - 2013-06-06 06:13 - 00000000 ____D C:\Users\Dee\AppData\Local\{E03B9BBF-11DD-48CC-8165-AA1AAC49AEC0}
    2013-06-05 05:07 - 2013-06-05 05:07 - 00000000 ____D C:\Users\Dee\AppData\Local\{E4DCC430-0340-464F-9F18-47A12E555FB3}
    2013-06-04 05:30 - 2013-06-04 05:30 - 00000000 ____D C:\Users\Dee\AppData\Local\{28AAE93E-40AB-446B-9369-67AFA70D5A90}
    2013-06-03 10:38 - 2013-06-03 10:38 - 00000000 ____D C:\Users\Dee\AppData\Local\{8EA68E07-5945-4A40-8CA8-2A6C6DF40401}

    ==================== One Month Modified Files and Folders ========

    2013-07-02 08:33 - 2013-07-02 08:33 - 00000000 ____D C:\FRST
    2013-07-02 08:15 - 2012-03-22 11:21 - 00000000 ____D C:\users\Dee
    2013-07-02 08:15 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\wfp
    2013-07-02 08:15 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\DriverStore
    2013-07-02 08:14 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
    2013-07-02 07:11 - 2013-07-02 07:11 - 00032768 ____A C:\bcd_backup
    2013-07-02 07:11 - 2013-07-02 07:11 - 00029696 __ASH C:\bcd_backup.LOG
    2013-06-28 03:34 - 2013-06-28 03:33 - 00000000 ____D C:\Users\Dee\AppData\Local\{5D5F4BCF-7962-422B-8E28-82289F616290}
    2013-06-28 03:16 - 2012-03-22 11:38 - 01512187 ____A C:\Windows\WindowsUpdate.log
    2013-06-28 03:16 - 2010-12-09 05:33 - 00000422 ____A C:\Windows\Tasks\SystemToolsDailyTest.job
    2013-06-28 03:15 - 2013-06-26 16:11 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
    2013-06-28 03:15 - 2013-06-26 16:11 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
    2013-06-28 03:15 - 2013-03-05 06:06 - 00137674 ____A C:\Windows\System32\Drivers\aswVmm.sys
    2013-06-28 03:15 - 2011-07-13 09:41 - 00770344 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
    2013-06-28 03:15 - 2009-11-09 07:19 - 00369584 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
    2013-06-28 03:14 - 2012-10-25 10:21 - 00000334 ____A C:\Windows\Tasks\HP Photo Creations Communicator.job
    2013-06-28 03:14 - 2012-04-04 05:30 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-06-28 03:14 - 2010-09-19 09:55 - 00000000 ____D C:\ProgramData\LogMeIn
    2013-06-28 03:14 - 2009-12-31 04:42 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-06-28 03:14 - 2009-12-31 04:42 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-06-27 09:15 - 2011-03-21 06:44 - 00000868 ____A C:\Windows\Tasks\Google Software Updater.job
    2013-06-27 06:45 - 2013-06-27 06:44 - 00000000 ____D C:\Users\Dee\AppData\Local\{9980E143-B5C1-46AA-B415-019E041147D8}
    2013-06-26 18:44 - 2013-06-26 18:44 - 00000000 ____D C:\Users\Dee\AppData\Local\{3331B4EB-B791-4BB3-8C13-45A33FFE3ED4}
    2013-06-26 07:21 - 2013-06-26 07:21 - 00156394 ____A C:\Users\Dee\Documents\Antonio Ortiz Wage History.xlsx
    2013-06-26 06:44 - 2013-06-26 06:44 - 00000000 ____D C:\Users\Dee\AppData\Local\{2E03039E-086E-47AB-9507-9ED2180BCED3}
    2013-06-26 06:23 - 2009-07-13 20:52 - 00000000 ____D C:\Windows\System32\FxsTmp
    2013-06-26 06:23 - 2008-10-16 16:58 - 00025664 ____A C:\Users\Dee\AppData\Roaming\wklnhst.dat
    2013-06-25 18:43 - 2013-06-25 18:43 - 00000000 ____D C:\Users\Dee\AppData\Local\{D2967EC1-CA8D-4527-A45E-998E77BCB222}
    2013-06-25 18:02 - 2013-06-25 18:02 - 00023169 ____A C:\Users\Dee\Documents\Homeland.xlsx
    2013-06-25 08:25 - 2008-10-29 04:38 - 00356352 ____A C:\Users\Dee\Documents\time sheet.xlr
    2013-06-25 08:18 - 2008-10-16 11:42 - 00000000 ____D C:\Users\Dee\AppData\Local\Google
    2013-06-25 06:43 - 2013-06-25 06:43 - 00000000 ____D C:\Users\Dee\AppData\Local\{342F5C96-5498-464E-B735-20B256259112}
    2013-06-24 08:05 - 2008-10-17 05:59 - 00000090 ____A C:\Windows\QBChanUtil_Trigger.ini
    2013-06-24 05:49 - 2010-11-20 13:01 - 00778834 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-06-24 03:57 - 2012-12-10 07:43 - 00002131 ____A C:\Users\Public\Desktop\Google Chrome.lnk
    2013-06-24 03:48 - 2012-03-22 11:20 - 00009728 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-06-24 03:48 - 2012-03-22 11:20 - 00009728 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-06-24 03:02 - 2013-06-24 03:02 - 00000000 ____D C:\Users\Dee\AppData\Local\{F217DFAC-0BFD-48FE-8BE5-5DFB37BC7E4A}
    2013-06-24 02:58 - 2010-12-09 05:33 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
    2013-06-24 02:58 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-06-24 02:58 - 2009-07-13 20:39 - 02823570 ____A C:\Windows\setupact.log
    2013-06-24 02:58 - 2008-09-18 06:58 - 00000276 ____A C:\Windows\Tasks\RtlNICDiagVistaStart.job
    2013-06-14 03:59 - 2013-06-14 03:58 - 00000000 ____D C:\Users\Dee\AppData\Local\{56C94669-A47C-46C8-9185-B7436A33E8D5}
    2013-06-13 15:58 - 2013-06-13 15:58 - 00000000 ____D C:\Users\Dee\AppData\Local\{62EDCE18-BE44-4C48-A6C5-B5A6052CECBE}
    2013-06-13 11:06 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache
    2013-06-13 03:58 - 2013-06-13 03:58 - 00000000 ____D C:\Users\Dee\AppData\Local\{4449526C-C0CB-41FB-818E-F473A9228800}
    2013-06-12 06:31 - 2012-04-04 05:30 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2013-06-12 06:31 - 2011-07-13 09:44 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2013-06-12 06:10 - 2008-09-18 06:56 - 00000000 ____D C:\Program Files\Common Files\Java
    2013-06-12 06:09 - 2013-06-12 06:09 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
    2013-06-12 06:09 - 2013-05-14 05:28 - 00866720 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
    2013-06-12 06:09 - 2013-05-14 05:28 - 00788896 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
    2013-06-12 06:09 - 2013-05-14 05:28 - 00263584 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
    2013-06-12 06:09 - 2013-05-14 05:28 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
    2013-06-12 06:09 - 2013-05-14 05:28 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe
    2013-06-12 06:09 - 2008-09-18 06:56 - 00000000 ____D C:\Program Files\Java
    2013-06-12 06:05 - 2013-06-12 06:04 - 00000000 ____D C:\Users\Dee\AppData\Local\{1D43DDB8-4252-4214-BE0E-4DD3FA29318E}
    2013-06-12 06:02 - 2012-03-31 04:10 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-06-11 11:51 - 2010-11-20 13:48 - 00038236 ____A C:\Windows\PFRO.log
    2013-06-11 11:49 - 2013-05-13 11:47 - 00161859 ____A C:\Users\Dee\Documents\America First Audit.xlsx
    2013-06-11 04:54 - 2013-06-11 04:54 - 00000000 ____D C:\Users\Dee\AppData\Local\{4624A1C2-7003-4BCD-912F-9B5EFB4EF871}
    2013-06-10 05:21 - 2013-06-10 05:20 - 00000000 ____D C:\Users\Dee\AppData\Local\{50783215-A0E4-4675-BB9B-97082E48B251}
    2013-06-10 03:21 - 2010-09-19 09:55 - 00000000 ____D C:\Program Files\LogMeIn
    2013-06-10 03:20 - 2010-09-19 09:55 - 00092488 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIinit.dll
    2013-06-10 03:20 - 2010-09-19 09:55 - 00086888 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll
    2013-06-10 03:20 - 2010-09-19 09:55 - 00031560 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIport.dll
    2013-06-08 03:42 - 2013-06-12 09:55 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-06-08 03:40 - 2013-06-12 09:55 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-06-08 03:40 - 2013-06-12 09:54 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-06-08 03:40 - 2013-06-12 09:54 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-06-08 03:40 - 2013-06-12 09:54 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-06-08 03:13 - 2013-06-12 09:55 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-06-07 08:00 - 2013-06-07 08:00 - 00000000 ____D C:\Users\Dee\AppData\Local\{84BDC057-94AC-4328-90EB-639053340D22}
    2013-06-06 06:13 - 2013-06-06 06:13 - 00000000 ____D C:\Users\Dee\AppData\Local\{E03B9BBF-11DD-48CC-8165-AA1AAC49AEC0}
    2013-06-05 05:07 - 2013-06-05 05:07 - 00000000 ____D C:\Users\Dee\AppData\Local\{E4DCC430-0340-464F-9F18-47A12E555FB3}
    2013-06-04 09:52 - 2011-10-03 06:26 - 00017029 ____A C:\Users\Dee\Desktop\Mark McInroe 2010.xlsx
    2013-06-04 08:51 - 2010-09-19 09:55 - 00086888 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll.000.bak
    2013-06-04 05:30 - 2013-06-04 05:30 - 00000000 ____D C:\Users\Dee\AppData\Local\{28AAE93E-40AB-446B-9369-67AFA70D5A90}
    2013-06-03 10:38 - 2013-06-03 10:38 - 00000000 ____D C:\Users\Dee\AppData\Local\{8EA68E07-5945-4A40-8CA8-2A6C6DF40401}

    ==================== Known DLLs (Whitelisted) ============


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================

    Restore point made on: 2013-06-11 04:42:00
    Restore point made on: 2013-06-11 05:33:09
    Restore point made on: 2013-06-12 06:01:44
    Restore point made on: 2013-06-12 06:08:09
    Restore point made on: 2013-06-12 06:09:26
    Restore point made on: 2013-06-12 09:40:33
    Restore point made on: 2013-06-12 09:53:47
    Restore point made on: 2013-06-13 10:15:21
    Restore point made on: 2013-06-24 03:02:19
    Restore point made on: 2013-06-24 10:14:44
    Restore point made on: 2013-06-24 11:25:18
    Restore point made on: 2013-06-25 12:48:00
    Restore point made on: 2013-06-28 03:16:52

    ==================== Memory info ===========================

    Percentage of memory in use: 16%
    Total physical RAM: 3037.18 MB
    Available physical RAM: 2548.25 MB
    Total Pagefile: 3035.46 MB
    Available Pagefile: 2552.04 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1920.71 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:916.46 GB) (Free:769.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:10.23 GB) NTFS
    Drive e: (Repair disc Windows 7 32-bit) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF
    Drive j: (MULTIBOOT) (Removable) (Total:14.88 GB) (Free:3.88 GB) FAT32
    Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 40000000)
    Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)
    Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
    Partition 3: (Active) - (Size=916 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 5 (Size: 15 GB) (Disk ID: 00000000)
    Partition 1: (Active) - (Size=15 GB) - (Type=0C)


    LastRegBack: 2013-06-24 03:39

    ==================== End Of Log ============================
     
  2. Broni

    Broni Malware Annihilator Posts: 52,895   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===================================

    It looks like Avast driver.
    I've seen similar issues before.

    Can you start in safe mode?
     
  3. skrapgiarc

    skrapgiarc TS Rookie Topic Starter

    I wasn't able to boot in safe mode. However, I finally was able to boot by removing:
    S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [137674 2013-06-28] ()
    Once I was in, I uninstalled and reinstalled Avast and all seems to be well. Thanks for your reply!!!
     
  4. Broni

    Broni Malware Annihilator Posts: 52,895   +344

    Very well then :)
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...