Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Have Rootkit.Boot.Pihar.c and Toshiba Laptop F3-F100-0004


  • This topic is locked This topic is locked
2 replies to this topic

#1 scb175

scb175

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:02:46 PM

Posted 25 November 2013 - 08:37 AM

Mod Edit: Moved to Malware Removal ~~boopme

Well, I tried to fix this myself, and now I am blocked totally from Windows.  That is why I am coming here for help.  I ran the TDSSKiller and it found the virus, but when I went to restart, I receive this ERROR: F3-F100-0004 and it will not let me do F8 to go into safe mode. 
 
I have the Windows disk, went into recovery / command prompt and launched both FRST.exe and ListParts.exe.  I followed directions from other posts on this forum.  I have created the logs, but unsure of what to do next? 
 
******FRST.exe Log:******
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-11-2013 01
Ran by SYSTEM on MININT-T5OK5QJ on 25-11-2013 08:23:40
Running from F:\
Windows 7 Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [Monitor] - C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [193880 2010-11-19] (LeapFrog Enterprises, Inc.)
HKLM\...\Run: [LTCM Client] - C:\Program Files\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKU\Karen\...\Run: [iCloudServices] - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [ 2013-09-13] (Apple Inc.)
HKU\Karen\...\Run: [ApplePhotoStreams] - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [ 2013-09-15] (Apple Inc.)
HKU\Karen\...\Run: [AppleIEDAV] - C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe [ 2013-09-04] (Apple Inc.)
HKU\Karen\...\Run: [KHDsoft Update] - regsvr32.exe C:\Users\Karen\AppData\Local\KHDsoft\SWFFile.dll
Startup: C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RCA Detective.lnk
ShortcutTarget: RCA Detective.lnk ->  (No File)

========================== Services (Whitelisted) =================

S2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-08-10] (TOSHIBA CORPORATION)
S2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
S2 EpsonScanSvc; C:\windows\system32\EscSvc.exe [122000 2011-12-11] (Seiko Epson Corporation)
S2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [167520 2011-11-01] (SEIKO EPSON CORPORATION)
S2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [142432 2011-11-01] (SEIKO EPSON CORPORATION)
S3 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [250616 2009-05-22] (WildTangent, Inc.)
S2 gupdate1ca97bb214096eb; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2010-01-17] (Google Inc.)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-08-17] (TOSHIBA Corporation)
S2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [185712 2009-08-11] (TOSHIBA Corporation)
S3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-08-03] (TOSHIBA Corporation)
S3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [685424 2009-08-06] (TOSHIBA Corporation)

==================== Drivers (Whitelisted) ====================

S0 26070636; C:\Windows\System32\drivers\30554891.sys [204896 2013-11-22] ()
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [372736 2009-08-13] (Realtek Semiconductor Corporation                           )
S2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-19] (TOSHIBA Corporation)
S5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Karen\AppData\Local\Temp\catchme.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

========================== Drivers MD5 =======================

C:\Windows\system32\DRIVERS\1394ohci.sys 6D2ACA41739BFE8CB86EE8E85F29697D
C:\Windows\System32\drivers\30554891.sys 0EF33C98C16F33441954048FBC07089E
C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AGRSM.sys 7E10E3BB9B258AD8A9300F91214D67B9
C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athr.sys 76BAB0C824E2D05B940C4DD40A9B08BF
C:\Windows\System32\DRIVERS\atikmdag.sys C97BE8350FBCB1960B22FAD2E6C2B514
C:\Windows\System32\DRIVERS\AtiPcie.sys B73C832088DD54B55E04FF6F9646AD8C
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 77361D72A04F18809D0EFB6CCEB74D4B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys DB5E008B3744DD60C8498CBBF2A1CFA6
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 500A9814FD9446A8126858A5A7F7D273
C:\Windows\System32\DRIVERS\fvevol.sys 4732E596BB1C50D9F9188C5074EE7782
C:\Windows\System32\DRIVERS\FwLnk.sys 0F76E205BDC60364F08A5949082771CA
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHDA.sys E4A2E810CB2607C9C159C0DFB0BD4C88
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 52FC17C8589F11747D01D3CF592673D0
C:\Windows\System32\Drivers\ksecpkg.sys 3E5474B03568CFAB834DA3C38E8C9EFA
C:\Windows\System32\DRIVERS\btblan.sys 5CFFDA921FE0C9E9EBDE3150D3C81594
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys E77DC03DD3C8E5A388BF9EED2A28F3D1
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 32FF06EC6D946EF791D98D6C838A3090
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys A8F59428E9F361C7AC42A94AC1560BC9
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 66D3415C159741ADE7038A277EFFF99F
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pci.sys C858CB77C577780ECC456A892E7E7D0F
C:\Windows\System32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys 835D7E81BF517A3B72384BDCC85E1CE6
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys 1E016846895B15A99F9A176A05029075
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys C5B8D47A4688DE9D335204EA757C2240
C:\Windows\System32\drivers\rdyboost.sys 4EA225BF1CF05E158853F30A99CA29A7
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys EF8B2AFC3C0751C5E5A59983C8893260
C:\Windows\System32\DRIVERS\Rt86win7.sys 6465166DD9B2F841DABAD16ABDADBE98
C:\Windows\System32\DRIVERS\RTL8187Se.sys 5BD298BDF62E6A8A0FC69F73A82A52BB
C:\Windows\system32\DRIVERS\sbp2port.sys 34EE0C44B724E3E4CE2EFF29126DE5B5
C:\Windows\System32\DRIVERS\scfilter.sys A95C54B2AC3CC9C73FCDF9E51A1D6B51
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_sd.sys 4F1E5B0FE7C8050668DBFADE8999AEFB
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys C4A027B8C0BD3FC0699F41FA5E9E0C87
C:\Windows\System32\DRIVERS\srv2.sys 414BB592CAD8A79649D01F9D94318FB3
C:\Windows\System32\DRIVERS\srvnet.sys FF207D67700AA18242AAF985D3E7D8F4
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 8BD10DC8809DC69A1C5A795CB10ADD76
C:\Windows\System32\drivers\tcpip.sys BBCEAEFF1FD72A026F827CBB2F4AA8AD
C:\Windows\System32\DRIVERS\tcpip.sys BBCEAEFF1FD72A026F827CBB2F4AA8AD
C:\Windows\System32\drivers\tcpipreg.sys E64444523ADD154F86567C469BC0B17F
C:\Windows\System32\DRIVERS\tdcmdpst.sys 4084EA00D50C858D6F9038F86AE2E2D0
C:\Windows\System32\drivers\tdpipe.sys 1875C1490D99E70E449E3AFAE9FCBADF
C:\Windows\System32\drivers\tdtcp.sys 7156308896D34EA75A582F9A09E50C17
C:\Windows\System32\DRIVERS\tdx.sys CB39E896A2A83702D1737BFD402B3542
C:\Windows\System32\DRIVERS\termdd.sys C36F41EE20E6999DBF4B0425963268A5
C:\Windows\System32\DRIVERS\tos_sps32.sys 969377943FE7284609BABBAB4E06B93C
C:\Windows\System32\DRIVERS\tssecsrv.sys 98AE6FA07D12CB4EC5CF4A9BFA5F4242
C:\Windows\System32\DRIVERS\tunnel.sys 3E461D890A97F9D4C168F5FDA36E1D00
C:\Windows\System32\DRIVERS\TVALZ_O.SYS FC24015B4052600C324C43E3A79C0664
C:\Windows\System32\DRIVERS\TVALZFL.sys 866462F5AE3F375EF83EF9DCE436031C
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys 09CC3E16F8E5EE7168E01CF8FCBE061A
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys 049B3A50B3D646BAEEEE9EEC9B0668DC
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl.sys 8BF5D980CDCE35FB26F05047144BB57E
C:\Windows\System32\DRIVERS\usbccgp.sys C31AE588E403042632DC796CF09E30B0
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys E4C436D914768CE965D5E659BA7EEBD8
C:\Windows\System32\DRIVERS\usbhub.sys BDCD7156EC37448F08633FD899823620
C:\Windows\System32\DRIVERS\usbohci.sys EB2D819A639015253C871CDA09D91D58
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 576096CCBC07E7C4EA4F5E6686D6888F
C:\Windows\System32\DRIVERS\USBSTOR.SYS 1C4287739A93594E57E2A9E6A3ED7353
C:\Windows\system32\drivers\usbuhci.sys 22480BF4E5A09192E5E30BA4DDE79FA4
C:\Windows\System32\Drivers\usbvideo.sys B5F6A992D996282B7FAE7048E50AF83A
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys 3BE6E1F3A4F1AFEC8CEE0D7883F93583
C:\Windows\system32\DRIVERS\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volmgr.sys 384E5A2AA49934295171E499F86BA6F3
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys 59F06B4968E58BC83DFC56CA4517960E
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\vwifimp.sys A3F04CBEA6C2A10E6CB01F8B47611882
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B
C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys 30FC6E5448D0CBAAA95280EEEF7FEDAE
C:\Windows\system32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-25 08:22 - 2013-11-25 08:22 - 00000000 ____D C:\FRST
2013-11-22 08:29 - 2013-11-22 08:29 - 00204896 _____ C:\Windows\System32\Drivers\30554891.sys
2013-11-22 08:29 - 2013-11-22 08:29 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-11-22 08:26 - 2013-11-22 07:46 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Karen\Desktop\mbar-1.07.0.1007.exe
2013-11-22 08:26 - 2013-11-22 07:46 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Karen\Desktop\tdsskiller.exe
2013-11-22 07:55 - 2013-11-22 08:23 - 00000000 ____D C:\AdwCleaner
2013-11-22 07:44 - 2013-11-22 07:44 - 00000000 ____D C:\Windows\ERUNT
2013-11-22 07:39 - 2013-11-22 07:39 - 00347304 _____ (Microsoft Corporation) C:\Users\Karen\Downloads\MicrosoftFixit.Performance.Run.exe
2013-11-21 10:12 - 2013-11-22 08:27 - 00008606 _____ C:\Windows\WindowsUpdate.log
2013-11-21 10:08 - 2013-11-22 08:25 - 00001076 _____ C:\Windows\setupact.log
2013-11-21 10:08 - 2013-11-21 10:08 - 00000000 _____ C:\Windows\setuperr.log
2013-11-21 09:32 - 2013-11-21 09:32 - 00077692 _____ C:\Users\Karen\Documents\cc_20131121_123228.reg
2013-11-21 09:07 - 2013-11-21 09:07 - 00000972 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-21 09:07 - 2013-11-21 09:07 - 00000000 ____D C:\Program Files\CCleaner
2013-11-21 04:57 - 2013-11-21 04:57 - 00001968 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2013-11-20 09:47 - 2013-11-20 09:48 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-20 09:46 - 2013-11-20 09:46 - 00000000 ____D C:\b65ea6a65bddfa888a3da39b5d1682
2013-11-20 09:42 - 2013-11-20 09:42 - 00015096 _____ C:\ComboFix.txt
2013-11-20 09:17 - 2013-11-20 09:43 - 00000000 ____D C:\Qoobox
2013-11-20 09:17 - 2011-06-25 22:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-20 09:17 - 2010-11-07 09:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-20 09:17 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-20 09:17 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-20 09:17 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-20 09:17 - 2000-08-30 16:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-20 09:17 - 2000-08-30 16:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-20 09:17 - 2000-08-30 16:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-20 09:13 - 2013-11-20 09:40 - 00000000 ____D C:\Windows\erdnt
2013-11-20 09:02 - 2013-11-20 09:03 - 05146522 ____R (Swearware) C:\Users\Karen\Downloads\ComboFix.exe
2013-11-20 09:00 - 2013-11-20 09:00 - 00000000 ____D C:\f9dc6c70fd14764abb1b
2013-11-20 08:59 - 2013-11-20 08:59 - 11125072 _____ (Microsoft Corporation) C:\Users\Karen\Downloads\mseinstall (1).exe
2013-11-20 08:56 - 2013-11-21 09:34 - 00002243 _____ C:\Windows\epplauncher.mif
2013-11-10 14:32 - 2013-11-11 17:03 - 00000000 ____D C:\Users\Karen\AppData\Local\KHDsoft

==================== One Month Modified Files and Folders =======

2013-11-25 08:22 - 2013-11-25 08:22 - 00000000 ____D C:\FRST
2013-11-22 08:29 - 2013-11-22 08:29 - 00204896 _____ C:\Windows\System32\Drivers\30554891.sys
2013-11-22 08:29 - 2013-11-22 08:29 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-11-22 08:28 - 2013-11-21 10:12 - 00008606 _____ C:\Windows\WindowsUpdate.log
2013-11-22 08:26 - 2009-09-01 21:32 - 00730320 _____ C:\Windows\System32\PerfStringBackup.INI
2013-11-22 08:25 - 2013-11-21 10:08 - 00001076 _____ C:\Windows\setupact.log
2013-11-22 08:23 - 2013-11-22 07:55 - 00000000 ____D C:\AdwCleaner
2013-11-22 07:46 - 2013-11-22 08:26 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Karen\Desktop\mbar-1.07.0.1007.exe
2013-11-22 07:46 - 2013-11-22 08:26 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Karen\Desktop\tdsskiller.exe
2013-11-22 07:44 - 2013-11-22 07:44 - 00000000 ____D C:\Windows\ERUNT
2013-11-22 07:42 - 2009-07-13 20:34 - 00015792 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-22 07:42 - 2009-07-13 20:34 - 00015792 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-22 07:39 - 2013-11-22 07:39 - 00347304 _____ (Microsoft Corporation) C:\Users\Karen\Downloads\MicrosoftFixit.Performance.Run.exe
2013-11-21 10:08 - 2013-11-21 10:08 - 00000000 _____ C:\Windows\setuperr.log
2013-11-21 09:55 - 2013-06-16 09:17 - 00000000 ____D C:\found.000
2013-11-21 09:34 - 2013-11-20 08:56 - 00002243 _____ C:\Windows\epplauncher.mif
2013-11-21 09:32 - 2013-11-21 09:32 - 00077692 _____ C:\Users\Karen\Documents\cc_20131121_123228.reg
2013-11-21 09:31 - 2009-09-02 13:47 - 00000000 ____D C:\Windows\Panther
2013-11-21 09:07 - 2013-11-21 09:07 - 00000972 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-21 09:07 - 2013-11-21 09:07 - 00000000 ____D C:\Program Files\CCleaner
2013-11-21 08:24 - 2009-09-01 21:47 - 00000000 ____D C:\Program Files\Google
2013-11-21 08:24 - 2009-09-01 21:30 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-21 08:24 - 2009-09-01 21:30 - 00000000 ____D C:\Program Files\TOSHIBA
2013-11-21 08:21 - 2010-12-19 10:13 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-21 08:21 - 2009-09-01 21:34 - 00000000 ____D C:\ProgramData\Toshiba
2013-11-21 08:19 - 2012-04-07 16:43 - 00000000 ____D C:\Program Files\Easy Media Player
2013-11-21 08:19 - 2010-01-10 15:18 - 00000000 ____D C:\Users\Karen\AppData\Local\Google
2013-11-21 08:19 - 2009-09-01 21:47 - 00000000 ____D C:\ProgramData\Google
2013-11-21 08:18 - 2012-09-09 10:17 - 00000000 ____D C:\Program Files\epson
2013-11-21 04:57 - 2013-11-21 04:57 - 00001968 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2013-11-20 09:48 - 2013-11-20 09:47 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-20 09:46 - 2013-11-20 09:46 - 00000000 ____D C:\b65ea6a65bddfa888a3da39b5d1682
2013-11-20 09:43 - 2013-11-20 09:17 - 00000000 ____D C:\Qoobox
2013-11-20 09:42 - 2013-11-20 09:42 - 00015096 _____ C:\ComboFix.txt
2013-11-20 09:42 - 2009-07-13 18:37 - 00000000 ___RD C:\users\Public
2013-11-20 09:40 - 2013-11-20 09:13 - 00000000 ____D C:\Windows\erdnt
2013-11-20 09:39 - 2009-07-13 18:04 - 00000215 _____ C:\Windows\system.ini
2013-11-20 09:03 - 2013-11-20 09:02 - 05146522 ____R (Swearware) C:\Users\Karen\Downloads\ComboFix.exe
2013-11-20 09:00 - 2013-11-20 09:00 - 00000000 ____D C:\f9dc6c70fd14764abb1b
2013-11-20 08:59 - 2013-11-20 08:59 - 11125072 _____ (Microsoft Corporation) C:\Users\Karen\Downloads\mseinstall (1).exe
2013-11-20 08:28 - 2009-07-13 20:52 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-11-19 08:20 - 2011-11-03 14:39 - 00000000 ____D C:\ProgramData\MFAData
2013-11-11 19:21 - 2010-01-17 10:00 - 00000000 ____D C:\Users\Karen\AppData\Local\Microsoft Help
2013-11-11 17:55 - 2010-01-10 15:18 - 00000000 ____D C:\Users\Karen\AppData\Roaming\Google
2013-11-11 17:03 - 2013-11-10 14:32 - 00000000 ____D C:\Users\Karen\AppData\Local\KHDsoft
2013-11-11 16:32 - 2012-02-08 16:34 - 00000000 ____D C:\Users\Karen\AppData\Local\IsolatedStorage
2013-11-10 14:31 - 2010-01-07 13:03 - 00000000 ____D C:\Users\Karen\AppData\Local\ATI

Some content of TEMP:
====================
C:\Users\Karen\AppData\Local\Temp\Quarantine.exe


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

17
Restore point made on: 2013-08-19 15:13:43
Restore point made on: 2013-08-24 04:30:02
Restore point made on: 2013-09-02 02:45:38
Restore point made on: 2013-09-02 03:19:17
Restore point made on: 2013-09-24 16:25:00
Restore point made on: 2013-09-29 04:12:16
Restore point made on: 2013-10-05 05:09:07
Restore point made on: 2013-10-19 06:04:09
Restore point made on: 2013-10-19 10:52:24
Restore point made on: 2013-10-20 05:56:18
Restore point made on: 2013-10-21 16:05:10
Restore point made on: 2013-10-27 05:59:28
Restore point made on: 2013-11-02 05:31:10
Restore point made on: 2013-11-11 16:52:54
Restore point made on: 2013-11-17 06:43:46
Restore point made on: 2013-11-19 08:17:36
Restore point made on: 2013-11-19 08:20:13

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 2812.17 MB
Available physical RAM: 2359.62 MB
Total Pagefile: 2810.45 MB
Available Pagefile: 2361.33 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.18 MB

==================== Drives ================================

Drive c: (TI103426W0D) (Fixed) (Total:288.71 GB) (Free:238.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (GRMCHPFRER_EN_DVD) (CDROM) (Total:2.39 GB) (Free:0 GB) UDF
Drive f: (MEMTEST86) (Removable) (Total:1.84 GB) (Free:1.84 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 89E6579C)
Partition 00: (Active) - (Size=0) - (Type=00) ATTENTION ===> 0 byte partition bootkit.
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=289 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=17)

========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.


LastRegBack: 2012-11-09 03:16

==================== End Of Log ============================
 
 
 
 
 
*****And now ListParts.exe:*******
 
ListParts by Farbar Version: 20-10-2013
Ran by SYSTEM (administrator) on 25-11-2013 at 08:28:09
Windows 7 (X86)
Running From: F:\
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 13%
Total physical RAM: 2812.17 MB
Available physical RAM: 2437.18 MB
Total Pagefile: 2810.45 MB
Available Pagefile: 2443.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.52 MB

======================= Partitions =========================

1 Drive c: (TI103426W0D) (Fixed) (Total:288.71 GB) (Free:238.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (GRMCHPFRER_EN_DVD) (CDROM) (Total:2.39 GB) (Free:0 GB) UDF
4 Drive f: (MEMTEST86) (Removable) (Total:1.84 GB) (Free:1.84 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          298 GB      0 B         
  Disk 1    Online         1886 MB      0 B         

Partitions of Disk 0:
===============

Disk ID: 89E6579C

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Recovery          1500 MB  1024 KB
  Partition 2    Primary            288 GB  1501 MB
  Partition 3    Primary           8108 MB   290 GB

======================================================================================================

Disk: 0
Partition 1
Type  : 27
Hidden: Yes
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     D   System       NTFS   Partition   1500 MB  Healthy    Hidden  

======================================================================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     C   TI103426W0D  NTFS   Partition    288 GB  Healthy            

======================================================================================================

Disk: 0
Partition 3
Type  : 17
Hidden: Yes
Active: No

There is no volume associated with this partition.

======================================================================================================

Partitions of Disk 1:
===============

Disk ID: 00000001

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
* Partition 1    Primary           1886 MB      0 B

======================================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

======================================================================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: 89E6579C
Partition 00: (Active) - (Size=0) - (Type=00 ATTENTION ===> 0 byte partition bootkit.
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=289 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=17)

==============================
Partitions of Disk 1:
===============
Disk ID: 6F20736B
Partition 1: (Not Active) - (Size=544 GB) - (Type=72)
Partition 2: (Not Active) - (Size=923 GB) - (Type=65)
Partition 3: (Not Active) - (Size=923 GB) - (Type=79)
Partition 4: (Not Active) - (Size=-336763289600) - (Type=0D)


****** End Of Log ******

Edited by boopme, 25 November 2013 - 12:54 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:46 PM

Posted 30 November 2013 - 08:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/515347 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:46 PM

Posted 05 December 2013 - 08:45 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users