"System fix" claiming hard drive and RAM issues... (additional error info)

View previous topic View next topic Go down

"System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 25th November 2011, 1:59 pm

Some errors that have been continuing to pop up. Thought this might help in identifying the root of the problem...

"Hard drive clusters are partly damaged"
"Windows OS can't detects a free hard drive space. hard drive error."
"Files indexation process failed"
RAM memory
"Critical error. Hard drive critical error."
20 errors "Windows - Delayed write failed" with some variation of the following: "Failed to save all the components for the file\\system32\\000061b14 etc.. The file is corrupted or unreadable. This error may be caused by a PC hardware problem"

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 25th November 2011, 6:46 pm

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
This looks like a harddrive problem. Have you tried to defrag your harddrive?

Run hard drive diagnostics: [You must be registered and logged in to see this link.]
Make sure, you select tool, which is appropriate for the brand of your hard drive.
Depending on the program, it'll create bootable floppy, or bootable CD.
If downloaded file is of .iso type, use ImgBurn: [You must be registered and logged in to see this link.] to burn .iso file to a CD (select "Write image file to disc" option), and make the CD bootable.
For Toshiba hard drives, [You must be registered and logged in to see this link.]

Note : If you do not know how to set your computer to boot from CD follow the steps [You must be registered and logged in to see this link.]
**********************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download [You must be registered and logged in to see this link.]
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
************************************************
Download DDS from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.] and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control [You must be registered and logged in to see this link.].Then post your DDS logs. (DDS.txt and Attach.txt )

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 25th November 2011, 10:59 pm

Hi Dave,

Thanks for your help. Ok, before I do anything... I thought I should let you know that I did run Malwarebytes. It found some items, and I had it remove them. Here's the log:

Malwarebytes' Anti-Malware 1.51.2.1300
[You must be registered and logged in to see this link.]

Database version: 8238

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

11/25/2011 10:07:39 AM
mbam-log-2011-11-25 (10-07-38).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 470716
Time elapsed: 1 hour(s), 54 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Rachel\AppData\Local\Temp\piyxvisnt0mkvn.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Rachel\AppData\Local\Temp\txnvwhnr5tfntt.exe.tmp (Rogue.FakeHDD) -> Quarantined and deleted successfully.
c:\Users\Rachel\AppData\Local\Temp\0.5264855948799407.exe (Rogue.PrivacyProtection) -> Quarantined and deleted successfully.
c:\Users\Rachel\downloads\Codec-C.exe (Affiliate.Downloader) -> Quarantined and deleted successfully.

I still can get on the internet. I'm not sure which option to choose from tacktech.com. I don't see "Tool" anywhere, and I'm not sure the make of my Hard Drive.

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 25th November 2011, 11:47 pm

Ok. Just forget about running the harddrive diagnostic for now. I didn't realize you couldn't connect.

Please download [You must be registered and logged in to see this link.] to Desktop and run it.



Checkmark the following boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP Configuration
  • Lst Last 10 Event Viewer Errors
  • List Users, Partitions and Memory Size

Click Go and copy/paste the log (Result.txt) into your next post. .

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 26th November 2011, 12:02 am

MiniToolBox by Farbar
Ran by Rachel (administrator) on 25-11-2011 at 18:00:26
Windows Vista (TM) Home Premium Service Pack 2 (X86)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5007 802.11b/g WiFi Adapter = Wireless Network Connection (Connected)
NVIDIA nForce Networking Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.3 metric=1


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Rachel-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5007 802.11b/g WiFi Adapter
Physical Address. . . . . . . . . : 00-1F-3A-44-94-EE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cc89:7c70:5393:f5f8%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, November 25, 2011 10:10:40 AM
Lease Expires . . . . . . . . . . : Saturday, November 26, 2011 8:23:38 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 285220666
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-4E-FF-30-00-1E-68-15-A1-EF
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : princeresort.com
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-1E-68-15-A1-EF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.princeresort.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{3566D203-DE05-40C7-BE4A-E9852CE0F8DA}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.65.105
74.125.65.106
74.125.65.99
74.125.65.103
74.125.65.104
74.125.65.147



Pinging google.com [74.125.159.99] with 32 bytes of data:

Reply from 74.125.159.99: bytes=32 time=49ms TTL=44

Reply from 74.125.159.99: bytes=32 time=48ms TTL=44



Ping statistics for 74.125.159.99:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 48ms, Maximum = 49ms, Average = 48ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.180.149
209.191.122.70
72.30.2.43
98.137.149.56



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=51ms TTL=46

Reply from 209.191.122.70: bytes=32 time=54ms TTL=46



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 51ms, Maximum = 54ms, Average = 52ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time=1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 1ms, Average = 0ms

===========================================================================
Interface List
9 ...00 1f 3a 44 94 ee ...... Atheros AR5007 802.11b/g WiFi Adapter
8 ...00 1e 68 15 a1 ef ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
11 ...00 00 00 00 00 00 00 e0 isatap.princeresort.com
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 isatap.{3566D203-DE05-40C7-BE4A-E9852CE0F8DA}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 192.168.1.3 192.168.1.2 26
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.1.3 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
9 281 fe80::/64 On-link
9 281 fe80::cc89:7c70:5393:f5f8/128
On-link
1 306 ff00::/8 On-link
9 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/25/2011 05:57:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 919548

Error: (11/25/2011 05:57:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 919548

Error: (11/25/2011 05:57:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2011 00:25:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 57346

Error: (11/25/2011 00:25:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 57346

Error: (11/25/2011 00:25:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2011 00:25:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 56222

Error: (11/25/2011 00:25:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 56222

Error: (11/25/2011 00:25:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2011 00:25:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 55006


System errors:
=============
Error: (11/25/2011 00:25:38 PM) (Source: Service Control Manager) (User: )
Description: 30000Netman

Error: (11/25/2011 11:08:32 AM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053

Error: (11/25/2011 11:08:31 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search

Error: (11/25/2011 11:08:31 AM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (11/25/2011 10:23:48 AM) (Source: Service Control Manager) (User: )
Description: Windows Presentation Foundation Font Cache 3.0.0.0%%1053

Error: (11/25/2011 10:23:48 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Presentation Foundation Font Cache 3.0.0.0

Error: (11/25/2011 10:12:13 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (11/25/2011 08:04:17 AM) (Source: DCOM) (User: Rachel)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Rachel-PCRachelS-1-5-21-2277297283-2260119113-3656344358-1000LocalHost (Using LRPC)

Error: (11/24/2011 08:25:15 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (11/24/2011 08:23:35 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:12:08 PM on 11/24/2011 was unexpected.


Microsoft Office Sessions:
=========================

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 1982.18 MB
Available physical RAM: 931.03 MB
Total Pagefile: 4208.77 MB
Available Pagefile: 2588.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.59 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:220.98 GB) (Free:148.6 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.9 GB) (Free:1.84 GB) NTFS

========================= Users: ========================================

User accounts for \\RACHEL-PC

Administrator Guest Rachel


**** End of log ****

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 26th November 2011, 12:21 am

The logs shows that the signal is going through.

Let's run a few more scans to see what turns up.

Please download [You must be registered and logged in to see this link.] ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 26th November 2011, 12:48 am

What signal are you referring to?

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-25 18:44:07
-----------------------------
18:44:07.448 OS Version: Windows 6.0.6002 Service Pack 2
18:44:07.448 Number of processors: 2 586 0x6802
18:44:07.450 ComputerName: RACHEL-PC UserName: Rachel
18:44:20.454 Initialize success
18:44:49.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
18:44:49.460 Disk 0 Vendor: WDC_WD2500BEVS-60UST0 01.01A01 Size: 238475MB BusType: 3
18:44:51.494 Disk 0 MBR read successfully
18:44:51.498 Disk 0 MBR scan
18:44:51.502 Disk 0 unknown MBR code
18:44:51.510 Disk 0 scanning sectors +488392065
18:44:51.585 Disk 0 scanning C:\Windows\system32\drivers
18:45:00.178 Service scanning
18:45:02.511 Modules scanning
18:45:09.117 Disk 0 trace - called modules:
18:45:09.134 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
18:45:09.138 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x854c7ac8]
18:45:09.142 3 CLASSPNP.SYS[87fb98b3] -> nt!IofCallDriver -> [0x84d84df0]
18:45:09.147 5 acpi.sys[806106bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x84da7030]
18:45:09.500 Scan finished successfully
18:45:39.417 Disk 0 MBR has been saved successfully to "C:\Users\Rachel\Desktop\MBR.dat"

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 26th November 2011, 2:02 am

What signal are you referring to?
The signal from your computer throught the modem and to the internet.

Please download TDSSKiller from [You must be registered and logged in to see this link.] and save it to your Desktop.

  • Doubleclick TDSSKiller.exe to run the tool
  • Click the Start Scan button (If prompted with a "hidden service warning" do go ahead and delete it.)

  • After the scan has finished, click the Close button
  • Click the Report button and copy/paste the contents of it into your next reply
  • Note:It will also create a log in the C:\ directory.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 26th November 2011, 2:10 am

Ah ok. Yes, I said that I *was* able to get on the internet. Smile Everything seems to be working normal, the odd thing is all my files, desktop shortcuts, disappeared. And I couldn't find the link in Program files to do the defrag, disc cleanup etc. Very strange...

20:08:47.0861 0284 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
20:08:48.0229 0284 ============================================================
20:08:48.0229 0284 Current date / time: 2011/11/25 20:08:48.0229
20:08:48.0229 0284 SystemInfo:
20:08:48.0229 0284
20:08:48.0229 0284 OS Version: 6.0.6002 ServicePack: 2.0
20:08:48.0229 0284 Product type: Workstation
20:08:48.0229 0284 ComputerName: RACHEL-PC
20:08:48.0229 0284 UserName: Rachel
20:08:48.0229 0284 Windows directory: C:\Windows
20:08:48.0229 0284 System windows directory: C:\Windows
20:08:48.0229 0284 Processor architecture: Intel x86
20:08:48.0229 0284 Number of processors: 2
20:08:48.0229 0284 Page size: 0x1000
20:08:48.0229 0284 Boot type: Normal boot
20:08:48.0229 0284 ============================================================
20:08:50.0910 0284 Initialize success
20:08:55.0565 4604 ============================================================
20:08:55.0565 4604 Scan started
20:08:55.0566 4604 Mode: Manual;
20:08:55.0566 4604 ============================================================
20:08:56.0875 4604 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:08:56.0881 4604 ACPI - ok
20:08:56.0981 4604 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:08:56.0989 4604 adp94xx - ok
20:08:57.0027 4604 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:08:57.0033 4604 adpahci - ok
20:08:57.0069 4604 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:08:57.0072 4604 adpu160m - ok
20:08:57.0104 4604 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:08:57.0106 4604 adpu320 - ok
20:08:57.0168 4604 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:08:57.0174 4604 AFD - ok
20:08:57.0216 4604 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
20:08:57.0218 4604 agp440 - ok
20:08:57.0252 4604 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:08:57.0253 4604 aic78xx - ok
20:08:57.0290 4604 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
20:08:57.0290 4604 aliide - ok
20:08:57.0351 4604 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
20:08:57.0368 4604 amdagp - ok
20:08:57.0405 4604 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
20:08:57.0405 4604 amdide - ok
20:08:57.0434 4604 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:08:57.0435 4604 AmdK7 - ok
20:08:57.0483 4604 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
20:08:57.0484 4604 AmdK8 - ok
20:08:57.0664 4604 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:08:57.0703 4604 arc - ok
20:08:57.0776 4604 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:08:57.0777 4604 arcsas - ok
20:08:57.0823 4604 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:08:57.0824 4604 AsyncMac - ok
20:08:57.0864 4604 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:08:57.0865 4604 atapi - ok
20:08:57.0936 4604 athr (0437199c88f6e88a387cfec8a8886a6e) C:\Windows\system32\DRIVERS\athr.sys
20:08:57.0968 4604 athr - ok
20:08:58.0056 4604 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:08:58.0064 4604 BCM43XV - ok
20:08:58.0106 4604 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:08:58.0107 4604 Beep - ok
20:08:58.0155 4604 blbdrive - ok
20:08:58.0215 4604 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:08:58.0217 4604 bowser - ok
20:08:58.0272 4604 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:08:58.0272 4604 BrFiltLo - ok
20:08:58.0297 4604 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:08:58.0298 4604 BrFiltUp - ok
20:08:58.0382 4604 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:08:58.0384 4604 Brserid - ok
20:08:58.0435 4604 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:08:58.0436 4604 BrSerWdm - ok
20:08:58.0466 4604 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:08:58.0467 4604 BrUsbMdm - ok
20:08:58.0500 4604 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:08:58.0501 4604 BrUsbSer - ok
20:08:58.0530 4604 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:08:58.0531 4604 BTHMODEM - ok
20:08:58.0613 4604 BVRPMPR5 (18e0f9c1e7ec4aae40b3f67eab0aee99) C:\Windows\system32\drivers\BVRPMPR5.SYS
20:08:58.0615 4604 BVRPMPR5 - ok
20:08:58.0756 4604 catchme - ok
20:08:58.0802 4604 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:08:58.0804 4604 cdfs - ok
20:08:58.0870 4604 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:08:58.0871 4604 cdrom - ok
20:08:58.0920 4604 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:08:58.0921 4604 circlass - ok
20:08:58.0971 4604 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:08:58.0977 4604 CLFS - ok
20:08:59.0048 4604 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:08:59.0049 4604 CmBatt - ok
20:08:59.0087 4604 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
20:08:59.0088 4604 cmdide - ok
20:08:59.0133 4604 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:08:59.0134 4604 Compbatt - ok
20:08:59.0167 4604 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:08:59.0168 4604 crcdisk - ok
20:08:59.0205 4604 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:08:59.0206 4604 Crusoe - ok
20:08:59.0274 4604 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:08:59.0275 4604 DfsC - ok
20:08:59.0420 4604 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:08:59.0422 4604 disk - ok
20:08:59.0503 4604 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:08:59.0504 4604 drmkaud - ok
20:08:59.0756 4604 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:08:59.0785 4604 DXGKrnl - ok
20:08:59.0894 4604 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
20:08:59.0897 4604 E100B - ok
20:08:59.0939 4604 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:08:59.0965 4604 E1G60 - ok
20:09:00.0090 4604 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:09:00.0104 4604 Ecache - ok
20:09:00.0168 4604 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:09:00.0194 4604 elxstor - ok
20:09:00.0269 4604 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:09:00.0293 4604 exfat - ok
20:09:00.0826 4604 F-Secure Gatekeeper (29d12e1e45d93b45d2598e2663bbeff4) C:\Program Files\Charter Security Suite\Anti-Virus\minifilter\fsgk.sys
20:09:00.0869 4604 F-Secure Gatekeeper - ok
20:09:00.0953 4604 F-Secure HIPS (f5aca65237c7511d5803cdc5e7003d75) C:\Program Files\Charter Security Suite\HIPS\drivers\fshs.sys
20:09:00.0975 4604 F-Secure HIPS - ok
20:09:01.0590 4604 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:09:01.0620 4604 fastfat - ok
20:09:01.0746 4604 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:09:01.0768 4604 fdc - ok
20:09:01.0847 4604 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:09:01.0872 4604 FileInfo - ok
20:09:01.0911 4604 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:09:01.0913 4604 Filetrace - ok
20:09:01.0936 4604 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:09:01.0937 4604 flpydisk - ok
20:09:01.0977 4604 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:09:02.0000 4604 FltMgr - ok
20:09:02.0089 4604 fsbts (343786e182b9c9ae3066e00dec650f50) C:\Windows\system32\Drivers\fsbts.sys
20:09:02.0091 4604 fsbts - ok
20:09:02.0145 4604 FSES (2bffae1318ce3d9847a8d61b3726e54e) C:\Windows\system32\drivers\fses.sys
20:09:02.0147 4604 FSES - ok
20:09:02.0194 4604 FSFW (73e6e711455491da6ebbaf9603e96323) C:\Windows\system32\drivers\fsdfw.sys
20:09:02.0196 4604 FSFW - ok
20:09:02.0373 4604 fsvista (f4a1769bd7a3f073c492663e6a7decd1) C:\Program Files\Charter Security Suite\Anti-Virus\minifilter\fsvista.sys
20:09:02.0398 4604 fsvista - ok
20:09:02.0450 4604 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:09:02.0451 4604 Fs_Rec - ok
20:09:02.0515 4604 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:09:02.0516 4604 gagp30kx - ok
20:09:02.0573 4604 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:09:02.0574 4604 GEARAspiWDM - ok
20:09:02.0679 4604 HdAudAddService (7be40bb4cd16d8760e18ea981ff452ec) C:\Windows\system32\drivers\CHDART.sys
20:09:02.0682 4604 HdAudAddService - ok
20:09:02.0905 4604 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:09:02.0932 4604 HDAudBus - ok
20:09:02.0992 4604 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:09:02.0993 4604 HidBth - ok
20:09:03.0019 4604 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:09:03.0020 4604 HidIr - ok
20:09:03.0066 4604 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:09:03.0067 4604 HidUsb - ok
20:09:03.0104 4604 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:09:03.0106 4604 HpCISSs - ok
20:09:03.0152 4604 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
20:09:03.0177 4604 HpqKbFiltr - ok
20:09:03.0239 4604 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
20:09:03.0240 4604 HpqRemHid - ok
20:09:03.0298 4604 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:09:03.0303 4604 HSFHWAZL - ok
20:09:03.0358 4604 HSF_DPV (1882827f41dee51c70e24c567c35bfb5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:09:03.0410 4604 HSF_DPV - ok
20:09:03.0492 4604 HSXHWAZL (a44ddf3ba83e4664bf4de9220097578c) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:09:03.0515 4604 HSXHWAZL - ok
20:09:03.0579 4604 HTCAND32 (c3b270b2cff40be343afe5052b3af559) C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:09:03.0585 4604 HTCAND32 - ok
20:09:03.0717 4604 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:09:03.0741 4604 HTTP - ok
20:09:03.0784 4604 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:09:03.0786 4604 i2omp - ok
20:09:03.0861 4604 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:09:03.0865 4604 i8042prt - ok
20:09:04.0213 4604 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:09:04.0238 4604 ialm - ok
20:09:04.0324 4604 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:09:04.0328 4604 iaStorV - ok
20:09:04.0362 4604 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:09:04.0364 4604 iirsp - ok
20:09:04.0426 4604 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
20:09:04.0427 4604 intelide - ok
20:09:04.0496 4604 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:09:04.0497 4604 intelppm - ok
20:09:04.0646 4604 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:09:04.0698 4604 IpFilterDriver - ok
20:09:04.0717 4604 IpInIp - ok
20:09:04.0753 4604 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:09:04.0769 4604 IPMIDRV - ok
20:09:04.0818 4604 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:09:04.0834 4604 IPNAT - ok
20:09:04.0888 4604 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:09:04.0889 4604 IRENUM - ok
20:09:05.0124 4604 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
20:09:05.0144 4604 isapnp - ok
20:09:05.0249 4604 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:09:05.0288 4604 iScsiPrt - ok
20:09:05.0323 4604 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:09:05.0325 4604 iteatapi - ok
20:09:05.0366 4604 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:09:05.0368 4604 iteraid - ok
20:09:05.0404 4604 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:09:05.0406 4604 kbdclass - ok
20:09:05.0444 4604 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:09:05.0455 4604 kbdhid - ok
20:09:05.0579 4604 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
20:09:05.0599 4604 KSecDD - ok
20:09:05.0722 4604 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:09:05.0725 4604 lltdio - ok
20:09:05.0762 4604 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:09:05.0767 4604 LSI_FC - ok
20:09:05.0797 4604 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:09:05.0799 4604 LSI_SAS - ok
20:09:05.0837 4604 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:09:05.0839 4604 LSI_SCSI - ok
20:09:05.0884 4604 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:09:05.0885 4604 luafv - ok
20:09:05.0938 4604 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
20:09:05.0939 4604 MBAMProtector - ok
20:09:05.0968 4604 MBAMSwissArmy - ok
20:09:06.0012 4604 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:09:06.0013 4604 mdmxsdk - ok
20:09:06.0071 4604 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:09:06.0072 4604 megasas - ok
20:09:06.0147 4604 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:09:06.0148 4604 Modem - ok
20:09:06.0207 4604 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:09:06.0210 4604 monitor - ok
20:09:06.0264 4604 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:09:06.0265 4604 mouclass - ok
20:09:06.0289 4604 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:09:06.0290 4604 mouhid - ok
20:09:06.0349 4604 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:09:06.0353 4604 MountMgr - ok
20:09:06.0470 4604 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:09:06.0482 4604 mpio - ok
20:09:06.0526 4604 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:09:06.0528 4604 mpsdrv - ok
20:09:06.0574 4604 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:09:06.0576 4604 Mraid35x - ok
20:09:06.0608 4604 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:09:06.0639 4604 MRxDAV - ok
20:09:06.0746 4604 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:09:06.0774 4604 mrxsmb - ok
20:09:06.0918 4604 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:09:06.0942 4604 mrxsmb10 - ok
20:09:06.0985 4604 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:09:06.0987 4604 mrxsmb20 - ok
20:09:07.0024 4604 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
20:09:07.0025 4604 msahci - ok
20:09:07.0063 4604 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:09:07.0087 4604 msdsm - ok
20:09:07.0197 4604 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:09:07.0224 4604 Msfs - ok
20:09:07.0283 4604 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:09:07.0309 4604 msisadrv - ok
20:09:07.0387 4604 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:09:07.0389 4604 MSKSSRV - ok
20:09:07.0560 4604 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:09:07.0563 4604 MSPCLOCK - ok
20:09:07.0807 4604 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:09:07.0808 4604 MSPQM - ok
20:09:08.0026 4604 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:09:08.0049 4604 MsRPC - ok
20:09:08.0100 4604 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:09:08.0125 4604 mssmbios - ok
20:09:08.0157 4604 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:09:08.0158 4604 MSTEE - ok
20:09:08.0245 4604 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:09:08.0268 4604 Mup - ok
20:09:08.0317 4604 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:09:08.0320 4604 NativeWifiP - ok
20:09:08.0550 4604 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:09:08.0569 4604 NDIS - ok
20:09:08.0622 4604 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:09:08.0624 4604 NdisTapi - ok
20:09:08.0754 4604 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:09:08.0755 4604 Ndisuio - ok
20:09:08.0787 4604 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:09:08.0806 4604 NdisWan - ok
20:09:08.0860 4604 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:09:08.0884 4604 NDProxy - ok
20:09:08.0935 4604 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:09:08.0962 4604 NetBIOS - ok
20:09:09.0071 4604 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:09:09.0096 4604 netbt - ok
20:09:09.0280 4604 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:09:09.0283 4604 nfrd960 - ok
20:09:09.0393 4604 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:09:09.0397 4604 Npfs - ok
20:09:09.0460 4604 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:09:09.0461 4604 nsiproxy - ok
20:09:09.0531 4604 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:09:09.0565 4604 Ntfs - ok
20:09:09.0596 4604 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:09:09.0597 4604 ntrigdigi - ok
20:09:09.0627 4604 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:09:09.0628 4604 Null - ok
20:09:10.0120 4604 NVENETFD (a1108084b0d2fc43dcc401735770e2a3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:09:10.0140 4604 NVENETFD - ok
20:09:11.0478 4604 nvlddmkm (b36c3b866b0d47e2e2856ec8fd746e39) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:09:11.0714 4604 nvlddmkm - ok
20:09:12.0245 4604 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:09:12.0248 4604 nvraid - ok
20:09:12.0293 4604 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
20:09:12.0295 4604 nvsmu - ok
20:09:12.0357 4604 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:09:12.0361 4604 nvstor - ok
20:09:12.0430 4604 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
20:09:12.0435 4604 nv_agp - ok
20:09:12.0452 4604 NwlnkFlt - ok
20:09:12.0477 4604 NwlnkFwd - ok
20:09:12.0538 4604 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:09:12.0540 4604 ohci1394 - ok
20:09:12.0591 4604 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:09:12.0593 4604 Parport - ok
20:09:12.0640 4604 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:09:12.0680 4604 partmgr - ok
20:09:12.0721 4604 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:09:12.0722 4604 Parvdm - ok
20:09:12.0763 4604 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:09:12.0766 4604 pci - ok
20:09:12.0789 4604 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:09:12.0790 4604 pciide - ok
20:09:12.0825 4604 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:09:12.0829 4604 pcmcia - ok
20:09:12.0895 4604 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:09:12.0935 4604 PEAUTH - ok
20:09:13.0045 4604 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:09:13.0048 4604 PptpMiniport - ok
20:09:13.0072 4604 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:09:13.0074 4604 Processor - ok
20:09:13.0166 4604 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:09:13.0169 4604 PSched - ok
20:09:13.0238 4604 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:09:13.0271 4604 ql2300 - ok
20:09:13.0299 4604 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:09:13.0301 4604 ql40xx - ok
20:09:13.0378 4604 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:09:13.0380 4604 QWAVEdrv - ok
20:09:13.0431 4604 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:09:13.0432 4604 RasAcd - ok
20:09:13.0474 4604 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:09:13.0477 4604 Rasl2tp - ok
20:09:13.0516 4604 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:09:13.0518 4604 RasPppoe - ok
20:09:13.0552 4604 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:09:13.0554 4604 RasSstp - ok
20:09:13.0591 4604 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:09:13.0596 4604 rdbss - ok
20:09:13.0623 4604 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:09:13.0625 4604 RDPCDD - ok
20:09:13.0708 4604 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
20:09:13.0713 4604 rdpdr - ok
20:09:13.0745 4604 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:09:13.0747 4604 RDPENCDD - ok
20:09:13.0789 4604 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
20:09:13.0793 4604 RDPWD - ok
20:09:13.0856 4604 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:09:13.0858 4604 rimmptsk - ok
20:09:13.0874 4604 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:09:13.0875 4604 rimsptsk - ok
20:09:13.0901 4604 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:09:13.0903 4604 rismxdp - ok
20:09:13.0944 4604 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:09:13.0946 4604 rspndr - ok
20:09:13.0989 4604 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:09:13.0991 4604 sbp2port - ok
20:09:14.0051 4604 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
20:09:14.0053 4604 sdbus - ok
20:09:14.0077 4604 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:09:14.0079 4604 secdrv - ok
20:09:14.0112 4604 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:09:14.0113 4604 Serenum - ok
20:09:14.0144 4604 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:09:14.0146 4604 Serial - ok
20:09:14.0177 4604 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:09:14.0178 4604 sermouse - ok
20:09:14.0226 4604 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
20:09:14.0227 4604 sffdisk - ok
20:09:14.0251 4604 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:09:14.0252 4604 sffp_mmc - ok
20:09:14.0274 4604 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:09:14.0275 4604 sffp_sd - ok
20:09:14.0295 4604 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:09:14.0296 4604 sfloppy - ok
20:09:14.0353 4604 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
20:09:14.0355 4604 sisagp - ok
20:09:14.0390 4604 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:09:14.0392 4604 SiSRaid2 - ok
20:09:14.0421 4604 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:09:14.0423 4604 SiSRaid4 - ok
20:09:14.0465 4604 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:09:14.0467 4604 Smb - ok
20:09:14.0523 4604 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:09:14.0525 4604 spldr - ok
20:09:14.0568 4604 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:09:14.0574 4604 srv - ok
20:09:14.0615 4604 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:09:14.0618 4604 srv2 - ok
20:09:14.0718 4604 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:09:14.0721 4604 srvnet - ok
20:09:14.0775 4604 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
20:09:14.0776 4604 StillCam - ok
20:09:14.0815 4604 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:09:14.0817 4604 swenum - ok
20:09:14.0870 4604 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:09:14.0871 4604 Symc8xx - ok
20:09:14.0907 4604 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:09:14.0908 4604 Sym_hi - ok
20:09:14.0936 4604 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:09:14.0938 4604 Sym_u3 - ok
20:09:14.0975 4604 SynTP (3d6316279c3540aa268bf025f4621ef3) C:\Windows\system32\DRIVERS\SynTP.sys
20:09:14.0979 4604 SynTP - ok
20:09:15.0065 4604 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
20:09:15.0096 4604 Tcpip - ok
20:09:15.0156 4604 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
20:09:15.0174 4604 Tcpip6 - ok
20:09:15.0219 4604 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
20:09:15.0221 4604 tcpipreg - ok
20:09:15.0253 4604 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:09:15.0255 4604 TDPIPE - ok
20:09:15.0282 4604 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:09:15.0284 4604 TDTCP - ok
20:09:15.0324 4604 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:09:15.0327 4604 tdx - ok
20:09:15.0376 4604 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:09:15.0378 4604 TermDD - ok
20:09:15.0440 4604 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:09:15.0442 4604 tssecsrv - ok
20:09:15.0480 4604 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:09:15.0482 4604 tunmp - ok
20:09:15.0512 4604 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:09:15.0513 4604 tunnel - ok
20:09:15.0542 4604 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:09:15.0544 4604 uagp35 - ok
20:09:15.0579 4604 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:09:15.0584 4604 udfs - ok
20:09:15.0632 4604 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
20:09:15.0636 4604 uliagpkx - ok
20:09:15.0726 4604 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:09:15.0730 4604 uliahci - ok
20:09:15.0749 4604 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:09:15.0751 4604 UlSata - ok
20:09:15.0780 4604 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:09:15.0782 4604 ulsata2 - ok
20:09:15.0817 4604 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:09:15.0819 4604 umbus - ok
20:09:15.0867 4604 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
20:09:15.0869 4604 USBAAPL - ok
20:09:15.0918 4604 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:09:15.0920 4604 usbccgp - ok
20:09:15.0940 4604 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:09:15.0942 4604 usbcir - ok
20:09:15.0968 4604 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:09:15.0970 4604 usbehci - ok
20:09:16.0012 4604 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:09:16.0016 4604 usbhub - ok
20:09:16.0046 4604 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
20:09:16.0048 4604 usbohci - ok
20:09:16.0087 4604 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:09:16.0088 4604 usbprint - ok
20:09:16.0129 4604 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:09:16.0131 4604 usbscan - ok
20:09:16.0164 4604 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:09:16.0166 4604 USBSTOR - ok
20:09:16.0197 4604 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:09:16.0198 4604 usbuhci - ok
20:09:16.0238 4604 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
20:09:16.0240 4604 usbvideo - ok
20:09:16.0293 4604 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:09:16.0294 4604 vga - ok
20:09:16.0327 4604 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:09:16.0329 4604 VgaSave - ok
20:09:16.0354 4604 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
20:09:16.0356 4604 viaagp - ok
20:09:16.0403 4604 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:09:16.0405 4604 ViaC7 - ok
20:09:16.0448 4604 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
20:09:16.0449 4604 viaide - ok
20:09:16.0498 4604 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:09:16.0500 4604 volmgr - ok
20:09:16.0545 4604 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:09:16.0551 4604 volmgrx - ok
20:09:16.0593 4604 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:09:16.0598 4604 volsnap - ok
20:09:16.0631 4604 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:09:16.0633 4604 vsmraid - ok
20:09:16.0721 4604 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:09:16.0722 4604 WacomPen - ok
20:09:16.0768 4604 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:09:16.0771 4604 Wanarp - ok
20:09:16.0787 4604 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:09:16.0789 4604 Wanarpv6 - ok
20:09:16.0819 4604 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:09:16.0821 4604 Wd - ok
20:09:16.0876 4604 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
20:09:16.0886 4604 Wdf01000 - ok
20:09:16.0960 4604 winachsf (e096ffb754f1e45ae1bddac1275ae2c5) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:09:16.0982 4604 winachsf - ok
20:09:17.0060 4604 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:09:17.0062 4604 WmiAcpi - ok
20:09:17.0132 4604 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:09:17.0134 4604 WpdUsb - ok
20:09:17.0203 4604 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:09:17.0204 4604 ws2ifsl - ok
20:09:17.0284 4604 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:09:17.0287 4604 WUDFRd - ok
20:09:17.0334 4604 XAudio (19e7c173b6242ad7521e537ae54768bf) C:\Windows\system32\DRIVERS\xaudio.sys
20:09:17.0335 4604 XAudio - ok
20:09:17.0413 4604 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
20:09:17.0443 4604 \Device\Harddisk0\DR0 - ok
20:09:17.0454 4604 Boot (0x1200) (b5bdcc4256508bbc7d778d1e6075a772) \Device\Harddisk0\DR0\Partition0
20:09:17.0456 4604 \Device\Harddisk0\DR0\Partition0 - ok
20:09:17.0461 4604 Boot (0x1200) (f0615bff7cac49df0506237f25a1473d) \Device\Harddisk0\DR0\Partition1
20:09:17.0462 4604 \Device\Harddisk0\DR0\Partition1 - ok
20:09:17.0475 4604 ============================================================
20:09:17.0475 4604 Scan finished
20:09:17.0475 4604 ============================================================
20:09:17.0507 2888 Detected object count: 0
20:09:17.0507 2888 Actual detected object count: 0

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 26th November 2011, 2:54 am


  • Please download Unhide by Grinler from [You must be registered and logged in to see this link.] and save it to your desktop.
  • Double click unhide.exe to run the tool.
  • It will take some time to go through all your files, so please be patient.
  • If this tool doesn´t fix the problem, please let me know.

**************************************************
Please try running SAS and DDS as outlined in my first post.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 4th December 2011, 5:18 am

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 10.0.0
Run by Rachel at 2:22:08 on 2011-11-26
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1982.679 [GMT -6:00]
.
AV: Charter Security Suite 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Charter Security Suite 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Charter Security Suite 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Charter Security Suite\Anti-Virus\fsgk32st.exe
C:\Program Files\Charter Security Suite\Common\FSMA32.EXE
C:\Program Files\Charter Security Suite\Anti-Virus\FSGK32.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Charter Security Suite\Common\FSHDLL32.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Charter Security Suite\Common\FSM32.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Charter Security Suite\ORSP Client\fsorsp.exe
C:\Program Files\Charter Security Suite\FWES\Program\fsdfwd.exe
C:\Program Files\Charter Security Suite\Anti-Virus\fssm32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\CrossriderWebApps\Crossrider.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Charter Security Suite\Anti-Virus\fsav32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: CrossRider: {a876e312-7d08-401a-b7a6-fafc5dc2f292} - c:\program files\crossriderwebapps\Crossrider.dll
BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files\charter security suite\nrs\iescript\baselitmus.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: {2E5E800E-6AC0-411E-940A-369530A35E43} - No File
TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files\charter security suite\nrs\iescript\baselitmus.dll
uRun: [HPAdvisor] "c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe" autoRun
uRun: [RunSpySweeperScheduleAtStartup] "c:\windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{3348476B-B873-4929-9F44-A36052790053}
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [CrossRiderPlugin] c:\program files\crossriderwebapps\Crossrider.exe
uRun: [Google Update] "c:\users\rachel\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [SynTPStart] "c:\program files\synaptics\syntp\SynTPStart.exe"
mRun: [hpWirelessAssistant] "c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe"
mRun: [WAWifiMessage] "c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe"
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [F-Secure Manager] "c:\program files\charter security suite\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files\charter security suite\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXE
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - c:\program files\yahoo!\messenger\YahooMessenger.exe
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: c:\program files\charter security suite\fsps\program\FSLSP.DLL
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [You must be registered and logged in to see this link.]
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{140BECD8-B12F-442D-9B97-68F1D42FBB5D} : DhcpNameServer = 172.31.255.1
TCP: Interfaces\{3566D203-DE05-40C7-BE4A-E9852CE0F8DA} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\rachel\appdata\roaming\mozilla\firefox\profiles\pdlym6su.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\users\rachel\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\rachel\appdata\local\yahoo!\browserplus\2.4.17\plugins\npybrowserplus_2.4.17.dll
FF - plugin: c:\users\rachel\appdata\roaming\facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\rachel\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\rachel\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\rachel\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2009-9-6 42672]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\charter security suite\hips\drivers\fshs.sys [2009-9-6 68064]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-9-6 36792]
R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-9-6 73160]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\charter security suite\anti-virus\minifilter\fsvista.sys [2009-9-6 12384]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\charter security suite\anti-virus\fsgk32st.exe [2009-9-6 215648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-12-22 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-25 366152]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\charter security suite\anti-virus\minifilter\fsgk.sys [2009-9-6 148632]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\charter security suite\orsp client\fsorsp.exe [2009-9-6 61088]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-3-4 22216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-12-12 24576]
S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2007-10-22 1245064]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-26 08:15:51 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{116e4072-0b42-414b-9cde-ad9a87bb9558}\offreg.dll
2011-11-26 03:24:19 -------- d-----w- c:\users\rachel\appdata\roaming\SUPERAntiSpyware.com
2011-11-26 03:23:24 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-26 03:23:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-11-25 13:19:14 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{116e4072-0b42-414b-9cde-ad9a87bb9558}\mpengine.dll
2011-11-10 01:27:16 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-11-10 01:27:12 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-10 01:27:09 707584 ----a-w- c:\program files\common files\system\wab32.dll
.
==================== Find3M ====================
.
2011-09-12 00:20:54 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-06 13:30:12 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-09-02 13:39:07 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2011-08-31 23:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 04:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 04:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 04:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll
.
============= FINISH: 2:26:17.05 ===============

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 4th December 2011, 5:22 am

I tried posting the SAS log, but keep getting the following error:
You haven't got the rights to access this page

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 4th December 2011, 6:34 pm

Download Security Check by screen317 from one of the following links and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
*****************************************************
Download ComboFix by sUBs from one of the below links. Be sure to save it to the Desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click [You must be registered and logged in to see this link.] to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix login your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 4th December 2011, 7:32 pm

Results of screen317's Security Check version 0.99.28
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java(TM) 7
Adobe Flash Player ( 10.3.183.7) Flash Player out of Date!
Adobe Reader X (10.1.1)
Mozilla Firefox (8.0.1)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Charter Security Suite Anti-Virus fsgk32st.exe
Charter Security Suite Anti-Virus FSGK32.EXE
Charter Security Suite Anti-Virus fssm32.exe
Charter Security Suite Anti-Virus fsav32.exe
``````````End of Log````````````

ComboFix 11-12-04.03 - Rachel 12/04/2011 13:01:56.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1982.1201 [GMT -6:00]
Running from: c:\users\Rachel\Desktop\ComboFix.exe
AV: Charter Security Suite 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Charter Security Suite 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Charter Security Suite 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-11-04 to 2011-12-04 )))))))))))))))))))))))))))))))
.
.
2011-12-04 19:19 . 2011-12-04 19:19 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-12-04 19:19 . 2011-12-04 19:19 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-12-04 19:19 . 2011-12-04 19:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-04 03:35 . 2011-12-04 03:35 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BB354575-DB6A-4F18-AD50-9EE945579EC6}\offreg.dll
2011-12-04 01:45 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BB354575-DB6A-4F18-AD50-9EE945579EC6}\mpengine.dll
2011-11-26 03:24 . 2011-11-26 03:24 -------- d-----w- c:\users\Rachel\AppData\Roaming\SUPERAntiSpyware.com
2011-11-26 03:23 . 2011-11-26 03:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-11-26 03:23 . 2011-11-26 03:23 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-10 01:27 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-11-10 01:27 . 2011-09-20 21:02 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-10 01:27 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-12 00:20 . 2010-09-04 16:52 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-11 01:41 . 2011-09-11 01:41 388096 ----a-r- c:\users\Rachel\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-09-06 13:30 . 2011-10-14 00:20 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-11-24 05:18 . 2011-08-26 03:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2007-10-01 1783136]
"RunSpySweeperScheduleAtStartup"="c:\windows\system32\msfeedssync.exe" [2008-01-19 12800]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CrossRiderPlugin"="c:\program files\CrossriderWebApps\Crossrider.exe" [2011-05-15 478720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]
"F-Secure Manager"="c:\program files\Charter Security Suite\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files\Charter Security Suite\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-06 1848648]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047200]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2011-01-08 585728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-13 421736]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-02-17 06:11 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 23:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-12-04 08:42 13556256 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-12-04 08:42 92704 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2008-12-04 08:42 711200 ----a-w- c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]
2007-09-04 21:54 554320 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-09-19 22:31 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-10-01 03:34 181544 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2007-08-17 07:13 218408 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-12-12 24576]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2011-08-19 42672]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Charter Security Suite\HIPS\drivers\fshs.sys [2009-08-05 68064]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2010-12-17 36792]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2010-12-17 73160]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\Charter Security Suite\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Charter Security Suite\Anti-Virus\minifilter\fsgk.sys [2011-09-08 148632]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\Charter Security Suite\ORSP Client\fsorsp.exe [2011-05-23 61088]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
getPlusHelper REG_MULTI_SZ getPlusHelper
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-04-13 20:08 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2277297283-2260119113-3656344358-1000Core.job
- c:\users\Rachel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-06 03:20]
.
2011-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2277297283-2260119113-3656344358-1000UA.job
- c:\users\Rachel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-06 03:20]
.
2011-11-26 c:\windows\Tasks\HPCeeScheduleForRachel.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-10-23 18:58]
.
2011-12-04 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\CHARTE~1\ANTI-V~1\fsav.exe [2009-09-06 15:56]
.
2011-05-15 c:\windows\Tasks\User_Feed_Synchronization-{3348476B-B873-4929-9F44-A36052790053}.job
- c:\windows\system32\msfeedssync.exe [2008-12-23 07:33]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\program files\Charter Security Suite\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\pdlym6su.default\
FF - user.js: yahoo.homepage.dontask - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-12-04 13:20
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(728)
c:\program files\charter security suite\hips\fshook32.dll
.
- - - - - - - > 'lsass.exe'(632)
c:\program files\charter security suite\hips\fshook32.dll
.
- - - - - - - > 'Explorer.exe'(4660)
c:\program files\charter security suite\hips\fshook32.dll
c:\program files\Charter Security Suite\Spam Control\fsscoepl.dll
c:\program files\Cyberlink\PowerDirector\PDM2Splter.ax
c:\program files\CyberLink\Power2Go\P2Gm2spliter.ax
c:\program files\CyberLink\Power2Go\P2Gm1spliter.ax
c:\program files\Cyberlink\PowerDirector\PDM1Splter.ax
c:\program files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcspmpeg.ax
c:\program files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcmpegin.dll
c:\program files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcdsmpeg.ax
c:\program files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcmpgdec.dll
c:\program files\HP\QuickPlay\Kernel\DMP\CLWMFDemux.ax
c:\program files\Common Files\muvee Technologies\MainConcept2\muveedsmpeg.ax
c:\program files\Common Files\muvee Technologies\MainConcept2\muveempgdec.dll
c:\program files\Common Files\muvee Technologies\MainConcept2\muveespmpeg.ax
c:\program files\Common Files\muvee Technologies\MainConcept2\muveempegin.dll
.
Completion time: 2011-12-04 13:26:17
ComboFix-quarantined-files.txt 2011-12-04 19:26
ComboFix2.txt 2011-12-04 02:21
ComboFix3.txt 2011-09-08 22:37
ComboFix4.txt 2011-09-08 21:42
.
Pre-Run: 150,871,474,176 bytes free
Post-Run: 150,959,783,936 bytes free
.
- - End Of File - - A5A32786E8EB680A91055A21059B9751

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 5th December 2011, 2:07 am

SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

[You must be registered and logged in to see this link.]

Unzip it into a folder on your desktop.

  • Double click Sysprot.exe to start the program.
  • Click on the Log tab.
  • In the Write to log box select the following items.

    • Process << Selected
    • Kernel Modules << Selected
    • SSDT << Selected
    • Kernel Hooks << Selected
    • IRP Hooks << NOT Selected
    • Ports << NOT Selected
    • Hidden Files << Selected

  • At the bottom of the page

    • Hidden Objects Only << Selected

  • Click on the Create Log button on the bottom right.
  • After a few seconds a new window should appear.
  • Select Scan Root Drive. Click on the Start button.
  • When it is complete a new window will appear to indicate that the scan is finished.
  • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 5th December 2011, 2:45 am

SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

No Hidden Processes found

******************************************************************************************
******************************************************************************************
No Hidden Kernel Modules found

******************************************************************************************
******************************************************************************************
No SSDT Hooks found

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
No hidden files/folders found

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 5th December 2011, 8:36 pm

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
[You must be registered and logged in to see this link.]
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 6th December 2011, 1:28 am

C:\Users\Rachel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TMW8CKCK\index[2].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Rachel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\1659a8c3-6d93d308 a variant of Java/TrojanDownloader.OpenStream.NBF trojan deleted - quarantined
C:\Users\Rachel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\58630b2b-572ceff0 Java/TrojanDownloader.OpenStream.NCM trojan cleaned by deleting - quarantined




rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 6th December 2011, 2:44 am

How's the computer working now? Any other issues?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 6th December 2011, 2:45 am

Seems to be working fine now. Anything else I need to do?
Thanks so much for all your help. Smile

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 7th December 2011, 12:22 am

Guess that was premature. After the last boot it's achingly slow and is locking up. Sad tearing

Had to log on my Netbook to get online and write this.

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 7th December 2011, 2:12 am

Guess that was premature. After the last boot it's achingly slow and is locking up
I suspect that you have problems with the harddrive. Did you defrag your disk? You can use the Windows Defragger or one of the below.

[You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.]- Two good disc defragmenters for you to choose from to help speed up your computer.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 9th December 2011, 2:39 am

I uninstalled a few things, deleted files, and then ran the defrag. It seems to have done the trick. Thanks again for your help. Smile

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 9th December 2011, 3:00 am

Great. Now we should do some cleanup.

To uninstall ComboFix


  • Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  • In the field, type in ComboFix /uninstall




(Note: Make sure there's a space between the word ComboFix and the forward-slash.)


  • Then, press Enter, or click OK.
  • This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.

**************************************************
Clean out your temporary internet files and temp files.

Download [You must be registered and logged in to see this link.] to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
*****************************************************
Go to [You must be registered and logged in to see this link.] and get all critical updates.

----------

I suggest using [You must be registered and logged in to see this link.]. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

[You must be registered and logged in to see this link.]- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* [You must be registered and logged in to see this link.] from Spyware and Malware
* If you don't know what ActiveX controls are, see [You must be registered and logged in to see this link.]

Protect yourself against spyware using the Immunize feature in [You must be registered and logged in to see this link.] Guide: [You must be registered and logged in to see this link.] to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. [You must be registered and logged in to see this link.]

Check out [You must be registered and logged in to see this link.] for tips and free tools to help keep you safe in the future.

Also see [You must be registered and logged in to see this link.] for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by rachel_wi on 9th December 2011, 3:27 am

Thanks again! Smile

rachel_wi
Intermediate
Intermediate

Posts Posts : 53
Joined Joined : 2010-01-26
Gender Gender : Female
OS OS : Windows XP, Windows Vista
Points Points : 25764
# Likes # Likes : 0

View user profile

Back to top Go down

Re: "System fix" claiming hard drive and RAM issues... (additional error info)

Post by Superdave on 9th December 2011, 6:08 pm

[You must be registered and logged in to see this link.] wrote:Thanks again! Smile
You're welcome. Happy Holidays

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83191
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum