HELP! pc crash after boot with dll error possble virus??

No, I'm fine with your current one. I don't need another.

 

Thankyou for all the help you have given me Cdavfrew I appreciate it very much. and applaud your knowledge in this.

 

Cdavfrew can you tell me what the warnings mean if I need action on them in this scan? Thanks again

Avira AntiVir Personal
Report file date: Saturday, June 21, 2008 12:23

Scanning for 1349608 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: BROWNS

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 4/9/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 3/18/2008 10:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 2/7/2008 09:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 2/28/2008 09:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 2/21/2008 09:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 11:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 3/7/2008 14:08:58
ANTIVIR2.VDF : 7.0.4.195 2546176 Bytes 6/14/2008 11:22:09
ANTIVIR3.VDF : 7.0.4.232 250880 Bytes 6/20/2008 11:22:10
Engineversion : 8.1.0.59
AEVDF.DLL : 8.1.0.5 102772 Bytes 2/25/2008 10:58:21
AESCRIPT.DLL : 8.1.0.44 278907 Bytes 6/21/2008 11:22:21
AESCN.DLL : 8.1.0.22 119157 Bytes 6/21/2008 11:22:19
AERDL.DLL : 8.1.0.20 418165 Bytes 6/21/2008 11:22:19
AEPACK.DLL : 8.1.1.6 364918 Bytes 6/21/2008 11:22:18
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 6/21/2008 11:22:17
AEHEUR.DLL : 8.1.0.32 1274231 Bytes 6/21/2008 11:22:16
AEHELP.DLL : 8.1.0.15 115063 Bytes 6/21/2008 11:22:13
AEGEN.DLL : 8.1.0.29 307573 Bytes 6/21/2008 11:22:13
AEEMU.DLL : 8.1.0.6 430451 Bytes 6/21/2008 11:22:12
AECORE.DLL : 8.1.0.31 168310 Bytes 6/21/2008 11:22:11
AVWINLL.DLL : 1.0.0.7 14593 Bytes 1/23/2008 18:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 2/18/2008 11:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 4/16/2007 14:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 1/23/2008 18:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2/28/2008 09:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/22/2008 18:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 1/23/2008 18:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 13:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 3/10/2008 15:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 3/6/2008 13:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Saturday, June 21, 2008 12:23

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'epmworker.exe' - '1' Module(s) have been scanned
Scan process 'Generic.exe' - '1' Module(s) have been scanned
Scan process 'Ymsgr_tray.exe' - '1' Module(s) have been scanned
Scan process 'Launcher.exe' - '1' Module(s) have been scanned
Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
Scan process 'MPAPI3s.exe' - '1' Module(s) have been scanned
Scan process 'AWC.exe' - '1' Module(s) have been scanned
Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'PcSync2.exe' - '1' Module(s) have been scanned
Scan process 'SERVIC~1.EXE' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'Application Launcher.exe' - '1' Module(s) have been scanned
Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'DataLayer.exe' - '1' Module(s) have been scanned
Scan process 'LaunchApplication.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'pdservice.exe' - '1' Module(s) have been scanned
Scan process 'VAIOUpdt.exe' - '1' Module(s) have been scanned
Scan process 'ApntEx.exe' - '1' Module(s) have been scanned
Scan process 'ISBMgr.exe' - '1' Module(s) have been scanned
Scan process 'SPMgr.exe' - '1' Module(s) have been scanned
Scan process 'ico.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'Apoint.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'VzRs.exe' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'igfxext.exe' - '1' Module(s) have been scanned
Scan process 'VzFw.exe' - '1' Module(s) have been scanned
Scan process 'VzCdbSvc.exe' - '1' Module(s) have been scanned
Scan process 'VCSW.exe' - '1' Module(s) have been scanned
Scan process 'VESMgr.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsDeviceConnect.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PhotoshopElementsFileAgent.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
[WARNING] The device is not ready.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '48' files ).


Starting the file scan:

Begin scan in 'C:\' <VAIO>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Neil Brown\Desktop\virus\DialBBSignUp.exe.XXX
[DETECTION] Contains detection pattern of the dial-up program DIAL/270336
[NOTE] The file was moved to '48bde6ce.qua'!
Begin scan in 'D:\' <VAIO>


End of the scan: Saturday, June 21, 2008 13:08
Used time: 44:37 min

The scan has been done completely.

6955 Scanning directories
438421 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
438420 Files not concerned
8381 Archives were scanned
3 Warnings
1 Notes

 

@ MUAGE
This from your first post (Quote: I don't have a recovery disc and there are a lot of pics on the harddrive that i want to save.END Quote),you transfered them to another drive,if you transfered other stuff becarefull before putting back is all i'm saying



This process your going thru is on a laptop yes ?? then it should have a recovery partition,it's around 5-8GB in size assuming you have'nt deleted it's contents, pushing F8 or F10 on reboot should bring up your recovery options (repair option keeps all data intact i.e movies,pictures etc,3rd party software that's installed gets deleted but folders remain,(advanced recovery options should take you to a complete wipe of hdd), or on the re-boot screen at bottom it says press F (& whatever key number for recovery options),or just check the manufacturers website or the program list for recovery options or pc help & tools sort of wording.Assuming there are any recovery options




@ cdavfrew
Yeah i'll take a gander at the AV & see how it goes








EDIT: There's two ways to disable a restart on system failure,select it from the F8 menu on reboot which brings up the safe mode selection list, or inside windows = Right click "my computer" select properties,when window appears,click on advance tab,go to "startup & recovery" at bottom,select "settings" then where it says "system failure" remove tick from restart

 

Hey Muage.

You don't have to worry anymore. Those warnings from Antivir is because of its detection in your virus folder, which is only natural. However, please check if DialBBSignUp.exe.XXX is the only file in your virus folder, because if it is not and there are other infected files, Antivir should have detected them. Perhaps it is because of a different setting or lack of update. Also, the warning about the .sys files are also normal, because the .sys files are supposed to be locked, and Antivir merely detects them that way.

Best Regards

 

Hi guys! cdavfrew!

I'm having problems booting my parents laptop again, god knows what they have or my brother has been doing. this time the laptop boots to the windows screen and at welcome screen a screeching sound comes from the speakers and there is no way to turn it off then the desktop starts to load but no icons appear. It will boot in safe mode ok and I have tried downloading and running avira rescuecd mentioned earlier in this thread but it says its in demo mode??? (maybe its not free anymore?) anyway i don't know what else to do, and would appreciate some guidance. thanks in advance.

 

correction! it was working in safe mode but I now have the BSOD again arrrggh!

 

Hey MUAGE

Welcome back!

Hmmm... your screeching sound problems sounds like a hardware problem, which really isn't related to malware.

Could you post here the error message on the BSOD? Or take a picture of it?

Ignore the DEMO Mode in the Antivir Rescue CD. That is a known bug in the Rescue CD, and is nothing for you to worry about. Does it detect anything?

Best Regards

 

Hi Cdavfrew! thanks for looking at this, I too initially thought it was hardware myself but i'm not sure. I read the BSOD but how can i follow the instructions when the laptop will not boot in any mode??
the rescuecd did not seem to do a scan for some reason and at the log screen says its in demo mode?? Anyway here is the BSOD

 

Hey MUAGE

It might not be malware, but might be some hardware (was there a power cut?) or software problem causing your ntfs file system to be corrupted, or your hard disk is cooked.

Look here:
http://www.geekswhoknow.com/articles/stop-0x00000024-0x0000024-0x24-ntfs-file-sys-error-code.htm

There really is no definite way to fix this if you cannot get into windows. You might have to format the hard disk.

Best Regards

 

ok thanks cdavfrew looks like i'll have to leave it into a pc repair shop.

 

Looks like that's the only way out.