Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Removel leads to Stop: c0000135 consrv not found


  • This topic is locked This topic is locked
2 replies to this topic

#1 frrstrn

frrstrn

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 November 2011 - 08:18 PM

Running:

ESET NOD32 V4
MalwareBytes
SuperAntiSpyware
CC Cleaner

Recent Incidents:

C:/progamdata/privacy.exe
C:/windows/System32/consrv.dll
C:/windows/sysWOW64/ping.exe


Last Notes:

Windows Defender has gone missing.
Windows Firewall has gone disabled and cannot be started/restarted
Getting many redirects in IE and Firefox
ping.exe in processes hogging memory (not sure if ping.exe is even supposed to be on my pc)
An address continually being blocked by ESET NOD32
Also wish I could get rid of error associated with missing Aspi32 file (been a problem for ages).

Last attempt at cleaning was with MSE which found one virus (cannot remember the name) and deleted. After subsequent restart, began getting BS STOP: c0000135 {Unable To Locate Component} consrv not found.

Following other posts, I've attached the FRST log for your consideration.

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.2.9
Ran by SYSTEM at 2011-11-18 19:43:50
Running from H:\
Windows Vista ™ Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL [x]
HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice [2839840 2010-03-24] (ESET)
HKLM\...\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [291944 2010-04-08] (NVIDIA Corporation)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1436736 2011-06-15] (Microsoft Corporation)
HKLM-x32\...\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL [x]
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [x]
HKLM-x32\...\Run: [Copperhead] "C:\Program Files (x86)\Razer\Copperhead\razerhid.exe" [155648 2005-11-25] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot [273544 2011-08-09] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [449608 2011-08-31] (Malwarebytes Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\UserNameWasHere\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\UserNameWasHere\...\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler [222128 2007-03-29] (Macrovision Corporation)
HKU\UserNameWasHere\...\Policies\system: [LogonHoursAction] 2
HKU\UserNameWasHere\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\UpdatusUser\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation)
HKU\UpdatusUser\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
Tcpip\Parameters: [DhcpNameServer] 68.94.156.1 68.94.157.1
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)
3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252440 2008-07-15] (Creative Technology Ltd.)
2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [425984 2008-04-30] (Creative Technology Ltd)
3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1570840 2008-07-15] (Creative Technology Ltd.)
3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123416 2008-07-15] (Creative Technology Ltd.)
3 DFSR; C:\Windows\System32\DFSR.exe [3433472 2009-04-10] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcsvc.dll [268288 2009-04-10] (Microsoft Corporation)
2 ehstart; C:\Windows\ehome\ehstart.dll [15360 2006-11-02] (Microsoft Corporation)
3 EhttpSrv; "C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe" [42336 2010-03-24] (ESET)
2 ekrn; "C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe" [810120 2010-03-24] (ESET)
2 EMDMgmt; C:\Windows\System32\emdmgmt.dll [399360 2009-04-10] (Microsoft Corporation)
2 gupdate1c9f55eadb7be07; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [133104 2009-06-24] (Google Inc.)
2 IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [112152 2007-01-04] (InterVideo)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [366152 2011-08-31] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [12784 2011-04-27] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [288272 2011-04-27] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\p2psvc.dll [836608 2009-04-10] (Microsoft Corporation)
2 PSI_SVC_2; "C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [185632 2007-07-24] (Protexis Inc.)
2 slsvc; C:\Windows\System32\SLsvc.exe [2582016 2009-04-10] (Microsoft Corporation)
3 SLUINotify; C:\Windows\System32\SLUINotify.dll [73216 2009-04-10] (Microsoft Corporation)
2 Themes; C:\Windows\System32\shsvcs.dll [302080 2009-07-10] (Microsoft Corporation)
3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [1020768 2010-03-18] (Microsoft Corporation)
3 B-Service; C:\Users\UserNameWasHere\AppData\Roaming\Mikogo Extra\B-Service.exe [x]

========================== Drivers (Whitelisted) =============

4 adpu160m; C:\Windows\System32\drivers\adpu160m.sys [126520 2008-01-20] (Adaptec, Inc.)
3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [113088 2008-08-21] (SlySoft, Inc.)
1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [14392 2007-12-17] ()
3 CamDrL64; C:\Windows\System32\DRIVERS\CamDrL64.sys [955680 2007-02-03] (Logitech Inc.)
3 copperhd; C:\Windows\System32\drivers\copperhd.sys [13824 2006-05-24] (Razer (Asia-Pacific) Pte Ltd)
3 ctac32k; C:\Windows\System32\drivers\ctac32k.sys [580632 2008-07-15] (Creative Technology Ltd)
3 ctaud2k; C:\Windows\System32\drivers\ctaud2k.sys [868888 2008-07-15] (Creative Technology Ltd)
3 ctprxy2k; C:\Windows\System32\drivers\ctprxy2k.sys [16920 2008-07-15] (Creative Technology Ltd)
3 ctsfm2k; C:\Windows\System32\drivers\ctsfm2k.sys [290328 2008-07-15] (Creative Technology Ltd)
2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [163888 2010-03-24] (ESET)
0 Ecache; C:\Windows\System32\drivers\ecache.sys [155112 2009-04-10] (Microsoft Corporation)
1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [139704 2010-03-24] (ESET)
3 emupia; C:\Windows\System32\drivers\emupia2k.sys [147480 2008-07-15] (Creative Technology Ltd)
2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [124760 2010-03-24] (ESET)
3 ha20x2k; C:\Windows\System32\drivers\ha20x2k.sys [2066456 2008-07-15] (Creative Technology Ltd)
3 hcw18bda; C:\Windows\System32\drivers\hcw18bda.sys [508416 2009-03-19] (Hauppauge Computer Works, Inc)
4 HpCISSs; C:\Windows\System32\drivers\hpcisss.sys [47672 2008-01-20] (Hewlett-Packard Company)
4 i2omp; C:\Windows\System32\drivers\i2omp.sys [35896 2008-01-20] (Microsoft Corporation)
4 iteatapi; C:\Windows\System32\drivers\iteatapi.sys [37480 2006-11-02] (Integrated Technology Express, Inc.)
4 iteraid; C:\Windows\System32\drivers\iteraid.sys [37480 2006-11-02] (Integrated Technology Express, Inc.)
3 LVUSBS64; C:\Windows\System32\drivers\LVUSBS64.sys [58528 2007-02-03] (Logitech Inc.)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25416 2011-08-31] (Malwarebytes Corporation)
4 Mraid35x; C:\Windows\System32\drivers\mraid35x.sys [39016 2006-11-02] (LSI Logic Corporation)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-10-31] ()
3 NVENETFD; C:\Windows\System32\DRIVERS\nvmfdx64.sys [1498016 2008-08-01] (NVIDIA Corporation)
3 NVNET55; C:\Windows\System32\DRIVERS\nvmimx64.sys [423968 2009-07-01] (NVIDIA Corporation)
0 nvrd64; C:\Windows\System32\drivers\nvrd64.sys [175720 2010-04-08] (NVIDIA Corporation)
0 nvstor64; C:\Windows\System32\drivers\nvstor64.sys [244328 2010-04-08] (NVIDIA Corporation)
3 ossrv; C:\Windows\System32\drivers\ctoss2k.sys [218648 2008-07-15] (Creative Technology Ltd.)
2 regi; C:\Windows\System32\drivers\regi.sys [14112 2007-04-16] (InterVideo)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc)
0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
4 SiSRaid2; C:\Windows\System32\drivers\sisraid2.sys [45624 2008-01-20] (Microsoft Corporation)
4 Symc8xx; C:\Windows\System32\drivers\symc8xx.sys [49256 2006-11-02] (LSI Logic)
4 Sym_hi; C:\Windows\System32\drivers\sym_hi.sys [44648 2006-11-02] (LSI Logic)
4 Sym_u3; C:\Windows\System32\drivers\sym_u3.sys [48232 2006-11-02] (LSI Logic)
3 tunmp; C:\Windows\System32\DRIVERS\tunmp.sys [18432 2008-01-20] (Microsoft Corporation)
3 uisp; C:\Windows\System32\Drivers\usbicp.sys [19200 2005-10-21] (Motorola)
4 uliahci; C:\Windows\System32\drivers\uliahci.sys [284728 2008-01-20] (ULi Electronics Inc.)
4 UlSata; C:\Windows\System32\drivers\ulsata.sys [148072 2006-11-02] (Promise Technology, Inc.)
4 ulsata2; C:\Windows\System32\drivers\ulsata2.sys [174696 2008-01-20] (Promise Technology, Inc.)
3 WpdUsb; C:\Windows\System32\DRIVERS\wpdusb.sys [46592 2009-09-30] (Microsoft Corporation)
2 Aspi32; [x]
3 cpuz134; \??\C:\Users\UserNameWasHere\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 LVcKap64; C:\Windows\System32\DRIVERS\LVcKap64.sys [x]
3 msiserver; C:\Windows\System32\msiexec /V [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-11-18 19:34 - 2011-11-18 19:42 - 0000000 ____D C:\FRST
2011-11-18 17:59 - 2011-11-18 17:59 - 0036864 ____A C:\bcd_backup
2011-11-18 17:59 - 2011-11-18 17:59 - 0033792 ___AH C:\bcd_backup.LOG
2011-11-18 17:59 - 2011-11-18 17:59 - 0000000 ___AH C:\bcd_backup.LOG2
2011-11-18 17:59 - 2011-11-18 17:59 - 0000000 ___AH C:\bcd_backup.LOG1
2011-11-16 23:53 - 2011-11-17 00:06 - 0000000 ____D C:\Program Files (x86)\PC Cleaners
2011-11-16 23:53 - 2011-11-16 23:53 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\PC Cleaners
2011-11-16 23:53 - 2011-11-16 23:53 - 0000000 ____D C:\Users\All Users\PC1Data
2011-11-16 23:53 - 2011-11-16 23:53 - 0000000 ____D C:\ProgramData\PC1Data
2011-11-16 23:53 - 2011-11-16 23:39 - 5359888 ____A (PC Cleaners) C:\Windows\uninst.exe
2011-11-16 23:12 - 2011-11-16 23:12 - 0000000 ____D C:\Program Files (x86)\Microsoft Security Client
2011-11-16 23:11 - 2011-11-16 23:13 - 0000000 ____D C:\Program Files\Microsoft Security Client
2011-11-16 23:09 - 2010-04-06 00:34 - 0345984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2011-11-16 22:22 - 2011-11-16 22:23 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Mozilla
2011-11-16 22:19 - 2011-11-17 08:14 - 0221450 ____A C:\Windows\ntbtlog.txt
2011-11-16 21:32 - 2011-11-16 21:32 - 0000000 ____D C:\Program Files\CCleaner
2011-11-16 21:17 - 2011-11-16 21:17 - 0000000 ____D C:\Program Files (x86)\Trend Micro
2011-11-16 21:15 - 2011-11-16 21:20 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Real
2011-11-16 21:15 - 2011-11-16 21:15 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Apple Computer
2011-11-16 19:12 - 2011-11-16 19:12 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Macromedia
2011-11-16 19:11 - 2011-11-16 19:11 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Adobe
2011-11-16 18:44 - 2011-11-16 18:44 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Macrovision
2011-11-16 18:07 - 2011-11-16 18:07 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\SUPERAntiSpyware.com
2011-11-16 18:06 - 2011-11-16 18:07 - 0000000 ____D C:\Program Files\SUPERAntiSpyware
2011-11-16 18:06 - 2011-11-16 18:06 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2011-11-16 18:06 - 2011-11-16 18:06 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2011-11-16 18:06 - 2011-10-27 19:04 - 50295240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2011-11-16 13:10 - 2011-11-16 13:10 - 0000000 ____D C:\Program Files (x86)\QuickTime
2011-11-16 13:07 - 2011-11-16 13:07 - 0000061 ____A C:\Users\UserNameWasHere\Desktop\Interesting.txt
2011-11-16 12:47 - 2011-10-03 02:06 - 0157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2011-11-16 12:47 - 2011-10-03 02:06 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2011-11-16 12:47 - 2011-10-03 02:06 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2011-11-16 12:46 - 2011-11-16 12:47 - 0002973 ____A C:\Windows\SysWOW64\jupdate-1.6.0_29-b11.log
2011-11-16 12:21 - 2011-11-16 12:21 - 0030200 ____A C:\Users\UserNameWasHere\Desktop\SupplyForm.docx
2011-11-16 09:03 - 2011-11-16 09:03 - 0000723 ____A C:\Users\UserNameWasHere\Desktop\OhWhatever WebEx Enterprise Site (2).url
2011-11-15 17:48 - 2011-11-15 17:48 - 0001052 ____A C:\Users\UserNameWasHere\Desktop\OhWhatever WebEx Enterprise Site.url
2011-11-15 15:30 - 2011-11-15 15:30 - 0029503 ____A C:\Users\UserNameWasHere\Desktop\EVM21.Rapid.Knowledge.Transfer.10.21.11.docx
2011-11-15 12:46 - 2011-11-15 12:46 - 0040960 ____A C:\Users\UserNameWasHere\Desktop\ASQ Meeting Data.xls
2011-11-15 12:16 - 2011-11-15 12:16 - 0002052 ____A C:\Windows\epplauncher.mif
2011-11-15 11:37 - 2011-11-17 00:36 - 0000348 ____A C:\Windows\Tasks\At8.job
2011-11-15 11:37 - 2011-11-17 00:36 - 0000346 ____A C:\Windows\Tasks\At7.job
2011-11-15 11:37 - 2011-11-16 23:36 - 0000348 ____A C:\Windows\Tasks\At6.job
2011-11-15 11:37 - 2011-11-16 23:36 - 0000346 ____A C:\Windows\Tasks\At5.job
2011-11-15 11:37 - 2011-11-16 22:36 - 0000348 ____A C:\Windows\Tasks\At4.job
2011-11-15 11:37 - 2011-11-16 22:36 - 0000346 ____A C:\Windows\Tasks\At3.job
2011-11-15 11:37 - 2011-11-16 21:36 - 0000348 ____A C:\Windows\Tasks\At2.job
2011-11-15 11:37 - 2011-11-16 21:36 - 0000346 ____A C:\Windows\Tasks\At1.job
2011-11-15 11:37 - 2011-11-16 20:36 - 0000348 ____A C:\Windows\Tasks\At48.job
2011-11-15 11:37 - 2011-11-16 20:36 - 0000346 ____A C:\Windows\Tasks\At47.job
2011-11-15 11:37 - 2011-11-16 19:36 - 0000348 ____A C:\Windows\Tasks\At46.job
2011-11-15 11:37 - 2011-11-16 19:36 - 0000346 ____A C:\Windows\Tasks\At45.job
2011-11-15 11:37 - 2011-11-16 18:36 - 0000348 ____A C:\Windows\Tasks\At44.job
2011-11-15 11:37 - 2011-11-16 18:36 - 0000346 ____A C:\Windows\Tasks\At43.job
2011-11-15 11:37 - 2011-11-16 17:36 - 0000348 ____A C:\Windows\Tasks\At42.job
2011-11-15 11:37 - 2011-11-16 17:36 - 0000346 ____A C:\Windows\Tasks\At41.job
2011-11-15 11:37 - 2011-11-16 16:36 - 0000348 ____A C:\Windows\Tasks\At40.job
2011-11-15 11:37 - 2011-11-16 16:36 - 0000346 ____A C:\Windows\Tasks\At39.job
2011-11-15 11:37 - 2011-11-16 15:36 - 0000348 ____A C:\Windows\Tasks\At38.job
2011-11-15 11:37 - 2011-11-16 15:36 - 0000346 ____A C:\Windows\Tasks\At37.job
2011-11-15 11:37 - 2011-11-16 14:36 - 0000348 ____A C:\Windows\Tasks\At36.job
2011-11-15 11:37 - 2011-11-16 14:36 - 0000346 ____A C:\Windows\Tasks\At35.job
2011-11-15 11:37 - 2011-11-16 13:36 - 0000348 ____A C:\Windows\Tasks\At34.job
2011-11-15 11:37 - 2011-11-16 13:36 - 0000346 ____A C:\Windows\Tasks\At33.job
2011-11-15 11:37 - 2011-11-16 13:13 - 0000346 ____A C:\Windows\Tasks\At21.job
2011-11-15 11:37 - 2011-11-16 12:36 - 0000348 ____A C:\Windows\Tasks\At32.job
2011-11-15 11:37 - 2011-11-16 12:36 - 0000346 ____A C:\Windows\Tasks\At31.job
2011-11-15 11:37 - 2011-11-16 11:36 - 0000348 ____A C:\Windows\Tasks\At30.job
2011-11-15 11:37 - 2011-11-16 11:36 - 0000346 ____A C:\Windows\Tasks\At29.job
2011-11-15 11:37 - 2011-11-16 10:36 - 0000348 ____A C:\Windows\Tasks\At28.job
2011-11-15 11:37 - 2011-11-16 10:36 - 0000346 ____A C:\Windows\Tasks\At27.job
2011-11-15 11:37 - 2011-11-16 09:36 - 0000348 ____A C:\Windows\Tasks\At26.job
2011-11-15 11:37 - 2011-11-16 09:36 - 0000346 ____A C:\Windows\Tasks\At25.job
2011-11-15 11:37 - 2011-11-16 08:36 - 0000348 ____A C:\Windows\Tasks\At24.job
2011-11-15 11:37 - 2011-11-16 08:36 - 0000346 ____A C:\Windows\Tasks\At23.job
2011-11-15 11:37 - 2011-11-16 07:36 - 0000348 ____A C:\Windows\Tasks\At22.job
2011-11-15 11:37 - 2011-11-16 06:36 - 0000348 ____A C:\Windows\Tasks\At20.job
2011-11-15 11:37 - 2011-11-16 06:36 - 0000346 ____A C:\Windows\Tasks\At19.job
2011-11-15 11:37 - 2011-11-16 05:36 - 0000348 ____A C:\Windows\Tasks\At18.job
2011-11-15 11:37 - 2011-11-16 05:36 - 0000346 ____A C:\Windows\Tasks\At17.job
2011-11-15 11:37 - 2011-11-16 04:36 - 0000348 ____A C:\Windows\Tasks\At16.job
2011-11-15 11:37 - 2011-11-16 04:36 - 0000346 ____A C:\Windows\Tasks\At15.job
2011-11-15 11:37 - 2011-11-16 03:36 - 0000348 ____A C:\Windows\Tasks\At14.job
2011-11-15 11:37 - 2011-11-16 03:36 - 0000346 ____A C:\Windows\Tasks\At13.job
2011-11-15 11:37 - 2011-11-16 02:36 - 0000348 ____A C:\Windows\Tasks\At12.job
2011-11-15 11:37 - 2011-11-16 02:36 - 0000346 ____A C:\Windows\Tasks\At11.job
2011-11-15 11:37 - 2011-11-16 01:36 - 0000348 ____A C:\Windows\Tasks\At10.job
2011-11-15 11:37 - 2011-11-16 01:36 - 0000346 ____A C:\Windows\Tasks\At9.job
2011-11-15 11:37 - 2011-11-15 11:41 - 0000112 ____A C:\Users\All Users\VU15iCD.dat
2011-11-15 11:37 - 2011-11-15 11:41 - 0000112 ____A C:\ProgramData\VU15iCD.dat
2011-11-14 21:23 - 2008-07-08 05:45 - 0004984 ____A C:\Windows\System32\Drivers\nvphy.bin
2011-11-14 20:57 - 2009-11-05 00:19 - 0644712 ____A (NVIDIA Corporation) C:\Windows\System32\NVUNINST.EXE
2011-11-14 19:01 - 2011-11-14 19:01 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-14 19:00 - 2011-11-14 19:00 - 0019930 ____A C:\TDSSKiller.2.6.18.0_14.11.2011_22.00.25_log.txt
2011-11-14 17:48 - 2011-11-15 16:19 - 0000000 ____D C:\Users\UserNameWasHere\Desktop\More Interesting
2011-11-14 16:42 - 2011-11-14 16:42 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2011-11-14 16:42 - 2011-11-14 16:42 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2011-11-14 16:32 - 2011-11-14 16:32 - 0000272 ____A C:\Windows\reimage.ini
2011-11-14 01:30 - 2011-11-14 01:30 - 0001489 ____A C:\Users\UserNameWasHere\.recently-used.xbel
2011-11-13 21:16 - 2011-11-13 21:16 - 0000632 _RASH C:\Users\UserNameWasHere\ntuser.pol
2011-11-13 20:01 - 2011-11-13 20:01 - 0000000 ____D C:\Windows\System32\Macromed
2011-11-13 17:42 - 2011-11-13 17:42 - 0019964 ____A C:\TDSSKiller.2.6.18.0_13.11.2011_20.42.40_log.txt
2011-11-13 17:40 - 2011-11-13 17:42 - 0001918 ____A C:\TDSSKiller.2.6.16.0_13.11.2011_20.40.57_log.txt
2011-11-13 17:31 - 2011-11-13 17:31 - 0000000 ____D C:\Program Files (x86)\5BE17
2011-11-13 17:30 - 2011-11-13 17:30 - 0000000 ____D C:\Windows\system64
2011-11-13 17:30 - 2011-11-13 17:30 - 0000000 ____D C:\Program Files (x86)\LP
2011-11-11 16:39 - 2011-11-11 16:53 - 147236735 ____A C:\Users\UserNameWasHere\Desktop\JohnKatonaSPCquestions.m4v
2011-11-11 16:39 - 2011-11-11 16:48 - 60731973 ____A C:\Users\UserNameWasHere\Desktop\Automotive Core Tools Fundamentals Video.wmv
2011-11-11 07:08 - 2011-11-11 07:09 - 0145460 ____A C:\Users\UserNameWasHere\Documents\C079_Minutes_09-09-11_Approved.pdf
2011-11-10 09:45 - 2011-11-10 14:06 - 0000000 ____D C:\Users\UserNameWasHere\Desktop\Wiki
2011-11-09 02:53 - 2011-09-20 13:06 - 1423744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-11-09 02:53 - 2011-09-20 06:04 - 0040448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2011-11-08 23:44 - 2011-11-08 23:44 - 0020568 ____A C:\TDSSKiller.2.6.16.0_09.11.2011_02.44.18_log.txt
2011-11-08 21:57 - 2011-11-08 22:01 - 0000406 ____A C:\rkill.log
2011-11-08 21:31 - 2011-11-08 21:31 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-11-08 21:31 - 2011-11-08 21:31 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-11-08 21:31 - 2011-08-31 14:00 - 0025416 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-11-08 19:37 - 2011-11-09 13:33 - 0000000 ____D C:\Users\UserNameWasHere\Desktop\SMXI
2011-11-08 02:12 - 2011-11-12 16:47 - 0000000 ____D C:\Users\UserNameWasHere\Desktop\New Folder
2011-11-07 23:54 - 2011-11-09 09:43 - 0000000 ____D C:\users\UpdatusUser
2011-11-07 23:54 - 2011-11-07 23:54 - 0000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 __SHD C:\Users\UpdatusUser\Templates
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 __SHD C:\Users\UpdatusUser\Start Menu
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 __SHD C:\Users\UpdatusUser\PrintHood
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 __SHD C:\Users\UpdatusUser\NetHood
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 __SHD C:\Users\UpdatusUser\My Documents
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 __SHD C:\Users\UpdatusUser\Documents\My Videos
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 __SHD C:\Users\UpdatusUser\Documents\My Pictures
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 __SHD C:\Users\UpdatusUser\Documents\My Music
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Temporary Internet Files
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\History
2011-11-07 23:54 - 2011-11-07 23:54 - 0000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2011-11-07 23:54 - 2009-11-30 06:32 - 0000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2011-11-07 23:54 - 2006-11-02 07:06 - 0000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs
2011-11-07 23:53 - 2011-11-07 23:53 - 0000000 ____D C:\Users\All Users\NVIDIA Corporation
2011-11-07 23:53 - 2011-11-07 23:53 - 0000000 ____D C:\ProgramData\NVIDIA Corporation
2011-11-07 23:53 - 2011-10-15 00:53 - 0837952 ____A (NVIDIA Corporation) C:\Windows\System32\easyupdatusapiu64.dll
2011-11-07 23:51 - 2011-11-08 21:17 - 0000732 ____A C:\Users\UserNameWasHere\AppData\Local\d3d9caps64.dat
2011-11-07 23:49 - 2011-10-15 00:53 - 7581504 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 5578560 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 2808128 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 2542912 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 24796992 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 24742720 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 2458432 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 2401088 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 2232128 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 2099520 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 18871616 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 17248576 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 15693120 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 1533248 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco64.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 1454400 ____A (NVIDIA Corporation) C:\Windows\System32\nvgenco64.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 13205312 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 12971840 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2011-11-07 23:49 - 2011-10-15 00:53 - 0068928 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 0061248 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2011-11-07 23:49 - 2011-10-15 00:53 - 0007384 ____A C:\Windows\System32\nvinfo.pb
2011-11-07 23:41 - 2008-12-25 21:08 - 0410656 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.cpl
2011-11-07 23:36 - 2011-11-07 23:54 - 0000000 ____D C:\Program Files\NVIDIA Corporation
2011-11-07 23:35 - 2011-11-14 20:59 - 0000000 ____D C:\NVIDIA
2011-10-24 11:29 - 2011-10-24 11:29 - 0094208 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2011-10-24 11:29 - 2011-10-24 11:29 - 0069632 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts


============ 3 Months Modified Files and Folders =============

2011-11-18 19:42 - 2011-11-18 19:34 - 0000000 ____D C:\FRST
2011-11-18 17:59 - 2011-11-18 17:59 - 0036864 ____A C:\bcd_backup
2011-11-18 17:59 - 2011-11-18 17:59 - 0033792 ___AH C:\bcd_backup.LOG
2011-11-18 17:59 - 2011-11-18 17:59 - 0000000 ___AH C:\bcd_backup.LOG2
2011-11-18 17:59 - 2011-11-18 17:59 - 0000000 ___AH C:\bcd_backup.LOG1
2011-11-18 16:22 - 2009-05-27 03:50 - 0063004 ____A C:\Windows\System32\BMXStateBkp-{00000002-00000000-00000008-00001102-00000005-00311102}.rfx
2011-11-18 16:22 - 2009-05-27 03:50 - 0063004 ____A C:\Windows\System32\BMXState-{00000002-00000000-00000008-00001102-00000005-00311102}.rfx
2011-11-18 16:22 - 2009-05-27 03:50 - 0000788 ____A C:\Windows\System32\DVCState-{00000002-00000000-00000008-00001102-00000005-00311102}.rfx
2011-11-17 08:14 - 2011-11-16 22:19 - 0221450 ____A C:\Windows\ntbtlog.txt
2011-11-17 01:12 - 2006-11-02 07:40 - 0032566 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-11-17 01:12 - 2006-11-02 07:21 - 0003840 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2011-11-17 01:12 - 2006-11-02 07:21 - 0003840 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2011-11-17 01:11 - 2009-03-17 16:50 - 0000012 ____A C:\Windows\bthservsdp.dat
2011-11-17 01:11 - 2008-01-20 17:53 - 1327920 ____A C:\Windows\WindowsUpdate.log
2011-11-17 01:11 - 2006-11-02 07:40 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-11-17 00:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At8.job
2011-11-17 00:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At7.job
2011-11-17 00:15 - 2009-06-30 19:20 - 0000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-11-17 00:06 - 2011-11-16 23:53 - 0000000 ____D C:\Program Files (x86)\PC Cleaners
2011-11-16 23:53 - 2011-11-16 23:53 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\PC Cleaners
2011-11-16 23:53 - 2011-11-16 23:53 - 0000000 ____D C:\Users\All Users\PC1Data
2011-11-16 23:53 - 2011-11-16 23:53 - 0000000 ____D C:\ProgramData\PC1Data
2011-11-16 23:39 - 2011-11-16 23:53 - 5359888 ____A (PC Cleaners) C:\Windows\uninst.exe
2011-11-16 23:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At6.job
2011-11-16 23:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At5.job
2011-11-16 23:28 - 2006-11-02 04:46 - 0710764 ____A C:\Windows\System32\PerfStringBackup.INI
2011-11-16 23:22 - 2009-06-30 19:20 - 0000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-11-16 23:13 - 2011-11-16 23:11 - 0000000 ____D C:\Program Files\Microsoft Security Client
2011-11-16 23:13 - 2011-05-30 11:45 - 0725300 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-11-16 23:12 - 2011-11-16 23:12 - 0000000 ____D C:\Program Files (x86)\Microsoft Security Client
2011-11-16 23:04 - 2006-11-02 05:33 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-11-16 22:58 - 2008-12-01 14:22 - 0000000 ___RD C:\Users\UserNameWasHere\Desktop\New Programs
2011-11-16 22:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At4.job
2011-11-16 22:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At3.job
2011-11-16 22:23 - 2011-11-16 22:22 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Mozilla
2011-11-16 21:51 - 2008-10-04 23:06 - 0000000 ____D C:\Windows\Panther
2011-11-16 21:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At2.job
2011-11-16 21:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At1.job
2011-11-16 21:32 - 2011-11-16 21:32 - 0000000 ____D C:\Program Files\CCleaner
2011-11-16 21:20 - 2011-11-16 21:15 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Real
2011-11-16 21:17 - 2011-11-16 21:17 - 0000000 ____D C:\Program Files (x86)\Trend Micro
2011-11-16 21:15 - 2011-11-16 21:15 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Apple Computer
2011-11-16 20:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At48.job
2011-11-16 20:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At47.job
2011-11-16 20:29 - 2008-10-04 20:26 - 0045568 ____A C:\Users\UserNameWasHere\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-16 19:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At46.job
2011-11-16 19:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At45.job
2011-11-16 19:12 - 2011-11-16 19:12 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Macromedia
2011-11-16 19:11 - 2011-11-16 19:11 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Adobe
2011-11-16 18:44 - 2011-11-16 18:44 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\Macrovision
2011-11-16 18:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At44.job
2011-11-16 18:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At43.job
2011-11-16 18:07 - 2011-11-16 18:07 - 0000000 ____D C:\Users\UserNameWasHere\AppData\Roaming\SUPERAntiSpyware.com
2011-11-16 18:07 - 2011-11-16 18:06 - 0000000 ____D C:\Program Files\SUPERAntiSpyware
2011-11-16 18:06 - 2011-11-16 18:06 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2011-11-16 18:06 - 2011-11-16 18:06 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2011-11-16 17:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At42.job
2011-11-16 17:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At41.job
2011-11-16 16:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At40.job
2011-11-16 16:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At39.job
2011-11-16 15:54 - 2009-04-23 08:53 - 0060304 ____A C:\Users\UserNameWasHere\g2mdlhlpx.exe
2011-11-16 15:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At38.job
2011-11-16 15:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At37.job
2011-11-16 14:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At36.job
2011-11-16 14:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At35.job
2011-11-16 13:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At34.job
2011-11-16 13:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At33.job
2011-11-16 13:13 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At21.job
2011-11-16 13:10 - 2011-11-16 13:10 - 0000000 ____D C:\Program Files (x86)\QuickTime
2011-11-16 13:10 - 2008-10-06 07:51 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-11-16 13:10 - 2008-10-06 07:51 - 0000000 ____D C:\ProgramData\Apple Computer
2011-11-16 12:47 - 2011-11-16 12:46 - 0002973 ____A C:\Windows\SysWOW64\jupdate-1.6.0_29-b11.log
2011-11-16 12:47 - 2010-04-28 04:50 - 0000000 ____D C:\Program Files (x86)\Java
2011-11-16 12:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At32.job
2011-11-16 12:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At31.job
2011-11-16 11:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At30.job
2011-11-16 11:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At29.job
2011-11-16 11:07 - 2006-11-02 05:33 - 0000000 ___SD C:\Windows\Downloaded Program Files
2011-11-16 10:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At28.job
2011-11-16 10:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At27.job
2011-11-16 09:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At26.job
2011-11-16 09:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At25.job
2011-11-16 08:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At24.job
2011-11-16 08:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At23.job
2011-11-16 07:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At22.job
2011-11-16 06:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At20.job
2011-11-16 06:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At19.job
2011-11-16 05:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At18.job
2011-11-16 05:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At17.job
2011-11-16 04:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At16.job
2011-11-16 04:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At15.job
2011-11-16 03:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At14.job
2011-11-16 03:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At13.job
2011-11-16 02:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At12.job
2011-11-16 02:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At11.job
2011-11-16 01:36 - 2011-11-15 11:37 - 0000348 ____A C:\Windows\Tasks\At10.job
2011-11-16 01:36 - 2011-11-15 11:37 - 0000346 ____A C:\Windows\Tasks\At9.job
2011-11-15 12:16 - 2011-11-15 12:16 - 0002052 ____A C:\Windows\epplauncher.mif
2011-11-15 11:41 - 2011-11-15 11:37 - 0000112 ____A C:\Users\All Users\VU15iCD.dat
2011-11-15 11:41 - 2011-11-15 11:37 - 0000112 ____A C:\ProgramData\VU15iCD.dat
2011-11-15 11:27 - 2008-10-04 20:11 - 0000000 ____D C:\Users\All Users\NVIDIA
2011-11-15 11:27 - 2008-10-04 20:11 - 0000000 ____D C:\ProgramData\NVIDIA
2011-11-14 21:23 - 2008-10-04 19:15 - 0000000 ____D C:\users\UserNameWasHere
2011-11-14 20:59 - 2011-11-07 23:35 - 0000000 ____D C:\NVIDIA
2011-11-14 19:01 - 2011-11-14 19:01 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-14 19:00 - 2011-11-14 19:00 - 0019930 ____A C:\TDSSKiller.2.6.18.0_14.11.2011_22.00.25_log.txt
2011-11-14 18:17 - 2008-10-22 07:57 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-11-14 16:42 - 2011-11-14 16:42 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2011-11-14 16:42 - 2011-11-14 16:42 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2011-11-14 16:32 - 2011-11-14 16:32 - 0000272 ____A C:\Windows\reimage.ini
2011-11-14 01:38 - 2011-10-06 18:53 - 0000000 ____D C:\Users\UserNameWasHere\Desktop\To Store and Backup
2011-11-14 01:30 - 2011-11-14 01:30 - 0001489 ____A C:\Users\UserNameWasHere\.recently-used.xbel
2011-11-13 21:16 - 2006-11-02 05:34 - 0000000 ___HD C:\Windows\System32\GroupPolicyUsers
2011-11-13 20:01 - 2011-11-13 20:01 - 0000000 ____D C:\Windows\System32\Macromed
2011-11-13 20:01 - 2011-05-18 11:33 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-11-13 17:42 - 2011-11-13 17:42 - 0019964 ____A C:\TDSSKiller.2.6.18.0_13.11.2011_20.42.40_log.txt
2011-11-13 17:42 - 2011-11-13 17:40 - 0001918 ____A C:\TDSSKiller.2.6.16.0_13.11.2011_20.40.57_log.txt
2011-11-13 17:31 - 2011-11-13 17:31 - 0000000 ____D C:\Program Files (x86)\5BE17
2011-11-13 17:30 - 2011-11-13 17:30 - 0000000 ____D C:\Windows\system64
2011-11-13 17:30 - 2011-11-13 17:30 - 0000000 ____D C:\Program Files (x86)\LP
2011-08-24 09:35 - 2011-08-24 09:35 - 0033280 ____A C:\Users\UserNameWasHere\Desktop\dpmo-calculator.xls
2011-08-23 22:28 - 2008-10-07 19:00 - 0000000 ___RD C:\Program Files (x86)\Skype
2011-08-23 22:27 - 2008-10-07 19:00 - 0000000 ____D C:\Users\All Users\Skype
2011-08-23 22:27 - 2008-10-07 19:00 - 0000000 ____D C:\ProgramData\Skype

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 26%
Total physical RAM: 2045.88 MB
Available physical RAM: 1502.83 MB
Total Pagefile: 1847.96 MB
Available Pagefile: 1576.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (STRIPED SYSTEM) (Fixed) (Total:558.92 GB) (Free:74.97 GB) NTFS ==>[Boot] ==>[OS]
6 Drive h: (DriveNameWasHere) (Removable) (Total:1.86 GB) (Free:1.75 GB) FAT
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS


Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Dynamic Data 993 KB 32 KB
Partition 2 Dynamic Data 559 GB 1024 KB
Partition 3 Dynamic Data 256 KB 559 GB

Partition 2
Hidden: Yes
Active: Yes Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C STRIPED SYS NTFS Simple 559 GB Healthy

==========================================================

Last Boot: 2011-11-17 00:15

======================= End Of Log ==========================

I do hope you can help get 'er cleaned up and back in business!

Edited by frrstrn, 18 November 2011 - 09:31 PM.


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:11 PM

Posted 22 November 2011 - 07:47 AM

Hello frrstrn,

Welcome to Bleeping Computer.:)

I understand you have boot issue. If the issue is not yet resolved please let me know.

#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:11 PM

Posted 27 November 2011 - 06:33 AM

This thread will now be closed due to lack of activity.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users