Computer Viruses including Virtumonde

[Kurt6000]

That was the first thing I checked. Strangely, the device manager field is blank too- nothing is there at all. Could settings in msconfig be wrong? I checked there next but did not see anything out of the ordinary, or simply could not tell if there was.

Never seen this lack of control over system devices before- any thoughts? It is definitely running without freezing or shutting down now however.

[Blade81]

Hi

Locate if present the following file & delete it:

C:\windows\ntbtlog.txt

Restart the computer
Just before the OS loading screen starts hit F8 as if going to safe mode.
From the advanced boot menu choose "enable boot logging" then hit enter.
Post the following file:

C:\windows\ntbtlog.txt

[Kurt6000]

Will do- I'll be at the computer again in about two hours.

Also, I found this on microsoft troubleshooting- could this be of any help? I won't do anything until told.

"SYMPTOMSAfter you install Windows XP Service Pack 3 (SP3), Device Manager may not show a...After you install Windows XP Service Pack 3 (SP3), Device Manager may not show any devices, and Network Connections may not show any network connections.

This problem may occur when an antivirus application is still running during the installation of Windows XP SP3.
Back to the top
CAUSEThis problem occurs when the Fixccs.exe process is called during the Windows XP...This problem occurs when the Fixccs.exe process is called during the Windows XP SP3 installation. This process creates some intermediate registry subkeys, and it later deletes these subkeys. In some cases, some antivirus applications may not let the Fixccs.exe process delete these intermediate registry subkeys.

When this problem occurs, certain applications, such as Device Manager and Network Connections, may be unable to enumerate the device or connection instances. These applications will report a blank status, even though devices and connections still function as expected.
Back to the top
RESOLUTIONImportant This section, method, or task contains steps that tell you how to modi...Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 (http://support.microsoft.com/kb/322756/ ) How to back up and restore the registry in Windows
To resolve this problem, follow these steps:
Restart the computer in safe mode. To restart the computer in safe mode, follow these steps.

Note Print these instructions before you continue.
Click Start, and then click Shut Down.
In the Shut Down Windows dialog box, select Restart in the What do you want the computer to do list, and then click OK.
After the computer restarts but before Windows XP starts, press F8.
Use the arrow keys to select the Safe Mode option, and then press ENTER.
Click Start, and then click Run.
Type regedit in the Open box, and then press ENTER.
Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM
On the Edit menu, click Find.
In the Find what box, type the following text:
$%&'()*+
Click Find Next.
Right-click the registry subkey that begins with "$%&'()*+," and then click Delete.
Click Yes to confirm the deletion.
Press F3 to search for the next registry subkey.
Repeat steps 7 through 8 to delete each registry subkey that contains the text "$%&'()*+."
Exit Registry Editor.
Restart the computer.
Back to the top"

Thanks for your help!

[Blade81]

Hi

Yes, that could be a key to your problem. Before trying it's better get a backup of your registry.

Download ERUNT
Save it to your desktop. Run and install this program.

In the box that opens ONLY choose
System registry.

Then click OK.

Click save and then go to File > Exit.
This is so the registry can be restored to this point if we need it. It may take a minute. Just let it go until it's done.

[Kurt6000]

OK. I will transfer Erunt over and run it, then try the Microsoft steps.

Also here is the ntbtlog asked for:

Service Pack 312 9 2008 15:48:50.500
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\system32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver ohci1394.sys
Loaded driver \WINDOWS\system32\DRIVERS\1394BUS.SYS
Loaded driver compbatt.sys
Loaded driver \WINDOWS\system32\DRIVERS\BATTC.SYS
Loaded driver pciide.sys
Loaded driver \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Loaded driver intelide.sys
Loaded driver pcmcia.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver dmload.sys
Loaded driver dmio.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver PxHelp20.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver TVALZ.SYS
Loaded driver Thpevm.SYS
Loaded driver thpdrv.sys
Loaded driver Mup.sys
Loaded driver \SystemRoot\system32\DRIVERS\tunmp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ialmnt5.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbuhci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\w29n51.sys
Loaded driver \SystemRoot\system32\DRIVERS\sdbus.sys
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\system32\DRIVERS\TBtnKey.sys
Loaded driver \SystemRoot\system32\DRIVERS\Apfiltr.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\serial.sys
Loaded driver \SystemRoot\system32\DRIVERS\wacompen.sys
Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\system32\drivers\pfc.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\System32\Drivers\Cdralw2k.SYS
Loaded driver \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
Loaded driver \SystemRoot\system32\drivers\smwdm.sys
Loaded driver \SystemRoot\system32\DRIVERS\TEchoCan.sys
Loaded driver \SystemRoot\system32\DRIVERS\TMicAry.sys
Loaded driver \SystemRoot\system32\drivers\aeaudio.sys
Loaded driver \SystemRoot\system32\DRIVERS\Tvs.sys
Loaded driver \SystemRoot\system32\DRIVERS\AGRSM.sys
Loaded driver \SystemRoot\System32\Drivers\Modem.SYS
Loaded driver \SystemRoot\system32\DRIVERS\CmBatt.sys
Loaded driver \SystemRoot\system32\DRIVERS\intelppm.sys
Loaded driver \SystemRoot\system32\DRIVERS\iwca.sys
Loaded driver \SystemRoot\system32\DRIVERS\audstub.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\system32\DRIVERS\psched.sys
Loaded driver \SystemRoot\system32\DRIVERS\ptilink.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspti.sys
Loaded driver \SystemRoot\system32\DRIVERS\rdpdr.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\update.sys
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdhid.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouhid.sys
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Fdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Flpydisk.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdr4_xp.SYS
Loaded driver \SystemRoot\System32\Drivers\Cdralw2k.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\System32\Drivers\Udfs.SYS
Loaded driver \SystemRoot\System32\Drivers\meiudf.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\system32\DRIVERS\tcpip.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\system32\DRIVERS\tcpip6.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\system32\drivers\ip6fw.sys
Loaded driver \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
Loaded driver \SystemRoot\System32\Drivers\SYMTDI.SYS
Loaded driver \SystemRoot\System32\drivers\ws2ifsl.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Did not load driver \SystemRoot\System32\drivers\udfss.sys
Loaded driver \SystemRoot\System32\Drivers\TMEI3E.SYS
Loaded driver \SystemRoot\System32\Drivers\SRTSPX.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\DRIVERS\hidusb.sys
Loaded driver \SystemRoot\system32\DRIVERS\USBSTOR.SYS
Loaded driver \SystemRoot\System32\Drivers\Fips.SYS
Loaded driver \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Loaded driver \SystemRoot\System32\Drivers\avgmfx86.sys
Loaded driver \SystemRoot\System32\Drivers\avgldx86.sys
Loaded driver \SystemRoot\system32\DRIVERS\point32.sys
Loaded driver \SystemRoot\System32\Drivers\Fastfat.SYS
Loaded driver \??\C:\WINDOWS\system32\drivers\TBiosDrv.sys
Loaded driver \SystemRoot\system32\DRIVERS\AegisP.sys
Loaded driver \SystemRoot\system32\DRIVERS\nwlnkipx.sys
Loaded driver \SystemRoot\system32\DRIVERS\nwlnknb.sys
Loaded driver \SystemRoot\system32\DRIVERS\s24trans.sys
Loaded driver \SystemRoot\system32\DRIVERS\netdevio.sys
Loaded driver \SystemRoot\system32\DRIVERS\nwlnkspx.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipfltdrv.sys
Loaded driver \??\C:\Program Files\PeerGuardian2\pgfilter.sys


Again, thanks so much for the help. You've been great and this is a terrible time for my computer to be inaccessible.

[Kurt6000]

Alright, here are the registry keys in which there were entries I found using the system recommended. There was a long set of entries in each.


HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Automatic LiveUpdate Scheduler
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ccEvtMgr
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ccSetMgr
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CLTNetCnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\eeCtrl\Instances
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LiveUpdate
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SPBBCDrv\Instances
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SRTSP\Instances
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Symantec Core LC
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SymAppCore
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Automatic LiveUpdate Scheduler
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ccEvtMgr
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ccSetMgr
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\CLTNetCnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\eeCtrl\Instances
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\EraserUtilRebootDrv
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\LiveUpdate
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SPBBCDrv\Instances
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SRTSP\Instances
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Symantec Core LC
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SymAppCore
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Automatic LiveUpdate Scheduler
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ccEvtMgr
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ccSetMgr
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\CLTNetCnService
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\eeCtrl\Instances
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\LiveUpdate
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SPBBCDrv\Instances
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SRTSP\Instances
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Symantec Core LC
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SymAppCore



I restarted, then deleted the ntbtlog.txt file, restarted again with Enable Boot Logging. Here is the new ntbtlog:

Did not load driver AFD.SYS
Did not load driver AFD.SYS
Service Pack 312 9 2008 19:29:15.500
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\system32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver ohci1394.sys
Loaded driver \WINDOWS\system32\DRIVERS\1394BUS.SYS
Loaded driver compbatt.sys
Loaded driver \WINDOWS\system32\DRIVERS\BATTC.SYS
Loaded driver pciide.sys
Loaded driver \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Loaded driver intelide.sys
Loaded driver pcmcia.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver dmload.sys
Loaded driver dmio.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver PxHelp20.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver TVALZ.SYS
Loaded driver Thpevm.SYS
Loaded driver thpdrv.sys
Loaded driver Mup.sys
Loaded driver \SystemRoot\system32\DRIVERS\tunmp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ialmnt5.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbuhci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\w29n51.sys
Loaded driver \SystemRoot\system32\DRIVERS\sdbus.sys
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\system32\DRIVERS\TBtnKey.sys
Loaded driver \SystemRoot\system32\DRIVERS\Apfiltr.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\serial.sys
Loaded driver \SystemRoot\system32\DRIVERS\wacompen.sys
Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\system32\drivers\pfc.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\System32\Drivers\Cdralw2k.SYS
Loaded driver \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
Loaded driver \SystemRoot\system32\drivers\smwdm.sys
Loaded driver \SystemRoot\system32\DRIVERS\TEchoCan.sys
Loaded driver \SystemRoot\system32\DRIVERS\TMicAry.sys
Loaded driver \SystemRoot\system32\drivers\aeaudio.sys
Loaded driver \SystemRoot\system32\DRIVERS\Tvs.sys
Loaded driver \SystemRoot\system32\DRIVERS\AGRSM.sys
Loaded driver \SystemRoot\System32\Drivers\Modem.SYS
Loaded driver \SystemRoot\system32\DRIVERS\CmBatt.sys
Loaded driver \SystemRoot\system32\DRIVERS\intelppm.sys
Loaded driver \SystemRoot\system32\DRIVERS\iwca.sys
Loaded driver \SystemRoot\system32\DRIVERS\audstub.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\system32\DRIVERS\psched.sys
Loaded driver \SystemRoot\system32\DRIVERS\ptilink.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspti.sys
Loaded driver \SystemRoot\system32\DRIVERS\rdpdr.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\update.sys
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdhid.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouhid.sys
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Fdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Flpydisk.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdr4_xp.SYS
Loaded driver \SystemRoot\System32\Drivers\Cdralw2k.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\System32\Drivers\Udfs.SYS
Loaded driver \SystemRoot\System32\Drivers\meiudf.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\system32\DRIVERS\tcpip.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\system32\DRIVERS\tcpip6.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\system32\drivers\ip6fw.sys
Loaded driver \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
Loaded driver \SystemRoot\System32\Drivers\SYMTDI.SYS
Loaded driver \SystemRoot\System32\drivers\ws2ifsl.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Did not load driver \SystemRoot\System32\drivers\udfss.sys
Loaded driver \SystemRoot\System32\Drivers\TMEI3E.SYS
Loaded driver \SystemRoot\System32\Drivers\SRTSPX.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\DRIVERS\hidusb.sys
Loaded driver \SystemRoot\system32\DRIVERS\USBSTOR.SYS
Loaded driver \SystemRoot\System32\Drivers\Fips.SYS
Loaded driver \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Loaded driver \SystemRoot\System32\Drivers\avgmfx86.sys
Loaded driver \SystemRoot\System32\Drivers\avgldx86.sys
Loaded driver \SystemRoot\system32\DRIVERS\point32.sys
Loaded driver \SystemRoot\System32\Drivers\Fastfat.SYS
Loaded driver \??\C:\WINDOWS\system32\drivers\TBiosDrv.sys
Loaded driver \SystemRoot\system32\DRIVERS\AegisP.sys
Loaded driver \SystemRoot\system32\DRIVERS\nwlnkipx.sys
Loaded driver \SystemRoot\system32\DRIVERS\nwlnknb.sys
Loaded driver \SystemRoot\system32\DRIVERS\s24trans.sys
Loaded driver \SystemRoot\system32\DRIVERS\netdevio.sys
Loaded driver \SystemRoot\system32\DRIVERS\nwlnkspx.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipfltdrv.sys
Loaded driver \??\C:\Program Files\PeerGuardian2\pgfilter.sys



There are still no drivers or network connections available. Besides that, and the desktop showing the Active Desktop Recovery screen instead of the normal background, there are no problems.

[Blade81]

Hi

Please follow instructions by Microsoft given here.

and the desktop showing the Active Desktop Recovery screen instead of the normal background

Is this the screen you see? If so, have you tried by following instructions mentioned there?

[Kurt6000]

Thanks. Still nothing in Network Connections or Device Manager. Have not made any other changes, but took a look at Services in Administrative Tools and noticed many are Disabled, including Plug & Play and others. Any that need to be Enabled and Started to retrieve the Network Adapters?

Also, I fixed the Desktop background by enabling Desktop Icons, which refreshed the background.

[Kurt6000]

Also, the error message in Network Connections is no longer there, so the hotfix (or my registry edits) appears to have worked for that at least.

[Blade81]

Hi

Please download the Registry Search tool by clicking on the
hard drive
icon halfway down this page:
http://www.billsway.com/vbspage/
Save it to the desktop and run it. If you get an alert from your antivirus about scripting, choose to allow the script to run. Search for $%&'()*+ and click OK. Post the logfile from the tool here for me.


Then generate a HijackThis Startup list:

1. Open HijackThis by double-clicking the desktop shortcut or HijackThis.exe
2. Click on Open the Misc Tools Section
3. Make sure that both boxes to the right of
Generate StartupList Log
are checked:

* List also minor sections (Full)
* List empty sections (Complete)

4. Click Generate StartupListLog
5. Click Yes at the prompt.
6. A Notepad window will open with the contents of the HijackThis Startup list displayed