Windows 7 Forums
Join Forum | Login | Today's Posts | Tutorials | Vista Forum | Windows 8 Forum


Windows 7: Bootable disc AV , results??

Page 2 of 4 1 2 34
03 Aug 2012   #11

windows 7 home premium 64bit spv 1
30 posts
 
 
ok i could only download the windef offline in safe mode , and can create the disc only in normal mode
my Q is: should i choose A) blank disk
or C) blank disc ISO file
My System SpecsSystem Spec

03 Aug 2012   #12

windows 7 home premium 64bit spv 1
30 posts
 
 
ok i put the ISO file to disc, did a full scan and the WDO didnt come up with anything so it would appear the system is all clear
so whats next guys??
My System SpecsSystem Spec
03 Aug 2012   #13

MS Windows 7 Ultimate SP1 64-bit
10,288 posts
Austin, Texas
 
 
# **********************INSTRUCTIONS**************************
# STEP 1 ** RUN POWERSHELL AS ADMINISTRATOR ******************
# ************************************************************
#
# WIN key | type POWERSHELL | do NOT hit ENTER |
# in the PROGRAMS list, right-click on WINDOWS POWERSHELL |
# choose "Run as administrator" |
# Click on the YES button (if such appears)
#
# WIN key = key with Microsoft log on top
#
# for the guru:
# WIN | type POWERSHELL | CTRL+SHIFT+ENTER key combo | ALT+Y keycombo
# ************************************************************
# STEP 2 ** COPY AND PASTE ***********************************
# ************************************************************
#
# COPY the script using CTRL+C,
# COPY every line of script down thru both EXIT statements
#
# PASTE into Powershell
#----Right-Click at the PowerShell Prompt
#----(Ctrl+V does not work)
#
# Start copying with first script line without a # at start of the line
# Note: Actually, you can paste the entire file if you rather
#-------Lines starting with a # are ignored by PowerShell
# ************************************************************
# STEP 3 ** SCRIPT OUTPUT & SCRIPT PURPOSE *******************
# ************************************************************
# --The script output and purpose is given at the very front of the script
#
# --The script output and purpose is given at the very front of the script
#
# ************************************************************
# ***************** NOTE - POWERSHELL VERSION*****************
# if you receive this error msg:
#--The system can not find the path specified
# you may need to update your PowerShell
# you must be using Powershell 2.0 or later.
#
# To determine your Powershell version:
#---Run PowerShell
#---enter $host.version
#---you should see at least:
# Major Minor Build Revision
# ----- ----- ----- --------
# 2......0......-1.....-1
#
# If you do not see the above, update your Vista/Win 7.
# ************************************************************
# *************** NOTE - EXECUTION POLICY*********************
# If you haven't set the execution policy, you may need to:
#---Run PowerShell
#---enter SET-EXECUTIONPOLICY -EXECUTIONPOLICY REMOTESIGNED
# ************************************************************

Now that you know how, then run following script and upload the wdologs.zip file.

Script:
# ************************************************************
# Zips up your log files from Windows Defender Offline
#  and extended info about the log files
# Places WDOlogs.ZIP on your Desktop
#
# ************************************************************

function New-Zip {
    param([Parameter(Mandatory=$truePosition=0ValueFromPipeline=$true)]
    [String$Path, [Switch] $PassThru, [Switch] $Force )
    Process { if (Test-Path $path) {if (-not $Force) { return } }
    Set-Content $path ("PK" + [char]+ [char]+ ("$([char]0)" 18))
    $item Get-Item $path$item.IsReadOnly $false;if ($passThru) { $item } } }
function Copy-ToZip {param(
  [Parameter(Mandatory=$true,Position=0,ValueFromPipelineByPropertyName=$true)] [Alias('FullName')] 
  [String]$File, [Parameter(Mandatory=$true,Position=1)] [String]$ZipFile,[Switch]$HideProgress,[Switch]$Force )
  Begin {$ShellApplication = New-Object -ComObject Shell.Application
  if (-not (Test-Path $ZipFile)) {New-Zip $ZipFile};$Path Resolve-Path $ZipFile
  $ZipPackage =$ShellApplication.Namespace("$Path")}
  Process {$RealFile Get-Item $File; if (-not $RealFile) { return }        
  if (-not $hideProgress) {$perc +=5; if ($perc -gt 100) { $perc 
    Write-Progress "Copying to $ZipFile$RealFile.FullName -PercentComplete $perc}
  $Flags 0; if ($force) {$flags 16 -bor 1024 -bor 64 -bor 512};Write-Verbose $realFile.Fullname
   $ZipPackage.CopyHere($realFile.Fullname$flags);Start-Sleep -Milliseconds 500}}
$divider "#" 79
$fileinfo join-path $env:TEMP \wdofileinfo.txt
IF (test-path $fileinfo) {del $fileinfo -ea:silentlycontinue -force:$true}
$dir $env:windir '\Microsoft Antimalware\Support'
$a dir $dir  -rec -force -ea:silentlycontinue sort-object -property lastwritetime 
$b $a where {$_.extension -eq '.log'} |Select  modefullnamenamecreationtimelastwritetime,  lastaccesstimelengthextension
$b out-file -append $fileinfo
$b | foreach ($_.fullname) {
out-file -append $fileinfo -inputobject $divider
out-file -append  $fileinfo -inputobject $_.fullname;
out-file -append $fileinfo -inputobject (get-content -path $_.fullname)
}
$ziploc $env:userprofile '\desktop\WDOlogs.ZIP'
new-zip $ziploc -verbose:$false -ea:silentlycontinue -force:$true
copy-tozip  $fileinfo $ziploc -verbose:$false -hideprogress:$true
del $fileinfo

EXIT
EXIT

# ************************************************************ 
My System SpecsSystem Spec
.


03 Aug 2012   #14

MS Windows 7 Ultimate SP1 64-bit
10,288 posts
Austin, Texas
 
 
After you'v uploaded the zip file, then run this script and upload the computerinfo.txt file.

Script:
# ***********************************************************************
# Puts COMPUTERINFO.TXT on your desktop
# COMPUTERINFO.TXT contains info about your bios and your computer system
# ***********************************************************************

function get-ID 
  param ([string]$title, [int]$arraycnt, [int]$arrayndx
  $id " " $title " "
  If ($arraycnt -ne 1) {$id $id + [string]$arrayndx " "}
  $id }
function get-title param ([string]$id
  $hashes = ([int](31 $id.length)/2)
  $hashstr '#' $hashes
  $title $hashstr $id $hashstr
  If ($title.length -le 51) {$title += "#"}
  $title  }
$sterne "*" 79
$ossys = @(gwmi win32_operatingsystem)
$ossyscnt $ossys.count
$ossysid get-id "WIN" 1 0
$dskvol = @(gwmi win32_volume)
$dskvolcnt $dskvol.count
$dskarr =@(gwmi win32_diskdrive)
$dskarrcnt $dskarr.count
$cpu = @(gwmi win32_processor)
$cpucnt $cpu.count
$mobo gwmi win32_BaseBoard
$moboid get-id "MOTHERBOARD" 1 0
$bootcfg gwmi Win32_BootConfiguration 
$bootid get-id "BOOT CONFIGURATION" 1 0
$Build gwmi Win32_WMISetting
$osid get-id "COMPUTER INFO" 1 0
$CS   gwmi Win32_ComputerSystem   
$CSprod  gwmi Win32_ComputerSystemProduct 
$id get-id "BIOS" 1 0
$csid get-id "COMPUTER INFO" 1 0
$bios gwmi win32_bios
$obj = new-object -typename PSobject
$obj Add-member -membertype noteproperty -name (Get-title $id ) -value $sterne -passthru |
 add-member -membertype noteproperty -name ($id "Name") -value($bios.name) -passthru |
 add-member -membertype noteproperty -name ($id "Manufacturer") -value($bios.manufacturer) -passthru|
 add-member -membertype noteproperty -name ($id "Release Date") -value($bios.converttodatetime($bios.releasedate)) -passthru |
 add-member -membertype noteproperty -name ($id "Serial Number") -value($bios.SerialNumber) -passthru |
 Add-member -membertype noteproperty -name (Get-title $csid) -value $sterne -passthru |
 add-member -membertype noteproperty -name ("Manufacturer") -value($cs.manufacturer) -passthru |
 add-member -membertype noteproperty -name ("Model") -value($cs.model) -passthru |
 add-member -membertype noteproperty -name ("Primary Owner") -value($cs.primaryownername) -passthru |
 add-member -membertype noteproperty -name ("Type") -value($cs.systemtype) -passthru |
 add-member -membertype noteproperty -name ("Total Memory") -value(([string][int]($cs.totalphysicalmemory/1073741824) + " GB")) -passthru |
 add-member -membertype noteproperty -name ("User Name") -value($cs.username) -passthru |
 add-member -membertype noteproperty -name ("Product Name") -value($csprod.name) -passthru |
 add-member -membertype noteproperty -name ("Version") -value($csprod.version) -passthru |
 add-member -membertype noteproperty -name ("Build version") -value($build.BuildVersion) -passthru |
 add-member -membertype noteproperty -name ("Identifying Number") -value($csprod.identifyingnumber) -passthru |
 add-member -membertype noteproperty -name ("Vendor") -value($csprod.vendor) -passthru |
 add-member -membertype noteproperty -name ("Boot Directory") -value($bootcfg.bootdirectory) -passthru |
 add-member -membertype noteproperty -name ("Last Drive") -value($bootcfg.lastdrive) -passthru |
 add-member -membertype noteproperty -name ($moboID "Manufacturer") -value($mobo.manufacturer) -passthru |
 add-member -membertype noteproperty -name ($moboid "Product Type" )     -value($mobo.product) -passthru |
 add-member -membertype noteproperty -name ($moboid "Serial Number")  -value($mobo.serialnumber)
for ($ndx=1$ndx -le $ossyscnt$ndx++) {
  $d $ossys[$ndx 1]
  $ossysid get-id "WIN" $ossyscnt $ndx
 $obj add-member -membertype noteproperty -name ($ossysid "Build Number") -value($d.buildnumber) -passthru |
 add-member -membertype noteproperty -name ($ossysid "OS Version") -value($d.caption) -passthru |
 add-member -membertype noteproperty -name ($ossysid "Country Code") -value($d.countrycode) -passthru |
## add-member -membertype noteproperty -name ($ossysid + "Service Pack") -value($d.csdversion) -passthru |
 add-member -membertype noteproperty -name ($ossysid "Install Date") -value($d.converttodatetime($d.installdate))  -passthru |
 add-member -membertype noteproperty -name ($ossysid "Computer System Name") -value($d.csname) -passthru |
 add-member -membertype noteproperty -name ($ossysid "Last Bootup") -value($d.converttodatetime($d.lastbootuptime)) -passthru |
 add-member -membertype noteproperty -name ($ossysid "OS Architecture") -value($d.osarchitecture) -passthru |
 add-member -membertype noteproperty -name ($ossysid "Registered User") -value($d.registereduser) -passthru |
 add-member -membertype noteproperty -name ($ossysid "Product ID") -value($d.serialnumber) -passthru |
 add-member -membertype noteproperty -name ($ossysid "Service Pack Version") -value($d.servicepackmajorversion)
}

for ($ndx=1$ndx -le $cpucnt$ndx++) {
  $d $cpu[$ndx 1]
  $cpuid get-id "CPU" $cpucnt $ndx
 $obj add-member -membertype noteproperty -name ($cpuid "Current Core Speed") -value([string][int]$d.currentclockspeed " MHz") -passthru |
 add-member -membertype noteproperty -name ($cpuid "Current Voltage") -value($d.currentvoltage) -passthru |
 add-member -membertype noteproperty -name ($cpuid "External Clock") -value($d.extclock) -passthru |
 add-member -membertype noteproperty -name ($cpuid "Max. Clock Speed") -value([string][int]$d.maxclockspeed " MHz") -passthru |
 add-member -membertype noteproperty -name ($cpuid "Manufacturer") -value($d.manufacturer)  -passthru |
 add-member -membertype noteproperty -name ($cpuid "Name") -value($d.name) -passthru |
 add-member -membertype noteproperty -name ($cpuid "Description") -value($d.description) -passthru |
 add-member -membertype noteproperty -name ($cpuid "version") -value($d.version) -passthru |
 add-member -membertype noteproperty -name ($cpuid "Number of Cores per CPU") -value($d.numberofcores) -passthru |
 add-member -membertype noteproperty -name ($cpuid "Number of Logical Processors") -value($d.numberoflogicalprocessors) -passthru |
 add-member -membertype noteproperty -name ($cpuid "Socket Designation") -value($d.socketdesignation)
}
for($ndx=1$ndx -le $dskarrcnt$ndx++) {
  $d $dskarr[$ndx -1];
  $dskarrid get-id "DISK" $dskarrcnt $ndx
  $obj Add-member -membertype noteproperty -name (get-title $dskarrid) -value $sterne -passthru |
   add-member -membertype noteproperty -name ($dskarrid "Model") -value($d.model) -passthru |
   add-member -membertype noteproperty -name ($dskarrid "Size") -value([string][int]($d.size/1073741824) + " GB") -passthru |
   add-member -membertype noteproperty -name ($dskarrid "Status") -value($d.status) -passthru |
   add-member -membertype noteproperty -name ($dskarrid "Capabilities") -value($d.capabilitydescriptions) -passthru |
   add-member -membertype noteproperty -name ($dskarrid "Interface Type") -value($d.interfacetype) -passthru |
   add-member -membertype noteproperty -name ($dskarrid "Partitions") -value($d.partitions) -passthru |
   add-member -membertype noteproperty -name ($dskarrid "Bytespersector") -value($d.bytespersector) -passthru |
   add-member -membertype noteproperty -name ($dskarrid "Sectors per track") -value($d.sectorspertrack) -passthru |
   add-member -membertype noteproperty -name ($dskarrid "Firmware revision") -value($d.firmwarerevision) -passthru |
   add-member -membertype noteproperty -name ($dskarrid "Device ID") -value($d.deviceid) -passthru |
   add-member -membertype noteproperty -name ($dskarrid "PNP Device ID") -value($d.pnpdeviceid)
}
function Get-DrvType ($n) {
  switch ([int]$n) {
   2  {$result "Removable"}
   3  {$result "Partition"}
   5  {$result "CDROM"}
   default {$result "Unknown"}
   } 
  $result
}
for ($ndx=1$ndx -le $dskvolcnt$ndx++) {
  $d $dskvol[$ndx-1]
  $dskvolid get-id "DISK VOLUME" $dskvolcnt $ndx
  $obj add-member -membertype noteproperty -name (get-title $dskvolid)  -value $sterne -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Caption") -value($d.caption)  -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Drive Letter") -value($d.driveletter) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Label") -value($d.label) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Capacity") -value([string][int]($d.capacity/1073741824) + " GB") -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Free Space") -value([string][int]($d.freespace/1073741824) + " GB") -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Volume Type") -value(get-drvtype($d.drivetype)) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Boot Volume") -value($d.bootvolume) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "System Volume") -value($d.systemvolume) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Compressed") -value($d.compressed) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Serial Number") -value($d.serialnumber) -passthru |
#  add-member -membertype noteproperty -name ($dskvolid + "Device ID") -value($d.deviceid) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "File System") -value($d.filesystem) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Block Size") -value($d.blocksize) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Indexing Enabled") -value($d.indexingenabled) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Auto Mount") -value($d.automount) -passthru |
  add-member -membertype noteproperty -name ($dskvolid "Dirty Bit Set") -value($d.dirtybitset)
}
$PhyMemArray = @(gwmi win32_PhysicalMemoryArray)
$cnt $phymemarray.count
for ($ndx=1$ndx -le $cnt$ndx++) {
  $d $phymemarray[$ndx -1]
  $id get-id "PHYSICAL MEMORY ARRAY" $cnt $ndx
  $obj add-member -membertype noteproperty -name Get-title $Id ) -value $sterne
  $obj add-member -membertype noteproperty -name (" Maximum Memory Capacity") -value([string][int]($d.maxcapacity/1048576) + " GB")
  $obj add-member -membertype noteproperty -name (" Number of Memory Devices") -value($d.memorydevices)
}
$arr = @(gwmi win32_PhysicalMemory)
$cnt $arr.count
for($i=1$i -le $cnt$i++){
  $d $arr[$i-1]
  $id get-id "PHYSICAL MEMORY" $cnt $i
  $obj add-member -membertype noteproperty -name (get-title $id) -value $sterne
  $obj add-member -membertype noteproperty -name ($id "Bank Label") -value($d.banklabel)
  $obj add-member -membertype noteproperty -name ($id "Capacity") -value([string][int]($d.capacity/1073741824) + " GB")
  $obj add-member -membertype noteproperty -name ($id "Data Width") -value($d.datawidth)
  $obj add-member -membertype noteproperty -name ($id "Speed") -value($d.speed)
  $obj add-member -membertype noteproperty -name ($id "Description") -value($d.description)
  $obj add-member -membertype noteproperty -name ($id "Tag") -value($d.tag)
  $obj add-member -membertype noteproperty -name ($id "Device Locator") -value($d.devicelocator)
  $obj add-member -membertype noteproperty -name ($id "Manufacturer") -value($d.manufacturer)
  $obj add-member -membertype noteproperty -name ($id "Part Number") -value($d.partnumber)
  $obj add-member -membertype noteproperty -name ($id "Serial Number") -value($d.serialnumber)
}
$Arr = @(gwmi win32_cachememory)
$cnt $arr.count
for($i=1$i -le $cnt$i++){
  $d $arr[$i-1];
  $id get-id "CACHE MEMORY" $cnt $i
  $obj add-member -membertype noteproperty -name (get-title $id) -value $sterne
  $obj add-member -membertype noteproperty -name ($id "Name") -value($d.name)
  $obj add-member -membertype noteproperty -name ($id "Device ID") -value($d.deviceid)
  $obj add-member -membertype noteproperty -name ($id "Purpose") -value($d.purpose)
  $obj add-member -membertype noteproperty -name ($id "Block Size") -value($d.blocksize)
  $obj add-member -membertype noteproperty -name ($id "Installed Size") -value($d.installedsize)
  $obj add-member -membertype noteproperty -name ($id "Max Cache Size") -value($d.maxcachesize)
  $obj add-member -membertype noteproperty -name ($id "Number of Blocks") -value($d.numberofblocks)
  $obj add-member -membertype noteproperty -name ($id "Status") -value($d.status)
}
$Arr = @(gwmi win32_memoryarray)
$cnt $arr.count
for($i=1$i -le $cnt$i++){
  $d $arr[$i-1];
  $id get-id "MEMORY ARRAY" $CNT $I
  $obj add-member -membertype noteproperty -name (get-title $id) -value $sterne
  $obj add-member -membertype noteproperty -name ($id "Description") -value($d.description)
  $obj add-member -membertype noteproperty -name ($id "Device ID") -value($d.deviceid)
  $obj add-member -membertype noteproperty -name ($id "Starting Address") -value($d.startingaddress)
  $obj add-member -membertype noteproperty -name ($id "Ending Address") -value($d.endingaddress)
}
$Arr = @(gwmi win32_memorydevice)
$cnt $arr.count
for($i=1$i -le $cnt$i++){
  $d $arr[$i-1];
  $id get-id "MEMORY DEVICE" $cnd $i
  $obj add-member -membertype noteproperty -name (get-title $id) -value $sterne
  $obj add-member -membertype noteproperty -name ($id "Description") -value($d.description)
  $obj add-member -membertype noteproperty -name ($id "Device ID") -value($d.deviceid)
  $obj add-member -membertype noteproperty -name ($id "Starting Address") -value($d.startingaddress)
  $obj add-member -membertype noteproperty -name ($id "Ending Address") -value($d.endingaddress)
}
$obj  $env:userprofile\desktop\COMPUTERINFO.TXT

EXIT
EXIT 
My System SpecsSystem Spec
04 Aug 2012   #15

windows 7 home premium 64bit spv 1
30 posts
 
 
hi.. ok when i paste into the powershell box the box then disappears, it seems to have accepted it but there is no confirmation and it doesn't lead me onto anything else, is this right??

ok i have the 2 files on my desktop ty
Last edited by dman1965; 04 Aug 2012 at 10:37 AM.. Reason: progression
My System SpecsSystem Spec
04 Aug 2012   #16

MS Windows 7 Ultimate SP1 64-bit
10,288 posts
Austin, Texas
 
 
Just look on your desktop.
You will see an icon there for the wdologs.zip file.
My System SpecsSystem Spec
04 Aug 2012   #17

windows 7 home premium 64bit spv 1
30 posts
 
 
yep i have them but i dont kno what to do now, sry
My System SpecsSystem Spec
04 Aug 2012   #18

windows 7 home premium 64bit spv 1
30 posts
 
 
Mode : -a---
FullName : C:\Windows\Microsoft Antimalware\Support\MpCacheStats.log
Name : MpCacheStats.log
CreationTime : 04/08/2012 12:21:59
LastWriteTime : 04/08/2012 12:21:59
LastAccessTime : 04/08/2012 12:21:59
Length : 978
Extension : .log

Mode : -a---
FullName : C:\Windows\Microsoft Antimalware\Support\MPLog-08042012-032159
.log
Name : MPLog-08042012-032159.log
CreationTime : 04/08/2012 12:21:59
LastWriteTime : 04/08/2012 13:43:12
LastAccessTime : 04/08/2012 12:21:59
Length : 5434
Extension : .log

Mode : -a---
FullName : C:\Windows\Microsoft Antimalware\Support\MPDetection-08042012-
032159.log
Name : MPDetection-08042012-032159.log
CreationTime : 04/08/2012 12:21:59
LastWriteTime : 04/08/2012 13:43:12
LastAccessTime : 04/08/2012 12:21:59
Length : 468
Extension : .log

Mode : -a---
FullName : C:\Windows\Microsoft Antimalware\Support\msssWrapper.log
Name : msssWrapper.log
CreationTime : 04/08/2012 12:21:59
LastWriteTime : 04/08/2012 13:43:13
LastAccessTime : 04/08/2012 12:21:59
Length : 3806
Extension : .log



###############################################################################
C:\Windows\Microsoft Antimalware\Support\MpCacheStats.log
* * * * * * * * * * C a c h e s t a t s * * * * * * * * * * * *

N o . O f b u c k e t s - > 1 2 8 0 0

E a c h B u c k e t h a s m a x c a p a c i t y o f - > 1 e n t r i e s

n u m b e r o f E n t r i e s i s 0

N u m b e r o f i n v a l i d e n t r i e s i s 0

N u m b e r o f I n s e r t s i s s u e d i s 0

N u m b e r o f r e p l a c e s i s s u e d i s 0

N u m b e r o f I n s e r t f a i l u r e s i s 0

N u m b e r o f l o o k u p s i s 0

N u m b e r o f m i s s e s i s 0

N u m b e r o f f a l s e f a s t l o o k u p s i s 0

N u m b e r o f i n v a l i d a t i o n s i s 0

N u m b e r o f m a i n t e n a n c e i n v a l i d a t i o n s i s 0

C u r r e n t F i l e S i z e i s 3 1 1 2 9 6

J o u r n a l I D = 0

T r u s t e d i m a g e s t a t e = 0 U S N = 0


###############################################################################
C:\Windows\Microsoft Antimalware\Support\MPLog-08042012-032159.log

--------------------------------------------------------------------------------
2012-08-04T11:21:59.443Z Trace session started - MpWppTracing-08042012-032159-00000003-ffffffff.bin
2012-08-04T11:21:59.443Z Service is asked to be reenabled.
2012-08-04T11:21:59.458Z Task(-EnableService) launched**********Cache stats************
No. Of buckets -> 12800
Each Bucket has max capacity of -> 1 entries
number of Entries is 0
Number of invalid entries is 0
Number of Inserts issued is 0
Number of replaces issued is 0
Number of Insert failures is 0
Number of lookups is 0
Number of misses is 0
Number of false fast lookups is 0
Number of invalidations is 0
Number of maintenance invalidations is 0
Current File Size is 311296
Journal ID = 0
Trusted image state = 0 USN = 0

2012-08-04T11:21:59.474Z Loading engine...
2012-08-04T11:21:59.474Z loaded!
2012-08-04T11:21:59.474Z NisUpdate from SignatureDropLocation returns S_OK
2012-08-04T11:21:59.474Z NisUpdate from SignatureDefaultLocation returns S_OK
2012-08-04T11:21:59.474Z Cache Disabled: 0
2012-08-04T11:21:59.490Z Verifying license file...
2012-08-04T11:21:59.490Z verified!
2012-08-04T11:21:59.490Z Product supports installmode: 0
Product Version: 4.0.1538.0
Service Version: 4.0.1538.0
Engine Version: 0.0.0.0
AS Signature Version: 0.0.0.0
AV Signature Version: 0.0.0.0
************************************************************
2012-08-04T11:22:21.392Z Verifying engine and signature files (source: 0) ...
2012-08-04T11:22:21.642Z verified!
2012-08-04T11:22:25.183Z Initializing SQM in engine...
2012-08-04T11:22:25.183Z SQM initialized in the engine successfully
Signature updated on ‎08‎-‎04‎-‎2012 03:22:25
Product Version: 4.0.1538.0
Service Version: 4.0.1538.0
Engine Version: 1.1.8601.0
AS Signature Version: 1.131.1345.0
AV Signature Version: 1.131.1345.0
************************************************************
2012-08-04T12:40:38.825Z Task(SpyNetService -RestrictPrivileges -AccessKey B6F2C07F-E4D2-B65B-4509-4DB42F4D78D5) launched
Begin Resource Scan
Scan ID:{6A86893A-4E1C-4BFA-BAA9-E479E3E8AE9E}
Scan Source:7
Start Time:‎08‎-‎04‎-‎2012 04:41:07
End Time:‎08‎-‎04‎-‎2012 04:41:13
Explicit resource to scan
Resource Schema:queryfilertsig
Resource Path:\Users\Dwayn\Downloads\avg_pct_stf_all_10_27_c1.exe
Result Count:1
Known File
Number of Resources:2
Resource Schema:file
Resource Path:\Users\Dwayn\Downloads\avg_pct_stf_all_10_27_c1.exe:Zone.Identifier
Extended Info:35874746033117
Resource Schema:file
Resource Path:\Users\Dwayn\Downloads\avg_pct_stf_all_10_27_c1.exe
Extended Info:103835777263593
End Scan
************************************************************
###############################################################################
C:\Windows\Microsoft Antimalware\Support\MPDetection-08042012-032159.log
2012-08-04T11:21:59.490Z Version: Product 4.0.1538.0 Service 4.0.1538.0 Engine 0.0.0.0 AS 0.0.0.0 AV 0.0.0.0
2012-08-04T11:22:25.230Z Version: Product 4.0.1538.0 Service 4.0.1538.0 Engine 1.1.8601.0 AS 1.131.1345.0 AV 1.131.1345.0
###############################################################################
C:\Windows\Microsoft Antimalware\Support\msssWrapper.log
ERRORS_ONLY=0
MAX_SIZE=5120
APPEND=1
MAX_LINE_SIZE=256
-------------------------------------------------
START 2012/08/04 03:21:59:240 TID:932 PID:824

INFO 2012/08/04 03:21:59:240 TID:932 PID:824
Binary architecture is amd64

INFO 2012/08/04 03:21:59:271 TID:932 PID:824
UtilIsFileExists(D:\Windows\SysWOW64\ntdll.dll) returned 0x00000000

INFO 2012/08/04 03:21:59:271 TID:932 PID:824
CheckProcessorArchitecture returned 0x00000000

INFO 2012/08/04 03:21:59:271 TID:932 PID:824
Setting target OS key: "D:\Windows"

INFO 2012/08/04 03:21:59:271 TID:932 PID:824
SetRecoveryEnvironmentKey returned 0x00000000

INFO 2012/08/04 03:21:59:271 TID:932 PID:824
Searching for signatures. Default signature path: ""

INFO 2012/08/04 03:21:59:271 TID:932 PID:824
Searching for signatures at root of drives...

WARNING 2012/08/04 03:21:59:271 TID:932 PID:824
Missing definitions file in 'C:\mpam-fex64.exe'

WARNING 2012/08/04 03:21:59:271 TID:932 PID:824
Missing definitions file in 'D:\mpam-fex64.exe'

INFO 2012/08/04 03:21:59:271 TID:932 PID:824
Found definitions file in 'E:\mpam-fex64.exe'

INFO 2012/08/04 03:21:59:271 TID:932 PID:824
Using signature path: "E:\mpam-fex64.exe"

INFO 2012/08/04 03:21:59:271 TID:932 PID:824
SearchForSignatures returned 0x00000000

INFO 2012/08/04 03:21:59:271 TID:932 PID:824
Initializing offline environment and service...

INFO 2012/08/04 03:22:25:230 TID:932 PID:824
Launching user interface...

INFO 2012/08/04 03:22:25:245 TID:932 PID:824
Launched UI, waiting...

INFO 2012/08/04 04:43:11:160 TID:932 PID:824
Wait finished (UI signaled)

INFO 2012/08/04 04:43:11:160 TID:932 PID:824
RunCallisto returned 0x00000000

INFO 2012/08/04 04:43:13:172 TID:932 PID:824
Offline scan completed with 0x00000000

FINISH 2012/08/04 04:43:13:172 TID:828 PID:824
My System SpecsSystem Spec
04 Aug 2012   #19

Windows 7 Ultimate SP1 (x64)
9,595 posts
South Australia
 
 
Hi,

I'm a bit lost at the moment - what are we trying to solve? If I understand correctly BitDefender cleaned your system (its a good piece if kit that I have used with success before) - are there any other issues?

Regards,
Golden
My System SpecsSystem Spec
04 Aug 2012   #20

windows 7 home premium 64bit spv 1
30 posts
 
 
yep my main issue is windows would only start in safe mode, i did manage to get it to boot semi normally by using only on-board graphics but still it will not load properly or let me do many things like access my internet as usual.. if i click on my browser it says i must chose a different path ... i do this and it loads a very basic version of my browser, with much missing,,,, i can only download in safe mode, cant use my nvidia card etc etc.. bit defender seemed to have identified that traojan heur and eliminated it and the windef bootable scan i did came up clear. but the 1st issue is still to be resolved.. at the moment im just trying to inch forward with each bit of info and advice im getting .... the help is much appreciated.
i think the idea is to bring it back to its original state but to do this i was told my hdd needed a clean bill of health, if any1 could help me carry on with this i would be most grateful, thanks D
My System SpecsSystem Spec
Reply
Page 2 of 4 1 2 34

 Bootable disc AV , results?? problems?



« Infected PC- Gencrawler | Which programs should EMET monitor? »
Thread Tools



Similar help and support threads for: Bootable disc AV , results??
Thread Forum
Solved Windows 7 not loading from Bootable Repair Disc General Discussion
Need Win7 bootable disc Installation & Setup
how to make bootable windows 7 disc ? Installation & Setup
Creating a bootable disc... General Discussion
[Help]Bootable USB Disc back to Normal USB General Discussion


All times are GMT -5. The time now is 01:46 AM.

Contact Us - Windows 8 Support - Windows Vista Support - Legal - Privacy and cookies - Top

Seven Forums Android App Seven Forums IOS App Follow us on Facebook

Windows 7 Forums is an independent web site and has not been authorized,
sponsored, or otherwise approved by Microsoft Corporation.
"Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32