Hello,
Lately we've been having a hard time with customers USB's bringing in trojans and viruses, so I did a complete fresh install of WinXP onto the PC and thereafter followed instructions at http://windowssecrets.com/top-story/...torun-attacks/ to prevent autorun.
However, after rebooting the PC, it just kept restarting so I selected the option for the PC not to automatically reboot. Upon this I see that it's a blue screen with the message
I even tried loading the regedit and regedt32 from Safe Mode to see if I can find and remove the key I just added/merged but searching for any of the following just says the key was not found:
A copy of the NoAutoRun.reg that I made is available at http://www25.zippyshare.com/v/67385135/file.html incase it helps.
Here's the minidump:
Would really appreciate some help on this, pls.
Lately we've been having a hard time with customers USB's bringing in trojans and viruses, so I did a complete fresh install of WinXP onto the PC and thereafter followed instructions at http://windowssecrets.com/top-story/...torun-attacks/ to prevent autorun.
However, after rebooting the PC, it just kept restarting so I selected the option for the PC not to automatically reboot. Upon this I see that it's a blue screen with the message
Quote:
|
BAD_POOL-CALLER |
- REGEDIT4
- [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionIniFileMappingAutorun.inf]
- @=”@SYS:DoesNotExist”
A copy of the NoAutoRun.reg that I made is available at http://www25.zippyshare.com/v/67385135/file.html incase it helps.
Here's the minidump:
Quote:
|
MiniToolBox by Farbar Version: 13-07-2013 Ran by Graphic (administrator) on 27-11-2013 at 11:45:56 Running from "D:\Documents and Settings\Graphic\My Documents\Downloads" Microsoft Windows XP Professional Service Pack 3 (X86) Boot Mode: Network *************************************************************************** ========================= Event log errors: =============================== Application errors: ================== Error: (11/27/2013 10:18:42 AM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1712. SA_Error1712: StandardAction(0xC00706B0): One or more of the files required to restore your computer to its previous state could not be found. Restoration will not be possible. Error: (11/27/2013 10:18:39 AM) (Source: MsiInstaller) (User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1704. SA_Error1704: StandardAction(0xC00706A8): An installation for AVG 2014 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes? System errors: ============= Error: (11/27/2013 11:07:29 AM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: Avgdiskx AVGIDSDriver AVGIDSShim Avgldx86 Fips intelppm Error: (11/27/2013 11:07:29 AM) (Source: Service Control Manager) (User: ) Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: %%31 Error: (11/27/2013 11:06:14 AM) (Source: DCOM) (User: NT AUTHORITY) Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (11/27/2013 11:00:25 AM) (Source: DCOM) (User: NT AUTHORITY) Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (11/27/2013 10:58:15 AM) (Source: Service Control Manager) (User: ) Description: The following boot-start or system-start driver(s) failed to load: AFD Avgdiskx AVGIDSDriver AVGIDSShim Avgldx86 Avgtdix Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip Error: (11/27/2013 10:58:15 AM) (Source: Service Control Manager) (User: ) Description: The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: %%31 Error: (11/27/2013 10:58:15 AM) (Source: Service Control Manager) (User: ) Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: %%31 Error: (11/27/2013 10:58:15 AM) (Source: Service Control Manager) (User: ) Description: The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: %%31 Error: (11/27/2013 10:58:15 AM) (Source: Service Control Manager) (User: ) Description: The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: %%31 Error: (11/27/2013 10:58:15 AM) (Source: Service Control Manager) (User: ) Description: The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: %%31 Microsoft Office Sessions: ========================= Error: (11/27/2013 10:18:42 AM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1712. SA_Error1712: StandardAction(0xC00706B0): One or more of the files required to restore your computer to its previous state could not be found. Restoration will not be possible.(NULL)(NULL)(NULL)(NULL) Error: (11/27/2013 10:18:39 AM) (Source: MsiInstaller)(User: NT AUTHORITY) Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1704. SA_Error1704: StandardAction(0xC00706A8): An installation for AVG 2014 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL) =========================== Installed Programs ============================ AVG 2014 (Version: 14.0.3629) AVG 2014 (Version: 14.0.4259) AVG 2014 (Version: 2014.0.4259) Intel(R) Graphics Media Accelerator Driver Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1) Mozilla Maintenance Service (Version: 25.0.1) Realtek High Definition Audio Driver (Version: 5.10.0.5436) Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1) WebFldrs XP (Version: 9.50.7523) ========================= Devices: ================================ ========================= Memory info: =================================== Percentage of memory in use: 12% Total physical RAM: 3062.17 MB Available physical RAM: 2676.04 MB Total Pagefile: 4952.3 MB Available Pagefile: 4734.35 MB Total Virtual: 2047.88 MB Available Virtual: 1976.51 MB ========================= Partitions: ===================================== 1 Drive c: (JOBS) (Fixed) (Total:50 GB) (Free:21.48 GB) NTFS 2 Drive d: () (Fixed) (Total:99.05 GB) (Free:94.21 GB) NTFS ========================= Users: ======================================== User accounts for \\GRAPHIC-BFADB8F Administrator Graphic Guest HelpAssistant SUPPORT_388945a0 **** End of log **** |
Quote:
|
Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. D:\Documents and Settings\Graphic>chkdsk The type of the file system is NTFS. WARNING! F parameter not specified. Running CHKDSK in read-only mode. CHKDSK is verifying files (stage 1 of 3)... File verification completed. CHKDSK is verifying indexes (stage 2 of 3)... Index verification completed. CHKDSK is verifying security descriptors (stage 3 of 3)... Security descriptor verification completed. CHKDSK is verifying Usn Journal... Usn Journal verification completed. 103857382 KB total disk space. 4969560 KB in 15281 files. 4012 KB in 1090 indexes. 0 KB in bad sectors. 91846 KB in use by the system. 65536 KB occupied by the log file. 98791964 KB available on disk. 4096 bytes in each allocation unit. 25964345 total allocation units on disk. 24697991 allocation units available on disk. D:\Documents and Settings\Graphic> |