Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problem, Folders Empty


  • Please log in to reply
15 replies to this topic

#1 idevious

idevious

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:00 AM

Posted 21 January 2012 - 01:28 AM

Mod Edit: Split from topic at http://www.bleepingcomputer.com/forums/topic403289.html/page__st__15__p__2564534#entry2564534 ~ Hamluis.

Hello,

I have the same problem you tried to resolve for this member. I, however, did get different results after running system lock. Would you please tell me the next steps. Thank you . The text is below:

SystemLook 30.07.11 by jpshortstuff
Log created at 22:18 on 20/01/2012 by Isabel
Administrator - Elevation successful

========== dir ==========

C:\Users\Isabel\AppData\Local\Temp\smtmp - Parameters: "/s"

---Files---
None found.

C:\Users\Isabel\AppData\Local\Temp\smtmp\1 d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Accessories d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Accessories\Accessibility d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Accessories\System Tools d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Accessories\Tablet PC d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Accessories\Windows PowerShell d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\AVS4YOU d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\AVS4YOU\Video d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\BlackBerry d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Brother d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Brother\MFC-8480DN LAN d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Brother\MFC-8480DN LAN\PC-FAX Receiving d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Brother\MFC-8480DN LAN\PC-FAX Sending d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Brother\MFC-8480DN LAN\Scanner Settings d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Camera Assistant Software d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\CCleaner d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\CyberLink PowerCinema for TOSHIBA d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\DVD MovieFactory for TOSHIBA d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\DVD MovieFactory for TOSHIBA\User Manual d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Extras and Upgrades d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\ffdshow d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\FileZilla FTP Client d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Games d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\HP d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\HP\HP Officejet Pro 8500 A910 d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\HP\Officejet Pro L7000 Series d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\ImageConverter Plus d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Intel PROSet Wireless d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Intel® Matrix Storage Manager d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\iTunes d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\LiveUpdate Notice d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Maintenance d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Microsoft Office\Microsoft Office 2010 Tools d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Microsoft Silverlight d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Microsoft Works d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Motorola d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Motorola\Mobile Drivers d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\NXP FM Tuner d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\QuickBooks d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\QuickTime d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\ScanSoft PaperPort 11 d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\SharePoint d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Skype d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Startup d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Tablet PC d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Tether d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\CD&DVD Applications d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\ConfigFree d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Speech System d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA\Utilities d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA DVD PLAYER d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA Games d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\TOSHIBA Support d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Windows Live d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Windows Media d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Windows Media\Utilities d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\WinRAR d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\WinZip d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Wondershare d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Wondershare\Video Converter Ultimate d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Xilisoft d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Xilisoft\AVI to DVD Converter 6 d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\Yahoo! Messenger d------ [04:19 19/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\2 d------ [04:19 19/01/2012]
System Check.lnk --a---- 640 bytes [23:00 17/01/2012] [23:00 17/01/2012]

C:\Users\Isabel\AppData\Local\Temp\smtmp\4 d------ [04:19 19/01/2012]
CCleaner.lnk --a---- 781 bytes [03:24 19/01/2012] [03:24 19/01/2012]

-= EOF =-

Edited by hamluis, 21 January 2012 - 11:22 AM.
Split, PM sent new OP.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:00 AM

Posted 21 January 2012 - 09:55 PM

1. Copy the entire content of this folder:
C:\Users\user_name\AppData\Local\Temp\smtmp\1
and paste it to this folder:
c:\program data/microsoft/windows/start menu


Copy the entire content of this folder:
C:\Users\user_name\AppData\Local\Temp\smtmp\4
and paste it to this folder:
C:\Users\Public\Desktop

Delete the 2 folder ,just follow the instructions for 1 & 4 alone.

Please post the your malwarebytes clean log



Download

TDSSkiller

Launch it Click on "Scan".Please post the LOG report


Please download GMER from here(does'nt work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Edited by narenxp, 21 January 2012 - 09:56 PM.


#3 idevious

idevious
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:00 AM

Posted 26 January 2012 - 01:25 AM

Hello,

I apologize. I did not see your post until now. I recovered some additional items, but I am still missing some programs and some very important files. I ran the TDSSKiller, this is the log:

22:11:11.0724 5804 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
22:11:12.0395 5804 ============================================================
22:11:12.0395 5804 Current date / time: 2012/01/25 22:11:12.0395
22:11:12.0395 5804 SystemInfo:
22:11:12.0395 5804
22:11:12.0395 5804 OS Version: 6.0.6002 ServicePack: 2.0
22:11:12.0395 5804 Product type: Workstation
22:11:12.0395 5804 ComputerName: ISABEL-PC
22:11:12.0395 5804 UserName: Isabel
22:11:12.0395 5804 Windows directory: C:\Windows
22:11:12.0395 5804 System windows directory: C:\Windows
22:11:12.0395 5804 Running under WOW64
22:11:12.0395 5804 Processor architecture: Intel x64
22:11:12.0395 5804 Number of processors: 2
22:11:12.0395 5804 Page size: 0x1000
22:11:12.0395 5804 Boot type: Normal boot
22:11:12.0395 5804 ============================================================
22:11:16.0295 5804 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:11:16.0310 5804 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:11:17.0356 5804 Initialize success
22:11:27.0033 8076 ============================================================
22:11:27.0033 8076 Scan started
22:11:27.0033 8076 Mode: Manual;
22:11:27.0033 8076 ============================================================
22:11:33.0227 8076 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
22:11:33.0227 8076 ACPI - ok
22:11:33.0429 8076 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
22:11:33.0429 8076 adp94xx - ok
22:11:33.0570 8076 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
22:11:33.0570 8076 adpahci - ok
22:11:33.0601 8076 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
22:11:33.0601 8076 adpu160m - ok
22:11:33.0710 8076 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
22:11:33.0710 8076 adpu320 - ok
22:11:33.0835 8076 AegisP (8dfc8e5a84be243b2bd1bfa0465aa5f2) C:\Windows\system32\DRIVERS\AegisP.sys
22:11:33.0835 8076 AegisP - ok
22:11:33.0991 8076 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
22:11:33.0991 8076 AFD - ok
22:11:34.0100 8076 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
22:11:34.0116 8076 agp440 - ok
22:11:34.0209 8076 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
22:11:34.0225 8076 aic78xx - ok
22:11:34.0334 8076 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
22:11:34.0334 8076 aliide - ok
22:11:34.0428 8076 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
22:11:34.0428 8076 amdide - ok
22:11:34.0537 8076 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
22:11:34.0553 8076 AmdK8 - ok
22:11:34.0693 8076 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
22:11:34.0693 8076 arc - ok
22:11:34.0833 8076 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
22:11:34.0833 8076 arcsas - ok
22:11:34.0943 8076 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
22:11:34.0943 8076 AsyncMac - ok
22:11:35.0037 8076 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
22:11:35.0037 8076 atapi - ok
22:11:35.0864 8076 BlackBox - ok
22:11:35.0973 8076 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
22:11:35.0973 8076 blbdrive - ok
22:11:36.0052 8076 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
22:11:36.0052 8076 bowser - ok
22:11:36.0177 8076 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
22:11:36.0177 8076 BrFiltLo - ok
22:11:36.0473 8076 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
22:11:36.0567 8076 BrFiltUp - ok
22:11:37.0644 8076 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
22:11:37.0644 8076 Brserid - ok
22:11:37.0691 8076 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
22:11:37.0707 8076 BrSerWdm - ok
22:11:37.0816 8076 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
22:11:37.0816 8076 BrUsbMdm - ok
22:11:37.0925 8076 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
22:11:37.0925 8076 BrUsbSer - ok
22:11:37.0988 8076 BTCFilterService - ok
22:11:38.0207 8076 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
22:11:38.0223 8076 BthEnum - ok
22:11:38.0394 8076 BTHMODEM (72f70a38bb15252eb7c4da7ba3bd4ed1) C:\Windows\system32\DRIVERS\bthmodem.sys
22:11:38.0394 8076 BTHMODEM - ok
22:11:38.0503 8076 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
22:11:38.0519 8076 BthPan - ok
22:11:38.0971 8076 BTHPORT (e1466882252ff51edde48c3f7eda2591) C:\Windows\system32\Drivers\BTHport.sys
22:11:38.0987 8076 BTHPORT - ok
22:11:39.0112 8076 BTHUSB (970192cded77a128e7e30722e5ee6b9c) C:\Windows\system32\Drivers\BTHUSB.sys
22:11:39.0112 8076 BTHUSB - ok
22:11:39.0533 8076 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys
22:11:39.0549 8076 BTWAMPFL - ok
22:11:39.0627 8076 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys
22:11:39.0627 8076 btwaudio - ok
22:11:39.0829 8076 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\drivers\btwavdt.sys
22:11:39.0829 8076 btwavdt - ok
22:11:39.0970 8076 btwl2cap (346b4051b3d7ff70e8f027869b8eca6e) C:\Windows\system32\DRIVERS\btwl2cap.sys
22:11:39.0970 8076 btwl2cap - ok
22:11:40.0095 8076 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
22:11:40.0095 8076 btwrchid - ok
22:11:40.0204 8076 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
22:11:40.0204 8076 cdfs - ok
22:11:40.0360 8076 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
22:11:40.0360 8076 cdrom - ok
22:11:40.0516 8076 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
22:11:40.0516 8076 circlass - ok
22:11:40.0734 8076 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
22:11:40.0734 8076 CLFS - ok
22:11:41.0109 8076 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
22:11:41.0109 8076 CmBatt - ok
22:11:41.0249 8076 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
22:11:41.0249 8076 cmdide - ok
22:11:41.0467 8076 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
22:11:41.0467 8076 Compbatt - ok
22:11:41.0764 8076 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
22:11:41.0764 8076 crcdisk - ok
22:11:42.0357 8076 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
22:11:42.0357 8076 DfsC - ok
22:11:42.0887 8076 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
22:11:42.0887 8076 disk - ok
22:11:43.0199 8076 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
22:11:43.0199 8076 drmkaud - ok
22:11:43.0605 8076 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
22:11:43.0667 8076 DXGKrnl - ok
22:11:44.0931 8076 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
22:11:44.0946 8076 E1G60 - ok
22:11:45.0695 8076 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
22:11:45.0695 8076 Ecache - ok
22:11:45.0913 8076 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
22:11:45.0913 8076 elxstor - ok
22:11:46.0132 8076 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
22:11:46.0147 8076 ErrDev - ok
22:11:46.0428 8076 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
22:11:46.0428 8076 exfat - ok
22:11:46.0600 8076 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
22:11:46.0615 8076 fastfat - ok
22:11:46.0803 8076 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
22:11:46.0803 8076 fdc - ok
22:11:47.0052 8076 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
22:11:47.0052 8076 FileInfo - ok
22:11:47.0256 8076 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
22:11:47.0256 8076 Filetrace - ok
22:11:47.0443 8076 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:11:47.0443 8076 flpydisk - ok
22:11:47.0552 8076 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
22:11:47.0568 8076 FltMgr - ok
22:11:47.0708 8076 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
22:11:47.0708 8076 fssfltr - ok
22:11:47.0740 8076 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
22:11:47.0740 8076 Fs_Rec - ok
22:11:47.0880 8076 FwLnk (6d06b5eebba23c16789efc820ee1f253) C:\Windows\system32\DRIVERS\FwLnk.sys
22:11:47.0880 8076 FwLnk - ok
22:11:48.0020 8076 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
22:11:48.0020 8076 gagp30kx - ok
22:11:48.0302 8076 GEARAspiWDM (cb121f1009623e83ebcc2c4dcef6d3fe) C:\Windows\system32\Drivers\GEARAspiWDM.sys
22:11:48.0302 8076 GEARAspiWDM - ok
22:11:48.0552 8076 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
22:11:48.0552 8076 HdAudAddService - ok
22:11:48.0614 8076 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:11:48.0645 8076 HDAudBus - ok
22:11:48.0723 8076 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
22:11:48.0723 8076 HidBth - ok
22:11:48.0770 8076 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
22:11:48.0801 8076 HidIr - ok
22:11:49.0051 8076 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
22:11:49.0051 8076 HidUsb - ok
22:11:49.0191 8076 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
22:11:49.0191 8076 HpCISSs - ok
22:11:49.0379 8076 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
22:11:49.0379 8076 HTTP - ok
22:11:49.0519 8076 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
22:11:49.0519 8076 i2omp - ok
22:11:49.0691 8076 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
22:11:49.0691 8076 i8042prt - ok
22:11:49.0847 8076 iaStor (16a4671255cfb842225f0fdb6dbdb414) C:\Windows\system32\DRIVERS\iaStor.sys
22:11:49.0847 8076 iaStor - ok
22:11:49.0878 8076 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
22:11:49.0878 8076 iaStorV - ok
22:11:50.0658 8076 igfx (0c00f469ca113ec191e916d4590d68b6) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:11:51.0438 8076 igfx - ok
22:11:51.0594 8076 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
22:11:51.0594 8076 iirsp - ok
22:11:51.0921 8076 IntcAzAudAddService (f93149ce3e6a866c5f42878bcff34b6a) C:\Windows\system32\drivers\RTKVHD64.sys
22:11:52.0031 8076 IntcAzAudAddService - ok
22:11:52.0155 8076 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
22:11:52.0155 8076 intelide - ok
22:11:52.0296 8076 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
22:11:52.0296 8076 intelppm - ok
22:11:52.0436 8076 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:11:52.0436 8076 IpFilterDriver - ok
22:11:52.0545 8076 IpInIp - ok
22:11:52.0608 8076 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
22:11:52.0608 8076 IPMIDRV - ok
22:11:52.0733 8076 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
22:11:52.0733 8076 IPNAT - ok
22:11:52.0904 8076 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
22:11:52.0904 8076 IRENUM - ok
22:11:53.0045 8076 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
22:11:53.0060 8076 isapnp - ok
22:11:53.0169 8076 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
22:11:53.0169 8076 iScsiPrt - ok
22:11:53.0279 8076 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
22:11:53.0279 8076 iteatapi - ok
22:11:53.0575 8076 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
22:11:53.0575 8076 iteraid - ok
22:11:53.0684 8076 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
22:11:53.0684 8076 kbdclass - ok
22:11:54.0027 8076 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
22:11:54.0043 8076 kbdhid - ok
22:11:54.0339 8076 KR10I64 (7c999f96b239e214154db3c808e6736a) C:\Windows\system32\drivers\kr10i64.sys
22:11:54.0339 8076 KR10I64 - ok
22:11:54.0542 8076 KR10N64 (8cb9a9164d4e789424f943fa718fa3f2) C:\Windows\system32\drivers\kr10n64.sys
22:11:54.0542 8076 KR10N64 - ok
22:11:54.0901 8076 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
22:11:54.0901 8076 KSecDD - ok
22:11:55.0197 8076 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
22:11:55.0197 8076 ksthunk - ok
22:11:55.0681 8076 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
22:11:55.0681 8076 lltdio - ok
22:11:56.0337 8076 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
22:11:56.0429 8076 LSI_FC - ok
22:11:56.0459 8076 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
22:11:56.0462 8076 LSI_SAS - ok
22:11:56.0495 8076 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
22:11:56.0497 8076 LSI_SCSI - ok
22:11:56.0521 8076 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
22:11:56.0524 8076 luafv - ok
22:11:57.0208 8076 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
22:11:57.0211 8076 MBAMProtector - ok
22:11:57.0552 8076 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
22:11:57.0552 8076 megasas - ok
22:11:57.0849 8076 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
22:11:57.0849 8076 MegaSR - ok
22:11:58.0301 8076 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
22:11:58.0301 8076 Modem - ok
22:11:58.0878 8076 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
22:11:58.0894 8076 monitor - ok
22:11:58.0972 8076 motccgp - ok
22:11:59.0050 8076 motccgpfl - ok
22:11:59.0144 8076 motmodem - ok
22:11:59.0300 8076 MotoSwitchService - ok
22:11:59.0565 8076 Motousbnet - ok
22:11:59.0580 8076 motusbdevice - ok
22:11:59.0674 8076 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
22:11:59.0674 8076 mouclass - ok
22:12:00.0064 8076 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
22:12:00.0064 8076 mouhid - ok
22:12:00.0267 8076 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
22:12:00.0267 8076 MountMgr - ok
22:12:00.0516 8076 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
22:12:00.0969 8076 MpFilter - ok
22:12:01.0469 8076 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
22:12:01.0531 8076 mpio - ok
22:12:02.0015 8076 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:12:02.0015 8076 MpNWMon - ok
22:12:02.0093 8076 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
22:12:02.0093 8076 mpsdrv - ok
22:12:02.0296 8076 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
22:12:02.0296 8076 Mraid35x - ok
22:12:02.0453 8076 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
22:12:02.0468 8076 MRxDAV - ok
22:12:02.0936 8076 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:12:02.0983 8076 mrxsmb - ok
22:12:03.0436 8076 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:12:03.0436 8076 mrxsmb10 - ok
22:12:03.0560 8076 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:12:03.0560 8076 mrxsmb20 - ok
22:12:03.0716 8076 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
22:12:03.0716 8076 msahci - ok
22:12:03.0826 8076 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
22:12:03.0826 8076 msdsm - ok
22:12:03.0888 8076 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
22:12:03.0888 8076 Msfs - ok
22:12:04.0060 8076 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
22:12:04.0060 8076 msisadrv - ok
22:12:04.0247 8076 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
22:12:04.0247 8076 MSKSSRV - ok
22:12:04.0403 8076 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
22:12:04.0403 8076 MSPCLOCK - ok
22:12:04.0450 8076 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
22:12:04.0450 8076 MSPQM - ok
22:12:04.0668 8076 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
22:12:04.0668 8076 MsRPC - ok
22:12:04.0762 8076 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
22:12:04.0762 8076 mssmbios - ok
22:12:04.0824 8076 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
22:12:04.0840 8076 MSTEE - ok
22:12:04.0933 8076 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
22:12:04.0933 8076 Mup - ok
22:12:05.0136 8076 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
22:12:05.0136 8076 NativeWifiP - ok
22:12:05.0588 8076 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
22:12:05.0604 8076 NDIS - ok
22:12:05.0729 8076 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
22:12:05.0729 8076 NdisTapi - ok
22:12:05.0776 8076 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
22:12:05.0776 8076 Ndisuio - ok
22:12:05.0916 8076 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
22:12:05.0916 8076 NdisWan - ok
22:12:06.0025 8076 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
22:12:06.0025 8076 NDProxy - ok
22:12:06.0259 8076 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
22:12:06.0275 8076 NetBIOS - ok
22:12:06.0415 8076 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
22:12:06.0431 8076 netbt - ok
22:12:07.0492 8076 NETw4v64 (896df962e76276c17127fc17db3e916b) C:\Windows\system32\DRIVERS\NETw4v64.sys
22:12:09.0738 8076 NETw4v64 - ok
22:12:10.0253 8076 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
22:12:10.0253 8076 nfrd960 - ok
22:12:10.0346 8076 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:12:10.0346 8076 NisDrv - ok
22:12:10.0440 8076 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
22:12:10.0440 8076 Npfs - ok
22:12:10.0487 8076 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
22:12:10.0487 8076 nsiproxy - ok
22:12:11.0236 8076 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
22:12:11.0251 8076 Ntfs - ok
22:12:11.0906 8076 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
22:12:11.0906 8076 NuidFltr - ok
22:12:12.0000 8076 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
22:12:12.0016 8076 Null - ok
22:12:12.0062 8076 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
22:12:12.0218 8076 nvraid - ok
22:12:12.0655 8076 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
22:12:12.0655 8076 nvstor - ok
22:12:12.0718 8076 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
22:12:12.0718 8076 nv_agp - ok
22:12:12.0733 8076 NwlnkFlt - ok
22:12:12.0749 8076 NwlnkFwd - ok
22:12:12.0889 8076 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
22:12:12.0889 8076 ohci1394 - ok
22:12:13.0014 8076 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
22:12:13.0014 8076 Parport - ok
22:12:13.0108 8076 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
22:12:13.0108 8076 partmgr - ok
22:12:13.0279 8076 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
22:12:13.0279 8076 pci - ok
22:12:13.0342 8076 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
22:12:13.0342 8076 pciide - ok
22:12:13.0466 8076 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
22:12:13.0466 8076 pcmcia - ok
22:12:13.0810 8076 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
22:12:13.0825 8076 PEAUTH - ok
22:12:14.0106 8076 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
22:12:14.0106 8076 PptpMiniport - ok
22:12:14.0168 8076 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
22:12:14.0168 8076 Processor - ok
22:12:14.0309 8076 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
22:12:14.0309 8076 PSched - ok
22:12:14.0746 8076 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
22:12:14.0777 8076 ql2300 - ok
22:12:14.0855 8076 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
22:12:14.0855 8076 ql40xx - ok
22:12:14.0995 8076 qrkis (e92ca234469cc386ad81b9db924fe9d4) C:\Windows\system32\DRIVERS\qrkis.sys
22:12:14.0995 8076 qrkis - ok
22:12:15.0136 8076 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
22:12:15.0136 8076 QWAVEdrv - ok
22:12:15.0182 8076 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
22:12:15.0182 8076 RasAcd - ok
22:12:15.0323 8076 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:12:15.0338 8076 Rasl2tp - ok
22:12:15.0416 8076 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
22:12:15.0432 8076 RasPppoe - ok
22:12:15.0510 8076 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
22:12:15.0526 8076 RasSstp - ok
22:12:15.0822 8076 rcmirror (96597c96d5acf4a3ef0b24d396853879) C:\Windows\system32\DRIVERS\rcmirror.sys
22:12:15.0822 8076 rcmirror - ok
22:12:16.0025 8076 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
22:12:16.0040 8076 rdbss - ok
22:12:16.0134 8076 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:12:16.0150 8076 RDPCDD - ok
22:12:16.0321 8076 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
22:12:16.0337 8076 rdpdr - ok
22:12:16.0384 8076 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
22:12:16.0384 8076 RDPENCDD - ok
22:12:16.0540 8076 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
22:12:16.0540 8076 RDPWD - ok
22:12:16.0884 8076 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
22:12:16.0884 8076 RFCOMM - ok
22:12:17.0040 8076 rimmptsk (d13d70fac45fc1df69f88559b1f72f0a) C:\Windows\system32\DRIVERS\rimmpx64.sys
22:12:17.0055 8076 rimmptsk - ok
22:12:17.0165 8076 rimsptsk (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys
22:12:17.0165 8076 rimsptsk - ok
22:12:17.0180 8076 RimUsb - ok
22:12:17.0321 8076 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
22:12:17.0336 8076 RimVSerPort - ok
22:12:17.0445 8076 rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys
22:12:17.0461 8076 rismxdp - ok
22:12:17.0556 8076 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
22:12:17.0556 8076 ROOTMODEM - ok
22:12:17.0805 8076 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
22:12:17.0821 8076 rspndr - ok
22:12:17.0883 8076 RTHDMIAzAudService - ok
22:12:18.0086 8076 RTL8169 (b263b3aebcde2210d1cc25756601b8ea) C:\Windows\system32\DRIVERS\Rtlh64.sys
22:12:18.0102 8076 RTL8169 - ok
22:12:18.0492 8076 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:12:18.0492 8076 SASDIFSV - ok
22:12:18.0664 8076 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:12:18.0664 8076 SASKUTIL - ok
22:12:18.0773 8076 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
22:12:18.0773 8076 sbp2port - ok
22:12:18.0945 8076 sdbus (be100bc2be2513314c717bb2c4cfff10) C:\Windows\system32\DRIVERS\sdbus.sys
22:12:18.0945 8076 sdbus - ok
22:12:19.0085 8076 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:12:19.0085 8076 secdrv - ok
22:12:19.0304 8076 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
22:12:19.0319 8076 Serenum - ok
22:12:19.0444 8076 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
22:12:19.0444 8076 Serial - ok
22:12:19.0569 8076 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
22:12:19.0569 8076 sermouse - ok
22:12:19.0788 8076 sffdisk (3a19c899bcf0ea24cfec2038e6a489db) C:\Windows\system32\DRIVERS\sffdisk.sys
22:12:19.0788 8076 sffdisk - ok
22:12:19.0976 8076 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
22:12:19.0976 8076 sffp_mmc - ok
22:12:20.0553 8076 sffp_sd (fdca63a2eee528585eb66ceac183ec22) C:\Windows\system32\DRIVERS\sffp_sd.sys
22:12:20.0553 8076 sffp_sd - ok
22:12:20.0663 8076 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
22:12:20.0663 8076 sfloppy - ok
22:12:20.0803 8076 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
22:12:20.0803 8076 SiSRaid2 - ok
22:12:20.0897 8076 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
22:12:20.0913 8076 SiSRaid4 - ok
22:12:20.0991 8076 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
22:12:21.0006 8076 Smb - ok
22:12:21.0115 8076 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
22:12:21.0115 8076 spldr - ok
22:12:21.0381 8076 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
22:12:21.0396 8076 srv - ok
22:12:21.0537 8076 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
22:12:21.0537 8076 srv2 - ok
22:12:21.0693 8076 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
22:12:21.0693 8076 srvnet - ok
22:12:21.0849 8076 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
22:12:21.0849 8076 StillCam - ok
22:12:21.0958 8076 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
22:12:21.0958 8076 swenum - ok
22:12:22.0020 8076 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
22:12:22.0020 8076 Symc8xx - ok
22:12:22.0129 8076 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
22:12:22.0129 8076 Sym_hi - ok
22:12:22.0207 8076 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
22:12:22.0207 8076 Sym_u3 - ok
22:12:22.0410 8076 SynTP (d8edb37f6e235a47e12f1eafd85c2b6f) C:\Windows\system32\DRIVERS\SynTP.sys
22:12:22.0410 8076 SynTP - ok
22:12:23.0549 8076 Tcpip (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\drivers\tcpip.sys
22:12:24.0298 8076 Tcpip - ok
22:12:24.0906 8076 Tcpip6 (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\DRIVERS\tcpip.sys
22:12:24.0922 8076 Tcpip6 - ok
22:12:25.0156 8076 tcpipreg (848f87c604b5e674602498cb51067db6) C:\Windows\system32\drivers\tcpipreg.sys
22:12:25.0171 8076 tcpipreg - ok
22:12:26.0107 8076 tdcmdpst (019e155d0225d76c24936e98d7d65cf6) C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:12:26.0107 8076 tdcmdpst - ok
22:12:26.0263 8076 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
22:12:26.0263 8076 TDPIPE - ok
22:12:26.0326 8076 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
22:12:26.0326 8076 TDTCP - ok
22:12:26.0497 8076 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
22:12:26.0529 8076 tdx - ok
22:12:26.0622 8076 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
22:12:26.0622 8076 TermDD - ok
22:12:26.0779 8076 TetherBridge (8df88785b8eff856bacf1e9b45c3cd9e) C:\Windows\system32\DRIVERS\TBridgeDrv.sys
22:12:26.0795 8076 TetherBridge - ok
22:12:27.0966 8076 Tosrfcom - ok
22:12:28.0075 8076 tosrfec (9fb4aa68d4e833c795994513bc9e3aca) C:\Windows\system32\DRIVERS\tosrfec.sys
22:12:28.0075 8076 tosrfec - ok
22:12:28.0481 8076 tos_sps64 (711ee5ea958c345a50b69abbbd74d646) C:\Windows\system32\DRIVERS\tos_sps64.sys
22:12:28.0481 8076 tos_sps64 - ok
22:12:28.0590 8076 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:12:28.0605 8076 tssecsrv - ok
22:12:28.0715 8076 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
22:12:28.0715 8076 tunmp - ok
22:12:28.0761 8076 tunnel (f6a4fba7c03ac2efd00f3301c0c1e067) C:\Windows\system32\DRIVERS\tunnel.sys
22:12:28.0761 8076 tunnel - ok
22:12:28.0886 8076 TVALZ (9a744cc3d804ec38a6c2c65bc3c6fcd8) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
22:12:28.0886 8076 TVALZ - ok
22:12:28.0980 8076 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
22:12:28.0980 8076 uagp35 - ok
22:12:29.0183 8076 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
22:12:29.0198 8076 udfs - ok
22:12:29.0245 8076 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
22:12:29.0261 8076 uliagpkx - ok
22:12:29.0448 8076 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
22:12:29.0448 8076 uliahci - ok
22:12:29.0619 8076 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
22:12:29.0619 8076 UlSata - ok
22:12:29.0791 8076 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
22:12:29.0807 8076 ulsata2 - ok
22:12:29.0853 8076 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
22:12:29.0869 8076 umbus - ok
22:12:29.0978 8076 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
22:12:29.0978 8076 USBAAPL64 - ok
22:12:30.0134 8076 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
22:12:30.0134 8076 usbccgp - ok
22:12:30.0197 8076 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
22:12:30.0197 8076 usbcir - ok
22:12:30.0353 8076 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
22:12:30.0368 8076 usbehci - ok
22:12:30.0587 8076 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
22:12:30.0587 8076 usbhub - ok
22:12:30.0696 8076 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
22:12:30.0696 8076 usbohci - ok
22:12:30.0774 8076 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
22:12:30.0774 8076 usbprint - ok
22:12:31.0023 8076 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
22:12:31.0023 8076 usbscan - ok
22:12:31.0133 8076 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:12:31.0148 8076 USBSTOR - ok
22:12:31.0257 8076 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
22:12:31.0257 8076 usbuhci - ok
22:12:31.0538 8076 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
22:12:31.0554 8076 usbvideo - ok
22:12:31.0647 8076 UVCFTR (060b7863943625e0193a3575c0c59e52) C:\Windows\system32\Drivers\UVCFTR_S.SYS
22:12:31.0663 8076 UVCFTR - ok
22:12:31.0772 8076 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
22:12:31.0788 8076 vga - ok
22:12:31.0835 8076 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
22:12:31.0835 8076 VgaSave - ok
22:12:31.0897 8076 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
22:12:31.0913 8076 viaide - ok
22:12:32.0100 8076 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
22:12:32.0100 8076 volmgr - ok
22:12:32.0505 8076 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
22:12:32.0505 8076 volmgrx - ok
22:12:33.0535 8076 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
22:12:33.0535 8076 volsnap - ok
22:12:34.0081 8076 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
22:12:34.0097 8076 vsmraid - ok
22:12:34.0159 8076 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
22:12:34.0159 8076 WacomPen - ok
22:12:34.0331 8076 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
22:12:34.0331 8076 Wanarp - ok
22:12:34.0346 8076 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
22:12:34.0346 8076 Wanarpv6 - ok
22:12:34.0455 8076 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
22:12:34.0471 8076 Wd - ok
22:12:34.0799 8076 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:12:34.0799 8076 Wdf01000 - ok
22:12:34.0970 8076 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
22:12:34.0970 8076 WmiAcpi - ok
22:12:35.0079 8076 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
22:12:35.0079 8076 WpdUsb - ok
22:12:35.0173 8076 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
22:12:35.0189 8076 ws2ifsl - ok
22:12:35.0298 8076 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:12:35.0298 8076 WUDFRd - ok
22:12:35.0672 8076 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
22:12:35.0750 8076 \Device\Harddisk0\DR0 - ok
22:12:35.0750 8076 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
22:12:35.0766 8076 \Device\Harddisk1\DR1 - ok
22:12:35.0766 8076 Boot (0x1200) (7cf293777d8aa90724aa80124edd8f51) \Device\Harddisk0\DR0\Partition0
22:12:35.0781 8076 \Device\Harddisk0\DR0\Partition0 - ok
22:12:35.0813 8076 Boot (0x1200) (efe00c14a846d69fdce568c2a156e305) \Device\Harddisk1\DR1\Partition0
22:12:35.0844 8076 \Device\Harddisk1\DR1\Partition0 - ok
22:12:35.0844 8076 ============================================================
22:12:35.0844 8076 Scan finished
22:12:35.0844 8076 ============================================================
22:12:35.0875 5344 Detected object count: 0
22:12:35.0875 5344 Actual detected object count: 0

I am running malaware to copy the clean report, but I have run it a couple of times and no threats were found. I will post the report in about two hours when the scan is completed.

I have a 64 bit OS, so I will skip the GMER step?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:00 AM

Posted 26 January 2012 - 01:38 AM

I recovered some additional items, but I am still missing some programs and some very important files. ///

Download

http://download.bleepingcomputer.com/grinler/unhide.exe

Run it and see if you can recover missing files.

Skip the GMER instructions

Edited by narenxp, 26 January 2012 - 01:38 AM.


#5 idevious

idevious
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:00 AM

Posted 26 January 2012 - 02:45 AM

Great!!! Thank you. I found the files I dreaded having lost.

I still do not have all the program icons, for example quickbooks. I can open the file and start the program in that manner, but I can't find the .exe file.

Thank you so much.

#6 idevious

idevious
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:00 AM

Posted 26 January 2012 - 03:10 AM

Hello,

I completed the aswMBR scan. Here are the results:

aswMBR version 0.9.9.1509 Copyright© 2011 AVAST Software
Run date: 2012-01-25 23:52:03
-----------------------------
23:52:03.309 OS Version: Windows x64 6.0.6002 Service Pack 2
23:52:03.309 Number of processors: 2 586 0xF0D
23:52:03.309 ComputerName: ISABEL-PC UserName: Isabel
23:52:08.644 Initialize success
23:53:26.672 AVAST engine download error: 0
00:06:21.962 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
00:06:21.962 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
00:06:21.962 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
00:06:21.962 Disk 1 Vendor: FUJITSU_ 0040 Size: 238475MB BusType: 3
00:06:22.118 Disk 0 MBR read successfully
00:06:22.118 Disk 0 MBR scan
00:06:22.133 Disk 0 Windows VISTA default MBR code
00:06:22.180 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
00:06:22.243 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 303744 MB offset 3074048
00:06:22.258 Service scanning
00:06:32.086 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
00:06:33.584 Modules scanning
00:06:33.584 Disk 0 trace - called modules:
00:06:33.646 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
00:06:33.662 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80069ac2b0]
00:06:33.662 3 CLASSPNP.SYS[fffffa6000fc9c33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004b79050]
00:06:33.677 Scan finished successfully
00:08:13.691 Disk 0 MBR has been saved successfully to "C:\Users\Isabel\Documents\MBR.dat"
00:08:13.987 The log file has been saved successfully to "C:\Users\Isabel\Documents\aswMBR.txt"

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:00 AM

Posted 26 January 2012 - 03:31 AM

I still do not have all the program icons, for example quickbooks. I can open the file and start the program in that manner, but I can't find the .exe file.
///


C:\Users\Isabel\AppData\Local\Temp\smtmp\1\Programs\QuickBooks d------ [04:19 19/01/2012]


You should have copied it to startmenu.Did you follow my instructions?

If you still miss it.browse to C:/program files quick books folder and manually create a shortcut


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

Minitoolbox

Checkmark following boxes:

* List content of Hosts
* List last 10 Event Viewer log
* List Installed Programs
* List Users, Partitions and Memory size

Click Go and post the result.

Good luck

#8 idevious

idevious
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:00 AM

Posted 26 January 2012 - 03:47 AM

Thank you, yes I did copy the program folder from the smtmp/1 folder to the start folder, and the same with /4. I deleted 2.

I created the quickbooks shortcut. Thank you. I could not see the files before.

I have most everything back, just a few (empty)in the start menu.

I am running the eset scan. I will post the report when it finishes.

Thanks again.

#9 idevious

idevious
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:00 AM

Posted 26 January 2012 - 04:01 AM

Here is the malaware report:

Malwarebytes Anti-Malware (PRO) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.25.02

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Isabel :: ISABEL-PC [administrator]

Protection: Enabled

1/25/2012 10:12:00 PM
mbam-log-2012-01-25 (22-12-00).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 479552
Time elapsed: 2 hour(s), 46 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:00 AM

Posted 26 January 2012 - 04:56 AM

:thumbup2:

#11 idevious

idevious
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:00 AM

Posted 26 January 2012 - 10:04 AM

Here are the results of the ESETscan:

C:\Program Files (x86)\StartNow Toolbar\ReactivateIE.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll a variant of Win32/Toolbar.Zugo application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\StartNow Toolbar\ToolbarBroker.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application cleaned by deleting (after the next restart) - quarantined
C:\Users\Isabel\AppData\Local\Temp\NOD4ADC.tmp a variant of Win32/Toolbar.Zugo application cleaned by deleting (after the next restart) - quarantined
C:\Users\Isabel\AppData\Local\Temp\NOD5068.tmp a variant of Win32/Toolbar.Zugo application cleaned by deleting (after the next restart) - quarantined
C:\Users\Isabel\Documents\Vuze Downloads\Microsoft Office OneNote 2010 CRACKED\Microsoft Office OneNote 2010 CRACKED.zip.exe a variant of Win32/Hoax.ArchSMS.MC application cleaned by deleting - quarantined

#12 idevious

idevious
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:00 AM

Posted 26 January 2012 - 10:10 AM

Here are the results of the MiniToolBar:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Isabel (administrator) on 26-01-2012 at 07:08:43
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost


========================= Event log errors: ===============================

Application errors:
==================
Error: (01/26/2012 00:37:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (01/26/2012 00:36:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (01/26/2012 00:36:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (01/25/2012 10:31:32 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16421, time stamp 0x4d76255d, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000374, fault offset 0x000abc4f,
process id 0x1038, application start time 0xiexplore.exe0.

Error: (01/21/2012 10:47:27 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (01/21/2012 10:47:27 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (01/21/2012 10:47:27 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (01/21/2012 00:33:24 AM) (Source: MsiInstaller) (User: Isabel)Isabel
Description: Product: Apple Software Update -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: SoftwareUpdate_UnregServer, location: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe, command: /UnregServer

Error: (01/21/2012 00:33:24 AM) (Source: MsiInstaller) (User: Isabel)Isabel
Description: Product: iTunes -- There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor.

Error: (01/20/2012 00:46:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/20/2012 11:04:50 PM) (Source: Service Control Manager) (User: )
Description: Apple Mobile Device1600001Restart the service

Error: (01/20/2012 00:46:22 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (01/20/2012 07:38:29 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.119.129.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/19/2012 08:02:18 AM) (Source: Service Control Manager) (User: )
Description: 30000Tether

Error: (01/19/2012 07:10:59 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{B700283B-41B4-43DF-9B32-540E201EE7CD}.
The backup browser is stopping.

Error: (01/19/2012 02:13:10 AM) (Source: Service Control Manager) (User: )
Description: 30000Tether

Error: (01/19/2012 01:00:40 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (01/18/2012 11:07:27 PM) (Source: Service Control Manager) (User: )
Description: QuickBooksDB211

Error: (01/18/2012 08:58:45 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.117.2930.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (01/18/2012 08:56:44 PM) (Source: DCOM) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}


Microsoft Office Sessions:
=========================
Error: (01/26/2012 00:37:01 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Isabel\Desktop\esetsmartinstaller_enu.exe

Error: (01/26/2012 00:36:56 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Isabel\Desktop\esetsmartinstaller_enu.exe

Error: (01/26/2012 00:36:13 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Isabel\Desktop\esetsmartinstaller_enu.exe

Error: (01/25/2012 10:31:32 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255dntdll.dll6.0.6002.185414ec3e39fc0000374000abc4f103801ccd7eff17f967d

Error: (01/21/2012 10:47:27 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (01/21/2012 10:47:27 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (01/21/2012 10:47:27 AM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (01/21/2012 00:33:24 AM) (Source: MsiInstaller)(User: Isabel)Isabel
Description: Product: Apple Software Update -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: SoftwareUpdate_UnregServer, location: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe, command: /UnregServer (NULL)(NULL)(NULL)(NULL)

Error: (01/21/2012 00:33:24 AM) (Source: MsiInstaller)(User: Isabel)Isabel
Description: Product: iTunes -- There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. (NULL)(NULL)(NULL)(NULL)

Error: (01/20/2012 00:46:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
7500_7600_7700_Help1 (Version: 1.00.0000)
Adobe AIR (Version: 2.6.0.19140)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.2.120)
AVS Media Player 4.1.8.93
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Bing Bar (Version: 7.0.609.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
bpd_scan_Carrier (Version: 3.00.0000)
BPDSoftware (Version: 140.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
Brother MFL-Pro Suite (Version: 1.00)
BufferChm (Version: 140.0.213.000)
Camera Assistant Software for Toshiba (Version: 1.7.175.0123)
CCleaner (Version: 3.14)
CD/DVD Drive Acoustic Silencer (Version: 3.01.01)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conduit Engine (Version: )
CyberLink PowerCinema for TOSHIBA (Version: 6.0.1414)
D3DX10 (Version: 15.4.2368.0902)
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD MovieFactory for TOSHIBA (Version: 5.51)
ESET Online Scanner v3
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
FileZilla Client 3.5.3 (Version: 3.5.3)
FM Tuner Utility (Version: 1.5)
GearDrvs (Version: 1.00.0000)
Google Chrome (Version: 16.0.912.77)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.2.2427.2330)
Google Update Helper (Version: 1.3.21.79)
GoToMeeting 4.8.0.723 (Version: 4.8.0.723)
HP OfficeJet L7300/L7500/7600/7700 (Version: 14.0)
HP Officejet Pro 8500 A910 Basic Device Software (Version: 22.50.231.0)
HP Officejet Pro 8500 A910 Help (Version: 140.0.2.2)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
I.R.I.S. OCR (Version: 12.3.4.0)
ICP 9.0
ImageConverter Plus 8.0 (Version: 8.0.105 (build: 110201))
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless Software (Version: 11.5.0000)
Intel® Matrix Storage Manager
iTunes (Version: 10.2.2.14)
Java™ 6 Update 3 (Version: 1.6.0.30)
Junk Mail filter update (Version: 15.4.3502.0922)
L7000_Basic (Version: 140.0.000.000)
LiveUpdate Notice (Symantec Corporation) (Version: 1.4.5)
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Marketsplash Shortcuts (Version: 1.0.1.7)
mCore (Version: 11.02.0000)
mCPlug (Version: 11.00.0000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
mHelp (Version: 11.02.0000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft XML Parser (Version: 8.20.8730.4)
mMHouse (Version: 11.02.0000)
MotoHelper 2.0.53 Driver 5.2.0 (Version: 2.0.53)
MotoHelper MergeModules (Version: 1.0.0)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0)
Mozilla Firefox 4.0 (x86 en-US) (Version: 4.0)
mPfMgr (Version: 11.02.0000)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Network64 (Version: 140.0.215.000)
Norton 360 (Version: 1.2.0.10)
PaperPort Image Printer 64-bit (Version: 1.00.0000)
PDF Settings (Version: 1.0)
QuickBooks (Version: 21.0.4009.904)
QuickBooks Pro 2011 (Version: 21.0.4009.904)
QuickTime (Version: 7.69.80.9)
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5559)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 (Version: 3.54.02)
Scan (Version: 140.0.167.000)
ScanSoft PaperPort 11 (Version: 11.2.0000)
Segoe UI (Version: 15.4.2271.0615)
Skype Click to Call (Version: 5.8.8855)
Skype™ 5.5 (Version: 5.5.124)
StartNow Toolbar (Version: 2.4.0)
SUPERAntiSpyware (Version: 5.0.1142)
SupportSoft Assisted Service (Version: 15)
Synaptics Pointing Device Driver (Version: 11.2.4.0)
Tether 1.1.0.6
Toolbox (Version: 140.0.428.000)
Toshiba Assist (Version: 3.00.03)
TOSHIBA ConfigFree (Version: 7.1.27)
TOSHIBA Disc Creator (Version: 2.0.1.1a for x64)
TOSHIBA DVD PLAYER (Version: 1.20.10)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: )
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Face Recognition (Version: 1.0.3.64)
TOSHIBA Games (Version: 1.0.0.43)
TOSHIBA Hardware Setup (Version: 2.00.06)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA SD Memory Utilities (Version: 1.9.1.5)
TOSHIBA Software Upgrades (Version: 4.3)
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.03)
TOSHIBA Value Added Package (Version: 1.1.14.64)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Verizon V CAST Media Manager
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Vuze (Version: 4.6)
Vuze Remote Toolbar (Version: 6.2.7.3)
WebReg (Version: 140.0.213.017)
WIDCOMM Bluetooth Software (Version: 6.3.0.8200)
Windows Driver Package - TOSHIBA (FwLnk) System (11/19/2006 1.0.0.3) (Version: 11/19/2006 1.0.0.3)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Wondershare Video Converter Ultimate(Build 5.7.1.1)
Xilisoft AVI to DVD Converter (Version: 7.0.3.1214)
Xilisoft AVI to DVD Converter 6 (Version: 6.2.5.0823)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 72%
Total physical RAM: 4085.03 MB
Available physical RAM: 1143.13 MB
Total Pagefile: 8365.32 MB
Available Pagefile: 4743.16 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.32 MB

========================= Partitions: =====================================

1 Drive c: (SQ004709V01) (Fixed) (Total:296.62 GB) (Free:135.29 GB) NTFS
2 Drive d: () (Fixed) (Total:232.88 GB) (Free:11.44 GB) NTFS

========================= Users: ========================================

User accounts for \\ISABEL-PC

Administrator Guest Isabel
QBDataServiceUser18 QBDataServiceUser21


**** End of log ****

#13 William Clark

William Clark

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:00 AM

Posted 26 January 2012 - 10:12 AM

I've downloaded combofix twice, the first time it scanned to level 5, the second to level 3, and then locked up, what do I do? William Clark

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:00 AM

Posted 26 January 2012 - 10:52 AM

idevious

Uninstall startnow toolbar,eset online scanner

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot
Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

@William Clark

Please create a new topic

Good luck

Edited by narenxp, 26 January 2012 - 10:52 AM.


#15 idevious

idevious
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:00 AM

Posted 26 January 2012 - 11:58 AM

Hello,

Thank you again for your help. I created a new restore point. I have one last question: When I rebooted, a notepad screen popped up with this text:


[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787

Should I be concerned and this will be normal every time I start up?

Thank you. You have been a godsend.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users