Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop Startup Problems


  • This topic is locked This topic is locked
7 replies to this topic

#1 jarrkk

jarrkk

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 05 April 2012 - 09:21 AM

Hi, I'm having a disaster of a time trying to get my laptop to function lately, and haven't been able to do so in nearly a week.

This is my laptop. Vista Home Premium/ http://uk.computers.toshiba-europe.com/innovation/jsp/SUPPORTSECTION/discontinuedProductPage.do?service=UK&toshibaShop=false&com.broadvision.session.new=Yes&PRODUCT_ID=1058203

It all started last Saturday when I was looking at some books on Amazon, when Firefox crashed, followed by the laptop itself crashing and prevented me from doing anything but turn it off using its physical button.

At start-up, everything seems to be working fine, but every time I turn it on the furthest I get to is the "Please wait" loading screen after the Vista logo has been displayed, nothing really happens at this point, the loading icon continues to spin but nothing ever comes of it (I've left it for hours on end some days to no avail) aside from an occasional blue screen, which even I know is bad news. Earlier today however, I lucked out and got to the login screen. I entered my password, but didn't get past the "welcome" loading screen, so this was probably a one-off.

Sometimes the laptop fails to get to the Vista logo, and gets stuck on the black loading screen with the "© Microsoft Corporation" text.

I tried to use Safe Mode (and its variations) but all freeze and stop loading at AVGIDSEH.sys.

Startup Repair is often something I'm presented with and attempt. While the progress bar is active the text says "Attempting repairs. Repairing disk errors. This might take over an hour tom complete" and occasionally when this is finished I can get myself to a menu which show me several different repair tools, such as System Restore etc. but none have been successful up to now.

Is there anything I can do to fix this? I know I'm going to have to put in the backup disk the laptop prompted me to create back when I first got it, but there are some really invaluable picture on the hard drive which I would prefer to keep. Which is another point I would like to bring up, if there's nothing I am able to do, would it be possible for me to take the hard drive out of the laptop, insert it into another computer as a secondary HDD and rescue the stuff from on there?

If I need to include any further information or if it seems like I've missed any details, let me know. Thanks.

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:22 PM

Posted 05 April 2012 - 09:27 AM

So normal and safe mode do not work?

#3 jarrkk

jarrkk
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 05 April 2012 - 11:24 AM

So normal and safe mode do not work?


Not as far as I'm aware.

Like I said, the furthest I get on average is just past the Vista logo and then there's not really anything else.

#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,689 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:22 PM

Posted 05 April 2012 - 01:43 PM

Lets give it a try. You will need a USB (Flash) pendrive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:22 PM

Posted 05 April 2012 - 03:53 PM

Hello, just letting you know I moved this topic to Here in the Virus, Trojan, Spyware, and Malware Removal Logs forum where it will stay.

Please remember to click the Watch Topic button at the top right and select Immediate Notification so you do not miss any replies now that you were moved.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 jarrkk

jarrkk
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 06 April 2012 - 12:21 PM

[*]It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.[/list]


Thanks for the reply!

I got to the command prompt and opened Notepad, and through the "Open" menu I was able to salvage most of my data that I was looking to rescue by copying them to another spare USB drive. I know this is not what you've recommended me, but this is a load off my mind.

I'll post the information the program retrieved, but now that I've recovered my important files I'll probably just use a recovery disk to sort everything out. But if this is something with a quick fix, I'll of course be open to carrying it out.

Thanks again.

Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 14-03-2012
Ran by SYSTEM at 06-04-2012 15:51:00
Running from G:\
Windows Vista (TM) Home Premium  Service Pack 1 (X86) OS Language: English(US) 
The current controlset is ControlSet040

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START [x]
HKLM\...\Run: [NDSTray.exe] NDSTray.exe [x]
HKLM\...\Run: [cfFncEnabler.exe] cfFncEnabler.exe [x]
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup [30192 2010-07-06] (Google)
HKLM\...\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA [20480 2008-05-28] ( )
HKLM\...\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [103824 2008-04-24] (Toshiba Europe GmbH)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [150040 2008-06-25] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [170520 2008-06-25] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [145944 2008-06-25] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [Skytel] Skytel.exe [x]
HKLM\...\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start [417792 2008-04-29] (Chicony)
HKLM\...\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [716800 2008-04-26] (TOSHIBA Corporation.)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-01-17] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [509816 2008-01-25] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [716800 2008-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [574864 2008-01-10] (Toshiba)
HKLM\...\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [51048 2008-10-17] (Symantec Corporation)
HKLM\...\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe" [988512 2008-02-26] (Symantec Corporation)
HKLM\...\Run: [Conime] %windir%\system32\conime.exe [x]
HKLM\...\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [1638400 2010-09-01] (Eastman Kodak Company)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [3744552 2011-11-28] (AVAST Software)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421736 2012-03-06] (Apple Inc.)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Default\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Default User\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\Jack\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe [1233920 2009-04-10] (Microsoft Corporation)
HKU\Jack\...\Run: [TOSCDSPD] TOSCDSPD.EXE [x]
HKU\Jack\...\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background [3872080 2010-04-16] (Microsoft Corporation)
HKU\Jack\...\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" [x]
HKU\Jack\...\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\Jack\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\Jack\...\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent [1242448 2011-08-02] (Valve Corporation)
HKU\Jack\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\Mcx1\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]
HKU\Mcx1\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\Mcx1\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\Mcx1\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [173056 2009-04-10] (Microsoft Corporation)
HKU\tracey\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-24] (TOSHIBA)
HKU\tracey\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\tracey\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\tracey\...\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all [x]
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL

================================ Services (Whitelisted) ==================

2 AgereModemAudio; C:\Windows\system32\agrsmsvc.exe [9216 2006-10-05] (Agere Systems)
2 Automatic LiveUpdate Scheduler; "C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe" [238968 2008-02-21] (Symantec Corporation)
2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [44768 2011-11-28] (AVAST Software)
2 AVGIDSAgent; "C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe" [4433248 2011-10-11] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files\AVG\AVG2012\avgwdsvc.exe" [192776 2011-08-01] (AVG Technologies CZ, s.r.o.)
2 ccEvtMgr; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [149352 2008-10-17] (Symantec Corporation)
2 ccSetMgr; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [149352 2008-10-17] (Symantec Corporation)
2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [149352 2008-10-17] (Symantec Corporation)
3 comHost; "C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe" [55640 2007-08-22] (Symantec Corporation)
2 ConfigFree Service; "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe" [40960 2008-04-16] (TOSHIBA CORPORATION)
3 GoogleDesktopManager-051210-111108; "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [30192 2010-07-06] (Google)
2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [135664 2010-04-04] (Google Inc.)
3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [135664 2010-04-04] (Google Inc.)
2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe [308656 2010-09-13] (Eastman Kodak Company)
2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net)
3 LiveUpdate; "C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE" [3220856 2008-09-05] (Symantec Corporation)
2 LiveUpdate Notice; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [149352 2008-10-17] (Symantec Corporation)
2 RapportMgmtService; "C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe" [931640 2012-03-11] (Trusteer Ltd.)
3 ServiceLayer; "C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe" [651776 2009-09-17] (Nokia)
3 SmartFaceVWatchSrv; "C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe" [73728 2008-04-24] (Toshiba)
3 Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [1245064 2008-12-25] ()
2 TempoMonitoringService; "C:\Program Files\Toshiba TEMPRO\TempoSVC.exe" [99720 2008-04-24] (Toshiba Europe GmbH)
2 TNaviSrv; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312 2008-07-18] (TOSHIBA Corporation)
2 TODDSrv; C:\Windows\system32\TODDSrv.exe [129632 2007-11-21] (TOSHIBA Corporation)
2 TosCoSrv; "C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe" [431456 2008-01-17] (TOSHIBA Corporation)
2 TOSHIBA SMART Log Service; "C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe" [126976 2007-12-03] (TOSHIBA Corporation)
2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
2 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [x]

========================== Drivers (Whitelisted) =============

3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1161888 2006-11-28] (Agere Systems)
2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20568 2011-11-28] (AVAST Software)
2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [55128 2011-11-28] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [34392 2011-11-28] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [435032 2011-11-28] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [314456 2011-11-28] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [52952 2011-11-28] (AVAST Software)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134736 2011-07-10] (AVG Technologies CZ, s.r.o. )
0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [23120 2011-07-10] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24272 2011-07-10] (AVG Technologies CZ, s.r.o. )
3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [16720 2011-10-03] (AVG Technologies CZ, s.r.o. )
1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [230608 2011-10-06] (AVG Technologies CZ, s.r.o.)
1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [40016 2011-08-07] (AVG Technologies CZ, s.r.o.)
0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-09-12] (AVG Technologies CZ, s.r.o.)
1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [295248 2011-07-10] (AVG Technologies CZ, s.r.o.)
3 COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [23888 2008-07-30] (Symantec Corporation)
2 CO_Mon; \??\C:\Windows\system32\drivers\CO_Mon.sys [36056 2007-08-08] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [371248 2009-08-26] (Symantec Corporation)
3 FwLnk; C:\Windows\System32\DRIVERS\FwLnk.sys [7168 2006-11-20] (TOSHIBA Corporation)
1 IDSvix86; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20091217.001\IDSvix86.sys [286768 2009-11-19] (Symantec Corporation)
3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [112128 2008-06-20] (Intel(R) Corporation)
3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] ()
3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [81168 2011-01-01] (MotioninJoy)
3 motmodem; C:\Windows\System32\DRIVERS\motmodem.sys [23680 2007-06-18] (Motorola)
4 Mraid35x; C:\Windows\System32\drivers\mraid35x.sys [33384 2006-11-02] (LSI Logic Corporation)
3 NETw5v32; C:\Windows\System32\DRIVERS\NETw5v32.sys [3668480 2008-11-17] (Intel Corporation)
3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [18816 2008-08-26] (Nokia)
1 RapportCerberus_34302; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys [228208 2011-12-16] ()
1 RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [71440 2012-03-11] (Trusteer Ltd.)
3 RapportIaso; \??\c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys [21520 2012-03-11] (Trusteer Ltd.)
0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [56208 2012-03-11] (Trusteer Ltd.)
1 RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [164112 2012-03-11] (Trusteer Ltd.)
2 rimmptsk; C:\Windows\System32\DRIVERS\rimmptsk.sys [46592 2008-02-15] (REDC)
2 rimsptsk; C:\Windows\System32\DRIVERS\rimsptsk.sys [43008 2007-07-30] (REDC)
2 rismxdp; C:\Windows\System32\DRIVERS\rixdptsk.sys [38400 2007-07-30] (REDC)
3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [259176 2010-06-23] (Realtek                                            )
0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [51200 2006-03-26] (Protection Technology (StarForce))
0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2006-03-13] (Protection Technology (StarForce))
0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [50176 2006-03-24] (Protection Technology (StarForce))
4 SiSRaid2; C:\Windows\System32\drivers\sisraid2.sys [41016 2008-01-20] (Microsoft Corporation)
1 SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [447024 2008-09-05] (Symantec Corporation)
3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [279088 2008-01-31] (Symantec Corporation)
3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [317616 2008-01-31] (Symantec Corporation)
1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2008-01-31] (Symantec Corporation)
3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [13616 2009-02-19] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [124464 2009-01-09] (Symantec Corporation)
3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [96560 2009-02-19] (Symantec Corporation)
1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [24112 2009-02-19] (Symantec Corporation)
3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [41008 2009-02-19] (Symantec Corporation)
3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [22320 2009-02-19] (Symantec Corporation)
1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [184496 2009-02-19] (Symantec Corporation)
3 tdcmdpst; C:\Windows\System32\DRIVERS\tdcmdpst.sys [16128 2006-10-18] (TOSHIBA Corporation.)
3 tosrfec; C:\Windows\System32\DRIVERS\tosrfec.sys [9216 2006-10-23] (TOSHIBA Corporation)
0 tos_sps32; C:\Windows\System32\DRIVERS\tos_sps32.sys [279376 2008-07-18] (TOSHIBA Corporation)
0 TVALZ; C:\Windows\System32\DRIVERS\TVALZ_O.SYS [23640 2007-11-09] (TOSHIBA Corporation)
4 UlSata; C:\Windows\System32\drivers\ulsata.sys [98408 2006-11-02] (Promise Technology, Inc.)
4 ulsata2; C:\Windows\System32\drivers\ulsata2.sys [115816 2008-01-20] (Promise Technology, Inc.)
3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [61984 2010-08-19] (Microsoft Corporation)
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091225.036\NAVENG.SYS [x]
3 NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091225.036\NAVEX15.SYS [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
3 Tosrfcom;  [x]
3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [x]
3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [x]
3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [x]
2 WebCamDV; C:\Windows\System32\DRIVERS\WebCamDV.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-04-06 15:50 - 2012-04-06 15:50 - 0000000 ____D C:\FRST
2012-04-05 15:20 - 2012-04-05 15:20 - 0000000 __SHD C:\found.004
2012-04-05 13:54 - 2012-04-05 13:54 - 0000000 __SHD C:\found.003
2012-04-05 12:35 - 2012-04-05 12:35 - 0000000 __SHD C:\found.002
2012-04-02 19:16 - 2012-04-02 19:16 - 0000000 __SHD C:\found.001
2012-04-02 18:51 - 2012-04-02 18:51 - 0000000 __SHD C:\found.000
2012-04-02 11:09 - 2012-04-02 11:09 - 0143264 ____A C:\Windows\Minidump\Mini040212-02.dmp
2012-04-02 09:57 - 2012-04-02 09:57 - 0143264 ____A C:\Windows\Minidump\Mini040212-01.dmp
2012-03-31 07:44 - 2012-03-31 07:44 - 0143264 ____A C:\Windows\Minidump\Mini033112-03.dmp
2012-03-31 04:19 - 2012-03-31 04:20 - 0143264 ____A C:\Windows\Minidump\Mini033112-02.dmp
2012-03-31 02:35 - 2012-03-31 02:35 - 0143264 ____A C:\Windows\Minidump\Mini033112-01.dmp
2012-03-30 13:06 - 2012-03-30 13:06 - 0000000 ____D C:\Users\Jack\AppData\Roaming\Thinstall
2012-03-28 11:36 - 2012-03-28 11:51 - 128140398 ____A C:\Users\Jack\Desktop\PiFriRomRel.rar
2012-03-25 01:38 - 2012-03-25 01:38 - 0143264 ____A C:\Windows\Minidump\Mini032512-01.dmp
2012-03-21 06:12 - 2012-03-21 06:12 - 0000000 ____D C:\Users\tracey\AppData\Roaming\vlc
2012-03-20 14:45 - 2012-03-20 15:03 - 102534965 ____A C:\Users\Jack\Desktop\Stepdad - Ordinaire EP.zip
2012-03-20 14:16 - 2012-03-20 15:47 - 366741360 ____A C:\Users\tracey\Desktop\CSI.avi
2012-03-18 13:10 - 2012-03-18 13:30 - 0000000 ____D C:\Users\Jack\Desktop\GBA
2012-03-18 11:51 - 2012-03-18 11:51 - 0000000 ____D C:\Users\Jack\AppData\Local\Cranium
2012-03-18 11:40 - 2012-03-18 11:40 - 0000000 ____D C:\Users\Jack\AppData\Local\Cranium_Consulting_and_Cu
2012-03-18 10:55 - 2012-03-07 17:26 - 0000000 ____D C:\Users\Jack\Desktop\redsn0w_win_0.9.10b6
2012-03-18 07:56 - 2012-03-18 11:03 - 0000000 ____D C:\Users\Jack\AppData\Roaming\redsn0w
2012-03-14 01:25 - 2012-02-14 07:45 - 0219648 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-03-14 01:25 - 2012-02-14 07:45 - 0160768 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-03-14 01:25 - 2012-02-13 06:12 - 1172480 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-03-14 01:25 - 2012-02-13 05:47 - 0683008 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-03-14 01:25 - 2012-02-13 05:44 - 1068544 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-03-14 01:25 - 2012-02-02 07:16 - 2044416 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-14 01:25 - 2012-01-09 07:54 - 0613376 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2012-03-14 01:25 - 2012-01-09 05:58 - 0180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-03-12 14:27 - 2012-03-12 14:27 - 0160312 ____A C:\Users\Jack\Downloads\1331591026460.jpg
2012-03-11 13:34 - 2012-03-12 10:09 - 0000000 ____D C:\Users\Jack\Desktop\Osmosis_Jones.2001.DivX
2012-03-11 12:55 - 2012-03-11 13:30 - 0000000 ____D C:\Users\Jack\Desktop\Bastion
2012-03-11 05:48 - 2012-03-11 05:48 - 0056208 ____A (Trusteer Ltd.) C:\Windows\System32\Drivers\RapportKELL.sys
2012-03-09 10:21 - 2012-03-19 11:30 - 0000000 ____D C:\Users\Jack\dwhelper
2012-03-09 07:21 - 2012-03-09 07:21 - 0000940 ____A C:\Users\Jack\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2012-03-09 07:21 - 2012-03-09 07:21 - 0000000 ____D C:\Program Files\ASIO4ALL v2
2012-03-09 07:20 - 2012-03-13 11:01 - 0000000 ____D C:\Program Files\VstPlugins
2012-03-09 07:20 - 2012-03-09 07:20 - 0000000 ____D C:\Users\Jack\Documents\Image-Line
2012-03-09 07:20 - 2009-09-15 01:14 - 1554944 ____A (HMS http://hp.vector.co.jp/authors/VA012897/) C:\Windows\System32\vorbis.acm
2012-03-09 07:20 - 2006-06-20 00:56 - 0225280 ____A (Propellerhead Software AB) C:\Windows\System32\rewire.dll
2012-03-09 07:19 - 2012-03-09 07:19 - 0000000 ____D C:\Program Files\Outsim
2012-03-09 07:15 - 2012-03-09 07:20 - 0000000 ____D C:\Program Files\Image-Line
2012-03-08 14:43 - 2012-03-21 14:57 - 0000000 ____D C:\Users\Jack\Desktop\iPod Photo Cache
2012-03-08 08:17 - 2012-03-08 08:17 - 0000000 ____D C:\Program Files\iPod
2012-03-08 07:23 - 2012-03-08 07:23 - 0000000 ____D C:\Users\Jack\Desktop\Kingston

============ 3 Months Modified Files and Folders ===============

2012-04-06 15:50 - 2012-04-06 15:50 - 0000000 ____D C:\FRST
2012-04-06 04:55 - 2010-04-04 12:39 - 0000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-04-06 04:54 - 2006-11-02 05:01 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-04-06 04:54 - 2006-11-02 04:47 - 0003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-04-06 04:54 - 2006-11-02 04:47 - 0003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-06 04:52 - 2008-12-20 09:05 - 3082813440 __ASH C:\hiberfil.sys
2012-04-05 15:20 - 2012-04-05 15:20 - 0000000 __SHD C:\found.004
2012-04-05 13:54 - 2012-04-05 13:54 - 0000000 __SHD C:\found.003
2012-04-05 12:35 - 2012-04-05 12:35 - 0000000 __SHD C:\found.002
2012-04-05 06:33 - 2010-05-06 07:54 - 0000000 ____D C:\Users\All Users\Kodak
2012-04-05 06:33 - 2010-05-06 07:54 - 0000000 ____D C:\ProgramData\Kodak
2012-04-02 19:16 - 2012-04-02 19:16 - 0000000 __SHD C:\found.001
2012-04-02 18:51 - 2012-04-02 18:51 - 0000000 __SHD C:\found.000
2012-04-02 11:12 - 2006-11-02 05:01 - 0032622 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-04-02 11:10 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\System32\LogFiles
2012-04-02 11:09 - 2012-04-02 11:09 - 0143264 ____A C:\Windows\Minidump\Mini040212-02.dmp
2012-04-02 11:09 - 2010-05-21 07:30 - 339781820 ____A C:\Windows\MEMORY.DMP
2012-04-02 11:09 - 2010-05-21 07:30 - 0000000 ____D C:\Windows\Minidump
2012-04-02 09:57 - 2012-04-02 09:57 - 0143264 ____A C:\Windows\Minidump\Mini040212-01.dmp
2012-03-31 07:44 - 2012-03-31 07:44 - 0143264 ____A C:\Windows\Minidump\Mini033112-03.dmp
2012-03-31 04:20 - 2012-03-31 04:19 - 0143264 ____A C:\Windows\Minidump\Mini033112-02.dmp
2012-03-31 02:35 - 2012-03-31 02:35 - 0143264 ____A C:\Windows\Minidump\Mini033112-01.dmp
2012-03-31 01:00 - 2011-10-23 04:53 - 0000000 ____D C:\Windows\System32\Drivers\AVG
2012-03-31 01:00 - 2011-07-08 05:33 - 0000000 ____D C:\Program Files\Steam
2012-03-31 01:00 - 2010-08-18 01:26 - 0000000 ____D C:\Users\Jack\AppData\Roaming\uTorrent
2012-03-31 00:59 - 2009-05-24 10:07 - 0000000 ____D C:\Users\Jack\Tracing
2012-03-31 00:59 - 2008-12-20 09:07 - 2075544 ____A C:\Windows\WindowsUpdate.log
2012-03-31 00:58 - 2008-12-25 02:00 - 0001833 ____A C:\Users\Jack\Start Menu\Programs\Startup\TRDCReminder.lnk
2012-03-31 00:58 - 2008-12-25 02:00 - 0001833 ____A C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
2012-03-31 00:57 - 2010-04-04 12:39 - 0000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-03-30 22:37 - 2006-11-02 02:33 - 0703388 ____A C:\Windows\System32\PerfStringBackup.INI
2012-03-30 22:33 - 2008-12-20 09:27 - 0001833 ____A C:\Users\tracey\Start Menu\Programs\Startup\TRDCReminder.lnk
2012-03-30 22:33 - 2008-12-20 09:27 - 0001833 ____A C:\Users\tracey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
2012-03-30 13:06 - 2012-03-30 13:06 - 0000000 ____D C:\Users\Jack\AppData\Roaming\Thinstall
2012-03-30 11:49 - 2011-10-12 09:17 - 0000000 ____D C:\Users\All Users\MFAData
2012-03-30 11:49 - 2011-10-12 09:17 - 0000000 ____D C:\ProgramData\MFAData
2012-03-28 11:51 - 2012-03-28 11:36 - 128140398 ____A C:\Users\Jack\Desktop\PiFriRomRel.rar
2012-03-26 12:58 - 2008-12-28 06:50 - 0149504 ____A C:\Users\Jack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-25 11:52 - 2009-07-23 05:01 - 0000556 ____A C:\Windows\Tasks\Norton Security Scan for Jack.job
2012-03-25 01:38 - 2012-03-25 01:38 - 0143264 ____A C:\Windows\Minidump\Mini032512-01.dmp
2012-03-24 10:57 - 2011-06-28 12:42 - 0014798 ____A C:\Users\Jack\Desktop\AA.txt
2012-03-21 14:57 - 2012-03-08 14:43 - 0000000 ____D C:\Users\Jack\Desktop\iPod Photo Cache
2012-03-21 08:13 - 2011-07-08 05:34 - 0000000 ____D C:\Program Files\Common Files\Steam
2012-03-21 06:12 - 2012-03-21 06:12 - 0000000 ____D C:\Users\tracey\AppData\Roaming\vlc
2012-03-21 01:18 - 2008-12-25 12:53 - 0012800 ____A C:\Users\tracey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-20 15:49 - 2011-02-28 07:57 - 0000000 ____D C:\Users\Jack\Desktop\III
2012-03-20 15:47 - 2012-03-20 14:16 - 366741360 ____A C:\Users\tracey\Desktop\CSI.avi
2012-03-20 15:42 - 2011-11-11 12:45 - 0000000 ____D C:\Users\Jack\AppData\Roaming\Spotify
2012-03-20 15:03 - 2012-03-20 14:45 - 102534965 ____A C:\Users\Jack\Desktop\Stepdad - Ordinaire EP.zip
2012-03-20 14:57 - 2011-11-11 12:45 - 0000000 ____D C:\Users\Jack\AppData\Local\Spotify
2012-03-19 11:30 - 2012-03-09 10:21 - 0000000 ____D C:\Users\Jack\dwhelper
2012-03-19 04:04 - 2009-09-15 07:06 - 0000000 ____D C:\Users\Public\Documents\Symantec
2012-03-19 02:37 - 2010-06-13 07:38 - 0089884 ____A C:\Users\tracey\AppData\Local\installer.log
2012-03-18 13:58 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\LiveKernelReports
2012-03-18 13:30 - 2012-03-18 13:10 - 0000000 ____D C:\Users\Jack\Desktop\GBA
2012-03-18 11:51 - 2012-03-18 11:51 - 0000000 ____D C:\Users\Jack\AppData\Local\Cranium
2012-03-18 11:40 - 2012-03-18 11:40 - 0000000 ____D C:\Users\Jack\AppData\Local\Cranium_Consulting_and_Cu
2012-03-18 11:03 - 2012-03-18 07:56 - 0000000 ____D C:\Users\Jack\AppData\Roaming\redsn0w
2012-03-18 02:11 - 2008-12-25 01:44 - 0000000 ____D C:\Program Files\Mozilla Firefox
2012-03-16 11:09 - 2009-05-31 04:06 - 0000680 ____A C:\Users\Jack\AppData\Local\d3d9caps.dat
2012-03-15 09:11 - 2012-02-25 11:18 - 0000000 ____D C:\Users\Jack\Desktop\iPhone Wallpapers
2012-03-15 07:20 - 2006-11-02 04:47 - 0326952 ____A C:\Windows\System32\FNTCACHE.DAT
2012-03-14 23:24 - 2006-11-02 02:24 - 54215544 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-03-14 01:13 - 2008-01-20 18:47 - 0122676 ____A C:\Windows\PFRO.log
2012-03-13 11:01 - 2012-03-09 07:20 - 0000000 ____D C:\Program Files\VstPlugins
2012-03-12 14:27 - 2012-03-12 14:27 - 0160312 ____A C:\Users\Jack\Downloads\1331591026460.jpg
2012-03-12 10:09 - 2012-03-11 13:34 - 0000000 ____D C:\Users\Jack\Desktop\Osmosis_Jones.2001.DivX
2012-03-12 07:41 - 2010-04-03 00:30 - 0000000 ____D C:\Users\tracey\Desktop\work
2012-03-11 13:30 - 2012-03-11 12:55 - 0000000 ____D C:\Users\Jack\Desktop\Bastion
2012-03-11 05:48 - 2012-03-11 05:48 - 0056208 ____A (Trusteer Ltd.) C:\Windows\System32\Drivers\RapportKELL.sys
2012-03-09 10:21 - 2008-12-25 02:00 - 0000000 ____D C:\users\Jack
2012-03-09 07:21 - 2012-03-09 07:21 - 0000940 ____A C:\Users\Jack\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2012-03-09 07:21 - 2012-03-09 07:21 - 0000000 ____D C:\Program Files\ASIO4ALL v2
2012-03-09 07:20 - 2012-03-09 07:20 - 0000000 ____D C:\Users\Jack\Documents\Image-Line
2012-03-09 07:20 - 2012-03-09 07:15 - 0000000 ____D C:\Program Files\Image-Line
2012-03-09 07:19 - 2012-03-09 07:19 - 0000000 ____D C:\Program Files\Outsim
2012-03-09 07:12 - 2012-02-23 14:34 - 0000000 ____D C:\Users\Jack\Desktop\Image Line FL Studio XXL Signature Bundle Complete v10.0.8
2012-03-08 08:19 - 2008-12-25 01:56 - 0000000 ____D C:\Program Files\iTunes
2012-03-08 08:17 - 2012-03-08 08:17 - 0000000 ____D C:\Program Files\iPod
2012-03-08 08:17 - 2008-12-25 01:54 - 0000000 ____D C:\Program Files\Common Files\Apple
2012-03-08 07:23 - 2012-03-08 07:23 - 0000000 ____D C:\Users\Jack\Desktop\Kingston
2012-03-08 07:22 - 2006-11-02 04:52 - 0098324 ____A C:\Windows\setupact.log
2012-03-07 17:26 - 2012-03-18 10:55 - 0000000 ____D C:\Users\Jack\Desktop\redsn0w_win_0.9.10b6
2012-03-07 08:10 - 2011-12-04 08:09 - 0000000 ____D C:\Users\Jack\Desktop\VLC Snaps
2012-03-07 01:20 - 2010-09-10 08:04 - 0000000 ____D C:\Program Files\uTorrent
2012-03-03 14:19 - 2012-03-03 14:19 - 0000000 ____D C:\Users\Jack\AppData\Roaming\LOVE
2012-03-03 14:17 - 2012-03-03 14:18 - 0770384 ____A (Microsoft Corporation) C:\Windows\System32\MSVCR100.dll
2012-03-02 09:45 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\Microsoft.NET
2012-02-26 13:34 - 2012-02-26 13:28 - 0000000 ____D C:\Users\Jack\Desktop\Joanna_Newsom_Discography-kN
2012-02-22 02:16 - 2008-07-01 07:16 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-02-22 02:16 - 2008-07-01 07:16 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-02-22 02:11 - 2006-11-02 03:18 - 0000000 ____D C:\Program Files\Common Files\microsoft shared
2012-02-21 09:10 - 2011-05-18 06:24 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-02-20 00:59 - 2012-02-20 00:59 - 0263064 ____A C:\Users\tracey\Desktop\Image.jpg
2012-02-19 10:38 - 2012-02-19 08:22 - 0000000 ____D C:\Users\Jack\Desktop\aphex twin
2012-02-16 03:11 - 2009-05-23 11:21 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2012-02-15 03:01 - 2012-02-15 03:01 - 4547944 ____A (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2012-02-15 03:01 - 2012-02-15 03:01 - 0043520 ____A (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl.sys
2012-02-14 07:45 - 2012-03-14 01:25 - 0219648 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-02-14 07:45 - 2012-03-14 01:25 - 0160768 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-02-13 06:12 - 2012-03-14 01:25 - 1172480 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-02-13 05:47 - 2012-03-14 01:25 - 0683008 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-02-13 05:44 - 2012-03-14 01:25 - 1068544 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-05 06:26 - 2009-05-28 06:27 - 0000276 ____A C:\Users\tracey\AppData\Roaming\wklnhst.dat
2012-02-03 02:12 - 2010-12-02 06:45 - 0000000 ____D C:\Users\tracey\Desktop\2010-12-02 snow 2010
2012-02-02 07:16 - 2012-03-14 01:25 - 2044416 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-01-09 23:47 - 2012-01-09 23:47 - 0143264 ____A C:\Windows\Minidump\Mini011012-01.dmp
2012-01-09 07:54 - 2012-03-14 01:25 - 0613376 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2012-01-09 05:58 - 2012-03-14 01:25 - 0180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys


========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ====================== 

Percentage of memory in use: 18%
Total physical RAM: 2939.26 MB
Available physical RAM: 2392.17 MB
Total Pagefile: 2654.21 MB
Available Pagefile: 2494.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.32 MB

======================= Partitions =========================

1 Drive c: (Vista) (Fixed) (Total:148.89 GB) (Free:0.41 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
2 Drive d: (WinRE) (Fixed) (Total:1.46 GB) (Free:1.23 GB) NTFS
3 Drive e: (Data) (Fixed) (Total:147.73 GB) (Free:142.3 GB) NTFS
5 Drive g: (JARK) (Removable) (Total:0.49 GB) (Free:0.49 GB) FAT
6 Drive h: () (Removable) (Total:0.12 GB) (Free:0.06 GB) FAT
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

  Disk ###  Status      Size     Free     Dyn  Gpt
  --------  ----------  -------  -------  ---  ---
  Disk 0    Online       298 GB      0 B         
  Disk 1    Online       498 MB      0 B         
  Disk 2    Online       120 MB      0 B         

Partitions of Disk 0:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary           1500 MB  1024 KB
  Partition 2    Primary            149 GB  1501 MB
  Partition 3    Primary            148 GB   150 GB

======================================================================================================

Disk: 0
Partition 1
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     D   WinRE        NTFS   Partition   1500 MB  Healthy            

======================================================================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     C   Vista        NTFS   Partition    149 GB  Healthy            

======================================================================================================

Disk: 0
Partition 3
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     E   Data         NTFS   Partition    148 GB  Healthy            

======================================================================================================

Partitions of Disk 1:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
* Partition 1    Primary            498 MB      0 B

======================================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

======================================================================================================

Partitions of Disk 2:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
* Partition 1    Primary            120 MB      0 B

======================================================================================================

Disk: 2
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

======================================================================================================

==========================================================

Last Boot: 2012-03-30 22:37

======================= End Of Log ==========================

Edited by jarrkk, 06 April 2012 - 12:23 PM.


#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,689 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:22 PM

Posted 06 April 2012 - 01:20 PM

I concur with your decision. The computer does not show software issues, however, it seems it has recovered the registry at least 37 times. It is time to an overhaul. The only concern will be the integrity of the hard drive as I see a few chkdsk log folders. In your position I will run CHKDSK C: /F at the Repair Console's Command prompt to find out if there are bad clusters or sectors in the hard drive prior to the recovery.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,689 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:22 PM

Posted 20 April 2012 - 03:17 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users