Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

search scopes ? Rootkit ? EAT ?


  • This topic is locked This topic is locked
2 replies to this topic

#1 yasysay

yasysay

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 14 June 2014 - 10:35 AM

I did a restore to factory default (image from secondary partition) then I started scanning and it was infected with something I got it to a point but it's still got some kinda "EAT" attached to IE that roguekiller pulls up but I don't know how to remove them? It's a HP G60 Laptop running win vista. I will post the rogue killer report after the dds report u guys request :) hope I'm doing this all right and I am sorry if im not.. On a side note: I am a huge fan of you guys here at Bleeping so this is kinda exciting for me! 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 7.0.6001.18000
Run by Owner at 9:51:38 on 2014-06-14
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.1.1033.18.3998.2989 [GMT -5:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - 
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{001839E6-218D-4D4C-9FFF-39FE2BF5B60A} : DHCPNameServer = 192.168.1.1
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
x64-Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2009-4-20 365952]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2007-10-31 293376]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-6-29 126976]
S2 Norton Internet Security;Norton Internet Security;"C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-1-20 93696]
S3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw3v64.sys [2008-1-20 3154432]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 TweakingRunAsSystemService;Tweaking Run As System Service;F:\Tweaking.com - Windows Repair\files\tweaking_ras.exe [2014-6-13 41952]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2006-11-2 273408]
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
2014-06-13 22:42:02 1043 ----a-w- C:\temp477.bat
2014-06-13 18:12:53 1043 ----a-w- C:\temp819.bat
2014-06-13 16:55:13 505392 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-06-13 16:55:13 353840 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-06-13 16:55:13 1053232 ----a-w- C:\Windows\SysWow64\MFC71u.dll
2014-06-13 16:55:12 1066544 ----a-w- C:\Windows\SysWow64\MFC71.dll
2014-06-13 16:25:46 0 ----a-w- C:\autoexec.bat
2014-03-31 14:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH:  9:52:04.81 ===============
 
 
 
 
 
RogueKiller V9.0.2.0 (x64) [Jun  3 2014] by Adlice Software
 
Operating System : Windows Vista (6.0.6001 Service Pack 1) 64 bits version
Started in : Normal mode
User : Owner [Admin rights]
Mode : Scan -- Date : 06/13/2014  17:57:25
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 0 ¤¤¤
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ HOSTS File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 115 ¤¤¤
[EAT:Addr] (explorer.exe) comctl32.dll - AddGadgetMessageHandler : C:\Windows\system32\DUser.dll @ 0x7fefce0bde8
[EAT:Addr] (explorer.exe) comctl32.dll - AttachWndProcA : C:\Windows\system32\DUser.dll @ 0x7fefce20968
[EAT:Addr] (explorer.exe) comctl32.dll - AttachWndProcW : C:\Windows\system32\DUser.dll @ 0x7fefce0a558
[EAT:Addr] (explorer.exe) comctl32.dll - AutoTrace : C:\Windows\system32\DUser.dll @ 0x7fefce19360
[EAT:Addr] (explorer.exe) comctl32.dll - BeginTransition : C:\Windows\system32\DUser.dll @ 0x7fefce20bdc
[EAT:Addr] (explorer.exe) comctl32.dll - BuildAnimation : C:\Windows\system32\DUser.dll @ 0x7fefce0b9b8
[EAT:Addr] (explorer.exe) comctl32.dll - BuildDropTarget : C:\Windows\system32\DUser.dll @ 0x7fefce19780
[EAT:Addr] (explorer.exe) comctl32.dll - BuildInterpolation : C:\Windows\system32\DUser.dll @ 0x7fefce0b8d8
[EAT:Addr] (explorer.exe) comctl32.dll - CreateAction : C:\Windows\system32\DUser.dll @ 0x7fefce0adf4
[EAT:Addr] (explorer.exe) comctl32.dll - CreateGadget : C:\Windows\system32\DUser.dll @ 0x7fefce04840
[EAT:Addr] (explorer.exe) comctl32.dll - CreateTransition : C:\Windows\system32\DUser.dll @ 0x7fefce20998
[EAT:Addr] (explorer.exe) comctl32.dll - DUserBuildGadget : C:\Windows\system32\DUser.dll @ 0x7fefce20738
[EAT:Addr] (explorer.exe) comctl32.dll - DUserCastClass : C:\Windows\system32\DUser.dll @ 0x7fefce20824
[EAT:Addr] (explorer.exe) comctl32.dll - DUserCastDirect : C:\Windows\system32\DUser.dll @ 0x7fefce2089c
[EAT:Addr] (explorer.exe) comctl32.dll - DUserCastHandle : C:\Windows\system32\DUser.dll @ 0x7fefce208dc
[EAT:Addr] (explorer.exe) comctl32.dll - DUserDeleteGadget : C:\Windows\system32\DUser.dll @ 0x7fefce1ed30
[EAT:Addr] (explorer.exe) comctl32.dll - DUserFindClass : C:\Windows\system32\DUser.dll @ 0x7fefce206c0
[EAT:Addr] (explorer.exe) comctl32.dll - DUserFlushDeferredMessages : C:\Windows\system32\DUser.dll @ 0x7fefce0c844
[EAT:Addr] (explorer.exe) comctl32.dll - DUserFlushMessages : C:\Windows\system32\DUser.dll @ 0x7fefce0c8b0
[EAT:Addr] (explorer.exe) comctl32.dll - DUserGetAlphaPRID : C:\Windows\system32\DUser.dll @ 0x7fefce19cd0
[EAT:Addr] (explorer.exe) comctl32.dll - DUserGetGutsData : C:\Windows\system32\DUser.dll @ 0x7fefce208f0
[EAT:Addr] (explorer.exe) comctl32.dll - DUserGetRectPRID : C:\Windows\system32\DUser.dll @ 0x7fefce19ce0
[EAT:Addr] (explorer.exe) comctl32.dll - DUserGetRotatePRID : C:\Windows\system32\DUser.dll @ 0x7fefce19cf0
[EAT:Addr] (explorer.exe) comctl32.dll - DUserGetScalePRID : C:\Windows\system32\DUser.dll @ 0x7fefce19d00
[EAT:Addr] (explorer.exe) comctl32.dll - DUserInstanceOf : C:\Windows\system32\DUser.dll @ 0x7fefce207a0
[EAT:Addr] (explorer.exe) comctl32.dll - DUserPostEvent : C:\Windows\system32\DUser.dll @ 0x7fefce05fe0
[EAT:Addr] (explorer.exe) comctl32.dll - DUserPostMethod : C:\Windows\system32\DUser.dll @ 0x7fefce1f8e0
[EAT:Addr] (explorer.exe) comctl32.dll - DUserRegisterGuts : C:\Windows\system32\DUser.dll @ 0x7fefce0fb3c
[EAT:Addr] (explorer.exe) comctl32.dll - DUserRegisterStub : C:\Windows\system32\DUser.dll @ 0x7fefce10660
[EAT:Addr] (explorer.exe) comctl32.dll - DUserRegisterSuper : C:\Windows\system32\DUser.dll @ 0x7fefce11040
[EAT:Addr] (explorer.exe) comctl32.dll - DUserSendEvent : C:\Windows\system32\DUser.dll @ 0x7fefce02370
[EAT:Addr] (explorer.exe) comctl32.dll - DUserSendMethod : C:\Windows\system32\DUser.dll @ 0x7fefce1f804
[EAT:Addr] (explorer.exe) comctl32.dll - DUserStopAnimation : C:\Windows\system32\DUser.dll @ 0x7fefce1a9f4
[EAT:Addr] (explorer.exe) comctl32.dll - DeleteHandle : C:\Windows\system32\DUser.dll @ 0x7fefce03070
[EAT:Addr] (explorer.exe) comctl32.dll - DetachWndProc : C:\Windows\system32\DUser.dll @ 0x7fefce01948
[EAT:Addr] (explorer.exe) comctl32.dll - DllMain : C:\Windows\system32\DUser.dll @ 0x7fefce0ddf8
[EAT:Addr] (explorer.exe) comctl32.dll - DrawGadgetTree : C:\Windows\system32\DUser.dll @ 0x7fefce205b4
[EAT:Addr] (explorer.exe) comctl32.dll - EndTransition : C:\Windows\system32\DUser.dll @ 0x7fefce20d60
[EAT:Addr] (explorer.exe) comctl32.dll - EnumGadgets : C:\Windows\system32\DUser.dll @ 0x7fefce20094
[EAT:Addr] (explorer.exe) comctl32.dll - FindGadgetFromPoint : C:\Windows\system32\DUser.dll @ 0x7fefce06d80
[EAT:Addr] (explorer.exe) comctl32.dll - FindGadgetMessages : C:\Windows\system32\DUser.dll @ 0x7fefce1fdb8
[EAT:Addr] (explorer.exe) comctl32.dll - FindStdColor : C:\Windows\system32\DUser.dll @ 0x7fefce0a4a4
[EAT:Addr] (explorer.exe) comctl32.dll - FireGadgetMessages : C:\Windows\system32\DUser.dll @ 0x7fefce1f9a0
[EAT:Addr] (explorer.exe) comctl32.dll - ForwardGadgetMessage : C:\Windows\system32\DUser.dll @ 0x7fefce0d628
[EAT:Addr] (explorer.exe) comctl32.dll - GetActionTimeslice : C:\Windows\system32\DUser.dll @ 0x7fefce20e24
[EAT:Addr] (explorer.exe) comctl32.dll - GetDebug : C:\Windows\system32\DUser.dll @ 0x7fefce193a0
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadget : C:\Windows\system32\DUser.dll @ 0x7fefce203f8
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetAnimation : C:\Windows\system32\DUser.dll @ 0x7fefce07154
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetBufferInfo : C:\Windows\system32\DUser.dll @ 0x7fefce12f40
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetCenterPoint : C:\Windows\system32\DUser.dll @ 0x7fefce1f4e0
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetFocus : C:\Windows\system32\DUser.dll @ 0x7fefce08d14
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetMessageFilter : C:\Windows\system32\DUser.dll @ 0x7fefce204e0
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7fefce071ec
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetRect : C:\Windows\system32\DUser.dll @ 0x7fefce01dd0
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetRgn : C:\Windows\system32\DUser.dll @ 0x7fefce04af0
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetRootInfo : C:\Windows\system32\DUser.dll @ 0x7fefce1f6dc
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetRotation : C:\Windows\system32\DUser.dll @ 0x7fefce1f2e4
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetScale : C:\Windows\system32\DUser.dll @ 0x7fefce1f0e8
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetSize : C:\Windows\system32\DUser.dll @ 0x7fefce201b4
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetStyle : C:\Windows\system32\DUser.dll @ 0x7fefce12c6c
[EAT:Addr] (explorer.exe) comctl32.dll - GetGadgetTicket : C:\Windows\system32\DUser.dll @ 0x7fefce054dc
[EAT:Addr] (explorer.exe) comctl32.dll - GetMessageExA : C:\Windows\system32\DUser.dll @ 0x7fefce133d0
[EAT:Addr] (explorer.exe) comctl32.dll - GetMessageExW : C:\Windows\system32\DUser.dll @ 0x7fefce1fae0
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorBrushF : C:\Windows\system32\DUser.dll @ 0x7fefce20ff0
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorBrushI : C:\Windows\system32\DUser.dll @ 0x7fefce01d10
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorF : C:\Windows\system32\DUser.dll @ 0x7fefce20f7c
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorI : C:\Windows\system32\DUser.dll @ 0x7fefce0daa4
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorName : C:\Windows\system32\DUser.dll @ 0x7fefce212dc
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorPenF : C:\Windows\system32\DUser.dll @ 0x7fefce2118c
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdColorPenI : C:\Windows\system32\DUser.dll @ 0x7fefce210a4
[EAT:Addr] (explorer.exe) comctl32.dll - GetStdPalette : C:\Windows\system32\DUser.dll @ 0x7fefce21318
[EAT:Addr] (explorer.exe) comctl32.dll - GetTransitionInterface : C:\Windows\system32\DUser.dll @ 0x7fefce20b18
[EAT:Addr] (explorer.exe) comctl32.dll - InitGadgetComponent : C:\Windows\system32\DUser.dll @ 0x7fefce1ebc4
[EAT:Addr] (explorer.exe) comctl32.dll - InitGadgets : C:\Windows\system32\DUser.dll @ 0x7fefce091d0
[EAT:Addr] (explorer.exe) comctl32.dll - InvalidateGadget : C:\Windows\system32\DUser.dll @ 0x7fefce02bb8
[EAT:Addr] (explorer.exe) comctl32.dll - IsGadgetParentChainStyle : C:\Windows\system32\DUser.dll @ 0x7fefce1eec0
[EAT:Addr] (explorer.exe) comctl32.dll - IsInsideContext : C:\Windows\system32\DUser.dll @ 0x7fefce1ee40
[EAT:Addr] (explorer.exe) comctl32.dll - IsStartDelete : C:\Windows\system32\DUser.dll @ 0x7fefce0ba20
[EAT:Addr] (explorer.exe) comctl32.dll - LookupGadgetTicket : C:\Windows\system32\DUser.dll @ 0x7fefce21610
[EAT:Addr] (explorer.exe) comctl32.dll - MapGadgetPoints : C:\Windows\system32\DUser.dll @ 0x7fefce1426c
[EAT:Addr] (explorer.exe) comctl32.dll - PeekMessageExA : C:\Windows\system32\DUser.dll @ 0x7fefce1fb78
[EAT:Addr] (explorer.exe) comctl32.dll - PeekMessageExW : C:\Windows\system32\DUser.dll @ 0x7fefce1fc14
[EAT:Addr] (explorer.exe) comctl32.dll - PlayTransition : C:\Windows\system32\DUser.dll @ 0x7fefce20a44
[EAT:Addr] (explorer.exe) comctl32.dll - PrintTransition : C:\Windows\system32\DUser.dll @ 0x7fefce20ca0
[EAT:Addr] (explorer.exe) comctl32.dll - RegisterGadgetMessage : C:\Windows\system32\DUser.dll @ 0x7fefce0e49c
[EAT:Addr] (explorer.exe) comctl32.dll - RegisterGadgetMessageString : C:\Windows\system32\DUser.dll @ 0x7fefce1fd90
[EAT:Addr] (explorer.exe) comctl32.dll - RegisterGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7fefce0e654
[EAT:Addr] (explorer.exe) comctl32.dll - RemoveGadgetMessageHandler : C:\Windows\system32\DUser.dll @ 0x7fefce1fecc
[EAT:Addr] (explorer.exe) comctl32.dll - RemoveGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7fefce0b5b0
[EAT:Addr] (explorer.exe) comctl32.dll - SetActionTimeslice : C:\Windows\system32\DUser.dll @ 0x7fefce20ed4
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetBufferInfo : C:\Windows\system32\DUser.dll @ 0x7fefce1264c
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetCenterPoint : C:\Windows\system32\DUser.dll @ 0x7fefce1f5d8
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetFillF : C:\Windows\system32\DUser.dll @ 0x7fefce1eff4
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetFillI : C:\Windows\system32\DUser.dll @ 0x7fefce11f50
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetFocus : C:\Windows\system32\DUser.dll @ 0x7fefce08dec
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetFocusEx : C:\Windows\system32\DUser.dll @ 0x7fefce0d784
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetMessageFilter : C:\Windows\system32\DUser.dll @ 0x7fefce05348
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetOrder : C:\Windows\system32\DUser.dll @ 0x7fefce202a4
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetParent : C:\Windows\system32\DUser.dll @ 0x7fefce04d20
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7fefce0bad0
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetRect : C:\Windows\system32\DUser.dll @ 0x7fefce04980
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetRootInfo : C:\Windows\system32\DUser.dll @ 0x7fefce099d8
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetRotation : C:\Windows\system32\DUser.dll @ 0x7fefce1f3ec
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetScale : C:\Windows\system32\DUser.dll @ 0x7fefce1f1e0
[EAT:Addr] (explorer.exe) comctl32.dll - SetGadgetStyle : C:\Windows\system32\DUser.dll @ 0x7fefce04390
[EAT:Addr] (explorer.exe) comctl32.dll - UninitGadgetComponent : C:\Windows\system32\DUser.dll @ 0x7fefce1ec78
[EAT:Addr] (explorer.exe) comctl32.dll - UnregisterGadgetMessage : C:\Windows\system32\DUser.dll @ 0x7fefce1fcfc
[EAT:Addr] (explorer.exe) comctl32.dll - UnregisterGadgetMessageString : C:\Windows\system32\DUser.dll @ 0x7fefce1fd90
[EAT:Addr] (explorer.exe) comctl32.dll - UnregisterGadgetProperty : C:\Windows\system32\DUser.dll @ 0x7fefce2000c
[EAT:Addr] (explorer.exe) comctl32.dll - UtilBuildFont : C:\Windows\system32\DUser.dll @ 0x7fefce21380
[EAT:Addr] (explorer.exe) comctl32.dll - UtilDrawBlendRect : C:\Windows\system32\DUser.dll @ 0x7fefce21528
[EAT:Addr] (explorer.exe) comctl32.dll - UtilDrawOutlineRect : C:\Windows\system32\DUser.dll @ 0x7fefce2154c
[EAT:Addr] (explorer.exe) comctl32.dll - UtilGetColor : C:\Windows\system32\DUser.dll @ 0x7fefce21558
[EAT:Addr] (explorer.exe) comctl32.dll - UtilSetBackground : C:\Windows\system32\DUser.dll @ 0x7fefce21324
[EAT:Addr] (explorer.exe) comctl32.dll - WaitMessageEx : C:\Windows\system32\DUser.dll @ 0x7fefce1fcac
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK2555GSX ATA Device +++++
--- User ---
[MBR] bf5e97bd5df50a8f4226f2021f34f69e
[BSP] 08c8d7e7d95302ca5fe155b39d019757 : Toshiba MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 225895 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 462635008 | Size: 12576 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: Lexar USB Flash Drive USB Device +++++
--- User ---
[MBR] 866c2ed4c96b965d1ce40f24569f9eba
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 2760 | Size: 7518 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
 
 
============================================
RKreport_DEL_06132014_110053.log - RKreport_DEL_06132014_120251.log - RKreport_DEL_06132014_123519.log - RKreport_DEL_06132014_133241.log
RKreport_DEL_06132014_142556.log - RKreport_DEL_06132014_165826.log - RKreport_SCN_06132014_105946.log - RKreport_SCN_06132014_110438.log
RKreport_SCN_06132014_115808.log - RKreport_SCN_06132014_120230.log - RKreport_SCN_06132014_120527.log - RKreport_SCN_06132014_123457.log
RKreport_SCN_06132014_124002.log - RKreport_SCN_06132014_133150.log - RKreport_SCN_06132014_142528.log - RKreport_SCN_06132014_143052.log
RKreport_SCN_06132014_164814.log - RKreport_SCN_06132014_165310.log - RKreport_SCN_06132014_170056.log
 


BC AdBot (Login to Remove)

 


#2 yasysay

yasysay
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 17 June 2014 - 12:52 PM

Full apologies please disregard this post. Thank you for your time anyway. :-/



#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:03 PM

Posted 18 June 2014 - 09:19 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users