Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Second Slow PC for Essexboy [Solved]

Started by skipperscruise , May 15 2012 01:03 PM

  • This topic is locked This topic is locked

#1
skipperscruise
Posted 15 May 2012 - 01:03 PM

skipperscruise

    Member

  • Member
  • PipPip
  • 48 posts
Here is the OTL for the 2nd pc. Thanks, skipperscruise

OTL logfile created on: 5/15/2012 2:55:39 PM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.25 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 71.68% Memory free
2.98 Gb Paging File | 2.81 Gb Available in Paging File | 94.33% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 11.39 Gb Free Space | 30.58% Space Free | Partition Type: NTFS

Computer Name: BACKROOM | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/15 14:55:18 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/08/04 21:15:46 | 000,632,128 | ---- | M] () -- C:\WINDOWS\Dell\PanelMgr\SSMMgr.exe
PRC - [2010/07/30 00:07:00 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2010/08/04 21:15:46 | 000,632,128 | ---- | M] () -- C:\WINDOWS\Dell\PanelMgr\SSMMgr.exe
MOD - [2010/07/30 00:07:00 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MOD - [2010/04/27 11:29:58 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\Dell2335Port_x86.dll
MOD - [2010/03/10 20:07:42 | 000,022,723 | ---- | M] () -- C:\WINDOWS\system32\sdf1ml3.dll
MOD - [2009/12/20 21:42:16 | 000,176,235 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/05/05 11:13:11 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-776561741-1677128483-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-776561741-1677128483-725345543-500\..\SearchScopes,DefaultScope = {54E95ED5-EA3D-4987-9B05-08EC8BA0E60B}
IE - HKU\S-1-5-21-776561741-1677128483-725345543-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-776561741-1677128483-725345543-500\..\SearchScopes\{54E95ED5-EA3D-4987-9B05-08EC8BA0E60B}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-776561741-1677128483-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/21 16:37:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/11/07 19:15:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2012/05/03 15:33:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0r9jtnsb.default\extensions
[2011/11/07 19:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/03/16 11:30:26 | 000,634,964 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0R9JTNSB.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/03/21 16:37:20 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/21 16:37:16 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/03/21 16:37:16 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2001/08/23 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()
O4 - HKLM..\Run: [Dell PanelMgr] C:\WINDOWS\Dell\PanelMgr\SSMMgr.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-776561741-1677128483-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1293574829983 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} http://download.micr...04/clearadj.cab (CTAdjust Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://flagstar.web...ing/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4141EAA-379C-4E87-907F-FD6CA481722C}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/21 17:40:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/15 14:55:16 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012/05/11 17:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
[2012/05/11 17:20:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.4
[2012/05/11 17:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012/05/11 17:17:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\OpenOffice.org 3.4 (en-US) Installation Files
[2012/05/04 14:38:56 | 000,000,000 | ---D | C] -- C:\Misc
[2012/05/04 14:31:14 | 000,000,000 | ---D | C] -- C:\Custom Forms From Encompass
[2012/04/23 17:35:31 | 000,000,000 | ---D | C] -- C:\Miller Wang
[2012/04/18 16:03:41 | 000,000,000 | ---D | C] -- C:\Applegate
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/15 14:55:18 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2012/05/15 14:13:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/15 09:38:27 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/14 18:45:17 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2012/05/14 18:44:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/14 18:44:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/14 18:42:05 | 000,001,890 | -H-- | M] () -- C:\Documents and Settings\Administrator\My Documents\Default.rdp
[2012/05/11 21:50:39 | 000,140,919 | ---- | M] () -- C:\Portfolio DU Refi Plus.pdf
[2012/05/11 21:46:44 | 000,143,507 | ---- | M] () -- C:\DU Refi Plus Revised 4-24-12.pdf
[2012/05/11 17:42:02 | 000,294,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/11 17:24:18 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\test open office
[2012/05/11 17:20:53 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.4.lnk
[2012/05/11 12:44:00 | 000,033,134 | ---- | M] () -- C:\2012-05-11-1336748468-4072404902-9543438098.pdf
[2012/05/10 10:42:13 | 151,801,119 | ---- | M] () -- C:\Apache_OpenOffice_incubating_3.4.0_Win_x86_install_en-US.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/11 21:51:37 | 000,140,919 | ---- | C] () -- C:\Portfolio DU Refi Plus.pdf
[2012/05/11 21:49:27 | 000,143,507 | ---- | C] () -- C:\DU Refi Plus Revised 4-24-12.pdf
[2012/05/11 17:24:18 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\test open office
[2012/05/11 17:20:53 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.4.lnk
[2012/05/11 12:44:00 | 000,033,134 | ---- | C] () -- C:\2012-05-11-1336748468-4072404902-9543438098.pdf
[2012/05/10 10:42:08 | 151,801,119 | ---- | C] () -- C:\Apache_OpenOffice_incubating_3.4.0_Win_x86_install_en-US.exe
[2012/02/20 11:59:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/08/16 14:59:24 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/14 13:52:26 | 000,159,112 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/10 15:56:34 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2011/01/06 15:51:47 | 000,007,272 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Dell2335Options.xml
[2011/01/06 15:51:43 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll
[2011/01/06 15:51:36 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Dell2335Port_x86.dll
[2011/01/06 15:51:16 | 000,484,672 | ---- | C] () -- C:\WINDOWS\SSndii.exe
[2011/01/06 15:51:01 | 000,116,032 | ---- | C] () -- C:\WINDOWS\Wiainst.exe
[2011/01/06 15:48:43 | 000,198,656 | ---- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll
[2011/01/06 15:48:42 | 000,140,288 | ---- | C] () -- C:\WINDOWS\System32\SaXPEH.dll
[2011/01/06 15:48:42 | 000,138,240 | ---- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll
[2011/01/06 15:48:42 | 000,117,248 | ---- | C] () -- C:\WINDOWS\System32\SaXPIPH.dll
[2011/01/06 15:48:42 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\SaXPSTI.dll
[2011/01/06 15:48:40 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\sdf1ml3.dll
[2010/12/28 18:02:31 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2010/12/21 17:41:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/12/21 17:37:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/12/21 12:30:34 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/12/21 12:29:43 | 000,294,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/29 21:55:04 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\CDASpl.dll

========== LOP Check ==========

[2011/01/12 13:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Encompass
[2011/01/14 18:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ePASS
[2012/05/11 17:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
[2012/05/14 12:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PrimoPDF
[2011/06/03 11:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\webex
[2012/05/14 18:45:17 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 15 May 2012 - 01:20 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets do a quick rootkit/mbr scan next

Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#3
skipperscruise
Posted 15 May 2012 - 01:56 PM

skipperscruise

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
aswMBR log:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-15 15:36:03
-----------------------------
15:36:03.781 OS Version: Windows 5.1.2600 Service Pack 3
15:36:03.781 Number of processors: 1 586 0x401
15:36:03.781 ComputerName: BACKROOM UserName:
15:36:04.421 Initialize success
15:36:19.265 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:36:19.265 Disk 0 Vendor: WDC_WD400BB-75JHC0 06.01C06 Size: 38146MB BusType: 3
15:36:19.296 Disk 0 MBR read successfully
15:36:19.296 Disk 0 MBR scan
15:36:19.296 Disk 0 Windows XP default MBR code
15:36:19.296 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38138 MB offset 63
15:36:19.296 Disk 0 scanning sectors +78108030
15:36:19.406 Disk 0 scanning C:\WINDOWS\system32\drivers
15:36:28.343 Service scanning
15:36:48.140 Modules scanning
15:36:58.562 Disk 0 trace - called modules:
15:36:58.578 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
15:36:58.578 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89731ab8]
15:36:58.578 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89795b00]
15:36:58.578 Scan finished successfully
15:43:34.906 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
15:43:34.937 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR Log 051512.txt"
  • 0

#4
Essexboy
Posted 15 May 2012 - 02:02 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm both reports are apparently clear

Lets see what the Combofix log tells us on the other system
  • 0

#5
skipperscruise
Posted 15 May 2012 - 02:10 PM

skipperscruise

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Ok, I'm not back at the other pc yet and you may be sleeping before I can get back to it to run combofix. It's not this pc then.
  • 0

#6
Essexboy
Posted 15 May 2012 - 03:31 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The initial look at all the known malware points does not indicate that at the moment

If after the removal on the other system it appears to go (this time we will wait for a day) then connect to the this system to see if it returns. If it does I will dig deeper
  • 0

#7
Essexboy
Posted 19 May 2012 - 08:31 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP