Jump to content
nwccwh

[Inactive] Am I Infected?

Recommended Posts

Hi Broni,

I do have a few questions:

My laptop (Lenovo R61) was infected and we were trying to run a Malwarebytes scan, which was extremely slow, over several days and woke up one morning to a "Error 2100: HDD0 (Hard disk drive) initialization error (2)". I've tried to reboot several times without any success. Eventually I dug up a set of Vista Ultimate installation disks that I had never used - I had Vista Home installed on the laptop - and was able to start the pc. I seem to be able to see C:\ drive so I backed it up to an external drive. I'm not sure if the hard drive is still usable or if I should replace it. I'm also looking for some advice on cleaning up the backed up files so I don't end up reinfecting a fresh installation.

I'll look around on the site to see if these questions have been answered.

Thanks,

Charles

Share this post


Link to post
Share on other sites

Welcome aboard yahooo.gif

Just to let you know that I moved your post to appropriate forum.

Hold on there...

Share this post


Link to post
Share on other sites

Let's see if your drive is clean....

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


      Startup Repair


      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt

      [*]Select Command Prompt

      [*]In the command window type in notepad and press Enter.

      [*]The notepad opens. Under File menu select Open.

      [*]Select "Computer" and find your flash drive letter and close the notepad.

      [*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

      Note: Replace letter e with the drive letter of your flash drive.

      [*]The tool will start to run.

      [*]When the tool opens click Yes to disclaimer.

      [*]Press Scan button.

      [*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Share this post


Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 17-06-2012

Ran by SYSTEM at 16-06-2012 21:43:09

Running from G:\Recovery

Windows Vista Home Premium (X86) OS Language: English(US)

The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor [865640 2009-12-11] (Lenovo Group Limited)

HKLM\...\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog [214576 2009-12-11] ()

HKLM\...\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [68976 2009-03-13] (Lenovo Group Limited)

HKLM\...\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe [176128 2009-09-09] (Alps Electric Co., Ltd.)

HKLM\...\Run: [TpShocks] TpShocks.exe [x]

HKLM\...\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [256576 2008-10-08] (Lenovo Group Ltd.)

HKLM\...\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [435560 2009-12-10] (Lenovo)

HKLM\...\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe [181608 2009-12-10] (Lenovo)

HKLM\...\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper [992816 2007-02-26] (Lenovo)

HKLM\...\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent [3073336 2008-06-13] (Lenovo Group Limited)

HKLM\...\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [1406024 2008-06-10] (Microsoft Corporation)

HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [13556256 2008-11-15] (NVIDIA Corporation)

HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [92704 2008-11-15] (NVIDIA Corporation)

HKLM\...\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe [1282048 2007-12-07] (Analog Devices, Inc.)

HKLM\...\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [62752 2009-08-20] (Lenovo Group Limited)

HKLM\...\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey [1094224 2010-09-15] (Microsoft Corporation)

HKLM\...\Run: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun [606208 2009-12-09] ()

HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2010-09-08] (Apple Inc.)

HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421160 2010-09-24] (Apple Inc.)

HKLM\...\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe [185688 2009-07-23] (Lenovo Group Limited)

HKLM\...\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe [124248 2009-07-23] (Lenovo Group Limited)

HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-03-27] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)

HKLM\...\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)

HKU\yhsu\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-05-18] (Google Inc.)

HKLM\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [462408 2012-04-04] (Malwarebytes Corporation)

HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [318464 2008-01-20] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Lsa: [Notification Packages] scecli

ACGina

Startup: C:\Users\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk

ShortcutTarget: APC UPS Status.lnk -> C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)

Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

Startup: C:\Users\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk

ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )

Startup: C:\Users\yhsu\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()

================================ Services (Whitelisted) ==================

2 AEADIFilters; C:\Windows\System32\AEADISRV.EXE [69632 2007-02-05] (Andrea Electronics Corporation)

4 ApRunSvc; C:\Program Files\Apoint2K\ApRunSvc.exe [36864 2007-07-23] ()

3 DFSR; C:\Windows\System32\DFSR.exe [2092544 2009-04-10] (Microsoft Corporation)

2 Diskeeper; "C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe" [634988 2006-11-15] (Diskeeper Corporation)

2 DozeSvc; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [132456 2009-12-11] (Lenovo.)

2 ehstart; C:\Windows\ehome\ehstart.dll [13312 2006-11-02] (Microsoft Corporation)

2 Eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 2008-01-20] (Microsoft Corporation)

3 hkmsvc; C:\Windows\System32\kmsvc.dll [68096 2008-01-20] (Microsoft Corporation)

2 IPSSVC; C:\Windows\System32\IPSSVC.EXE [108080 2007-01-29] (Lenovo Group Limited)

2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [45424 2009-07-03] (Lenovo Group Limited)

2 Power Manager DBC Service; "C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE" [75112 2009-12-11] (Lenovo)

3 Samsung UPD Service; "C:\Windows\System32\SUPDSvc.exe" [132464 2010-03-16] (Samsung Electronics CO., LTD.)

2 SUService; "C:\Program Files\Lenovo\System Update\SUService.exe" [28672 2008-10-20] (Lenovo Group Limited)

2 ThinkVantage Registry Monitor Service; "C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe" [746808 2008-06-13] (Lenovo Group Limited)

2 TSSCoreService; "C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe" [779576 2008-06-13] (Lenovo)

2 TVT Backup Protection Service; "C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe" [520192 2008-06-06] ()

2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2006-06-14] (Ulead Systems, Inc.)

4 UsbService; C:\Program Files\ASUS\Printer Utilities\UsbService.exe [217088 2009-05-05] (ASUSTek COMPUTER INC.)

2 MBAMService; "\mbamservice.exe" [x]

2 MsMpSvc; "c:\Program Files\Microsoft Security Essentials\MsMpEng.exe" [x]

2 TVT Scheduler; "c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe" [x]

========================== Drivers (Whitelisted) =============

3 ADIHdAudAddService; C:\Windows\System32\drivers\ADIHdAud.sys [348160 2007-12-07] (Analog Devices, Inc.)

2 canwunid; C:\Windows\System32\DRIVERS\canwunid.sys [5376 2007-03-22] (Gteko Ltd.)

2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [49152 2004-10-18] (DeviceGuys, Inc.)

0 DozeHDD; C:\Windows\System32\DRIVERS\DozeHDD.sys [24304 2009-12-11] (Lenovo.)

3 HSF_DPV; C:\Windows\System32\DRIVERS\HSX_DPV.sys [985600 2007-11-01] (Conexant Systems, Inc.)

4 iirsp; C:\Windows\system32\drivers\iirsp.sys [41576 2006-11-02] (Intel Corp./ICP vortex GmbH)

3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)

3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22344 2012-04-04] (Malwarebytes Corporation)

3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2012-05-23] (Malwarebytes Corporation)

2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-18] (Conexant)

3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [6144 2007-01-09] (Chic)

1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [151216 2010-03-25] (Microsoft Corporation)

3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [42368 2010-03-25] (Microsoft Corporation)

3 MSHUSBVideo; C:\Windows\System32\Drivers\nx6000.sys [30576 2010-05-20] (Microsoft Corporation)

3 NETw4v32; C:\Windows\System32\DRIVERS\NETw4v32.sys [2252800 2007-11-26] (Intel Corporation)

3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [52800 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))

2 PROCDD; C:\Windows\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited)

2 regi; C:\Windows\System32\drivers\regi.sys [11032 2007-04-17] (InterVideo)

0 Shockprf; C:\Windows\System32\DRIVERS\Apsx86.sys [120360 2009-10-09] (Lenovo.)

2 SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-08-13] (Samsung Electronics)

3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [66432 2007-12-16] ()

3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]

3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]

3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]

3 PCDSRVC{3037D694-FD904ACA-06020000}_0; \??\c:\program files\pc-doctor\pcdsrvc.pkms [x]

3 UIUSys; C:\Windows\System32\DRIVERS\UIUSYS.SYS [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-05-24 02:22 - 2012-05-24 02:22 - 00021320 ____A C:\Windows\System32\ICAutoUpdate.log

2012-05-23 21:39 - 2012-05-23 21:39 - 00476960 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll

2012-05-23 21:39 - 2012-05-23 21:39 - 00157472 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe

2012-05-23 21:39 - 2012-05-23 21:39 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe

2012-05-23 21:39 - 2012-05-23 21:39 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe

2012-05-23 21:14 - 2012-05-23 21:15 - 00001897 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk

2012-05-23 17:55 - 2012-05-24 00:41 - 00033662 ____A C:\Users\Public\Documents\AccConnAdvanced.dat

2012-05-23 06:29 - 2012-06-14 22:47 - 00000000 ____D C:\Windows\LastGood

2012-05-23 06:07 - 2012-05-23 06:07 - 10063000 ____A (Malwarebytes Corporation ) C:\Users\yhsu\Downloads\mbam-setup-1.61.0.1400.exe

2012-05-23 06:03 - 2012-05-23 21:46 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys

2012-05-23 05:21 - 2012-05-23 05:21 - 00005464 ____A C:\Windows\System32\PerfStringBackup.TMP

============ 3 Months Modified Files and Folders ===============

2012-06-16 21:42 - 2012-06-16 21:42 - 00000000 ____D C:\FRST

2012-06-14 22:48 - 2008-11-04 16:03 - 00000000 ____D C:\Program Files\Microsoft Works

2012-06-14 22:48 - 2008-06-09 09:22 - 00000000 ____D C:\users\yhsu

2012-06-14 22:48 - 2008-06-05 10:44 - 00000000 ____D C:\Users\All Users\Microsoft Help

2012-06-14 22:48 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\spool

2012-06-14 22:48 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\Msdtc

2012-06-14 22:48 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\registration

2012-06-14 22:48 - 2006-11-02 03:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2012-06-14 22:48 - 2006-11-02 02:22 - 46137344 ____A C:\Windows\System32\config\software_previous

2012-06-14 22:48 - 2006-11-02 02:22 - 19398656 ____A C:\Windows\System32\config\system_previous

2012-06-14 22:47 - 2012-05-23 06:29 - 00000000 ____D C:\Windows\LastGood

2012-05-24 02:23 - 2012-05-24 02:22 - 00021320 ____A C:\Windows\System32\ICAutoUpdate.log

2012-05-24 02:23 - 2008-06-09 23:03 - 03552863 ____A C:\sysiclog.txt

2012-05-24 02:23 - 2008-06-05 10:33 - 08473848 ____A C:\Users\Public\Documents\AccConnAdvanced.html

2012-05-24 02:23 - 2006-11-02 02:22 - 38797312 ____A C:\Windows\System32\config\components_previous

2012-05-24 02:23 - 2006-11-02 02:22 - 00524288 ____A C:\Windows\System32\config\default_previous

2012-05-24 02:23 - 2006-11-02 02:22 - 00262144 ____A C:\Windows\System32\config\security_previous

2012-05-24 02:23 - 2006-11-02 02:22 - 00262144 ____A C:\Windows\System32\config\sam_previous

2012-05-24 02:22 - 2008-06-05 09:36 - 02035657 ____A C:\Windows\WindowsUpdate.log

2012-05-24 01:20 - 2010-05-18 11:58 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2012-05-24 01:18 - 2006-11-02 04:47 - 00003744 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2012-05-24 01:18 - 2006-11-02 04:47 - 00003744 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2012-05-24 00:41 - 2012-05-23 17:55 - 00033662 ____A C:\Users\Public\Documents\AccConnAdvanced.dat

2012-05-24 00:41 - 2012-05-08 06:44 - 00020032 ____A C:\Users\Public\Documents\ACGinaWinlogon.dat

2012-05-24 00:41 - 2010-05-03 21:54 - 10485663 ____A C:\Users\Public\Documents\Archive_AccConnAdvanced.html

2012-05-24 00:41 - 2010-03-11 05:59 - 00003729 ____A C:\Users\Public\Documents\AcIpConfig.dat

2012-05-23 22:01 - 2008-11-21 15:23 - 00000393 ____A C:\Users\Public\Documents\BluetoothLog.html

2012-05-23 21:46 - 2012-05-23 06:03 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys

2012-05-23 21:40 - 2008-06-05 10:17 - 00000000 ____D C:\Program Files\Common Files\Java

2012-05-23 21:39 - 2012-05-23 21:39 - 00476960 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll

2012-05-23 21:39 - 2012-05-23 21:39 - 00157472 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe

2012-05-23 21:39 - 2012-05-23 21:39 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe

2012-05-23 21:39 - 2012-05-23 21:39 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe

2012-05-23 21:39 - 2010-06-25 21:50 - 00472864 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll

2012-05-23 21:20 - 2010-05-18 11:58 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2012-05-23 21:15 - 2012-05-23 21:14 - 00001897 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk

2012-05-23 21:14 - 2008-06-28 19:19 - 00000000 ____D C:\Program Files\Common Files\Adobe

2012-05-23 21:14 - 2008-06-05 10:13 - 00000000 ____D C:\Users\All Users\Adobe

2012-05-23 14:00 - 2010-05-28 16:13 - 00000332 ____A C:\Windows\Tasks\SystemToolsDailyTest.job

2012-05-23 06:09 - 2012-01-12 22:04 - 00000916 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2012-05-23 06:09 - 2012-01-12 22:03 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2012-05-23 06:07 - 2012-05-23 06:07 - 10063000 ____A (Malwarebytes Corporation ) C:\Users\yhsu\Downloads\mbam-setup-1.61.0.1400.exe

2012-05-23 06:04 - 2008-06-29 12:44 - 00000000 ____D C:\Users\yhsu\AppData\Local\Google

2012-05-23 05:59 - 2009-02-22 10:58 - 00184972 ____A C:\Users\All Users\nvModes.001

2012-05-23 05:30 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\rescache

2012-05-23 05:25 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\Microsoft.NET

2012-05-23 05:21 - 2012-05-23 05:21 - 00005464 ____A C:\Windows\System32\PerfStringBackup.TMP

2012-05-23 05:14 - 2010-05-28 16:13 - 00000528 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2012-05-23 05:14 - 2008-06-09 23:03 - 28332275 ____A C:\sysiclog.txt.bak

2012-05-23 05:14 - 2007-07-26 22:37 - 00025269 ____A C:\Windows\System32\PROCDB.INI

2012-05-23 05:14 - 2007-07-26 22:37 - 00000380 ____A C:\Windows\System32\IPSCtrl.INI

2012-05-23 05:14 - 2006-11-02 05:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2012-05-23 05:13 - 2008-06-12 06:54 - 00705640 ____A C:\Windows\System32\ICAutoUpdate.log.bak

2012-05-23 05:13 - 2006-11-02 04:47 - 00400312 ____A C:\Windows\System32\FNTCACHE.DAT

2012-05-23 05:12 - 2008-07-26 18:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2012-05-23 05:12 - 2008-01-20 18:47 - 00135522 ____A C:\Windows\PFRO.log

2012-05-23 05:11 - 2008-06-05 09:36 - 00001805 ____A C:\Windows\bthservsdp.dat

2012-05-23 05:11 - 2006-11-02 05:01 - 00032540 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2012-05-23 05:10 - 2006-11-02 04:37 - 00000000 ____D C:\Windows\System32\XPSViewer

2012-05-23 05:10 - 2006-11-02 03:18 - 00000000 ___SD C:\Windows\Downloaded Program Files

2012-05-23 05:10 - 2006-11-02 03:18 - 00000000 ___RD C:\Windows\Offline Web Pages

2012-05-23 05:10 - 2006-11-02 03:18 - 00000000 ____D C:\Program Files\Common Files\System

2012-05-23 03:17 - 2011-04-23 07:03 - 00013143 ____A C:\Windows\IE9_main.log

2012-05-23 03:17 - 2006-11-01 22:32 - 00008798 ____A C:\Windows\System32\icrav03.rat

2012-05-23 03:17 - 2006-11-01 22:32 - 00001988 ____A C:\Windows\System32\ticrf.rat

2012-05-22 19:53 - 2008-06-09 09:24 - 00113360 ____A C:\Users\yhsu\AppData\Local\GDIPFONTCACHEV1.DAT

2012-05-22 16:50 - 2008-06-24 21:22 - 00000000 ____D C:\Users\yhsu\AppData\Roaming\Mozilla

2012-05-22 16:48 - 2009-01-16 18:49 - 00000000 ____D C:\Program Files\InterActual

2012-05-22 16:48 - 2008-06-05 10:17 - 00000000 ____D C:\Program Files\Java

2012-05-22 16:48 - 2008-06-05 10:10 - 00000000 ____D C:\Program Files\Common Files\InterVideo

2012-05-22 16:48 - 2008-06-05 09:46 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

2012-05-22 16:28 - 2006-11-02 04:37 - 00000000 ____D C:\Windows\twain_32

2012-05-22 16:25 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\com

2012-05-22 16:24 - 2008-11-15 17:46 - 00000000 ____D C:\Users\yhsu\AppData\Roaming\Thunderbird

2012-05-22 16:24 - 2008-06-29 09:45 - 00000000 ____D C:\Users\yhsu\AppData\Local\MediaMonkey

2012-05-22 16:24 - 2008-06-09 09:22 - 00000000 ____D C:\Users\yhsu\AppData\LocalLow

2012-05-22 16:24 - 2008-06-05 10:47 - 00000000 ____D C:\Users\All Users\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

2012-05-22 16:24 - 2008-06-05 10:04 - 00000000 ____D C:\Users\All Users\Ulead Systems

2012-05-22 16:24 - 2008-02-05 14:13 - 00000000 ____D C:\Users\Default\AppData\LocalLow

2012-05-22 16:24 - 2008-02-05 14:13 - 00000000 ____D C:\Users\Default User\AppData\LocalLow

2012-05-22 16:24 - 2006-11-02 04:37 - 00000000 ____D C:\Windows\DigitalLocker

2012-05-22 16:24 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Sidebar

2012-05-22 16:24 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery

2012-05-22 16:24 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Defender

2012-05-22 16:24 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Movie Maker

2012-05-22 16:24 - 2006-11-02 03:18 - 00000000 __RSD C:\Windows\Media

2012-05-22 16:24 - 2006-11-02 03:18 - 00000000 __RHD C:\users\Default

2012-05-22 16:24 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\AdvancedInstallers

2012-05-22 16:24 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\system

2012-05-22 16:24 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\MSAgent

2012-05-22 16:16 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\SLUI

2012-05-22 16:16 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\ras

2012-05-22 16:15 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\IME

2012-05-22 16:14 - 2009-11-17 03:19 - 00000000 ____D C:\Program Files\Windows Portable Devices

2012-05-22 16:14 - 2009-01-02 22:47 - 00000000 ____D C:\Users\yhsu\AppData\Roaming\Move Networks

2012-05-22 16:14 - 2008-06-12 21:49 - 00000000 ____D C:\Users\yhsu\AppData\Local\Microsoft Help

2012-05-22 16:14 - 2006-11-02 04:37 - 00000000 ____D C:\Program Files\Windows Calendar

2012-05-22 16:11 - 2008-12-23 13:56 - 00000000 ____D C:\Windows\System32\IOSUBSYS

2012-05-22 16:11 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\tapi

2012-05-22 16:10 - 2008-07-10 02:03 - 00000000 ____D C:\Windows\SQL9_KB948109_ENU

2012-05-22 16:05 - 2010-11-06 22:20 - 00000000 ____D C:\Users\yhsu\AppData\Roaming\gtk-2.0

2012-05-22 16:05 - 2009-05-12 19:03 - 00000000 ____D C:\Users\yhsu\Desktop\BHG UK

2012-05-22 16:04 - 2010-05-24 20:24 - 00000000 ____D C:\Users\yhsu\AppData\Local\S2PC

2012-05-22 16:04 - 2008-02-05 14:24 - 00000000 ____D C:\SWTOOLS

2012-05-22 16:02 - 2010-05-03 21:10 - 00000000 ____D C:\Program Files\Windows Live Safety Center

2012-05-22 16:02 - 2009-02-23 20:37 - 00000000 ____D C:\Program Files\Windows Live SkyDrive

2012-05-22 16:02 - 2008-06-05 10:16 - 00000000 ____D C:\Users\All Users\Lenovo

2012-05-22 16:02 - 2008-06-05 10:01 - 00000000 ____D C:\SWSHARE

2012-05-22 16:01 - 2010-09-06 11:05 - 00000000 ____D C:\Program Files\SamsungPrinterLiveUpdate

2012-05-22 16:00 - 2010-09-26 20:40 - 00000000 ____D C:\Program Files\QuickTime

2012-05-22 16:00 - 2010-05-04 05:12 - 00000000 ____D C:\Program Files\Microsoft Security Essentials

2012-05-22 16:00 - 2010-03-30 19:48 - 00000000 ____D C:\Program Files\Microsoft Windows 7 Upgrade Advisor

2012-05-22 16:00 - 2010-01-29 10:29 - 00000000 ____D C:\Program Files\PC-Doctor

2012-05-22 16:00 - 2008-12-21 18:53 - 00000000 ____D C:\Program Files\Photo Story 3 for Windows

2012-05-22 16:00 - 2008-11-15 17:46 - 00000000 ____D C:\Program Files\Mozilla Thunderbird

2012-05-22 16:00 - 2008-06-24 21:22 - 00000000 ____D C:\Program Files\Mozilla Firefox

2012-05-22 16:00 - 2008-06-09 22:43 - 00000000 ____D C:\Program Files\NetWaiting

2012-05-22 15:59 - 2008-11-24 20:12 - 00000000 ____D C:\Program Files\Microsoft IntelliPoint

2012-05-22 15:59 - 2008-06-05 10:16 - 00000000 ____D C:\Program Files\Lenovo Registration

2012-05-22 15:55 - 2010-11-07 08:59 - 00000000 ____D C:\Program Files\IrfanView

2012-05-22 15:55 - 2010-09-26 20:43 - 00000000 ____D C:\Program Files\iTunes

2012-05-22 15:54 - 2010-10-13 18:54 - 00000000 ____D C:\Program Files\Common Files\DESIGNER

2012-05-22 15:54 - 2010-10-06 22:32 - 00000000 ____D C:\Program Files\Common Files\scanner

2012-05-22 15:54 - 2010-07-05 12:09 - 00000000 ____D C:\Program Files\Garmin GPS Plugin

2012-05-22 15:54 - 2008-10-01 20:55 - 00000000 ____D C:\Program Files\CPU_Z

2012-05-22 15:54 - 2008-06-09 22:44 - 00000000 ____D C:\Program Files\Digital Line Detect

2012-05-22 15:54 - 2008-06-05 10:12 - 00000000 ____D C:\Program Files\Common Files\Lenovo

2012-05-22 15:53 - 2008-12-05 08:58 - 00000000 ____D C:\Program Files\Apple Software Update

2012-05-22 15:53 - 2008-06-05 10:47 - 00000000 ____D C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites

2012-05-22 15:53 - 2008-06-05 09:51 - 00000000 ____D C:\Program Files\Apoint2K

2012-05-22 15:31 - 2012-01-14 22:16 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2838519224-2277755166-1839421783-1003UA.job

2012-05-22 07:43 - 2012-04-19 14:57 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2012-05-21 17:31 - 2012-01-14 22:16 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2838519224-2277755166-1839421783-1003Core.job

2012-05-21 11:20 - 2008-12-03 12:22 - 00007370 ____A C:\Users\yhsu\Desktop\To Do List.txt

2012-05-21 02:01 - 2008-06-09 09:22 - 00001356 ____A C:\Users\yhsu\AppData\Local\d3d9caps.dat

2012-05-09 06:54 - 2011-02-17 21:24 - 00001945 ____A C:\Windows\epplauncher.mif

2012-05-09 06:54 - 2011-02-17 21:23 - 00000000 ____D C:\Program Files\Microsoft Security Client

2012-05-04 13:42 - 2012-04-19 14:57 - 00419488 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe

2012-05-04 13:42 - 2011-06-09 07:11 - 00070304 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl

2012-05-03 15:42 - 2012-05-03 15:42 - 00013274 ____A C:\Users\yhsu\seattle recommendations.docx

2012-05-03 15:42 - 2012-05-03 15:42 - 00000162 ___AH C:\Users\yhsu\~$attle recommendations.docx

2012-04-30 15:35 - 2012-03-05 08:49 - 00000000 ___HD C:\Users\yhsu\Desktop\.picasaoriginals

2012-04-29 20:22 - 2012-04-29 20:22 - 00646031 ____A C:\Users\yhsu\Downloads\german unification (5).pptx

2012-04-29 20:22 - 2012-04-29 20:22 - 00646031 ____A C:\Users\yhsu\Downloads\german unification (4).pptx

2012-04-29 20:22 - 2012-04-29 20:19 - 00646037 ____A C:\Users\yhsu\Downloads\german unification (3).pptx

2012-04-29 20:18 - 2012-04-29 20:18 - 00093353 ____A C:\Users\yhsu\Downloads\german unification (2).pptx

2012-04-29 20:16 - 2012-04-29 20:16 - 00093353 ____A C:\Users\yhsu\Downloads\german unification (1).pptx

2012-04-29 20:16 - 2012-04-29 18:00 - 00646152 ____A C:\Users\yhsu\Downloads\german unification.pptx

2012-04-29 19:26 - 2012-04-29 19:26 - 00019942 ____A C:\Users\yhsu\Downloads\Euro notes.docx

2012-04-29 19:22 - 2012-04-29 19:05 - 00019947 ____A C:\Users\yhsu\Documents\Euro notes.docx

2012-04-26 19:08 - 2006-11-02 02:24 - 55656824 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe

2012-04-23 17:10 - 2012-04-23 17:10 - 00091520 ____A C:\Users\yhsu\Desktop\timeline.pptx

2012-04-23 17:10 - 2012-04-23 17:09 - 00091362 ____A C:\Users\yhsu\Downloads\timeline.pptx

2012-04-04 14:56 - 2012-01-12 22:03 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2012-04-03 00:16 - 2012-05-09 17:57 - 03602816 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe

2012-04-03 00:16 - 2012-05-09 17:57 - 03550080 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2012-04-02 05:36 - 2012-05-09 17:57 - 02044928 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2012-03-30 04:39 - 2012-05-09 17:58 - 00905600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2012-03-26 11:38 - 2011-11-11 10:55 - 00011619 ____A C:\Users\yhsu\Documents\quotes about marriage.docx

2012-03-21 07:17 - 2011-10-19 13:45 - 00001530 ____A C:\Users\yhsu\Desktop\this week's to do.txt

2012-03-20 19:44 - 2011-04-27 14:25 - 00074112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys

2012-03-20 15:28 - 2012-05-09 17:58 - 00053120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys

2012-03-19 17:51 - 2012-03-19 17:51 - 00001674 ____A C:\Users\Public\Desktop\iTunes.lnk

========================= Known DLLs (Whitelisted) ============

========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 25%

Total physical RAM: 4093.5 MB

Available physical RAM: 3067.48 MB

Total Pagefile: 3843.42 MB

Available Pagefile: 3326.28 MB

Total Virtual: 2047.88 MB

Available Virtual: 1983.72 MB

======================= Partitions =========================

1 Drive c: (SW_Preload) (Fixed) (Total:142.49 GB) (Free:2.97 GB) NTFS

2 Drive d: (LRMCFRE_EN_DVD) (CDROM) (Total:2.49 GB) (Free:0 GB) UDF

3 Drive e: (ServiceV002) (Fixed) (Total:6.55 GB) (Free:0.47 GB) NTFS ==>[system with boot components (obtained from reading drive)]

4 Drive f: (My Book) (Fixed) (Total:232.83 GB) (Free:177.48 GB) FAT32

5 Drive g: () (Removable) (Total:0.97 GB) (Free:0.23 GB) FAT

6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ---------- ------- ------- --- ---

Disk 0 Online 149 GB 1849 KB

Disk 1 Online 233 GB 1528 KB

Disk 2 Online 998 MB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 6712 MB 1024 KB

Partition 2 Primary 142 GB 6713 MB

======================================================================================================

Disk: 0

Partition 1

Type : 27

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 E ServiceV002 NTFS Partition 6712 MB Healthy Hidden

======================================================================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 0 C SW_Preload NTFS Partition 142 GB Healthy

======================================================================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 233 GB 32 KB

======================================================================================================

Disk: 1

Partition 1

Type : 0C

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 F My Book FAT32 Partition 233 GB Healthy

======================================================================================================

Partitions of Disk 2:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

* Partition 1 Primary 998 MB 0 B

======================================================================================================

Disk: 2

There is no partition selected.

There is no partition selected.

Please select a partition and try again.

======================================================================================================

==========================================================

Last Boot: 2012-05-23 18:07

======================= End Of Log ==========================

Share this post


Link to post
Share on other sites

All looks clean so it looks like a hardware problem.

Run hard drive diagnostics: http://www.tacktech.com/display.cfm?ttid=287

Make sure, you select tool, which is appropriate for the brand of your hard drive.

Depending on the program, it'll create bootable floppy, or bootable CD.

If downloaded file is of .iso type, use ImgBurn: http://www.imgburn.com/ to burn .iso file to a CD (select "Write image file to disc" option), and make the CD bootable.

For Toshiba hard drives, see here: http://storage.toshiba.com/storage-services-support/warranty-support/software-utilities#diagnostic

Note : If you do not know how to set your computer to boot from CD follow the steps here

Share this post


Link to post
Share on other sites

It took a while, but I finally got the SeaTools for DOS installed and was able to run it. It didn't find any errors in the Basic, Short or Long test. I couldn't copy the log results. It recognized the drive: Seagate Model ST9160823AS Revision 3.CME and the size was 160 GB.

I even opened up the laptop and reseated the hard drive, but it still has the Errror 2100: HDD0 (Hard disk drive) initialization error (2).

What should I do next?

Thanks,

Charles

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×