Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

S.M.A.RT. Check Virus - NO internet connection


  • This topic is locked This topic is locked
28 replies to this topic

#1 QuietWarriorAtl

QuietWarriorAtl

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 18 November 2012 - 06:36 PM

I got the smart check or smart hdd virus on my computer on this past Friday.
There were several pop ups and the disappearance of many of my desktop icons.
It was also able to keep me from getting online. I thought I had removed the
virus after following steps from this site. My icons and programs where back
but I am still unable to connect to the internet. Maybe I wasnt able to removed
of the virus. Could someone please help me!

Here are logs from Farbar Service Scanner and MiniToolBox


=================================



Farbar Service Scanner


Farbar Service Scanner Version: 09-11-2012
Ran by Terry (administrator) on 18-11-2012 at 17:13:01
Running from "C:\"
Windows 7 Home Premium (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error.
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error.
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****







--------------------------------------------------








MiniToolBox

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Terry (administrator) on 18-11-2012 at 17:06:25
Windows 7 Home Premium (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Hardware not present)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Terry-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 54-42-49-30-26-55
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.ga.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...54 42 49 30 26 55 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/18/2012 02:59:36 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (11/18/2012 02:56:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: IEFRAME.dll, version: 9.0.8112.16440, time stamp: 0x4eb319a7
Exception code: 0xc00000fd
Fault offset: 0x0000dd98
Faulting process id: 0xca4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/18/2012 02:56:42 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: IEFRAME.dll, version: 9.0.8112.16440, time stamp: 0x4eb319a7
Exception code: 0xc00000fd
Fault offset: 0x0000dd98
Faulting process id: 0xe4c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/18/2012 02:56:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: IEFRAME.dll, version: 9.0.8112.16440, time stamp: 0x4eb319a7
Exception code: 0xc00000fd
Fault offset: 0x0000dd98
Faulting process id: 0xdec
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/18/2012 02:46:11 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (11/18/2012 02:46:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (11/18/2012 02:43:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (11/18/2012 02:43:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (11/18/2012 00:47:48 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.

Error: (11/18/2012 00:47:46 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.
.


System errors:
=============
Error: (11/18/2012 04:38:51 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (11/18/2012 04:38:51 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (11/18/2012 04:38:45 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (11/18/2012 04:38:39 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (11/18/2012 04:38:35 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
discache
eeCtrl
IDSVia64
spldr
SRTSPX
SymDS
SymEFA
SymIRON
SymNetS
Wanarpv6

Error: (11/18/2012 04:38:26 PM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1068

Error: (11/18/2012 04:38:10 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (11/18/2012 03:57:43 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (11/18/2012 03:02:11 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (11/18/2012 02:49:36 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BHDrvx64
IDSVia64
SRTSPX
SymDS
SymEFA
SymIRON
SymNetS


Microsoft Office Sessions:
=========================
Error: (11/18/2012 02:59:36 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (11/18/2012 02:56:47 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255dIEFRAME.dll9.0.8112.164404eb319a7c00000fd0000dd98ca401cdc5c6d6ddfb13C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\IEFRAME.dll151e1b44-31ba-11e2-97ee-544249302655

Error: (11/18/2012 02:56:42 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255dIEFRAME.dll9.0.8112.164404eb319a7c00000fd0000dd98e4c01cdc5c6d03a6491C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\IEFRAME.dll123e9210-31ba-11e2-97ee-544249302655

Error: (11/18/2012 02:56:29 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255dIEFRAME.dll9.0.8112.164404eb319a7c00000fd0000dd98dec01cdc5c6c9bce413C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\IEFRAME.dll0ab8d8d4-31ba-11e2-97ee-544249302655

Error: (11/18/2012 02:46:11 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.

Error: (11/18/2012 02:46:10 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.

Error: (11/18/2012 02:43:25 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.

Error: (11/18/2012 02:43:25 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.

Error: (11/18/2012 00:47:48 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.

Error: (11/18/2012 00:47:46 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
TraverseDir : Unable to FindFirstFile.

System Error:
Access is denied.


CodeIntegrity Errors:
===================================
Date: 2012-11-17 18:35:11.142
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-11-17 18:35:10.986
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-24 23:34:17.238
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-24 23:34:17.176
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Adobe After Effects CS5 (Version: 10)
Adobe After Effects CS5 Third Party Content (Version: 10)
Adobe After Effects CS5 Third Party Royalty Content (Version: 10)
Adobe AIR (Version: 3.1.0.4880)
Adobe Community Help (Version: 3.4.980)
Adobe Digital Editions
Adobe Download Assistant (Version: 1.0.2)
Adobe Dreamweaver CS5 (Version: 11.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Illustrator CS5.1 (Version: 15.1)
Adobe Media Player (Version: 1.8)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Photoshop Lightroom 2 64-bit (Version: 2)
Adobe Reader 9.3.2 (Version: 9.3.2)
Adobe Reader 9.4.6 (Version: 9.4.6)
Akamai NetSession Interface
Akamai NetSession Interface Service
Album Art Downloader XUI 0.44 (Version: 0.44)
Alps Pointing-device for VAIO
Amazon MP3 Downloader 1.0.10
AMD USB Filter Driver (Version: 1.0.15.94)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Application Manager for VAIO
ArcSoft WebCam Companion 3 (Version: 3.0.21.368)
ATI Catalyst Install Manager (Version: 3.0.765.0)
Audacity 1.3.13 (Unicode)
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Recorder 2.4
AVS Video ReMaker 4.0.2.126
AVS4YOU Software Navigator 1.4
Bing Bar (Version: 7.0.609.0)
Bonjour (Version: 3.0.0.10)
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.0
Canon MP640 series MP Drivers
Canon MP640 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0607.127.669)
Catalyst Control Center Graphics Full Existing (Version: 2010.0607.127.669)
Catalyst Control Center Graphics Full New (Version: 2010.0607.127.669)
Catalyst Control Center Graphics Light (Version: 2010.0607.127.669)
Catalyst Control Center Graphics Previews Common (Version: 2010.0607.127.669)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0607.127.669)
Catalyst Control Center InstallProxy (Version: 2010.0607.127.669)
Catalyst Control Center Localization All (Version: 2010.0607.127.669)
ccc-core-static (Version: 2010.0607.127.669)
ccc-utility64 (Version: 2010.0607.127.669)
CCC Help Chinese Standard (Version: 2010.0607.0126.669)
CCC Help Chinese Traditional (Version: 2010.0607.0126.669)
CCC Help Czech (Version: 2010.0607.0126.669)
CCC Help Danish (Version: 2010.0607.0126.669)
CCC Help Dutch (Version: 2010.0607.0126.669)
CCC Help English (Version: 2010.0607.0126.669)
CCC Help Finnish (Version: 2010.0607.0126.669)
CCC Help French (Version: 2010.0607.0126.669)
CCC Help German (Version: 2010.0607.0126.669)
CCC Help Greek (Version: 2010.0607.0126.669)
CCC Help Hungarian (Version: 2010.0607.0126.669)
CCC Help Italian (Version: 2010.0607.0126.669)
CCC Help Japanese (Version: 2010.0607.0126.669)
CCC Help Korean (Version: 2010.0607.0126.669)
CCC Help Norwegian (Version: 2010.0607.0126.669)
CCC Help Polish (Version: 2010.0607.0126.669)
CCC Help Portuguese (Version: 2010.0607.0126.669)
CCC Help Russian (Version: 2010.0607.0126.669)
CCC Help Spanish (Version: 2010.0607.0126.669)
CCC Help Swedish (Version: 2010.0607.0126.669)
CCC Help Thai (Version: 2010.0607.0126.669)
CCC Help Turkish (Version: 2010.0607.0126.669)
CCleaner (Version: 3.01)
Click to Disc MergeModules x64 (Version: 1.0.14230)
ConvertHelper 2.2
D3DX10 (Version: 15.4.2368.0902)
DVD Decrypter (Remove Only)
DVD Shrink 3.2
ESET Online Scanner v3
Evernote (Version: 3.5.2.1525)
FamilySearch Indexing 3.7.11 (Version: 3.7.11)
ffdshow v1.1.3785 [2011-03-23] (Version: 1.1.3785.0)
FFmpeg v0.6.2 for Audacity
GetFLV 9.0.6.0
GOM Player (Version: 2.1.43.5119)
Google Chrome (Version: 23.0.1271.64)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
iCloud (Version: 1.0.2.17)
iTunes (Version: 10.5.3.3)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
KeePass Password Safe 1.19b (Version: 1.19b)
LAME v3.99.3 (for Windows)
Maintenance Samsung CLP-320 Series
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Media Gallery (Version: 1.2.0.15040)
Media Gallery MergeModules x64 (Version: 1.0.14250)
Mega Manager (Version: 3.4.0.9)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP1 English (Version: 3.5.5692.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_CRT_x86 (Version: 1.00.0000)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MPEG2 Codec(libmpeg2/mad)
MSI_SPF_x64 (Version: 1.0.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Internet Security (Version: 18.1.0.37)
Oasis2Service 1.0 (Version: 1.0.0)
Octoshape add-in for Adobe Flash Player
OOBE (Version: 3.10.0630)
PDF Settings CS5 (Version: 10.0)
Photo Story 3 for Windows (Version: 3.0.1115.11)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PMB (Version: 5.1.02.03310)
PMB VAIO Edition Guide (Version: 1.1.00.14080)
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.1.00.15080)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (Version: 1.1.00.15040)
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.1.00.15080)
QuickTime (Version: 7.72.80.56)
RealPlayer
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6034)
Realtek High Definition Audio Driver (Version: 6.0.1.6069)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30116)
RealUpgrade 1.0 (Version: 1.0.0)
Safari (Version: 5.34.52.7)
Setting Utility Series (Version: 5.2.0.15250)
Skype™ 5.3 (Version: 5.3.120)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.6)
SmartWi Connection Utility (Version: 4.11.4.20100722.2739)
Sony Home Network Library (Version: 2.1.0.14240)
SpywareBlaster 4.4 (Version: 4.4.0)
Trapcode Particular (Version: 2.1.0)
TweetDeck (Version: 0.37.5)
Ulead VideoStudio 6
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
VAIO Care (Version: 6.2.2.07150)
VAIO Content Monitoring Settings (Version: 2.5.0.13220)
VAIO Control Center (Version: 4.2.0.15020)
VAIO Data Restore Tool (Version: 1.3.0.13150)
VAIO DVD Menu Data (Version: 2.1.00.13210)
VAIO Entertainment Platform (Version: 3.7.0.16080)
VAIO Event Service (Version: 5.2.0.15020)
VAIO Gate (Version: 2.2.0.06080)
VAIO Gate Default (Version: 2.2.0.07020)
VAIO Hardware Diagnostics (Version: 3.9.1)
VAIO Help and Support (Version: 12.00.0622)
VAIO Manual (Version: 1.0.0.03290)
VAIO Media plus (Version: 2.1.0.15040)
VAIO Media plus Opening Movie (Version: 2.1.0.14080)
VAIO Messenger (Version: 2.0.291.0)
VAIO Movie Story MergeModules x64 (Version: 1.0.14240)
VAIO Movie Story Template Data (Version: 2.1.00.14040)
VAIO Original Function Settings (Version: 2.1.0.13120)
VAIO Power Management (Version: 5.1.0.15250)
VAIO Sample Contents (Version: 1.2.0.16080)
VAIO Survey (Version: 6.00.1028)
VAIO Transfer Support (Version: 1.1.1.13070)
VAIO Update (Version: 5.2.0.05310)
VAIO Wallpaper Contents (Version: 2.1.0.14090)
Vegas Pro 12.0 (64-bit) (Version: 12.0.394)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.10 (Version: 1.1.10)
VMp MergeModule x64 (Version: 1.0.0)
WIDCOMM Bluetooth Software (Version: 6.2.1.500)
Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) (Version: 09/09/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
WinPatrol (Version: 20.5.2011.0)
WinRAR archiver
Yahoo! Install Manager
YTD Toolbar v6.5 (Version: 6.5)
YTD YouTube Downloader & Converter 3.7

========================= Devices: ================================

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Atheros AR9285 Wireless Network Adapter
Description: Atheros AR9285 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 2810.9 MB
Available physical RAM: 2169.55 MB
Total Pagefile: 5619.94 MB
Available Pagefile: 5000.41 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.04 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:288.59 GB) (Free:5.18 GB) NTFS
3 Drive f: (My Passport) (Fixed) (Total:298.01 GB) (Free:74.19 GB) FAT32

========================= Users: ========================================

User accounts for \\TERRY-VAIO

Administrator boinc_master boinc_project
Guest Paulette Terry

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

Edited by QuietWarriorAtl, 18 November 2012 - 07:30 PM.


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:54 AM

Posted 19 November 2012 - 05:24 AM

Hello QuietWarriorAtl,

Welcome to the forum.

Please refrain from making any changes to the system unless you decide you can do the rest on your own. Thank you.

The tools are run in Safe Mode with networking. But they still show the problem areas. We will run them again in normal mode later on after checking for infection.

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#3 QuietWarriorAtl

QuietWarriorAtl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 19 November 2012 - 12:04 PM

I dont have an installation disc to go with my laptop.

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:54 AM

Posted 19 November 2012 - 12:08 PM

Please read the instruction fully.

#5 QuietWarriorAtl

QuietWarriorAtl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 19 November 2012 - 01:07 PM

Thanks. I followed the instructions but for some reason when I click add reply after
coping and pasting the log, it sends me to "the connection was reset" error. I will keep trying though.

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:54 AM

Posted 19 November 2012 - 01:12 PM

You may attach the log instead of copy and paste. :thumbup2:

#7 QuietWarriorAtl

QuietWarriorAtl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 19 November 2012 - 01:13 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2012
Ran by SYSTEM at 19-11-2012 12:41:08
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet002

==================== Registry (Whitelisted) ===================

HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot [202256 2011-01-02] (RealNetworks, Inc.)
HKLM-x32\...\Run: [] [x]
HKU\Paulette\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-08-18] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{37026458-AE80-4DB9-B16D-424E3595298C}: [NameServer]156.154.70.22,156.154.71.22

==================== Services (Whitelisted) ===================

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2012-07-11] (SUPERAntiSpyware.com)
3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [108904 2012-11-18] (SurfRight B.V.)
2 McciCMService64; "C:\Program Files\Common Files\Motive\McciCMService.exe" [517632 2010-05-04] (Alcatel-Lucent)
2 Oasis2Service; "C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" [47104 2011-02-15] ()
2 SampleCollector; "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=2000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata" [252416 2010-05-25] (Sony Corporation)
3 SpfService; "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe" [302448 2010-02-08] (Sony Corporation)
3 VAIO Entertainment TV Device Arbitration Service; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe" [69632 2010-04-08] (Sony Corporation)
3 VUAgent; "C:\Program Files\Sony\VAIO Update 5\VUAgent.exe" [1250160 2010-05-31] (Sony Corporation)
2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\diMaster.dll" /prefetch:1 [x]
3 Partner Service; "C:\ProgramData\Partner\Partner.exe" [x]

==================== Drivers (Whitelisted) =====================

1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20101123.003\BHDrvx64.sys [953904 2010-11-23] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2010-12-17] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [132656 2010-12-17] (Symantec Corporation)
3 pfc; C:\Windows\SysWow64\Drivers\pfc.sys [9856 2002-11-11] (Padus, Inc.)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174640 2010-12-17] (Symantec Corporation)
3 87214041; [x]
3 catchme; \??\C:\ComboFix\catchme.sys [x]
2 IAStorDataMgrSvc; [x]
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110107.002\IDSvia64.sys [x]
3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]
3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x]
2 MSSQL$DDNI; [x]
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110109.003\ENG64.SYS [x]
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110109.003\EX64.SYS [x]
3 SRTSP; C:\Windows\System32\Drivers\NISx64\1201000.025\SRTSP64.SYS [x]
1 SRTSPX; C:\Windows\system32\drivers\NISx64\1201000.025\SRTSPX64.SYS [x]
0 SymDS; C:\Windows\System32\drivers\NISx64\1201000.025\SYMDS64.SYS [x]
0 SymEFA; C:\Windows\System32\drivers\NISx64\1201000.025\SYMEFA64.SYS [x]
1 SymIRON; C:\Windows\system32\drivers\NISx64\1201000.025\Ironx64.SYS [x]
1 SymNetS; C:\Windows\System32\Drivers\NISx64\1201000.025\SYMNETS.SYS [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-11-19 06:28 - 2012-11-19 06:29 - 00000000 ____D C:\Users\All Users\SUPERSetup
2012-11-18 21:19 - 2012-11-18 21:19 - 00001893 ____A C:\Users\Public\Desktop\HitmanPro.lnk
2012-11-18 21:19 - 2012-11-18 21:19 - 00000000 ____D C:\Program Files\HitmanPro
2012-11-18 21:18 - 2012-11-18 21:18 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-11-18 21:17 - 2003-05-07 10:29 - 09105176 ____A (SurfRight B.V.) C:\Users\Terry\Desktop\HitmanPro36_x64.exe
2012-11-18 21:01 - 2012-11-18 21:01 - 00001408 ____A C:\Users\Terry\Desktop\RKreport[5]_S_11192012_02d0001.txt
2012-11-18 21:01 - 2012-11-18 21:01 - 00001371 ____A C:\Users\Terry\Desktop\RKreport[4]_S_11192012_02d0001.txt
2012-11-18 20:56 - 2012-11-18 20:56 - 00001258 ____A C:\Users\Terry\Desktop\RKreport[3]_SC_11182012_02d2356.txt
2012-11-18 20:54 - 2012-11-18 20:54 - 00002067 ____A C:\Users\Terry\Desktop\RKreport[2]_D_11182012_02d2354.txt
2012-11-18 20:48 - 2012-11-18 20:54 - 00000000 ____D C:\Users\Terry\Desktop\RK_Quarantine
2012-11-18 20:48 - 2012-11-18 20:48 - 00002062 ____A C:\Users\Terry\Desktop\RKreport[1]_S_11182012_02d2348.txt
2012-11-18 20:47 - 2003-05-07 10:02 - 00729088 ____A C:\Users\Terry\Desktop\RogueKiller.exe
2012-11-18 20:47 - 2003-05-07 10:02 - 00729088 ____A C:\RogueKiller.exe
2012-11-18 17:48 - 2012-11-18 17:48 - 00001808 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-11-18 17:48 - 2012-11-18 17:48 - 00000000 ____D C:\Users\Terry\AppData\Roaming\SUPERAntiSpyware.com
2012-11-18 17:48 - 2012-11-18 17:48 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-11-18 17:48 - 2012-11-18 17:48 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-11-18 17:47 - 2003-05-07 06:40 - 22062248 ____A (SUPERAntiSpyware.com) C:\Users\Terry\Desktop\SUPERAntiSpyware.exe
2012-11-18 17:06 - 2012-11-18 17:06 - 00161328 ____A C:\Users\Terry\Desktop\OTL.Txt
2012-11-18 17:06 - 2012-11-18 17:06 - 00055830 ____A C:\Users\Terry\Desktop\Extras.Txt
2012-11-18 16:40 - 2011-10-24 22:08 - 00584192 ____A (OldTimer Tools) C:\Users\Terry\Desktop\OTL.exe
2012-11-18 14:13 - 2012-11-18 14:13 - 00003164 ____A C:\FSS.txt
2012-11-18 13:54 - 2012-11-18 13:54 - 00001069 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-18 13:54 - 2012-11-18 13:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-18 13:54 - 2012-09-29 16:54 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-11-18 13:53 - 2003-05-07 03:01 - 10669952 ____A (Malwarebytes Corporation ) C:\mbam-setup-1.65.1.1000.exe
2012-11-18 13:34 - 2012-11-18 13:35 - 00002154 ____A C:\Users\Terry\Desktop\FSS.txt
2012-11-18 13:33 - 2003-05-07 02:48 - 00000111 ____A C:\Users\Terry\Desktop\fix.bat
2012-11-18 13:33 - 2003-05-07 02:48 - 00000111 ____A C:\fix.bat
2012-11-18 13:33 - 2003-05-07 02:23 - 00694235 ____A (Farbar) C:\Users\Terry\Desktop\FSS.exe
2012-11-18 13:33 - 2003-05-07 02:23 - 00694235 ____A (Farbar) C:\FSS.exe
2012-11-18 13:15 - 2012-11-18 13:16 - 00000050 ____A C:\bleepstatic.txt
2012-11-18 11:33 - 2012-11-18 11:36 - 00004422 ____A C:\Users\Terry\Desktop\unhide.txt
2012-11-18 10:13 - 2012-11-18 10:13 - 00023032 ____A C:\ComboFix.txt
2012-11-17 19:26 - 2012-11-18 12:07 - 00030599 ____A C:\Users\Terry\Desktop\Result.txt
2012-11-17 18:37 - 2012-11-19 08:58 - 00000952 ____A C:\Windows\setupact.log
2012-11-17 18:37 - 2012-11-18 11:48 - 00002124 ____A C:\Windows\PFRO.log
2012-11-17 18:37 - 2012-11-17 18:37 - 00000000 ____A C:\Windows\setuperr.log
2012-11-17 17:52 - 2003-05-06 23:54 - 05002404 ____R (Swearware) C:\Users\Terry\Desktop\ComboFix.exe
2012-11-17 17:47 - 2003-05-07 02:58 - 00001152 ____A C:\CFScript.txt.txt
2012-11-17 17:34 - 2012-11-17 17:35 - 00000048 ____A C:\Users\Terry\Desktop\infected with smart check bleeping computer.txt
2012-11-17 17:06 - 2012-11-17 17:06 - 00001789 ____A C:\aswMBR.txt
2012-11-17 17:06 - 2012-11-17 17:06 - 00000512 ____A C:\MBR.dat
2012-11-17 17:00 - 2003-05-07 01:28 - 04732416 ____A (AVAST Software) C:\aswMBR.exe
2012-11-17 17:00 - 2003-05-07 01:26 - 00050477 ____A C:\Users\Terry\Desktop\Defogger.exe
2012-11-17 17:00 - 2003-05-07 01:26 - 00050477 ____A C:\Defogger.exe
2012-11-17 17:00 - 2003-05-07 00:50 - 00399264 ____A (Bleeping Computer, LLC) C:\Users\Terry\Desktop\unhide.exe
2012-11-17 16:03 - 2012-11-18 14:06 - 00031923 ____A C:\Result.txt
2012-11-17 15:31 - 2012-11-02 09:04 - 00001038 ____A C:\Users\Public\Desktop\Vegas Pro 12.0 (64-bit).lnk
2012-11-17 15:31 - 2012-10-06 16:25 - 00000276 ____A C:\Users\Public\Desktop\SAMSUNG Dr.Printer.url
2012-11-17 15:31 - 2012-10-06 15:24 - 00001805 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2012-11-17 15:31 - 2012-08-10 06:04 - 00001145 ____A C:\Users\Public\Desktop\GOM Player.lnk
2012-11-17 15:31 - 2012-06-22 14:02 - 00001118 ____A C:\Users\Public\Desktop\YTD YouTube Downloader & Converter.lnk
2012-11-17 15:31 - 2012-03-02 16:30 - 00001743 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-11-17 15:31 - 2011-12-02 11:15 - 00002129 ____A C:\Users\Public\Desktop\Ulead VideoStudio 6.lnk
2012-11-17 15:31 - 2011-11-17 14:23 - 00002172 ____A C:\Users\Public\Desktop\Google Earth.lnk
2012-11-17 15:31 - 2011-10-24 16:40 - 00001974 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2012-11-17 15:31 - 2011-06-28 05:12 - 00000991 ____A C:\Users\Public\Desktop\Adobe Download Assistant.lnk
2012-11-17 15:31 - 2011-06-11 14:43 - 00001026 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-11-17 15:31 - 2011-06-01 15:00 - 00002404 ____A C:\Users\Public\Desktop\FamilySearch Indexing.lnk
2012-11-17 15:31 - 2011-03-21 16:45 - 00000841 ____A C:\Users\Public\Desktop\TweetDeck.lnk
2012-11-17 15:31 - 2011-01-31 13:41 - 00001932 ____A C:\Users\Public\Desktop\DVD Decrypter.lnk
2012-11-17 15:31 - 2011-01-22 09:17 - 00002053 ____A C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
2012-11-17 15:31 - 2011-01-22 09:17 - 00001999 ____A C:\Users\Public\Desktop\Canon Solution Menu.lnk
2012-11-17 15:31 - 2011-01-22 09:16 - 00002055 ____A C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk
2012-11-17 15:31 - 2011-01-22 09:15 - 00001804 ____A C:\Users\Public\Desktop\Canon My Printer.lnk
2012-11-17 15:31 - 2011-01-13 00:29 - 00002460 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk
2012-11-17 15:31 - 2011-01-02 08:43 - 00001224 ____A C:\Users\Public\Desktop\RealPlayer SP.lnk
2012-11-17 15:31 - 2010-12-18 18:47 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-11-17 15:31 - 2010-12-17 12:15 - 00002055 ____A C:\Users\Public\Desktop\Adobe Photoshop Lightroom 2 64-bit.lnk
2012-11-17 15:31 - 2010-08-18 21:35 - 00002255 ____A C:\Users\Public\Desktop\Internet Browser.lnk
2012-11-17 15:23 - 2012-11-18 10:13 - 00000000 ____D C:\Qoobox
2012-11-17 15:23 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-11-17 15:23 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-11-17 15:23 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-11-17 15:23 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-11-17 15:23 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-11-17 15:23 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-11-17 15:23 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-11-17 15:23 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-11-17 15:20 - 2012-11-17 15:20 - 00001455 ____A C:\Users\Terry\Documents\checkup.txt
2012-11-17 15:20 - 2012-11-17 15:20 - 00001455 ____A C:\checkup.txt
2012-11-17 15:10 - 2003-05-06 23:54 - 05002404 ____R (Swearware) C:\ComboFix.exe
2012-11-17 15:09 - 2003-05-06 23:47 - 00881833 ____A C:\SecurityCheck.exe
2012-11-17 13:55 - 2003-05-06 22:53 - 00752145 ____A (Farbar) C:\MiniToolBox.exe
2012-11-17 13:55 - 2003-05-06 22:50 - 02213976 ____A (Kaspersky Lab ZAO) C:\tdsskiller.exe
2012-11-17 13:54 - 2003-05-06 22:53 - 00752145 ____A (Farbar) C:\Users\Terry\Desktop\MiniToolBox.exe
2012-11-17 13:54 - 2003-05-06 22:50 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\Terry\Desktop\tdsskiller.exe
2012-11-17 06:55 - 2011-02-15 16:00 - 00721199 ____A C:\rkill.com
2012-11-17 06:55 - 2010-12-30 11:41 - 00388608 ____A (Trend Micro Inc.) C:\HijackThis.exe
2012-11-16 23:09 - 2012-11-16 23:09 - 00000298 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2423870981-4182641376-194303543-1005.job
2012-11-16 21:01 - 2012-11-16 21:11 - 00000053 ____A C:\Users\Terry\Desktop\anti malware software to download.txt
2012-11-16 20:29 - 2011-02-15 16:00 - 00721199 ____A C:\Users\Administrator\Desktop\rkill.com
2012-11-16 20:17 - 2012-11-16 20:17 - 00000294 ____A C:\Windows\Tasks\User_Feed_Synchronization-{FFD276B2-BE31-4BCD-92B0-42E0847A05F2}.job
2012-11-16 17:19 - 2011-02-15 16:00 - 00721199 ____A C:\Users\Terry\Desktop\rkill.com
2012-11-16 17:18 - 2012-11-16 17:24 - 00000000 ____D C:\Users\Terry\Desktop\New folder
2012-11-16 16:57 - 2009-07-13 17:39 - 00344576 ____A (Microsoft Corporation) C:\Users\Terry\Desktop\cmd.exe
2012-11-11 04:08 - 2012-11-11 04:08 - 00000000 ____D C:\Users\Guest.Terry-VAIO\AppData\Roaming\Google
2012-11-03 08:43 - 2012-11-03 08:09 - 999723015 ____A C:\Users\Guest.Terry-VAIO\Desktop\louise through the years photos.wmv
2012-11-03 06:32 - 2012-11-03 08:09 - 999723015 ____A C:\Users\Terry\Desktop\louise through the years photos.wmv
2012-11-03 06:31 - 2012-11-03 06:31 - 00011541 ____A C:\Users\Terry\Desktop\louise through the years photos.wlmp
2012-11-03 06:20 - 2012-11-03 06:20 - 00000000 ____D C:\Users\Terry\AppData\Local\{AB26241B-63CC-40EA-A040-3CFE2CDA5464}
2012-11-03 03:30 - 2012-11-03 03:30 - 04553700 ____A C:\Users\Terry\Desktop\louise siblings.wp3
2012-11-02 12:55 - 2012-11-03 06:01 - 00000000 ____D C:\Users\Terry\Desktop\Louise slideshow video clips
2012-11-02 09:40 - 2012-11-03 05:45 - 00033768 ____A C:\Users\Terry\Desktop\Louise photos over 80 years.veg
2012-11-02 09:40 - 2012-11-03 05:30 - 00032952 ____A C:\Users\Terry\Desktop\Louise photos over 80 years.veg.bak
2012-11-02 09:09 - 2012-11-02 09:09 - 00000000 ____D C:\Users\Terry\AppData\Roaming\Publish Providers
2012-11-02 09:03 - 2012-11-02 09:06 - 00000000 ____D C:\Users\Terry\AppData\Local\Sony
2012-11-02 09:03 - 2012-11-02 09:03 - 00000000 ____D C:\Users\All Users\Sony
2012-11-02 09:01 - 2012-11-02 09:09 - 00000000 ____D C:\Users\Terry\AppData\Roaming\Sony
2012-11-02 08:42 - 2012-11-02 08:46 - 229702272 ____A (Sony Creative Software Inc.) C:\Users\Terry\Downloads\vegaspro12.0.394.exe
2012-11-01 09:51 - 2012-11-01 09:51 - 00000000 ____D C:\Users\Terry\Desktop\[SquishDesigns] Trapcode Particular 2.1 For CS5
2012-11-01 08:57 - 2012-11-01 08:57 - 06368744 ____A C:\Users\Terry\Desktop\[SquishDesigns] Trapcode Particular 2.1 For CS5.zip
2012-11-01 05:02 - 2012-11-01 05:02 - 00000000 ____D C:\Users\Terry\Desktop\Template-1
2012-11-01 04:59 - 2012-11-01 04:59 - 01364791 ____A C:\Users\Terry\Desktop\Template-1.rar
2012-10-31 14:25 - 2012-11-02 19:10 - 00000000 ____D C:\Users\Terry\Desktop\Amanda Louise Slideshow Photos for 80th birthday
2012-10-27 17:01 - 2012-10-27 17:11 - 00000000 ___RD C:\Users\Terry\Desktop\Family Genealogy
2012-10-20 17:29 - 2012-10-20 17:29 - 00000000 ____D C:\Users\Terry\AppData\Local\PSU
2012-10-20 16:59 - 2012-10-20 16:59 - 00000000 ____D C:\Users\Terry\Downloads\bleep_happens
2012-10-20 16:59 - 2012-10-20 16:59 - 00000000 ____D C:\Users\Terry\Downloads\adine_kirnberg
2012-10-20 16:58 - 2012-10-20 16:58 - 00000000 ____D C:\Users\Terry\Downloads\quickier_demo
2012-10-20 16:58 - 2012-10-20 16:58 - 00000000 ____D C:\Users\Terry\Downloads\champignon
2012-10-20 16:57 - 2012-10-20 16:57 - 00000000 ____D C:\Users\Terry\Downloads\mardian_demo
2012-10-20 16:56 - 2012-10-20 16:56 - 00000000 ____D C:\Users\Terry\Downloads\scriptina
2012-10-20 16:55 - 2012-10-20 16:55 - 00000000 ____D C:\Users\Terry\Downloads\respective
2012-10-20 16:54 - 2012-10-20 16:54 - 00000000 ____D C:\Users\Terry\Downloads\mirella_script
2012-10-20 16:50 - 2012-10-20 16:50 - 00030698 ____A C:\Users\Terry\Downloads\adine_kirnberg.zip
2012-10-20 16:49 - 2012-10-20 16:49 - 00316424 ____A C:\Users\Terry\Downloads\bleep_happens.zip
2012-10-20 16:49 - 2012-10-20 16:49 - 00185318 ____A C:\Users\Terry\Downloads\quickier_demo.zip
2012-10-20 16:48 - 2012-10-20 16:48 - 01148626 ____A C:\Users\Terry\Downloads\mardian_demo.zip
2012-10-20 16:48 - 2012-10-20 16:48 - 00058728 ____A C:\Users\Terry\Downloads\scriptina.zip
2012-10-20 16:48 - 2012-10-20 16:48 - 00055903 ____A C:\Users\Terry\Downloads\champignon.zip
2012-10-20 16:47 - 2012-10-20 16:47 - 00564489 ____A C:\Users\Terry\Downloads\respective.zip
2012-10-20 16

Edited by QuietWarriorAtl, 19 November 2012 - 01:19 PM.


#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:54 AM

Posted 19 November 2012 - 01:19 PM

The log is incomplete. Please post the rest of the log from this line:

2012-10-20 16:47 - 2012-10-20 16:47 - 00564489 ____A C:\Users\Terry\Downloads\respective.zip


Edited by Farbar, 19 November 2012 - 01:21 PM.


#9 QuietWarriorAtl

QuietWarriorAtl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 19 November 2012 - 01:25 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2012
Ran by SYSTEM at 19-11-2012 12:41:08
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet002

==================== Registry (Whitelisted) ===================

HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot [202256 2011-01-02] (RealNetworks, Inc.)
HKLM-x32\...\Run: [] [x]
HKU\Paulette\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-08-18] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{37026458-AE80-4DB9-B16D-424E3595298C}: [NameServer]156.154.70.22,156.154.71.22

==================== Services (Whitelisted) ===================

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2012-07-11] (SUPERAntiSpyware.com)
3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [108904 2012-11-18] (SurfRight B.V.)
2 McciCMService64; "C:\Program Files\Common Files\Motive\McciCMService.exe" [517632 2010-05-04] (Alcatel-Lucent)
2 Oasis2Service; "C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe" [47104 2011-02-15] ()
2 SampleCollector; "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=2000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata" [252416 2010-05-25] (Sony Corporation)
3 SpfService; "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe" [302448 2010-02-08] (Sony Corporation)
3 VAIO Entertainment TV Device Arbitration Service; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe" [69632 2010-04-08] (Sony Corporation)
3 VUAgent; "C:\Program Files\Sony\VAIO Update 5\VUAgent.exe" [1250160 2010-05-31] (Sony Corporation)
2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\diMaster.dll" /prefetch:1 [x]
3 Partner Service; "C:\ProgramData\Partner\Partner.exe" [x]

Edited by QuietWarriorAtl, 19 November 2012 - 03:56 PM.


#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:54 AM

Posted 19 November 2012 - 01:45 PM

To see my reply you need to refresh (F5) the site page. The site doesn't automatically refreshes the page like when people chat.

Please either post the rest of the whole log until the end of the log or attach the FRST.txt to your reply.

If you don't know how to do things please ask.

#11 QuietWarriorAtl

QuietWarriorAtl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 19 November 2012 - 03:57 PM

==================== Drivers (Whitelisted) =====================

1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20101123.003\BHDrvx64.sys [953904 2010-11-23] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2010-12-17] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [132656 2010-12-17] (Symantec Corporation)
3 pfc; C:\Windows\SysWow64\Drivers\pfc.sys [9856 2002-11-11] (Padus, Inc.)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174640 2010-12-17] (Symantec Corporation)
3 87214041; [x]
3 catchme; \??\C:\ComboFix\catchme.sys [x]
2 IAStorDataMgrSvc; [x]
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110107.002\IDSvia64.sys [x]
3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]
3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x]
2 MSSQL$DDNI; [x]
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110109.003\ENG64.SYS [x]
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110109.003\EX64.SYS [x]
3 SRTSP; C:\Windows\System32\Drivers\NISx64\1201000.025\SRTSP64.SYS [x]
1 SRTSPX; C:\Windows\system32\drivers\NISx64\1201000.025\SRTSPX64.SYS [x]
0 SymDS; C:\Windows\System32\drivers\NISx64\1201000.025\SYMDS64.SYS [x]
0 SymEFA; C:\Windows\System32\drivers\NISx64\1201000.025\SYMEFA64.SYS [x]
1 SymIRON; C:\Windows\system32\drivers\NISx64\1201000.025\Ironx64.SYS [x]
1 SymNetS; C:\Windows\System32\Drivers\NISx64\1201000.025\SYMNETS.SYS [x]

#12 QuietWarriorAtl

QuietWarriorAtl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 19 November 2012 - 03:59 PM

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-11-19 06:28 - 2012-11-19 06:29 - 00000000 ____D C:\Users\All Users\SUPERSetup
2012-11-18 21:19 - 2012-11-18 21:19 - 00001893 ____A C:\Users\Public\Desktop\HitmanPro.lnk
2012-11-18 21:19 - 2012-11-18 21:19 - 00000000 ____D C:\Program Files\HitmanPro
2012-11-18 21:18 - 2012-11-18 21:18 - 00000000 ____D C:\Users\All Users\HitmanPro
2012-11-18 21:17 - 2003-05-07 10:29 - 09105176 ____A (SurfRight B.V.) C:\Users\Terry\Desktop\HitmanPro36_x64.exe
2012-11-18 21:01 - 2012-11-18 21:01 - 00001408 ____A C:\Users\Terry\Desktop\RKreport[5]_S_11192012_02d0001.txt
2012-11-18 21:01 - 2012-11-18 21:01 - 00001371 ____A C:\Users\Terry\Desktop\RKreport[4]_S_11192012_02d0001.txt
2012-11-18 20:56 - 2012-11-18 20:56 - 00001258 ____A C:\Users\Terry\Desktop\RKreport[3]_SC_11182012_02d2356.txt
2012-11-18 20:54 - 2012-11-18 20:54 - 00002067 ____A C:\Users\Terry\Desktop\RKreport[2]_D_11182012_02d2354.txt
2012-11-18 20:48 - 2012-11-18 20:54 - 00000000 ____D C:\Users\Terry\Desktop\RK_Quarantine
2012-11-18 20:48 - 2012-11-18 20:48 - 00002062 ____A C:\Users\Terry\Desktop\RKreport[1]_S_11182012_02d2348.txt
2012-11-18 20:47 - 2003-05-07 10:02 - 00729088 ____A C:\Users\Terry\Desktop\RogueKiller.exe
2012-11-18 20:47 - 2003-05-07 10:02 - 00729088 ____A C:\RogueKiller.exe
2012-11-18 17:48 - 2012-11-18 17:48 - 00001808 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-11-18 17:48 - 2012-11-18 17:48 - 00000000 ____D C:\Users\Terry\AppData\Roaming\SUPERAntiSpyware.com
2012-11-18 17:48 - 2012-11-18 17:48 - 00000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-11-18 17:48 - 2012-11-18 17:48 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-11-18 17:47 - 2003-05-07 06:40 - 22062248 ____A (SUPERAntiSpyware.com) C:\Users\Terry\Desktop\SUPERAntiSpyware.exe
2012-11-18 17:06 - 2012-11-18 17:06 - 00161328 ____A C:\Users\Terry\Desktop\OTL.Txt
2012-11-18 17:06 - 2012-11-18 17:06 - 00055830 ____A C:\Users\Terry\Desktop\Extras.Txt
2012-11-18 16:40 - 2011-10-24 22:08 - 00584192 ____A (OldTimer Tools) C:\Users\Terry\Desktop\OTL.exe
2012-11-18 14:13 - 2012-11-18 14:13 - 00003164 ____A C:\FSS.txt
2012-11-18 13:54 - 2012-11-18 13:54 - 00001069 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-18 13:54 - 2012-11-18 13:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-18 13:54 - 2012-09-29 16:54 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-11-18 13:53 - 2003-05-07 03:01 - 10669952 ____A (Malwarebytes Corporation ) C:\mbam-setup-1.65.1.1000.exe
2012-11-18 13:34 - 2012-11-18 13:35 - 00002154 ____A C:\Users\Terry\Desktop\FSS.txt
2012-11-18 13:33 - 2003-05-07 02:48 - 00000111 ____A C:\Users\Terry\Desktop\fix.bat
2012-11-18 13:33 - 2003-05-07 02:48 - 00000111 ____A C:\fix.bat
2012-11-18 13:33 - 2003-05-07 02:23 - 00694235 ____A (Farbar) C:\Users\Terry\Desktop\FSS.exe
2012-11-18 13:33 - 2003-05-07 02:23 - 00694235 ____A (Farbar) C:\FSS.exe
2012-11-18 13:15 - 2012-11-18 13:16 - 00000050 ____A C:\bleepstatic.txt
2012-11-18 11:33 - 2012-11-18 11:36 - 00004422 ____A C:\Users\Terry\Desktop\unhide.txt
2012-11-18 10:13 - 2012-11-18 10:13 - 00023032 ____A C:\ComboFix.txt
2012-11-17 19:26 - 2012-11-18 12:07 - 00030599 ____A C:\Users\Terry\Desktop\Result.txt
2012-11-17 18:37 - 2012-11-19 08:58 - 00000952 ____A C:\Windows\setupact.log
2012-11-17 18:37 - 2012-11-18 11:48 - 00002124 ____A C:\Windows\PFRO.log
2012-11-17 18:37 - 2012-11-17 18:37 - 00000000 ____A C:\Windows\setuperr.log
2012-11-17 17:52 - 2003-05-06 23:54 - 05002404 ____R (Swearware) C:\Users\Terry\Desktop\ComboFix.exe
2012-11-17 17:47 - 2003-05-07 02:58 - 00001152 ____A C:\CFScript.txt.txt
2012-11-17 17:34 - 2012-11-17 17:35 - 00000048 ____A C:\Users\Terry\Desktop\infected with smart check bleeping computer.txt
2012-11-17 17:06 - 2012-11-17 17:06 - 00001789 ____A C:\aswMBR.txt
2012-11-17 17:06 - 2012-11-17 17:06 - 00000512 ____A C:\MBR.dat
2012-11-17 17:00 - 2003-05-07 01:28 - 04732416 ____A (AVAST Software) C:\aswMBR.exe
2012-11-17 17:00 - 2003-05-07 01:26 - 00050477 ____A C:\Users\Terry\Desktop\Defogger.exe
2012-11-17 17:00 - 2003-05-07 01:26 - 00050477 ____A C:\Defogger.exe
2012-11-17 17:00 - 2003-05-07 00:50 - 00399264 ____A (Bleeping Computer, LLC) C:\Users\Terry\Desktop\unhide.exe
2012-11-17 16:03 - 2012-11-18 14:06 - 00031923 ____A C:\Result.txt
2012-11-17 15:31 - 2012-11-02 09:04 - 00001038 ____A C:\Users\Public\Desktop\Vegas Pro 12.0 (64-bit).lnk
2012-11-17 15:31 - 2012-10-06 16:25 - 00000276 ____A C:\Users\Public\Desktop\SAMSUNG Dr.Printer.url
2012-11-17 15:31 - 2012-10-06 15:24 - 00001805 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2012-11-17 15:31 - 2012-08-10 06:04 - 00001145 ____A C:\Users\Public\Desktop\GOM Player.lnk
2012-11-17 15:31 - 2012-06-22 14:02 - 00001118 ____A C:\Users\Public\Desktop\YTD YouTube Downloader & Converter.lnk
2012-11-17 15:31 - 2012-03-02 16:30 - 00001743 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-11-17 15:31 - 2011-12-02 11:15 - 00002129 ____A C:\Users\Public\Desktop\Ulead VideoStudio 6.lnk
2012-11-17 15:31 - 2011-11-17 14:23 - 00002172 ____A C:\Users\Public\Desktop\Google Earth.lnk
2012-11-17 15:31 - 2011-10-24 16:40 - 00001974 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2012-11-17 15:31 - 2011-06-28 05:12 - 00000991 ____A C:\Users\Public\Desktop\Adobe Download Assistant.lnk
2012-11-17 15:31 - 2011-06-11 14:43 - 00001026 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-11-17 15:31 - 2011-06-01 15:00 - 00002404 ____A C:\Users\Public\Desktop\FamilySearch Indexing.lnk
2012-11-17 15:31 - 2011-03-21 16:45 - 00000841 ____A C:\Users\Public\Desktop\TweetDeck.lnk
2012-11-17 15:31 - 2011-01-31 13:41 - 00001932 ____A C:\Users\Public\Desktop\DVD Decrypter.lnk
2012-11-17 15:31 - 2011-01-22 09:17 - 00002053 ____A C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
2012-11-17 15:31 - 2011-01-22 09:17 - 00001999 ____A C:\Users\Public\Desktop\Canon Solution Menu.lnk
2012-11-17 15:31 - 2011-01-22 09:16 - 00002055 ____A C:\Users\Public\Desktop\Canon MP Navigator EX 3.0.lnk
2012-11-17 15:31 - 2011-01-22 09:15 - 00001804 ____A C:\Users\Public\Desktop\Canon My Printer.lnk
2012-11-17 15:31 - 2011-01-13 00:29 - 00002460 ____A C:\Users\Public\Desktop\Norton Internet Security.lnk
2012-11-17 15:31 - 2011-01-02 08:43 - 00001224 ____A C:\Users\Public\Desktop\RealPlayer SP.lnk
2012-11-17 15:31 - 2010-12-18 18:47 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-11-17 15:31 - 2010-12-17 12:15 - 00002055 ____A C:\Users\Public\Desktop\Adobe Photoshop Lightroom 2 64-bit.lnk
2012-11-17 15:31 - 2010-08-18 21:35 - 00002255 ____A C:\Users\Public\Desktop\Internet Browser.lnk
2012-11-17 15:23 - 2012-11-18 10:13 - 00000000 ____D C:\Qoobox
2012-11-17 15:23 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-11-17 15:23 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-11-17 15:23 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-11-17 15:23 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-11-17 15:23 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-11-17 15:23 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-11-17 15:23 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-11-17 15:23 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-11-17 15:20 - 2012-11-17 15:20 - 00001455 ____A C:\Users\Terry\Documents\checkup.txt
2012-11-17 15:20 - 2012-11-17 15:20 - 00001455 ____A C:\checkup.txt
2012-11-17 15:10 - 2003-05-06 23:54 - 05002404 ____R (Swearware) C:\ComboFix.exe
2012-11-17 15:09 - 2003-05-06 23:47 - 00881833 ____A C:\SecurityCheck.exe
2012-11-17 13:55 - 2003-05-06 22:53 - 00752145 ____A (Farbar) C:\MiniToolBox.exe
2012-11-17 13:55 - 2003-05-06 22:50 - 02213976 ____A (Kaspersky Lab ZAO) C:\tdsskiller.exe
2012-11-17 13:54 - 2003-05-06 22:53 - 00752145 ____A (Farbar) C:\Users\Terry\Desktop\MiniToolBox.exe
2012-11-17 13:54 - 2003-05-06 22:50 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\Terry\Desktop\tdsskiller.exe
2012-11-17 06:55 - 2011-02-15 16:00 - 00721199 ____A C:\rkill.com
2012-11-17 06:55 - 2010-12-30 11:41 - 00388608 ____A (Trend Micro Inc.) C:\HijackThis.exe
2012-11-16 23:09 - 2012-11-16 23:09 - 00000298 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2423870981-4182641376-194303543-1005.job
2012-11-16 21:01 - 2012-11-16 21:11 - 00000053 ____A C:\Users\Terry\Desktop\anti malware software to download.txt
2012-11-16 20:29 - 2011-02-15 16:00 - 00721199 ____A C:\Users\Administrator\Desktop\rkill.com
2012-11-16 20:17 - 2012-11-16 20:17 - 00000294 ____A C:\Windows\Tasks\User_Feed_Synchronization-{FFD276B2-BE31-4BCD-92B0-42E0847A05F2}.job
2012-11-16 17:19 - 2011-02-15 16:00 - 00721199 ____A C:\Users\Terry\Desktop\rkill.com
2012-11-16 17:18 - 2012-11-16 17:24 - 00000000 ____D C:\Users\Terry\Desktop\New folder
2012-11-16 16:57 - 2009-07-13 17:39 - 00344576 ____A (Microsoft Corporation) C:\Users\Terry\Desktop\cmd.exe
2012-11-11 04:08 - 2012-11-11 04:08 - 00000000 ____D C:\Users\Guest.Terry-VAIO\AppData\Roaming\Google
2012-11-03 08:43 - 2012-11-03 08:09 - 999723015 ____A C:\Users\Guest.Terry-VAIO\Desktop\louise through the years photos.wmv
2012-11-03 06:32 - 2012-11-03 08:09 - 999723015 ____A C:\Users\Terry\Desktop\louise through the years photos.wmv
2012-11-03 06:31 - 2012-11-03 06:31 - 00011541 ____A C:\Users\Terry\Desktop\louise through the years photos.wlmp
2012-11-03 06:20 - 2012-11-03 06:20 - 00000000 ____D C:\Users\Terry\AppData\Local\{AB26241B-63CC-40EA-A040-3CFE2CDA5464}
2012-11-03 03:30 - 2012-11-03 03:30 - 04553700 ____A C:\Users\Terry\Desktop\louise siblings.wp3
2012-11-02 12:55 - 2012-11-03 06:01 - 00000000 ____D C:\Users\Terry\Desktop\Louise slideshow video clips
2012-11-02 09:40 - 2012-11-03 05:45 - 00033768 ____A C:\Users\Terry\Desktop\Louise photos over 80 years.veg
2012-11-02 09:40 - 2012-11-03 05:30 - 00032952 ____A C:\Users\Terry\Desktop\Louise photos over 80 years.veg.bak
2012-11-02 09:09 - 2012-11-02 09:09 - 00000000 ____D C:\Users\Terry\AppData\Roaming\Publish Providers
2012-11-02 09:03 - 2012-11-02 09:06 - 00000000 ____D C:\Users\Terry\AppData\Local\Sony
2012-11-02 09:03 - 2012-11-02 09:03 - 00000000 ____D C:\Users\All Users\Sony
2012-11-02 09:01 - 2012-11-02 09:09 - 00000000 ____D C:\Users\Terry\AppData\Roaming\Sony
2012-11-02 08:42 - 2012-11-02 08:46 - 229702272 ____A (Sony Creative Software Inc.) C:\Users\Terry\Downloads\vegaspro12.0.394.exe
2012-11-01 09:51 - 2012-11-01 09:51 - 00000000 ____D C:\Users\Terry\Desktop\[SquishDesigns] Trapcode Particular 2.1 For CS5
2012-11-01 08:57 - 2012-11-01 08:57 - 06368744 ____A C:\Users\Terry\Desktop\[SquishDesigns] Trapcode Particular 2.1 For CS5.zip
2012-11-01 05:02 - 2012-11-01 05:02 - 00000000 ____D C:\Users\Terry\Desktop\Template-1
2012-11-01 04:59 - 2012-11-01 04:59 - 01364791 ____A C:\Users\Terry\Desktop\Template-1.rar
2012-10-31 14:25 - 2012-11-02 19:10 - 00000000 ____D C:\Users\Terry\Desktop\Amanda Louise Slideshow Photos for 80th birthday
2012-10-27 17:01 - 2012-10-27 17:11 - 00000000 ___RD C:\Users\Terry\Desktop\Family Genealogy
2012-10-20 17:29 - 2012-10-20 17:29 - 00000000 ____D C:\Users\Terry\AppData\Local\PSU
2012-10-20 16:59 - 2012-10-20 16:59 - 00000000 ____D C:\Users\Terry\Downloads\bleep_happens
2012-10-20 16:59 - 2012-10-20 16:59 - 00000000 ____D C:\Users\Terry\Downloads\adine_kirnberg
2012-10-20 16:58 - 2012-10-20 16:58 - 00000000 ____D C:\Users\Terry\Downloads\quickier_demo
2012-10-20 16:58 - 2012-10-20 16:58 - 00000000 ____D C:\Users\Terry\Downloads\champignon
2012-10-20 16:57 - 2012-10-20 16:57 - 00000000 ____D C:\Users\Terry\Downloads\mardian_demo
2012-10-20 16:56 - 2012-10-20 16:56 - 00000000 ____D C:\Users\Terry\Downloads\scriptina
2012-10-20 16:55 - 2012-10-20 16:55 - 00000000 ____D C:\Users\Terry\Downloads\respective
2012-10-20 16:54 - 2012-10-20 16:54 - 00000000 ____D C:\Users\Terry\Downloads\mirella_script
2012-10-20 16:50 - 2012-10-20 16:50 - 00030698 ____A C:\Users\Terry\Downloads\adine_kirnberg.zip
2012-10-20 16:49 - 2012-10-20 16:49 - 00316424 ____A C:\Users\Terry\Downloads\bleep_happens.zip
2012-10-20 16:49 - 2012-10-20 16:49 - 00185318 ____A C:\Users\Terry\Downloads\quickier_demo.zip
2012-10-20 16:48 - 2012-10-20 16:48 - 01148626 ____A C:\Users\Terry\Downloads\mardian_demo.zip
2012-10-20 16:48 - 2012-10-20 16:48 - 00058728 ____A C:\Users\Terry\Downloads\scriptina.zip
2012-10-20 16:48 - 2012-10-20 16:48 - 00055903 ____A C:\Users\Terry\Downloads\champignon.zip
2012-10-20 16:47 - 2012-10-20 16:47 - 00564489 ____A C:\Users\Terry\Downloads\respective.zip
2012-10-20 16:46 - 2012-10-20 16:46 - 00178939 ____A C:\Users\Terry\Downloads\mirella_script.zip

#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,711 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:54 AM

Posted 19 November 2012 - 04:13 PM

Looking at the way you struggling to post the logs I can imagine this is all new to you. I don't really think you will be able to follow the rest of the instructions to get this system back to full functionality unless we both have a lot of time and ready go through an extraordinary long topic and probably end up with no result.

So my best advise is to either get someone to help you with posting and performing the fixes that will follow or get the computer to a repair shop or if you have a recovery partition, restore the system to the factory default.

Edited by Farbar, 19 November 2012 - 04:14 PM.


#14 QuietWarriorAtl

QuietWarriorAtl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 19 November 2012 - 04:38 PM

==================== One Month Modified Files and Folders =======

#15 QuietWarriorAtl

QuietWarriorAtl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:54 PM

Posted 19 November 2012 - 05:38 PM

Okay, thanks for your help.

Is there anyone else out there that can help me with this? I seem to have problems pasting long messages. Everytime I copy and paste the log in full, It sends me to an error page saying the connection was reset. It does the same when I try to attach the log. Can anyone help?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users