Friend of mine brought his PC to me. He said it was really slowing down and then he got a phone call purporting to be from Microsoft asking him to download a remote control app from ammyy.com - they then asked for £85 to fix the issue, at which point he hung up. I don't know how far they got and I had a quick clean up of the PC, but thought I'd pass it through here as I cannot see anything untoward. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT.

• Windows 7 Loader Extreme Edition Unknown Boot Device Device Harddiskvolume1

DDS (Ver2011-08-26.01). Microsoft Windows XP Professional Boot Device: Device HarddiskVolume1 Install Date: 01:27:29 System Uptime: 17:35:09 (4 hours ago).

Feb 9, 2015 - 15 min - Uploaded by Luis E.fQue honda esta ves direccionandolos a mi blog like y suscribete para que descarguen el win 7.

Motherboard: Dell Computer Corp. 0U1325 Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz Microprocessor 2793/800mhz. Disk Partitions. C: is FIXED (NTFS) - 149 GiB total, 142.758 GiB free. D: is CDROM.

Disabled Device Manager Items. System Restore Points.

1. O23 - Service PanelSvc - Unknown owner - C Program. Loader Driver c windows system32 drivers avgldx86.sys 2010-9-7. Boot Device Device HarddiskVolume1Windows 7 Loader Extreme Unknown Boot Device Device Harddiskvolume1 Shop-Device - -,Windows 7 Loader eXtreme Edition (Napalum) Win7 Unknown.
2. Windows 7 loader. Salut!Am si eu o problema:am instalat pe un laptop Windows 7 ultimate-64 biti si am vrut sa-l activez cu windows loader v2.1.5 sau cu extreme edition.la ultimul mi-a aparut o eroare:unknown boot device: device harddiskvolume1.Ce este de facut in situatia asta? Categoria: Sistem Intrebat.

No restore point in system. Installed Programs. Please, observe following rules:. Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer. If you're stuck, or you're not sure about certain step, always ask before doing anything else.

Jan 11, 2015. So they guys who are facing some problem to activate their window server 2003 can use the window server 2003 keys that i share below. Product key sale, windows 8 key store, windows 8 enterprise key forever, windows multipoint server 2011 free product key, microsoft office 2010 invalid key, lebSxd. Find Serial Number notice: Windows Server 2003 Standard Edition serial number, Windows Server 2003 Standard Edition all version keygen, Windows Server 2003 Standard Edition activation key, crack - may give false results or no results in search terms. Windows Server 2003 x64. Windows 2003 Server Final (crack search and CD-KEY) FAQ about Windows 95, 98, NT, 2000, XP, 2003, 2008, Vista, 7, 8, 2012, 10, 2016, Servers. Apr 16, 2009. Large Server Manufacturers known as Original Equipment Manufacturers (OEMs) have the ability to pre-activate Microsoft® Windows Server 2003 R2 software installed on new Server. As a result, end users are typically not required to activate the software during the set up process by typing in the product. Windows server 2003 standard edition product key free download.

Please refrain from running tools or applying updates other than those I suggest. Never run more than one scan at a time. Keep updating me regarding your computer behavior, good, or bad. The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.

If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum. I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me. Did you use McAfee Removal Tool as suggested by Train? I still see McAfee listed. Please download ComboFix from or to your Desktop.Note: In the event you already have Combofix, this is a new version that I need you to download.

It is important that it is saved directly to your desktop. Please, never rename Combofix unless instructed. Close any open browsers. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause 'unpredictable results'. Click on to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

If Combofix asks you to install Recovery Console, please allow it. If Combofix asks you to update the program, always do so. Close any open browsers. WARNING: Combofix will disconnect your machine from the Internet as soon as it starts.

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished. If there is no internet connection after running Combofix, then restart your computer to restore back your connection. Double click on combofix.exe & follow the prompts. When finished, it will produce a report for you. Please post the 'C: ComboFix.txt'.Note 1: Do not mouseclick combofix's window while it's running.

That may cause it to stall.Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG 'falsely' detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause 'unpredictable results'.

Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first. Use AppRemover to uninstall it: We can reinstall it when we're done with CF.Note 3: If you receive an error 'Illegal operation attempted on a registery key that has been marked for deletion', restart computer to fix the issue. Make sure, you re-enable your security programs, when you're done with Combofix. NOTE. If, for some reason, Combofix refuses to run, try one of the following: 1. Run Combofix from Safe Mode.

Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop. Do NOT run it yet.

Please download and run the below tool named Rkill ( courtesy of BleepingComputer.com) which may help allow other programs to run. There are 4 different versions.

If one of them won't run then download and try to run the other one. Vista and Win7 users need to right click Rkill and choose Run as Administrator You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus. Double-click on the Rkill desktop icon to run the tool. If using Vista or Windows 7 right-click on it and choose Run As Administrator. A black DOS box will briefly flash and then disappear.

This is normal and indicates the tool ran successfully. If not, delete the file, then download and use the one provided in Link 2. If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs. Do not reboot until instructed. If the tool does not run from any of the links provided, please let me know. Once you've gotten one of them to run, immediately run yourname.exe by double clicking on it. If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix. DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!! Hi Broni/Train, I will run the McAfee Removal Tool now, but here is the ComboFix log: ComboFix 11-09-21.02 - Administrator 16:40:34.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.12.18.1022.705 GMT 1:00 Running from: c: documents and settings Administrator Desktop ComboFix.exe.

((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))). C: documents and settings All Users Application Data AMMYY c: documents and settings All Users Application Data AMMYY hr c: documents and settings All Users Application Data AMMYY settings.bin. ((((((((((((((((((((((((( Files Created from 2011-08-21 to 2011-09-21 ))))))))))))))))))))))))))))))). 2011-09-20 16:09. 2011-09-03 04-a-w-c: program files Mozilla Firefox components browsercomps.dll 2011-09-20 16:09. 2011-09-03 8-a-w-c: program files Mozilla Firefox libEGL.dll 2011-09-20 16:09. 2011-09-03 68-a-w-c: program files Mozilla Firefox mozsqlite3.dll 2011-09-20 16:09.

2011-09-03 32-a-w-c: program files Mozilla Firefox mozcpp19.dll 2011-09-20 16:09. 2011-09-03 68-a-w-c: program files Mozilla Firefox libGLESv2.dll 2011-09-20 16:09.

2011-09-03 232-a-w-c: program files Mozilla Firefox mozjs.dll 2011-09-20 16:09. 2011-09-03 6-a-w-c: program files Mozilla Firefox plugin-container.exe 2011-09-20 16:09. 2011-09-03 2-a-w-c: program files Mozilla Firefox mozalloc.dll 2011-09-20 16:09. 2011-09-02 216-a-w-c: program files Mozilla Firefox D3DCompiler43.dll 2011-09-20 16:09. 2011-09-02 168-a-w-c: program files Mozilla Firefox d3dx943.dll 2011-09-13 06:51.

2011-09-13 1-a-w-c: windows system32 drivers AegisP.sys 2011-09-13 06:51. 2008-01-15 20-a-w-c: windows system32 drivers rt73.sys 2011-09-13 06:51. 2005-11-30 -a-w-c: windows system32 rt73.bin 2011-09-13 06:51. 2011-09-13 06:51-d-w-c: program files EDIMAX 2011-09-13 06:51. 2011-09-13 06:51-d-w-c: documents and settings Administrator Application Data InstallShield. (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))). 2011-09-09 09:12.

2004-08-04 40-a-w-c: windows system32 crypt32.dll 2011-08-31 16:00. 2009-11-28 6-c-a-w-c: windows system32 drivers mbam.sys 2011-07-15 13:29. 2004-08-04 20-a-w-c: windows system32 drivers mrxsmb.sys 2011-07-08 14:02.

2004-08-04 6-a-w-c: windows system32 drivers ndistapi.sys 2011-06-24 14:10. 2003-07-16 56-a-w-c: windows system32 drivers rdpwd.sys 2011-06-23 18:36. 2004-08-04 80-a-w-c: windows system32 wininet.dll 2011-06-23 18:36. 2004-08-04 0-a-w-c: windows system32 licmgr10.dll 2011-06-23 18:36. 2004-08-04 440-w-c: windows system32 inetcpl.cpl 2011-09-03 06:18. 2011-09-20 04-a-w-c: program files mozilla firefox components browsercomps.dll 2011-04-14 13:01.

2010-03-16 6-a-w-c: program files mozilla firefox components Scriptff.dll. ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))).Note.

empty entries & legit default entries are not shown REGEDIT4. And Attach log:. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT. DDS (Ver2011-08-26.01). Microsoft Windows XP Professional Boot Device: Device HarddiskVolume1 Install Date: 01:27:29 System Uptime: 17:07:28 (0 hours ago). Motherboard: Dell Computer Corp. 0U1325 Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz Microprocessor 2793/800mhz.

Disk Partitions. C: is FIXED (NTFS) - 149 GiB total, 142.645 GiB free. D: is CDROM.

Disabled Device Manager Items. System Restore Points. RP1: 16:36:00 - System Checkpoint. Installed Programs.

Combofix log looks clean now. How is computer doing? Now, install one of these AV programs: - Avast! Free antivirus: - Avira free antivirus: (make sure to opt out from installing Ask Toolbar - it comes pre-checked) Update, run full scan, report on any findings.

Download to your Desktop. Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. Click the Scan All Users checkbox. Under the Custom Scan box paste this in: netsvcs drivers32%SYSTEMDRIVE%.%systemroot% Fonts.com%systemroot% Fonts.dll%systemroot% Fonts.ini%systemroot% Fonts.ini2%systemroot% Fonts.exe%systemroot% system32 spool prtprocs w32x86.%systemroot% REPAIR.bak1%systemroot% REPAIR.ini%systemroot% system32.jpg%systemroot%.jpg%systemroot%.png%systemroot%.scr%systemroot%.sy%APPDATA% Adobe Update.%ALLUSERSPROFILE% Favorites.%APPDATA% Microsoft.%PROGRAMFILES%.%APPDATA% Update.%systemroot%. /mp /s CREATERESTOREPOINT%systemroot% System32 config.sav%PROGRAMFILES% bak.

/s%systemroot% system32 bak. PC was alright before I started this thread, was just making sure it was clean Combofix still removed some AMMYY leftovers. 1.

Update your Java version here: Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update. Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start Control Panel Java Advanced Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer. Now, we need to remove old Java version and its remnants. Download to your desktop and unzip it to its own folder.

Run JavaRa.exe ( Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions. Accept any prompts. Run OTL. Under the Custom Scans/Fixes box at the bottom, paste in the following.

Please run the following: Please download and save it to your desktop. Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.

Only one of them will run on your system, that will be the right version. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log ( FRST.txt) in the same directory the tool is run.

Please copy and paste it to your reply. The first time the tool is run, it makes also another log ( Addition.txt).

Please attach it to your reply. Please run the following Refer to the. Download ComboFix from the following location:. IMPORTANT!!! Place ComboFix.exe on your Desktop. Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.

You can get help on disabling your protection programs. Double click on ComboFix.exe & follow the prompts.

Windows 7 Loader Extreme Edition Unknown Boot Device Device Harddiskvolume1

Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you.

Post that log in your next reply Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. Ensure your AntiVirus and AntiSpyware applications are re-enabled.

NOTE: If you encounter a message 'illegal operation attempted on registry key that has been marked for deletion' and no programs will run - please just reboot and that will resolve that error. Please do the following: Please create a new system restore point before running Malwarebytes Anti-Rootkit if you can.

Download Malwarebytes Anti-Rootkit from. Unzip the contents to a folder in a convenient location.

Open the folder where the contents were unzipped and run mbar.exe. Follow the instructions in the wizard to update and allow the program to scan your computer for threats. Click on the Cleanup button to remove any threats and reboot if prompted to do so. Wait while the system shuts down and the cleanup process is performed.

Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process. When done, please post the two logs produced they will be in the MBAR folder. Mbar-log.txt and system-log.txt Note: If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional: Internet access Windows Update Windows Firewall If there are additional problems with your system, such as any of those listed above or other system issues, then run the fixdamage tool included with Malwarebytes Anti-Rootkit and reboot.

Verify that your system is now functioning normally. K so I ran the Root-kit scan and it came back clean, so I went and made sure the mentioned items were all on and everything was up to date. I went back and turned Microsoft Security Client start-up process back on and reinstalled the current version of Java. On restart everything started up fine and windows is running normally as far as i can tell. That's good to hear, there are just a couple more scans I'd like to run in case there are any residual leftovers. Please run the following: Please download to your desktop. Shutdown your antivirus to avoid any conflicts.

Right-mouse click JRT.exe and select Run as administrator. The tool will open and start scanning your system. Please be patient as this can take a while to complete. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message NEXT Download AdwCleaner from and save it to your desktop. Run AdwCleaner and select Delete. Once done it will ask to reboot, allow the reboot.

On reboot a log will be produced, please attach the content of the log to your next reply NEXT. Please open your MalwareBytes AntiMalware Program. Click the Update Tab and search for updates. If an update is found, it will download and install the latest version. Once the program has loaded, select 'Perform Quick Scan', then click Scan. The scan may take some time to finish, so please be patient.

When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected.

Looks good, C: Users Kyle Winninghoff Downloads DriverSweeper3.2.0.exe Control Panel, double-click on Add or Remove Programs and remove all older versions of Java. Check ( highlight) any item with Java Runtime Environment (JRE or J2SE or Java 6) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-7u21-windows-i586.exe to install the newest version.

Decline any additional installs that may be offered. After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon.

(looks like a coffee cup). On the General tab, under Temporary Internet Files, click the Settings button. Next, click on the Delete Files button. There are three options in the window to clear the cache - Leave these two Checked. Trace and Log Files Cached Applications and Applets. Click OK on Delete Temporary Files Window Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. Click OK to leave the Temporary Files Window.

Click OK to leave the Java Control Panel. NEXT Please advise how the computer is running now and if there are any outstanding issues. K cleared out all the programs you had me run during this and ran TFC. Out of curiosity since I am a novice at looking through the logs from all these scans/tools you had be run I was wondering if my machine was actually infected with anything specific that just got past my existing protection, or was it just infested with tons of stuff suggesting that I need to vastly improve the way I interact with the internet.

And thanks a lot for taking the time to run me through all these steps to get my PC back to working condition, an unplanned forced reformat is one of the things I try to avoid like the plague.