MySickComputer
-
Posts
25 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by MySickComputer
-
-
@MySickComputer
Please see the post here for help with this if needed.
If you're still up and running then do not reboot. From the quarantine tab select the Restore All button. Some of the files may not be able to be restored depending on the OS and other issues.
Otherwise please follow the directions from this post or let us know what additional issues you're having trying to follow those directions.
http://forums.malwar...howtopic=125136
Thanks again
I did "Restore All" in regular mode but none of them were restored. I have done both of the fixes in that post. Running XP and have rebooted numerous times with no hiccups, just can't figure out this 921 files quarantined issue. I have not enabled MB protection. MB version says "Build Date 4/4/2013 11:50 am"
-
You can also uncheck the automatic quarantine. Then it would alert you and ask you what you want to do. I would open the program and check the Quarantine tab again and make sure no files are left if there are then try again to restore those.
Then start running and testing other programs you have and make sure they seem to run okay as well.
I have 921 files in Quarintine, mostly system32 dlls.
Is there anything MB can do to help know what is what?
-
Do I need to restore all quarantined files or just some of them?
-
Please try the following if you can get the file downloaded to your affected PC:
Use the Malwarebytes Anti-Malware False Positive Fix Tool:
- Make certain you are logged in as an administrator
- Download the Malwarebytes Anti-Malware FP Fix Tool from here and save it to a convenient location such as your desktop
- Extract all of the files to a folder and run RunThis.bat NOTE: Windows Vista, Windows 7 and Windows 8 users must right-click on the file and choose Run as Administrator and click Yes or Continue to any User Account Control prompts
- Restart your system and verify that it is now working properly
If you continue to have trouble, please contact Support directly via this link and they will assist you further.
Thanks
Well it finished running after about 35 minutes and on the reboot everything is pretty much back to normal. Windows defender claimed it had 3 new dll Trojans which I quarantined. MB is back but not enabled. Is it safe to enable it now?
- Make certain you are logged in as an administrator
-
I have Anti-Malware FP Fix Tool running right now, it has been going for about 5 minutes. How long should it take before it finishes?
-
btw, I have XP and have restarted a multitude of times.I got into safe mode, and ran the dffsetup-mss32 but keep having the MSVBVM60.DLL error again when attempting to finish. Also having other dll errors pop up when trying to open hijackthis and firefox. System Restore is inoperable too.
-
Thank you, I will give this a try.
-
I think I've got a pretty bad zero access root kit or something like http://forums.malwarebytes.org/index.php?showtopic=20639
Turned on PC today and add the the MB alerts going crazy.... long story short I have just recently been able to gain access to the web again using dial-a-fix and others which has probably hosed my PC for good. I cannot access firefox browser or system restore. Please help or at least confirm I need to wipe the hard drive.
-
all seems to be going well Kenny94, really appreciate all the help.
have one other question.
do you recommend any particular external hard drive backup system?
i see a bunch of "Clickfree" brands on ebay.
i would like to purchase one but have no clue which ones are the best.
definitely want one that will do its job if i ever have to flattened (format) my hard drive.
-
Some of my friends use windizupdate and/or addon/windowsupdate add on:
https://addons.mozilla.org/en-us/firefox/addon/go-to-windizupdate/#reviews
https://addons.mozilla.org/en-us/firefox/addon/windowsupdate/
I don't use firefox. I mainly use Google Chrome. So I never tried these add ons...
i tried windowsupdate.
-
I would change any financial site passwords. To be on the safe side. ATF cleaner and CCleaner are similar.
As for Combofix. Please do the below:
To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:
- Save it to your Desktop.
- Double click OTC.exe.
- Click the CleanUp! button.
- If you are prompted to Reboot during the cleanup, select Yes.
- The tool will delete itself once it finishes.
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
Okay Kenny94, everything is looking good here i think... ran the OTC.exe and that seems to have removed combofix successfully.
I went ahead and placed most of the other logs/tools in their own folder for reference sake.
Been using several of your suggested tools and have a few questions:
Is Defraggler (i've used it for years) an adequate defrag or are the 2 you mentioned better?
The secunia scan found about 8 things needing updates, the most striking was IE 8 with about 100 hyperlinks... i rarely use IE so is this of any concern?
windowsupdate.com looks like it only works with IE, is there a way to get ms update status in firefox?
- Save it to your Desktop.
-
You might want to use ATF for firefox:
Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browser
- Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser
- Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
By the way, You might want to remove the Registry cleaners you have installed... They are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.
For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.
Further reading: XP Fixes Myth #1: Registry Cleaners
http://miekiemoes.blogspot.com/2008/02/registry-cleaners-and-system-tweaking_13.html
ran ATF, looks like it does about the same thing as CCleaner yes?
i run CCleaner at least once a week.
good to know about registry cleaners...
just ran the uninstall combofix (looked very similar to the install process) and have attached the log.
i'm going to install the NoScript and WOT (Web Of Trust) since firefox is and has been my default brower for over 5 years.
assuming everything here is done/fixed i just have one more question: how likely is identity / banking info theft from this severe intrusion by TDL3 ?
-
As for Firefox. What happens when you open it?
well, i just tried opening it again and now it appears to be working perfectly.
-
good to hear java is okay.
pc was doing pretty well up until i noticed a double instance of "dllhost.exe" in task manager last night.
i tried deleting it several different ways but it always came back.
i ran a full scan using avira (attached).
logged on this morning and have not seen the dllhost.exe in task manager but firefox browser is not opening correctly (i'm using chrome right now).
when firefox finally opens (after a few minutes) i get about 15 "plugin-container.exe" and 4 "ArcoRd32.exe" in task mgr
any ideas?
-
"Instead of attaching, please copy/past both logs into your Thread"
DDS (Ver_11-03-05.01) - NTFSx86
Run by Paul Russell at 21:10:31.56 on Sat 05/14/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_25
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.233 [GMT -7:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: McAfee Personal Firewall Plus *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Paul Russell\Desktop\dds.scr
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
.
============== Pseudo HJT Report ===============
.
mSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
uRun: [TOSCDSPD] "c:\program files\toshiba\toscdspd\toscdspd.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Tvs] "c:\program files\toshiba\tvs\TvsTray.exe"
mRun: [TPSMain] TPSMain.exe
mRun: [THotkey] "c:\program files\toshiba\toshiba applet\thotkey.exe"
mRun: [synTPLpr] "c:\program files\synaptics\syntp\SynTPLpr.exe"
mRun: [synTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
mRun: [smoothView] "c:\program files\toshiba\toshiba zooming utility\SmoothView.exe"
mRun: [Notebook Maximizer] c:\program files\notebook maximizer\maximizer_startup.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [TFncKy] TFncKy.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [CFSServ.exe] CFSServ.exe -NoClient
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
Trusted Zone: microsoft.com\www.update
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\paulru~1\applic~1\mozilla\firefox\profiles\taikida1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npRACtrl.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\opera\program\plugins\nppdf32.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows media player\npatgpc.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: yahoo.homepage.dontask - true
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-5-14 11608]
R1 MPFIREWL;MPFIREWL;c:\windows\system32\drivers\MpFirewall.sys [2006-1-4 80640]
R1 SuperMounter;SuperMounter;c:\windows\system32\drivers\supermounter.sys [2009-3-14 11264]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-5-14 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-5-14 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-5-14 61960]
R2 litsgt;litsgt;c:\windows\system32\drivers\litsgt.sys [2006-1-11 137344]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-3-31 363344]
R2 tansgt;tansgt;c:\windows\system32\drivers\tansgt.sys [2006-1-11 12032]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-3-31 20952]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-1 135664]
S3 DCamUSBVeo532;Veo Web Camera;c:\windows\system32\drivers\ubVeo532.sys [2006-1-25 95232]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-1 135664]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2005-7-28 14336]
S4 McDetect.exe;McAfee WSC Integration;c:\program files\mcafee.com\agent\Mcdetect.exe [2006-1-5 126976]
S4 McTskshd.exe;McAfee Task Scheduler;c:\progra~1\mcafee.com\agent\mctskshd.exe [2006-1-5 122368]
S4 mcupdmgr.exe;McAfee SecurityCenter Update Manager;c:\progra~1\mcafee.com\agent\mcupdmgr.exe [2005-7-28 245760]
.
=============== Created Last 30 ================
.
2011-05-15 02:41:20 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-15 02:04:58 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-05-15 02:04:57 -------- d-----w- c:\program files\Avira
2011-05-15 02:04:57 -------- d-----w- c:\docume~1\alluse~1\applic~1\Avira
2011-05-15 00:38:13 -------- d-sha-r- C:\cmdcons
2011-05-15 00:31:05 -------- d-----w- c:\windows\system32\CatRoot2
2011-05-15 00:24:31 -------- d--h--w- c:\program files\WindowsUpdate
2011-05-14 22:29:47 98816 ----a-w- c:\windows\sed.exe
2011-05-14 22:29:47 89088 ----a-w- c:\windows\MBR.exe
2011-05-14 22:29:47 256512 ----a-w- c:\windows\PEV.exe
2011-05-14 22:29:47 161792 ----a-w- c:\windows\SWREG.exe
2011-05-14 18:02:18 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BIT4.tmp
2011-05-14 18:02:16 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BIT3.tmp
2011-05-13 16:54:40 7071056 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\{cbbd5efe-e8d6-47af-b163-26e699dc2cbb}\mpengine.dll
2011-05-13 16:52:57 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-05-13 16:52:57 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-13 05:25:08 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BITA.tmp
2011-05-13 05:25:08 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BIT7.tmp
2011-05-13 04:30:52 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BIT9.tmp
2011-05-13 04:30:51 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BIT8.tmp
2011-05-13 04:23:57 0 ----a-w- c:\windows\Xvitalegetek.bin
2011-05-10 22:24:02 -------- d-----w- c:\windows\system32\NtmsData
2011-05-08 17:18:44 -------- d-----w- c:\windows\ie8updates
2011-05-08 17:10:32 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-05-08 17:10:32 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-05-08 17:10:31 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-05-08 17:10:31 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-05-08 17:10:27 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-05-08 17:10:25 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-05-08 17:09:58 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-05-06 03:30:04 -------- d-----w- c:\program files\ATF
2011-05-04 03:56:18 -------- d-sh--w- c:\documents and settings\paul russell\PrivacIE
2011-05-04 03:53:58 -------- d-sh--w- c:\documents and settings\paul russell\IETldCache
2011-05-04 03:51:09 -------- d--h--w- c:\windows\msdownld.tmp
2011-05-04 03:49:10 -------- dc-h--w- c:\windows\ie8
2011-05-01 06:34:08 388096 ----a-r- c:\docume~1\paulru~1\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-04-26 01:02:36 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-04-26 01:02:36 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-04-26 01:02:35 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-04-26 01:02:35 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-04-26 01:02:35 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-04-26 01:02:34 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-04-26 01:02:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-04-26 01:02:33 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
.
==================== Find3M ====================
.
2011-05-15 02:41:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-16 20:28:20 16704 ----a-w- c:\windows\system32\roboot.exe
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 21:12:10.31 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/4/2006 5:30:28 PM
System Uptime: 5/14/2011 7:35:40 PM (2 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel® Pentium® M processor 2.00GHz | mFCPGA | 1994/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 93 GiB total, 59.813 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\785027D180DA0
Manufacturer: Microsoft
Name: 1394 Net Adapter #2
PNP Device ID: V1394\NIC1394\785027D180DA0
Service: NIC1394
.
==== System Restore Points ===================
.
RP1584: 2/14/2011 6:25:26 PM - System Checkpoint
RP1585: 2/15/2011 5:19:23 PM - Software Distribution Service 3.0
RP1586: 2/16/2011 7:28:21 PM - System Checkpoint
RP1587: 2/17/2011 7:53:05 PM - System Checkpoint
RP1588: 2/18/2011 4:29:12 PM - Software Distribution Service 3.0
RP1589: 2/19/2011 5:19:33 PM - System Checkpoint
RP1590: 2/20/2011 7:42:00 PM - System Checkpoint
RP1591: 2/22/2011 1:51:48 PM - Software Distribution Service 3.0
RP1592: 2/23/2011 4:04:18 PM - System Checkpoint
RP1593: 2/23/2011 6:43:05 PM - Software Distribution Service 3.0
RP1594: 2/24/2011 7:22:40 PM - System Checkpoint
RP1595: 2/25/2011 3:05:50 PM - Software Distribution Service 3.0
RP1596: 2/26/2011 3:36:38 PM - System Checkpoint
RP1597: 2/27/2011 4:59:34 PM - System Checkpoint
RP1598: 2/28/2011 5:53:19 PM - System Checkpoint
RP1599: 3/1/2011 5:22:51 PM - Software Distribution Service 3.0
RP1600: 3/2/2011 5:45:28 PM - System Checkpoint
RP1601: 3/3/2011 6:02:47 PM - System Checkpoint
RP1602: 3/4/2011 9:50:32 AM - Software Distribution Service 3.0
RP1603: 3/5/2011 10:46:15 AM - System Checkpoint
RP1604: 3/6/2011 12:26:00 PM - System Checkpoint
RP1605: 3/7/2011 4:10:50 PM - System Checkpoint
RP1606: 3/7/2011 8:55:09 PM - Unsigned driver install
RP1607: 3/8/2011 4:58:20 PM - Software Distribution Service 3.0
RP1608: 3/8/2011 5:01:27 PM - Software Distribution Service 3.0
RP1609: 3/9/2011 6:59:07 PM - System Checkpoint
RP1610: 3/10/2011 4:52:49 PM - Software Distribution Service 3.0
RP1611: 3/11/2011 4:22:56 PM - Software Distribution Service 3.0
RP1612: 3/12/2011 4:33:15 PM - System Checkpoint
RP1613: 3/13/2011 6:09:13 PM - System Checkpoint
RP1614: 3/14/2011 6:28:05 PM - System Checkpoint
RP1615: 3/15/2011 5:59:56 PM - Software Distribution Service 3.0
RP1616: 3/16/2011 8:13:28 PM - System Checkpoint
RP1617: 3/18/2011 12:28:13 PM - Software Distribution Service 3.0
RP1618: 3/19/2011 3:50:40 PM - System Checkpoint
RP1619: 3/19/2011 7:02:04 PM - Installed Adobe Reader X (10.0.1).
RP1620: 3/21/2011 7:04:46 AM - System Checkpoint
RP1621: 3/22/2011 4:33:24 PM - Software Distribution Service 3.0
RP1622: 3/23/2011 3:13:51 PM - Software Distribution Service 3.0
RP1623: 3/24/2011 4:04:32 PM - System Checkpoint
RP1624: 3/25/2011 10:22:06 AM - Software Distribution Service 3.0
RP1625: 3/26/2011 9:43:11 PM - System Checkpoint
RP1626: 3/28/2011 4:56:02 PM - System Checkpoint
RP1627: 3/29/2011 5:17:44 PM - Software Distribution Service 3.0
RP1628: 3/30/2011 5:43:25 PM - System Checkpoint
RP1629: 4/1/2011 4:16:57 PM - Software Distribution Service 3.0
RP1630: 4/2/2011 10:20:18 PM - System Checkpoint
RP1631: 4/4/2011 5:07:05 PM - System Checkpoint
RP1632: 4/5/2011 6:38:37 PM - Software Distribution Service 3.0
RP1633: 4/7/2011 4:28:52 PM - System Checkpoint
RP1634: 4/8/2011 5:42:55 PM - Software Distribution Service 3.0
RP1635: 4/9/2011 9:10:28 PM - System Checkpoint
RP1636: 4/10/2011 9:48:38 PM - System Checkpoint
RP1637: 4/12/2011 4:45:19 PM - System Checkpoint
RP1638: 4/12/2011 9:01:43 PM - Software Distribution Service 3.0
RP1639: 4/12/2011 9:42:44 PM - Software Distribution Service 3.0
RP1640: 4/14/2011 4:19:24 PM - System Checkpoint
RP1641: 4/14/2011 10:21:27 PM - Software Distribution Service 3.0
RP1642: 4/15/2011 8:56:02 PM - Software Distribution Service 3.0
RP1643: 4/16/2011 7:54:04 PM - Software Distribution Service 3.0
RP1644: 4/17/2011 8:39:49 PM - System Checkpoint
RP1645: 4/19/2011 10:21:03 AM - Software Distribution Service 3.0
RP1646: 4/20/2011 7:59:58 PM - System Checkpoint
RP1647: 4/21/2011 8:46:35 PM - System Checkpoint
RP1648: 4/22/2011 10:48:45 AM - Software Distribution Service 3.0
RP1649: 4/23/2011 12:32:49 PM - System Checkpoint
RP1650: 4/24/2011 12:58:14 PM - System Checkpoint
RP1651: 4/25/2011 2:58:31 PM - System Checkpoint
RP1652: 4/26/2011 6:00:06 PM - System Checkpoint
RP1653: 4/27/2011 6:15:58 PM - Software Distribution Service 3.0
RP1654: 4/27/2011 6:17:44 PM - Software Distribution Service 3.0
RP1655: 4/29/2011 9:01:04 AM - System Checkpoint
RP1656: 4/29/2011 11:18:16 AM - Software Distribution Service 3.0
RP1657: 4/30/2011 2:19:54 PM - System Checkpoint
RP1658: 5/1/2011 7:18:15 PM - System Checkpoint
RP1659: 5/3/2011 6:00:44 PM - System Checkpoint
RP1660: 5/3/2011 8:50:23 PM - Installed Windows Internet Explorer 8.
RP1661: 5/4/2011 8:53:29 PM - System Checkpoint
RP1662: 5/5/2011 8:59:42 PM - System Checkpoint
RP1663: 5/7/2011 6:39:49 AM - System Checkpoint
RP1664: 5/8/2011 9:17:04 AM - Removed KML Editor
RP1665: 5/8/2011 9:18:26 AM - Removed Imgur Uploader
RP1666: 5/8/2011 9:28:35 AM - Installed Microsoft Fix it 50267
RP1667: 5/8/2011 10:09:48 AM - Software Distribution Service 3.0
RP1668: 5/8/2011 10:16:55 AM - Software Distribution Service 3.0
RP1669: 5/9/2011 5:05:37 PM - System Checkpoint
RP1670: 5/10/2011 11:18:13 AM - Software Distribution Service 3.0
RP1671: 5/11/2011 2:45:17 PM - Avg8 Update
RP1672: 5/11/2011 2:50:16 PM - Software Distribution Service 3.0
RP1673: 5/13/2011 9:51:18 AM - Restore Operation
RP1674: 5/14/2011 11:30:08 AM - System Checkpoint
RP1675: 5/14/2011 11:57:07 AM - Removed AVG Free 8.5
RP1676: 5/14/2011 12:02:15 PM - Removed AVG Free 8.5
RP1677: 5/14/2011 12:04:47 PM - Removed AVG Free 8.5
RP1678: 5/14/2011 12:14:35 PM - Removed AVG Free 8.5
RP1679: 5/14/2011 12:16:13 PM - Removed AVG Free 8.5
RP1680: 5/14/2011 7:04:57 PM - Avira AntiVir Personal - 5/14/2011 19:04
RP1681: 5/14/2011 7:29:02 PM - Removed J2SE Runtime Environment 5.0 Update 2
RP1682: 5/14/2011 7:32:58 PM - Removed Java 6 Update 20
RP1683: 5/14/2011 7:40:41 PM - Installed Java 6 Update 25
RP1684: 5/14/2011 7:41:58 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Acrobat 5.0
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Advanced SystemCare 3
AirSnare
America Online (Choose which version to remove)
Apple Application Support
Apple Software Update
ArcExplorer Java Edition
AT&T Connection Services Manager
Avira AntiVir Personal - Free Antivirus
AVS Audio Editor version 4.2
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.3
Bluetooth Stack for Windows by Toshiba
CAD2Shape 4.0
Camera Window
Canon Camera Window for ZoomBrowser EX
Canon PhotoRecord
Canon Utilities Easy-PhotoPrint
Canon Utilities PhotoStitch 3.1
Canon Utilities ZoomBrowser EX
CCleaner
CD/DVD Drive Acoustic Silencer
Defraggler
DVD-RAM Driver
dwgConvert 4.0
Easy-WebPrint
EasyCleaner
ESET Online Scanner v3
Ethereal 0.99.0
Eusing Free Registry Cleaner
filehippo.com Update Checker
Free PS Convert driver 8.15
Google Chrome
Google Earth
Google Update Helper
Grand Theft Auto Vice City
GTA San Andreas
HiJackThis
HijackThis 1.99.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless Software
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
IrfanView (remove only)
Java Auto Updater
Java 6 Update 25
Leisure Suit Larry - Magna Cum Laude
Logitech Desktop Messenger
Logitech SetPoint
Malwarebytes' Anti-Malware
Mapping Your Travels and Relocation
MapWindow GIS
McAfee Personal Firewall Plus
McAfee SecurityCenter
mCore
mDrWiFi
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Office OneNote 2003
Microsoft Office Standard Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
Microsoft Works
mIWA
mIWCA
mLogView
mMHouse
Mozilla Firefox (3.6.3)
mPfMgr
mPfWiz
mProSafe
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
mWlsSafe
mXML
MyConnect Special Offer
mZConfig
Notebook Maximizer
NSIS KSDownloader
OCAD 10 Viewer Viewer
Opera 9.51
PhotoStitch
Pure Networks Port Magic
Python 2.1
Python 2.1 combined Win32 extensions
Quantum GIS Copiapo 1.6.0
Quicken 2005
QuickTime
SD Secure Module
Security Task Manager 1.7d
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2482017)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2497640)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SMSC IrCC V5.1.3600.5 SP2
Sonic DLA
Sonic RecordNow!
Sony Picture Utility
Sony USB Driver
SoundMAX
Super Utilities Pro 9.41
Synaptics Pointing Device Driver
System Requirements Lab
Texas Instruments PCIxx21/x515 drivers.
TextPad 5
Tiles2kml Pro
TIxx21/x515
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
Toshiba Q4 Retail Demo ScreenSaver
Toshiba Registration
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
Toshiba Tbiosdrv Driver
TOSHIBA TouchPad ON/Off Utility
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Touch and Launch
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Veo Connect
Veo Digital Studio
Viewpoint Media Player
WebFldrs XP
Windows Defender
Windows Defender Signatures
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows XP Service Pack 3
WinRAR archiver
Wisdom-soft Set up ASR 3.1 Free
World Health Chart 2001, Public Beta 0.1
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
5/8/2011 9:18:38 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
5/8/2011 8:59:59 AM, error: Schedule [7901] - The At34.job command failed to start due to the following error: %%2147942402
5/8/2011 8:59:59 AM, error: Schedule [7901] - The At10.job command failed to start due to the following error: %%2147942402
5/8/2011 3:00:00 AM, error: Schedule [7901] - The At4.job command failed to start due to the following error: %%2147942402
5/8/2011 3:00:00 AM, error: Schedule [7901] - The At28.job command failed to start due to the following error: %%2147942402
5/8/2011 2:00:00 AM, error: Schedule [7901] - The At3.job command failed to start due to the following error: %%2147942402
5/8/2011 2:00:00 AM, error: Schedule [7901] - The At27.job command failed to start due to the following error: %%2147942402
5/8/2011 12:58:59 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942402
5/8/2011 12:18:00 AM, error: Schedule [7901] - The At25.job command failed to start due to the following error: %%2147942402
5/8/2011 11:00:00 PM, error: Schedule [7901] - The At48.job command failed to start due to the following error: %%2147942402
5/8/2011 11:00:00 PM, error: Schedule [7901] - The At24.job command failed to start due to the following error: %%2147942402
5/8/2011 10:00:00 PM, error: Schedule [7901] - The At47.job command failed to start due to the following error: %%2147942402
5/8/2011 10:00:00 PM, error: Schedule [7901] - The At23.job command failed to start due to the following error: %%2147942402
5/8/2011 1:45:01 AM, error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
5/8/2011 1:34:57 AM, error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
5/8/2011 1:00:00 AM, error: Schedule [7901] - The At26.job command failed to start due to the following error: %%2147942402
5/8/2011 1:00:00 AM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942402
5/7/2011 8:00:00 AM, error: Schedule [7901] - The At9.job command failed to start due to the following error: %%2147942402
5/7/2011 8:00:00 AM, error: Schedule [7901] - The At33.job command failed to start due to the following error: %%2147942402
5/7/2011 7:00:00 AM, error: Schedule [7901] - The At8.job command failed to start due to the following error: %%2147942402
5/7/2011 7:00:00 AM, error: Schedule [7901] - The At32.job command failed to start due to the following error: %%2147942402
5/14/2011 5:43:32 PM, error: PlugPlayManager [11] - The device Root\LEGACY_BFASTFAO\0000 disappeared from the system without first being prepared for removal.
5/14/2011 5:39:21 PM, error: Service Control Manager [7034] - The TOSHIBA Application Service service terminated unexpectedly. It has done this 1 time(s).
5/14/2011 5:39:21 PM, error: Service Control Manager [7034] - The Spectrum24 Event Monitor service terminated unexpectedly. It has done this 1 time(s).
5/14/2011 5:39:21 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s).
5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The SoundMAX Agent Service service terminated unexpectedly. It has done this 1 time(s).
5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s).
5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The EvtEng service terminated unexpectedly. It has done this 1 time(s).
5/14/2011 3:37:09 PM, error: PlugPlayManager [11] - The device Root\LEGACY_NPF\0000 disappeared from the system without first being prepared for removal.
5/14/2011 3:37:09 PM, error: PlugPlayManager [11] - The device Root\LEGACY_AFPANSI\0000 disappeared from the system without first being prepared for removal.
5/14/2011 3:23:30 PM, error: Service Control Manager [7034] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 2 time(s).
5/14/2011 3:23:30 PM, error: Service Control Manager [7031] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
5/13/2011 9:54:40 AM, error: WinDefend [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.103.1139.0 Loading engine version: 1.1.6802.0
5/13/2011 7:30:01 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86 AvgMfx86 Fips intelppm SuperMounter Tosrfcom
5/12/2011 9:59:56 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
5/12/2011 9:43:50 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/12/2011 10:24:59 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
5/12/2011 10:24:46 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde KR10N
5/11/2011 9:00:00 PM, error: Schedule [7901] - The At46.job command failed to start due to the following error: %%2147942402
5/11/2011 9:00:00 PM, error: Schedule [7901] - The At22.job command failed to start due to the following error: %%2147942402
5/11/2011 8:00:00 PM, error: Schedule [7901] - The At45.job command failed to start due to the following error: %%2147942402
5/11/2011 8:00:00 PM, error: Schedule [7901] - The At21.job command failed to start due to the following error: %%2147942402
5/11/2011 7:00:00 PM, error: Schedule [7901] - The At44.job command failed to start due to the following error: %%2147942402
5/11/2011 7:00:00 PM, error: Schedule [7901] - The At20.job command failed to start due to the following error: %%2147942402
5/11/2011 6:00:00 PM, error: Schedule [7901] - The At43.job command failed to start due to the following error: %%2147942402
5/11/2011 6:00:00 PM, error: Schedule [7901] - The At19.job command failed to start due to the following error: %%2147942402
5/11/2011 5:00:00 PM, error: Schedule [7901] - The At42.job command failed to start due to the following error: %%2147942402
5/11/2011 5:00:00 PM, error: Schedule [7901] - The At18.job command failed to start due to the following error: %%2147942402
5/11/2011 4:00:00 PM, error: Schedule [7901] - The At41.job command failed to start due to the following error: %%2147942402
5/11/2011 4:00:00 PM, error: Schedule [7901] - The At17.job command failed to start due to the following error: %%2147942402
5/11/2011 3:00:00 PM, error: Schedule [7901] - The At40.job command failed to start due to the following error: %%2147942402
5/11/2011 3:00:00 PM, error: Schedule [7901] - The At16.job command failed to start due to the following error: %%2147942402
5/10/2011 2:00:00 PM, error: Schedule [7901] - The At39.job command failed to start due to the following error: %%2147942402
5/10/2011 2:00:00 PM, error: Schedule [7901] - The At15.job command failed to start due to the following error: %%2147942402
5/10/2011 12:00:00 PM, error: Schedule [7901] - The At37.job command failed to start due to the following error: %%2147942402
5/10/2011 12:00:00 PM, error: Schedule [7901] - The At13.job command failed to start due to the following error: %%2147942402
5/10/2011 11:00:00 AM, error: Schedule [7901] - The At36.job command failed to start due to the following error: %%2147942402
5/10/2011 11:00:00 AM, error: Schedule [7901] - The At12.job command failed to start due to the following error: %%2147942402
5/10/2011 10:00:00 AM, error: Schedule [7901] - The At35.job command failed to start due to the following error: %%2147942402
5/10/2011 10:00:00 AM, error: Schedule [7901] - The At11.job command failed to start due to the following error: %%2147942402
5/10/2011 1:00:00 PM, error: Schedule [7901] - The At38.job command failed to start due to the following error: %%2147942402
5/10/2011 1:00:00 PM, error: Schedule [7901] - The At14.job command failed to start due to the following error: %%2147942402
.
==== End Of File ===========================
-
hey Kenny94, got the Java update done but it didn't match your "Java Version: 1.6.0_25" designation.
Please see attached screen shot of java update.
There was an ms update prompt i went ahead and installed after installing the latest java, also attached a screen shot of that somewhat suspicious looking process... idk, maybe i'm just paranoid.
-
OOPS! might help if i read everything in your posts
"Click on the link to download Windows Offline Installation and save the file to your desktop"
let me proceed here and try it again.
-
yes, AVG has never been very impressive, i download Avira and attached the scan results.
Question on the Java updates, please see attached screenshot of all the download options, which one am i supposed to download?
Thanks for bearing with my ignorance on this and other things btw.
-
combofix log 051411 ii log is attached for review.
-
Download AppRemover and run it.
Click Next >>
Ensure "Remove Security Application" is collected and click Next >>
AppRemover will scan all the security applications on your PC
Select Any AVG entries from the applications offered and click Next >> twice.
Follow any further on-screen instructions. If asked to reboot,please do so.
Note: Please do not browse the internet or open any email attachments until your Anti-Virus is re-installed
AppRemover worked.
combofix log is attached.
i was disconnected from internet while running it, prompted me to connect to download the ms recovery thing but didn't grab it after i was connected.
Should i run it again with the internet connected?
-
Hi
Okay, we still have some work to do.
- Download ComboFix from below:
Combofix download
* IMPORTANT !!! Place combofix.exe on your Desktop - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
You can get help on disabling your protection programs here - Double click on combofix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware.
With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement.
ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says:
The Recovery Console was successfully installed.
Click on Yes, to continue scanning for malware. - Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
- When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
--------------------------------------------------------------------------------------------- - Ensure your AntiVirus and AntiSpyware applications are re-enabled.
---------------------------------------------------------------------------------------------
unable to run ComboFix due to AVG not being properly disabled... i followed the instructions given in that bleepingcomputer link, and then followed the combofix prompt to uninstall AVG which gave errors when attempted, please see attached screen shot
- Download ComboFix from below:
-
Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.
Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.
Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.
---------------------------------------------------------------------------------------------
Re-Run aswMBR
Click Scan
On completion of the scan
Click the Fix for TDL4
Save the log as before and post in your next reply
aswMBR 051411 ii log is attached.
when i hit FIX it got locked up at "verifying disinfection" and required shut down by killing the power supply.
started back up just fine, ran aswMBR.exe again, hit scan, saved log.
-
Hi MySickComputer and Welcome to Malwarebytes!
Please download aswMBR from here
- Save aswMBR.exe to your Desktop
- Double click aswMBR.exe to run it
- Click the Scan button to start the scan as illustrated below
Note: Do not take action against any **Rootkit** entries until I have reviewed the log.
- Once the scan finishes click Save log to save the log to your Desktop
- Copy and paste the contents of aswMBR.txt back here for review
Thanks Kenny94!
aswMBR 051411.txt log is attached for review.
- Save aswMBR.exe to your Desktop
-
Please help. I've been trying to remove infection(s) without success.
i have attached the logs from DDS saying "possible TDL3 rootkit infection".
i just bought the paid version of MB yesterday and last night kept getting repeated attacks from about 10 different ip addresses (attached also).
2 days ago went round & round with a disabled desktop and task manager, went into safe mode repeatedly using fixer.exe, ESET, MB, numerous Hijackthis kills, and ended up doing a system restore which got it back to something resembling normal.
ESET online scanner and MB have found and quarantined a few dozen things but this is still obviously not fixed yet.
Any help would be greatly appreciated.
MSVBVM60.DLL not found and MB cannot open or run
in Malwarebytes for Windows Support Forum
Posted