Jump to content

Recommended Posts

Sorry for more questions but this really has me upset about all the possible damage a rootkit can do.

 

3) Could we have passed thsi rootkit on to other people somehow? Should they scan their computers?

 

 

What is the very, very best combination of protective programs we should put on our computers??

Link to post
Share on other sites
  • Replies 81
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

Hi. :)

 

Jacee is currently unavailable and I will be assisting you from this time forward.

 

1) Does this mean that someone has gained access to our bank, credit cards, etc. that we check online?

It is a distinct possibility I'm afraid, below is a portion of the advice I normally provide in such situations as yours:-

 

I would counsel you to disconnect this PC from the Internet immediately and keep it disconnected. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

 

2) Should I run that Farbar scan on our other computers to see if they have a rootkit too?

Do you mean your own Windows 7 machine Jacee assisted you with ? If so no need as she completed a malware removal process with that one and if any further infections were on-board they would have been revealed by the eset online scan.

 

Now if you actually do mean a different machine, please inform myself in your next reply which Operating System is in use on it and we will go from there, thank you.

 

3) Could we have passed thsi rootkit on to other people somehow? Should they scan their computers?

Possible but I doubt it in this situation unless you have been sharing say files or sending email attachments, been using the same form of removable storage media to share information and or they were physically connected on the same LAN(local area network) to name some examples.

 

Though entirely feasible due to the nature of the rootkit your husbands machine was part of what is known as a botnet but this I do not actually know for sure going from the information I do have at present to review. Either way since it appears you will be performing the advised a reformat and reinstallation of the Windows Operating System, this will no longer be a cause for concern etc.

 

What is the very, very best combination of protective programs we should put on our computers??

My advice posted here should be of assistance with regard to this query.

 

Also, when we move the files from my husband's computer (via flash drive), is there any chance that the rootkit wil be transferred to his new computer?

We can secure your Flash Drive so no infections can be spread via that medium as follows...

 

Download/Run Panda USB Vaccine:

 

Please download Panda USB Vaccine from here to the Desktop of your Windows 7 machine.

[*]Right-click on USBVaccineSetup.exe and and select Run as Administrator >> follow the prompts in the installation wizard.

[*]At the configuration screen(settings)...

[*]Ensure both Run Panda USB Vaccine automatically when computer boots (/resident mode) & Automatically vaccinate any newly inserted USB key are selected >> plus NTFS support

[*]Now click on Next> >> ensure Launch Panda USB Vaccine is selected >> click on Finish.

[*]Insert the Flash/USB Drive into your machine...it will be automatically vaccinated(as will any usb drives connected in the future).

Link to post
Share on other sites

Hello Dakeyras, thank you for stepping in to continue helping me. I appreciate everything the others have done so far.

 

I am concerned about my own computer as well as my husbands computers. Mine is a desktop with Widows 7. I decided to run the FARBAR scan before I do anything else on mine to see if it finds any problems or not.

 

Here are the results of that scan---- would you look at it please and see if there is anything wrong?

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-08-2013Ran by elizabeth (administrator) on 17-08-2013 13:54:13Running from C:UserselizabethDesktopMicrosoft Windows 7 Professional Service Pack 1 (X86) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal==================== Processes (Whitelisted) ===================(NVIDIA Corporation) C:Windowssystem32nvvsvc.exe(Microsoft Corporation) c:Program FilesMicrosoft Security ClientMsMpEng.exe(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe(NVIDIA Corporation) C:Windowssystem32nvvsvc.exe(Hewlett-Packard) C:Program FilesHPHP Software Updatehpwuschd2.exe(Microsoft Corporation) C:Program FilesMicrosoft Security Clientmsseces.exe(Oracle Corporation) C:Program FilesCommon FilesJavaJava Updatejusched.exe(Microsoft Corporation) c:Program FilesMicrosoft Security ClientNisSrv.exe(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvtray.exe(magicJack L.P.) C:UserselizabethAppDataRoamingmjusbspst00000mjsetup.exe(magicJack L.P.) C:UserselizabethAppDataRoamingmjusbspmagicJack.exe(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA Update Coredaemonu.exe(Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe(Mozilla Corporation) C:Program FilesMozilla Firefoxplugin-container.exe(Adobe Systems, Inc.) C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_8_800_94.exe(Adobe Systems, Inc.) C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_8_800_94.exe(Microsoft Corporation) ?C:Windowssystem32wbemWMIADAP.EXE==================== Registry (Whitelisted) ==================HKLM...Run: [HP Software Update] - C:Program FilesHPHP Software UpdateHPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)HKLM...Run: [MSC] - c:Program FilesMicrosoft Security Clientmsseces.exe [995176 2013-06-20] (Microsoft Corporation)HKLM...Run: [sunJavaUpdateSched] - C:Program FilesCommon FilesJavaJava Updatejusched.exe [253816 2013-03-12] (Oracle Corporation)HKCU...Run: [cdloader] - C:UserselizabethAppDataRoamingmjusbspcdloader2.exe [50592 2012-02-01] (magicJack L.P.)==================== Internet (Whitelisted) ====================HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchSearchScopes: HKLM - DefaultScope value is missing.BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre7binssv.dll (Oracle Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation)DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cabDPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dllDPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cabTcpipParameters: [DhcpNameServer] 192.168.1.254FireFox:========FF ProfilePath: C:UserselizabethAppDataRoamingMozillaFirefoxPath=C:UserselizabethAppDataRoamingMozillaProfilesw43ap2tq.Default UserFF Plugin: @adobe.com/FlashPlayer - C:Windowssystem32MacromedFlashNPSWF32_11_8_800_94.dll ()FF Plugin: @Google.com/GoogleEarthPlugin - C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google)FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:Windowssystem32npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:Program FilesJavajre7binplugin2npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @tools.google.com/Google Update;version=3 - C:Program FilesGoogleUpdate1.3.21.153npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 - C:Program FilesGoogleUpdate1.3.21.153npGoogleUpdate3.dll (Google Inc.)FF Extension: Default - C:Program FilesMozilla Firefoxbrowserextensions{972ce4c6-7e08-4474-a285-3208198ce6fd}========================== Services (Whitelisted) =================R2 MsMpSvc; c:Program FilesMicrosoft Security ClientMsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)R3 NisSrv; c:Program FilesMicrosoft Security ClientNisSrv.exe [295376 2013-06-20] (Microsoft Corporation)==================== Drivers (Whitelisted) ====================S3 gfiark; C:WindowsSystem32driversgfiark.sys [41584 2013-04-11] (ThreatTrack Security)R0 gfibto; C:WindowsSystem32driversgfibto.sys [13560 2013-06-17] (GFI Software)R0 MpFilter; C:WindowsSystem32DRIVERSMpFilter.sys [211560 2013-06-18] (Microsoft Corporation)S3 catchme; ??C:UsersELIZAB~1AppDataLocalTempcatchme.sys [x]========================== Drivers MD5 =======================C:Windowssystem32drivers1394ohci.sys ==> MD5 is legitC:WindowsSystem32driversACPI.sys ==> MD5 is legitC:Windowssystem32driversacpipmi.sys ==> MD5 is legitC:Windowssystem32DRIVERSadp94xx.sys ==> MD5 is legitC:Windowssystem32DRIVERSadpahci.sys ==> MD5 is legitC:Windowssystem32DRIVERSadpu320.sys ==> MD5 is legitC:Windowssystem32driversafd.sys 9EBBBA55060F786F0FCAA3893BFA2806C:Windowssystem32driversagp440.sys ==> MD5 is legitC:Windowssystem32DRIVERSdjsvs.sys ==> MD5 is legitC:Windowssystem32driversaliide.sys ==> MD5 is legitC:Windowssystem32driversamdagp.sys ==> MD5 is legitC:Windowssystem32driversamdide.sys ==> MD5 is legitC:WindowsSystem32DRIVERSamdk8.sys ==> MD5 is legitC:Windowssystem32DRIVERSamdppm.sys ==> MD5 is legitC:Windowssystem32driversamdsata.sys ==> MD5 is legitC:Windowssystem32DRIVERSamdsbs.sys ==> MD5 is legitC:WindowsSystem32driversamdxata.sys ==> MD5 is legitC:Windowssystem32driversappid.sys ==> MD5 is legitC:Windowssystem32DRIVERSarc.sys ==> MD5 is legitC:Windowssystem32DRIVERSarcsas.sys ==> MD5 is legitC:WindowsSystem32DRIVERSasyncmac.sys ==> MD5 is legitC:Windowssystem32driversatapi.sys ==> MD5 is legitC:Windowssystem32DRIVERSbxvbdx.sys ==> MD5 is legitC:WindowsSystem32DRIVERSb57nd60x.sys ==> MD5 is legitC:WindowsSystem32DriversBeep.sys ==> MD5 is legitC:WindowsSystem32DRIVERSblbdrive.sys ==> MD5 is legitC:WindowsSystem32DRIVERSbowser.sys ==> MD5 is legitC:Windowssystem32DRIVERSBrFiltLo.sys ==> MD5 is legitC:Windowssystem32DRIVERSBrFiltUp.sys ==> MD5 is legitC:WindowsSystem32DRIVERSbridge.sys 77361D72A04F18809D0EFB6CCEB74D4BC:WindowsSystem32DriversBrserid.sys ==> MD5 is legitC:WindowsSystem32DriversBrSerWdm.sys ==> MD5 is legitC:WindowsSystem32DriversBrUsbMdm.sys ==> MD5 is legitC:WindowsSystem32DriversBrUsbSer.sys ==> MD5 is legitC:Windowssystem32DRIVERSbthmodem.sys ==> MD5 is legitC:WindowsSystem32DRIVERScdfs.sys ==> MD5 is legitC:Windowssystem32driverscdrom.sys ==> MD5 is legitC:Windowssystem32DRIVERScirclass.sys ==> MD5 is legitC:WindowsSystem32CLFS.sys ==> MD5 is legitC:Windowssystem32DRIVERSCmBatt.sys ==> MD5 is legitC:Windowssystem32driverscmdide.sys ==> MD5 is legitC:WindowsSystem32Driverscng.sys 247B4CE2DAB1160CD422D532D5241E1FC:Windowssystem32DRIVERScompbatt.sys ==> MD5 is legitC:Windowssystem32driversCompositeBus.sys ==> MD5 is legitC:Windowssystem32DRIVERScrcdisk.sys ==> MD5 is legitC:WindowsSystem32driverscsc.sys ==> MD5 is legitC:WindowsSystem32Driversdfsc.sys ==> MD5 is legitC:WindowsSystem32driversdiscache.sys ==> MD5 is legitC:WindowsSystem32DRIVERSdisk.sys ==> MD5 is legitC:WindowsSystem32DRIVERSDot4.sys B5E479EB83707DD698F66953E922042CC:WindowsSystem32DRIVERSDot4Prt.sys CAEFD09B6A6249C53A67D55A9A9FCABFC:WindowsSystem32DRIVERSdot4usb.sys CF491FF38D62143203C065260567E2F7C:WindowsSystem32driversdrmkaud.sys ==> MD5 is legitC:WindowsSystem32driversdxgkrnl.sys 16498EBC04AE9DD07049A8884B205C05C:Windowssystem32DRIVERSevbdx.sys ==> MD5 is legitC:Windowssystem32DRIVERSelxstor.sys ==> MD5 is legitC:Windowssystem32driverserrdev.sys ==> MD5 is legitC:WindowsSystem32Driversexfat.sys ==> MD5 is legitC:WindowsSystem32Driversfastfat.sys ==> MD5 is legitC:Windowssystem32DRIVERSfdc.sys ==> MD5 is legitC:WindowsSystem32driversfileinfo.sys ==> MD5 is legitC:WindowsSystem32driversfiletrace.sys ==> MD5 is legitC:Windowssystem32DRIVERSflpydisk.sys ==> MD5 is legitBC:WindowsSystem32driversfltmgr.sys ==> MD5 is legitC:WindowsSystem32driversFsDepends.sys ==> MD5 is legitC:WindowsSystem32DriversFs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05C:WindowsSystem32DRIVERSfvevol.sys ==> MD5 is legitC:Windowssystem32DRIVERSgagp30kx.sys ==> MD5 is legitC:WindowsSystem32driversgfiark.sys 035EAF9A18B84F9560984BCF41F52E99C:WindowsSystem32driversgfibto.sys 483924F92E55A5F9423201EC635E2CEDC:Windowssystem32drivershcw85cir.sys ==> MD5 is legitC:Windowssystem32driversHdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972C:Windowssystem32driversHDAudBus.sys ==> MD5 is legitC:Windowssystem32DRIVERSHidBatt.sys ==> MD5 is legitC:Windowssystem32DRIVERShidbth.sys ==> MD5 is legitC:Windowssystem32DRIVERShidir.sys ==> MD5 is legitC:WindowsSystem32DRIVERShidusb.sys ==> MD5 is legitC:Windowssystem32driversHpSAMD.sys ==> MD5 is legitC:WindowsSystem32driversHTTP.sys ==> MD5 is legitC:WindowsSystem32drivershwpolicy.sys ==> MD5 is legitC:Windowssystem32driversi8042prt.sys ==> MD5 is legitC:Windowssystem32driversiaStorV.sys ==> MD5 is legitC:Windowssystem32DRIVERSiirsp.sys ==> MD5 is legitC:Windowssystem32driversintelide.sys ==> MD5 is legitC:Windowssystem32DRIVERSintelppm.sys ==> MD5 is legitC:WindowsSystem32DRIVERSipfltdrv.sys ==> MD5 is legitC:Windowssystem32driversIPMIDrv.sys ==> MD5 is legitC:WindowsSystem32driversipnat.sys ==> MD5 is legitC:WindowsSystem32driversirenum.sys ==> MD5 is legitC:Windowssystem32driversisapnp.sys ==> MD5 is legitC:Windowssystem32driversmsiscsi.sys ==> MD5 is legitC:Windowssystem32driverskbdclass.sys ==> MD5 is legitC:Windowssystem32driverskbdhid.sys ==> MD5 is legitC:WindowsSystem32Driversksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36C:WindowsSystem32Driversksecpkg.sys D30159AC9237519FBC62C6EC247D2D46C:WindowsSystem32DRIVERSlltdio.sys ==> MD5 is legitC:Windowssystem32DRIVERSlsi_fc.sys ==> MD5 is legitC:Windowssystem32DRIVERSlsi_sas.sys ==> MD5 is legitC:Windowssystem32DRIVERSlsi_sas2.sys ==> MD5 is legitC:Windowssystem32DRIVERSlsi_scsi.sys ==> MD5 is legitC:Windowssystem32driversluafv.sys ==> MD5 is legitC:Windowssystem32DRIVERSmegasas.sys ==> MD5 is legitC:Windowssystem32DRIVERSMegaSR.sys ==> MD5 is legitC:WindowsSystem32driversmodem.sys ==> MD5 is legitC:WindowsSystem32DRIVERSmonitor.sys ==> MD5 is legitC:WindowsSystem32DRIVERSmouclass.sys ==> MD5 is legitC:WindowsSystem32DRIVERSmouhid.sys ==> MD5 is legitC:WindowsSystem32driversmountmgr.sys ==> MD5 is legitC:WindowsSystem32DRIVERSMpFilter.sys 24406D75B40F0F6B3C1AC7031D734565C:Windowssystem32driversmpio.sys ==> MD5 is legitC:WindowsSystem32driversmpsdrv.sys ==> MD5 is legitC:Windowssystem32driversmrxdav.sys ==> MD5 is legitC:WindowsSystem32DRIVERSmrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25C:WindowsSystem32DRIVERSmrxsmb10.sys 6D17A4791ACA19328C685D256349FEFCC:WindowsSystem32DRIVERSmrxsmb20.sys B81F204D146000BE76651A50670A5E9EC:Windowssystem32driversmsahci.sys ==> MD5 is legitC:Windowssystem32driversmsdsm.sys ==> MD5 is legitC:WindowsSystem32DriversMsfs.sys ==> MD5 is legitC:WindowsSystem32driversmshidkmdf.sys ==> MD5 is legitC:WindowsSystem32driversmsisadrv.sys ==> MD5 is legitC:WindowsSystem32driversMSKSSRV.sys ==> MD5 is legitC:WindowsSystem32driversMSPCLOCK.sys ==> MD5 is legitC:WindowsSystem32driversMSPQM.sys ==> MD5 is legitC:WindowsSystem32DriversMsRPC.sys ==> MD5 is legitC:Windowssystem32driversmssmbios.sys ==> MD5 is legitC:WindowsSystem32driversMSTEE.sys ==> MD5 is legitC:Windowssystem32DRIVERSMTConfig.sys ==> MD5 is legitC:WindowsSystem32Driversmup.sys ==> MD5 is legitC:WindowsSystem32DRIVERSnwifi.sys ==> MD5 is legitC:WindowsSystem32driversndis.sys ==> MD5 is legitC:WindowsSystem32DRIVERSndiscap.sys ==> MD5 is legitC:WindowsSystem32DRIVERSndistapi.sys ==> MD5 is legitC:WindowsSystem32DRIVERSndisuio.sys ==> MD5 is legitC:WindowsSystem32DRIVERSndiswan.sys ==> MD5 is legitC:WindowsSystem32DriversNDProxy.sys ==> MD5 is legitC:WindowsSystem32DRIVERSnetbios.sys ==> MD5 is legitC:WindowsSystem32DRIVERSnetbt.sys ==> MD5 is legitC:Windowssystem32DRIVERSnfrd960.sys ==> MD5 is legitC:WindowsSystem32DRIVERSNisDrvWFP.sys C58DB40E4C95BE8EE727BE872BE6383FC:WindowsSystem32DriversNpfs.sys ==> MD5 is legitC:WindowsSystem32driversnsiproxy.sys ==> MD5 is legitC:WindowsSystem32DriversNtfs.sys 5E43D2B0EE64123D4880DFA6626DEFDEC:WindowsSystem32DriversNull.sys ==> MD5 is legitC:WindowsSystem32DRIVERSnvlddmkm.sys 9A77B1C13BCCEDDF78DFD7AFC25B4F5EC:Windowssystem32driversnvraid.sys ==> MD5 is legitC:WindowsSystem32driversnvstor.sys ==> MD5 is legitC:Windowssystem32driversnv_agp.sys ==> MD5 is legitC:Windowssystem32driversohci1394.sys ==> MD5 is legitC:WindowsSystem32DRIVERSparport.sys ==> MD5 is legitC:WindowsSystem32driverspartmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9BC:WindowsSystem32DRIVERSparvdm.sys ==> MD5 is legitC:WindowsSystem32driverspci.sys ==> MD5 is legitC:Windowssystem32driverspciide.sys ==> MD5 is legitC:Windowssystem32DRIVERSpcmcia.sys ==> MD5 is legitC:WindowsSystem32driverspcw.sys ==> MD5 is legitC:WindowsSystem32driverspeauth.sys ==> MD5 is legitC:WindowsSystem32DRIVERSraspptp.sys ==> MD5 is legitC:Windowssystem32DRIVERSprocessr.sys ==> MD5 is legitC:WindowsSystem32DRIVERSpacer.sys ==> MD5 is legitC:Windowssystem32DRIVERSql2300.sys ==> MD5 is legitC:Windowssystem32DRIVERSql40xx.sys ==> MD5 is legitC:Windowssystem32driversqwavedrv.sys ==> MD5 is legitC:WindowsSystem32DRIVERSrasacd.sys ==> MD5 is legitC:WindowsSystem32DRIVERSAgileVpn.sys ==> MD5 is legitC:WindowsSystem32DRIVERSrasl2tp.sys ==> MD5 is legitC:WindowsSystem32DRIVERSraspppoe.sys ==> MD5 is legitC:WindowsSystem32DRIVERSrassstp.sys ==> MD5 is legitC:WindowsSystem32DRIVERSrdbss.sys ==> MD5 is legitC:WindowsSystem32DRIVERSrdpbus.sys ==> MD5 is legitC:WindowsSystem32DRIVERSRDPCDD.sys ==> MD5 is legitC:WindowsSystem32driversrdpdr.sys ==> MD5 is legitC:WindowsSystem32driversrdpencdd.sys ==> MD5 is legitC:WindowsSystem32driversrdprefmp.sys ==> MD5 is legitC:WindowsSystem32DriversRDPWD.sys F031683E6D1FEA157ABB2FF260B51E61C:WindowsSystem32driversrdyboost.sys ==> MD5 is legitC:WindowsSystem32DRIVERSrspndr.sys ==> MD5 is legitC:Windowssystem32driversvms3cap.sys ==> MD5 is legitC:Windowssystem32driverssbp2port.sys ==> MD5 is legitC:WindowsSystem32DRIVERSscfilter.sys ==> MD5 is legitC:WindowsSystem32Driverssecdrv.sys ==> MD5 is legitC:WindowsSystem32DRIVERSserenum.sys ==> MD5 is legitC:WindowsSystem32DRIVERSserial.sys ==> MD5 is legitC:Windowssystem32DRIVERSsermouse.sys ==> MD5 is legitC:Windowssystem32driverssffdisk.sys ==> MD5 is legitC:Windowssystem32driverssffp_mmc.sys ==> MD5 is legitC:Windowssystem32driverssffp_sd.sys ==> MD5 is legitC:Windowssystem32DRIVERSsfloppy.sys ==> MD5 is legitC:Windowssystem32driverssisagp.sys ==> MD5 is legitC:Windowssystem32DRIVERSSiSRaid2.sys ==> MD5 is legitC:Windowssystem32DRIVERSsisraid4.sys ==> MD5 is legitC:WindowsSystem32DRIVERSsmb.sys ==> MD5 is legitC:WindowsSystem32Driversspldr.sys ==> MD5 is legitC:WindowsSystem32DRIVERSsrv.sys E4C2764065D66EA1D2D3EBC28FE99C46C:WindowsSystem32DRIVERSsrv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71ABC:WindowsSystem32DRIVERSsrvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABCC:Windowssystem32DRIVERSstexstor.sys ==> MD5 is legitC:WindowsSystem32driversvmstorfl.sys ==> MD5 is legitC:Windowssystem32driversstorvsc.sys ==> MD5 is legitC:Windowssystem32driversswenum.sys ==> MD5 is legitC:WindowsSystem32driverstcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3CC:WindowsSystem32DRIVERStcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3CC:WindowsSystem32driverstcpipreg.sys ==> MD5 is legitC:WindowsSystem32driverstdpipe.sys ==> MD5 is legitC:WindowsSystem32driverstdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8C:WindowsSystem32DRIVERStdx.sys ==> MD5 is legitC:Windowssystem32driverstermdd.sys ==> MD5 is legitC:WindowsSystem32DRIVERStssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101C:WindowsSystem32driverstsusbflt.sys ==> MD5 is legitC:WindowsSystem32DRIVERStunnel.sys ==> MD5 is legitC:Windowssystem32DRIVERSuagp35.sys ==> MD5 is legitC:WindowsSystem32DRIVERSudfs.sys ==> MD5 is legitC:Windowssystem32driversuliagpkx.sys ==> MD5 is legitC:Windowssystem32driversumbus.sys ==> MD5 is legitC:Windowssystem32DRIVERSumpass.sys ==> MD5 is legitC:Windowssystem32driversusbaudio.sys 1D9F2BD026E8E2D45033A4DF3F16B78CC:WindowsSystem32DRIVERSusbccgp.sys ==> MD5 is legitC:Windowssystem32driversusbcir.sys ==> MD5 is legitC:Windowssystem32driversusbehci.sys ==> MD5 is legitC:Windowssystem32driversusbhub.sys ==> MD5 is legitC:Windowssystem32driversusbohci.sys ==> MD5 is legitC:WindowsSystem32DRIVERSusbprint.sys ==> MD5 is legitC:WindowsSystem32DRIVERSusbscan.sys 576096CCBC07E7C4EA4F5E6686D6888FC:WindowsSystem32DRIVERSUSBSTOR.SYS ==> MD5 is legitC:Windowssystem32driversusbuhci.sys ==> MD5 is legitC:WindowsSystem32driversvdrvroot.sys ==> MD5 is legitC:WindowsSystem32DRIVERSvgapnp.sys ==> MD5 is legitC:WindowsSystem32driversvga.sys ==> MD5 is legitC:Windowssystem32driversvhdmp.sys ==> MD5 is legitC:Windowssystem32driversviaagp.sys ==> MD5 is legitC:Windowssystem32DRIVERSviac7.sys ==> MD5 is legitC:Windowssystem32driversviaide.sys ==> MD5 is legitC:WindowsSystem32driversvmbus.sys ==> MD5 is legitC:Windowssystem32driversVMBusHID.sys ==> MD5 is legitC:WindowsSystem32driversvolmgr.sys ==> MD5 is legitC:WindowsSystem32driversvolmgrx.sys ==> MD5 is legitC:WindowsSystem32driversvolsnap.sys ==> MD5 is legitC:Windowssystem32DRIVERSvsmraid.sys ==> MD5 is legitC:WindowsSystem32driversvwifibus.sys ==> MD5 is legitC:Windowssystem32DRIVERSwacompen.sys ==> MD5 is legitC:WindowsSystem32DRIVERSwanarp.sys ==> MD5 is legitC:WindowsSystem32DRIVERSwanarp.sys ==> MD5 is legitC:Windowssystem32DRIVERSwd.sys ==> MD5 is legitC:WindowsSystem32driversWdf01000.sys ==> MD5 is legitC:WindowsSystem32DRIVERSwfplwf.sys ==> MD5 is legitC:WindowsSystem32driverswimmount.sys ==> MD5 is legitC:WindowsSystem32DRIVERSWinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708C:Windowssystem32driverswmiacpi.sys ==> MD5 is legitC:Windowssystem32driversws2ifsl.sys ==> MD5 is legitC:WindowsSystem32driversWudfPf.sys ==> MD5 is legitC:WindowsSystem32DRIVERSWUDFRd.sys ==> MD5 is legit==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2013-08-17 13:53 - 2013-08-17 13:53 - 01068993 _____ (Farbar) C:UserselizabethDesktopFRST.exe2013-08-17 03:09 - 2013-08-17 03:10 - 00000000 ____D C:Program FilesMozilla Firefox2013-08-15 03:03 - 2013-08-15 03:05 - 00000000 ____D C:Windowssystem32MRT2013-08-15 03:01 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:Windowssystem32wininet.dll2013-08-15 03:01 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:Windowssystem32urlmon.dll2013-08-15 03:01 - 2013-07-25 23:13 - 00042496 _____ (Microsoft Corporation) C:Windowssystem32ie4uinit.exe2013-08-15 03:01 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll2013-08-15 03:01 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:Windowssystem32jscript9.dll2013-08-15 03:01 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:Windowssystem32iertutil.dll2013-08-15 03:01 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:Windowssystem32jscript.dll2013-08-15 03:01 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:Windowssystem32msfeeds.dll2013-08-15 03:01 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:Windowssystem32ieui.dll2013-08-15 03:01 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:Windowssystem32iesysprep.dll2013-08-15 03:01 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:Windowssystem32iesetup.dll2013-08-15 03:01 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:Windowssystem32jsproxy.dll2013-08-15 03:01 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:Windowssystem32ieframe.dll2013-08-15 03:01 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:Windowssystem32iernonce.dll2013-08-15 03:01 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb2013-08-15 03:01 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:Windowssystem32RegisterIEPKEYs.exe2013-08-14 04:24 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:Windowssystem32WMVDECOD.DLL2013-08-14 04:24 - 2013-07-18 21:41 - 00002048 _____ (Microsoft Corporation) C:Windowssystem32tzres.dll2013-08-14 04:24 - 2013-07-09 01:03 - 03968960 _____ (Microsoft Corporation) C:Windowssystem32ntkrnlpa.exe2013-08-14 04:24 - 2013-07-09 01:03 - 03913664 _____ (Microsoft Corporation) C:Windowssystem32ntoskrnl.exe2013-08-14 04:24 - 2013-07-09 00:53 - 01289096 _____ (Microsoft Corporation) C:Windowssystem32ntdll.dll2013-08-14 04:24 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:Windowssystem32wintrust.dll2013-08-14 04:24 - 2013-07-09 00:50 - 00652800 _____ (Microsoft Corporation) C:Windowssystem32rpcrt4.dll2013-08-14 04:24 - 2013-07-09 00:46 - 01166848 _____ (Microsoft Corporation) C:Windowssystem32crypt32.dll2013-08-14 04:24 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:Windowssystem32cryptsvc.dll2013-08-14 04:24 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:Windowssystem32cryptnet.dll2013-08-14 04:24 - 2013-07-06 01:05 - 01293760 _____ (Microsoft Corporation) C:Windowssystem32Driverstcpip.sys2013-08-14 04:23 - 2013-06-14 23:38 - 00031232 _____ (Microsoft Corporation) C:Windowssystem32Driverstssecsrv.sys2013-08-10 18:00 - 2013-08-10 18:00 - 00000109 _____ C:UserselizabethDocumentsabbey2.txt2013-08-10 17:58 - 2013-08-10 17:58 - 00047612 _____ C:UserselizabethDocumentsabbey.txt==================== One Month Modified Files and Folders =======2013-08-17 13:53 - 2013-08-17 13:53 - 01068993 _____ (Farbar) C:UserselizabethDesktopFRST.exe2013-08-17 13:53 - 2013-03-27 17:31 - 00713888 _____ C:Windowssystem32PerfStringBackup.INI2013-08-17 13:51 - 2013-04-05 22:25 - 00000000 ____D C:Legacy2013-08-17 13:49 - 2013-03-27 16:19 - 00001007 _____ C:UserselizabethDesktopmagicJack.lnk2013-08-17 13:49 - 2013-03-27 16:19 - 00000993 _____ C:UserselizabethAppDataRoamingMicrosoftWindowsStart MenuProgramsmagicJack.lnk2013-08-17 13:49 - 2013-03-27 16:19 - 00000000 ____D C:UserselizabethAppDataRoamingmjusbsp2013-08-17 13:48 - 2013-05-11 15:09 - 00000888 _____ C:WindowsTasksGoogleUpdateTaskMachineCore.job2013-08-17 13:47 - 2013-03-31 23:36 - 00000000 ____D C:Program FilesMozilla Maintenance Service2013-08-17 13:47 - 2013-03-28 17:46 - 00028234 _____ C:WindowsPFRO.log2013-08-17 13:47 - 2013-03-27 17:23 - 01280218 _____ C:WindowsWindowsUpdate.log2013-08-17 13:47 - 2009-07-14 00:53 - 00000006 ____H C:WindowsTasksSA.DAT2013-08-17 13:47 - 2009-07-14 00:39 - 00031569 _____ C:Windowssetupact.log2013-08-17 13:24 - 2013-05-11 15:09 - 00000892 _____ C:WindowsTasksGoogleUpdateTaskMachineUA.job2013-08-17 12:06 - 2009-07-14 00:34 - 00015360 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-08-17 12:06 - 2009-07-14 00:34 - 00015360 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-08-17 03:10 - 2013-08-17 03:09 - 00000000 ____D C:Program FilesMozilla Firefox2013-08-16 23:46 - 2013-07-08 16:14 - 00001041 _____ C:UsersPublicDesktopSpywareBlaster.lnk2013-08-16 23:46 - 2013-06-24 15:01 - 00000000 ____D C:Program FilesSpywareBlaster2013-08-16 19:19 - 2013-05-27 14:28 - 00000000 ____D C:UserselizabethDocumentsGenealogy2013-08-15 14:18 - 2013-06-23 22:48 - 00000000 ____D C:Program FilesMicrosoft Security Client2013-08-15 14:18 - 2013-06-20 20:52 - 00001945 _____ C:Windowsepplauncher.mif2013-08-15 14:16 - 2009-07-13 22:37 - 00000000 ____D C:Windowsrescache2013-08-15 03:31 - 2009-07-13 22:37 - 00000000 ____D C:WindowsMicrosoft.NET2013-08-15 03:05 - 2013-08-15 03:03 - 00000000 ____D C:Windowssystem32MRT2013-08-15 03:03 - 2013-03-27 17:38 - 75778376 _____ (Microsoft Corporation) C:Windowssystem32MRT.exe2013-08-10 18:00 - 2013-08-10 18:00 - 00000109 _____ C:UserselizabethDocumentsabbey2.txt2013-08-10 17:58 - 2013-08-10 17:58 - 00047612 _____ C:UserselizabethDocumentsabbey.txt2013-08-07 13:52 - 2013-04-02 14:16 - 00000000 ____D C:UsersELIZAB~1AppDataLocalAdobe2013-08-07 13:51 - 2013-04-13 20:25 - 00692104 _____ (Adobe Systems Incorporated) C:Windowssystem32FlashPlayerApp.exe2013-08-07 13:51 - 2013-04-13 20:25 - 00071048 _____ (Adobe Systems Incorporated) C:Windowssystem32FlashPlayerCPLApp.cpl2013-08-05 14:31 - 2013-05-01 15:14 - 00000000 ____D C:UserselizabethDocumentsScans2013-08-04 13:23 - 2013-05-27 14:24 - 00000000 ____D C:UserselizabethDocumentsMisc2013-07-30 05:31 - 2013-05-11 15:09 - 00000000 ____D C:Program FilesGoogle2013-07-25 23:13 - 2013-08-15 03:01 - 01767936 _____ (Microsoft Corporation) C:Windowssystem32wininet.dll2013-07-25 23:13 - 2013-08-15 03:01 - 01141248 _____ (Microsoft Corporation) C:Windowssystem32urlmon.dll2013-07-25 23:13 - 2013-08-15 03:01 - 00042496 _____ (Microsoft Corporation) C:Windowssystem32ie4uinit.exe2013-07-25 23:12 - 2013-08-15 03:01 - 14329344 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll2013-07-25 23:12 - 2013-08-15 03:01 - 02877440 _____ (Microsoft Corporation) C:Windowssystem32jscript9.dll2013-07-25 23:12 - 2013-08-15 03:01 - 02048512 _____ (Microsoft Corporation) C:Windowssystem32iertutil.dll2013-07-25 23:12 - 2013-08-15 03:01 - 00690688 _____ (Microsoft Corporation) C:Windowssystem32jscript.dll2013-07-25 23:12 - 2013-08-15 03:01 - 00493056 _____ (Microsoft Corporation) C:Windowssystem32msfeeds.dll2013-07-25 23:12 - 2013-08-15 03:01 - 00391168 _____ (Microsoft Corporation) C:Windowssystem32ieui.dll2013-07-25 23:12 - 2013-08-15 03:01 - 00109056 _____ (Microsoft Corporation) C:Windowssystem32iesysprep.dll2013-07-25 23:12 - 2013-08-15 03:01 - 00061440 _____ (Microsoft Corporation) C:Windowssystem32iesetup.dll2013-07-25 23:12 - 2013-08-15 03:01 - 00039936 _____ (Microsoft Corporation) C:Windowssystem32jsproxy.dll2013-07-25 23:11 - 2013-08-15 03:01 - 13761024 _____ (Microsoft Corporation) C:Windowssystem32ieframe.dll2013-07-25 23:11 - 2013-08-15 03:01 - 00033280 _____ (Microsoft Corporation) C:Windowssystem32iernonce.dll2013-07-25 22:49 - 2013-08-15 03:01 - 02706432 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb2013-07-25 21:59 - 2013-08-15 03:01 - 00071680 _____ (Microsoft Corporation) C:Windowssystem32RegisterIEPKEYs.exe2013-07-25 04:57 - 2013-08-14 04:24 - 01620992 _____ (Microsoft Corporation) C:Windowssystem32WMVDECOD.DLL2013-07-19 23:17 - 2013-06-20 16:02 - 00000000 ____D C:UserselizabethAppDataRoamingQuickScan2013-07-18 21:41 - 2013-08-14 04:24 - 00002048 _____ (Microsoft Corporation) C:Windowssystem32tzres.dll==================== Bamital & volsnap Check =================C:Windowsexplorer.exe => MD5 is legitC:WindowsSystem32winlogon.exe => MD5 is legitC:WindowsSystem32wininit.exe => MD5 is legitC:WindowsSystem32svchost.exe => MD5 is legitC:WindowsSystem32services.exe => MD5 is legitC:WindowsSystem32User32.dll => MD5 is legitC:WindowsSystem32userinit.exe => MD5 is legitC:WindowsSystem32Driversvolsnap.sys => MD5 is legit==================== BCD ================================Windows Boot Manager--------------------identifier {bootmgr}device partition=DeviceHarddiskVolume1description Windows Boot Managerlocale en-USinherit {globalsettings}default {current}resumeobject {7734bba0-972c-11e2-870e-f37745ca1d37}displayorder {current}toolsdisplayorder {memdiag}timeout 30Windows Boot Loader-------------------identifier {current}device partition=C:path Windowssystem32winload.exedescription Windows 7locale en-USinherit {bootloadersettings}recoverysequence {7734bba2-972c-11e2-870e-f37745ca1d37}recoveryenabled Yesosdevice partition=C:systemroot Windowsresumeobject {7734bba0-972c-11e2-870e-f37745ca1d37}nx OptInWindows Boot Loader-------------------identifier {7734bba2-972c-11e2-870e-f37745ca1d37}device ramdisk=[C:]Recovery7734bba2-972c-11e2-870e-f37745ca1d37Winre.wim,{7734bba3-972c-11e2-870e-f37745ca1d37}path windowssystem32winload.exedescription Windows Recovery Environmentinherit {bootloadersettings}osdevice ramdisk=[C:]Recovery7734bba2-972c-11e2-870e-f37745ca1d37Winre.wim,{7734bba3-972c-11e2-870e-f37745ca1d37}systemroot windowsnx OptInwinpe YesResume from Hibernate---------------------identifier {7734bba0-972c-11e2-870e-f37745ca1d37}device partition=C:path Windowssystem32winresume.exedescription Windows Resume Applicationlocale en-USinherit {resumeloadersettings}filedevice partition=C:filepath hiberfil.syspae Yesdebugoptionenabled NoWindows Memory Tester---------------------identifier {memdiag}device partition=DeviceHarddiskVolume1path bootmemtest.exedescription Windows Memory Diagnosticlocale en-USinherit {globalsettings}badmemoryaccess YesEMS Settings------------identifier {emssettings}bootems YesDebugger Settings-----------------identifier {dbgsettings}debugtype Serialdebugport 1baudrate 115200RAM Defects-----------identifier {badmemory}Global Settings---------------identifier {globalsettings}inherit {dbgsettings} {emssettings} {badmemory}Boot Loader Settings--------------------identifier {bootloadersettings}inherit {globalsettings} {hypervisorsettings}Hypervisor Settings-------------------identifier {hypervisorsettings}hypervisordebugtype Serialhypervisordebugport 1hypervisorbaudrate 115200Resume Loader Settings----------------------identifier {resumeloadersettings}inherit {globalsettings}Device options--------------identifier {7734bba3-972c-11e2-870e-f37745ca1d37}description Ramdisk Optionsramdisksdidevice partition=C:ramdisksdipath Recovery7734bba2-972c-11e2-870e-f37745ca1d37boot.sdiLastRegBack: 2013-08-12 00:37==================== End Of Log ============================

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-08-2013Ran by elizabeth at 2013-08-17 13:54:58Running from C:UserselizabethDesktopBoot Mode: Normal============================================================================== Installed Programs =======================32 Bit HP CIO Components Installer (Version: 7.1.8)Adobe Flash Player 11 Plugin (Version: 11.8.800.94)Google Earth Plug-in (Version: 7.1.1.1888)Google Update Helper (Version: 1.3.21.153)IrfanView (remove only) (Version: 4.35)Java 7 Update 25 (Version: 7.0.250)Java Auto Updater (Version: 2.1.9.5)Legacy 7.5 (Version: 7.5 )magicJack (HKCU Version: 2.0.6073.4413)Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)Microsoft Security Client (Version: 4.3.0215.0)Microsoft Security Essentials (Version: 4.3.215.0)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)Mozilla Maintenance Service (Version: 23.0.1)MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)NVIDIA Control Panel 307.83 (Version: 307.83)NVIDIA Graphics Driver 307.83 (Version: 307.83)NVIDIA Install Application (Version: 2.1002.109.706)NVIDIA Update 1.10.8 (Version: 1.10.8)NVIDIA Update Components (Version: 1.10.8)PDF-Viewer (Version: 2.5.211.0)SpywareBlaster 5.0 (Version: 5.0.0) ==================== Restore Points =========================19-07-2013 14:24:23 Windows Update22-07-2013 18:00:09 Windows Update26-07-2013 09:30:59 Windows Update30-07-2013 19:14:15 Windows Update02-08-2013 22:07:26 Windows Update06-08-2013 18:11:39 Windows Update10-08-2013 22:04:47 Windows Update13-08-2013 22:21:50 Windows Update15-08-2013 07:00:12 Windows Update15-08-2013 18:17:20 Windows Update==================== Hosts content: ==========================2009-07-13 22:04 - 2013-07-06 13:54 - 00000027 ____A C:Windowssystem32Driversetchosts127.0.0.1 localhost==================== Scheduled Tasks (whitelisted) =============Task: {1FD3F4C4-CE97-4F49-95C8-A01382E56E71} - System32TasksMicrosoftMicrosoft AntimalwareMicrosoft Antimalware Scheduled Scan => c:Program FilesMicrosoft Security ClientMpCmdRun.exe [2013-06-20] (Microsoft Corporation)Task: {606262C6-5279-417B-84C3-F9B31EBE8263} - System32TasksGoogleUpdateTaskMachineUA => C:Program FilesGoogleUpdateGoogleUpdate.exe [2013-05-11] (Google Inc.)Task: {7761C48B-4DDB-490F-AEE5-36F9D3BA356A} - System32TasksDisk cleanup => C:WindowsSystem32cleanmgr.exe [2009-07-13] (Microsoft Corporation)Task: {8D05883C-0C9A-4D85-8B36-1B8767A31D27} - System32TasksGoogleUpdateTaskMachineCore => C:Program FilesGoogleUpdateGoogleUpdate.exe [2013-05-11] (Google Inc.)Task: C:WindowsTasksGoogleUpdateTaskMachineCore.job => C:Program FilesGoogleUpdateGoogleUpdate.exeTask: C:WindowsTasksGoogleUpdateTaskMachineUA.job => C:Program FilesGoogleUpdateGoogleUpdate.exe==================== Faulty Device Manager Devices ================================= Event log errors: =========================Application errors:==================Error: (07/12/2013 04:00:12 PM) (Source: Application Error) (User: )Description: Faulting application name: firefox.exe, version: 22.0.0.4917, time stamp: 0x51c06b1bFaulting module name: xul.dll, version: 22.0.0.4917, time stamp: 0x51c06a5bException code: 0xc0000005Fault offset: 0x00173668Faulting process id: 0xefcFaulting application start time: 0xfirefox.exe0Faulting application path: firefox.exe1Faulting module path: firefox.exe2Report Id: firefox.exe3Error: (06/26/2013 06:02:20 AM) (Source: Software Protection Platform Service) (User: )Description: Acquisition of genuine ticket failed (hr=0x80072F8F) for template Id 66c92734-d682-4d71-983e-d6ec3f16059fError: (06/26/2013 06:02:20 AM) (Source: Software Protection Platform Service) (User: )Description: License acquisition failure details.hr=0x80072F8FSystem errors:=============Error: (08/15/2013 05:32:01 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.Error: (08/15/2013 03:52:32 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.Error: (08/08/2013 00:36:56 PM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.Error: (08/08/2013 05:32:11 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.Error: (08/08/2013 01:42:14 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.Error: (08/07/2013 06:43:52 PM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.Error: (08/07/2013 06:14:32 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.Error: (07/30/2013 05:33:06 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.Error: (07/29/2013 05:35:22 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.Error: (07/28/2013 05:31:59 AM) (Source: Microsoft-Windows-HAL) (User: )Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.Microsoft Office Sessions:=========================Error: (07/12/2013 04:00:12 PM) (Source: Application Error)(User: )Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc000000500173668efc01ce7f3a4a453f70C:Program FilesMozilla Firefoxfirefox.exeC:Program FilesMozilla Firefoxxul.dlla8c87f80-eb2d-11e2-bb47-0024e833104eError: (06/26/2013 06:02:20 AM) (Source: Software Protection Platform Service)(User: )Description: hr=0x80072F8F66c92734-d682-4d71-983e-d6ec3f16059fError: (06/26/2013 06:02:20 AM) (Source: Software Protection Platform Service)(User: )Description: hr=0x80072F8F00010001(0x00000000, 06:02:20:458 - http://go.microsoft.com/fwlink/?LinkId=151642)00020001(0x00000000, 06:02:20:458)00030001(0x00000000, 06:02:20:458 - http://go.microsoft.com)00030002(0x00000000, 06:02:20:458 - 0)00040001(0x00000000, 06:02:20:458 - http://go.microsoft.com)00040002(0x00000000, 06:02:20:458 - 1, <NULL>, <NULL>, <NULL>)00040004(0x00000000, 06:02:20:473 - http://192.168.1.254/wpad.dat)00040005(0x80072F87, 06:02:20:489 - 0, http://go.microsoft.com, <NULL>, <NULL>)00040006(0x00000000, 06:02:20:489 - 1, http://go.microsoft.com, <NULL>, <local>)00020005(0x00000000, 06:02:20:489 - 0)0002000C(0x00000000, 06:02:20:583 - 302)0002000E(0x00000000, 06:02:20:583 - http://gateway.2wire.net/xslt?PAGE=HURL03)00020001(0x00000000, 06:02:20:583)00020014(0x80072F8F, 06:02:20:583)00010002(0x80072F8F, 06:02:20:583 - <NULL>)00010003(0x80072F8F, 06:02:20:583)CodeIntegrity Errors:=================================== Date: 2013-06-19 17:17:07.143 Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2Program FilesCheckPointZAForceFieldPluginsISWSHEX.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-19 17:02:22.991 Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2Program FilesCheckPointZAForceFieldPluginsISWSHEX.dll because the set of per-page image hashes could not be found on the system. Date: 2013-06-19 16:53:37.381 Description: Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2Program FilesCheckPointZAForceFieldPluginsISWSHEX.dll because the set of per-page image hashes could not be found on the system.==================== Memory info ===========================Percentage of memory in use: 35%Total physical RAM: 3518.43 MBAvailable physical RAM: 2276.98 MBTotal Pagefile: 7035.15 MBAvailable Pagefile: 5892.25 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1901.97 MB==================== Drives ================================Drive c: () (Fixed) (Total:465.66 GB) (Free:408.54 GB) NTFSDrive g: () (Removable) (Total:29.8 GB) (Free:0.06 GB) FAT32==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 508130A2)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)========================================================Disk: 1 (Size: 30 GB) (Disk ID: 00000000)Partition 1: (Not Active) - (Size=30 GB) - (Type=0C)==================== End Of Log ============================

Link to post
Share on other sites

Hi. :)

 

Hello Dakeyras, thank you for stepping in to continue helping me. I appreciate everything the others have done so far.

On behalf of myself and Jacee etc you're most welcome!

 

I am concerned about my own computer as well as my husbands computers. Mine is a desktop with Widows 7. I decided to run the FARBAR scan before I do anything else on mine to see if it finds any problems or not.

Fair play, however did you not notice what I actually posted regarding your machine ?

 

This specifically:-

 

Do you mean your own Windows 7 machine Jacee assisted you with ? If so no need as she completed a malware removal process with that one and if any further infections were on-board they would have been revealed by the eset online scan.

Not a problem if you did and or say misunderstood what I meant. Anyway what I mentioned prior still stands and I have reviewed the logs you posted and there are no malware issues with your machine that I can discern.

 

Next:

 

Any questions ? Feel free to ask, if not stay safe!

Link to post
Share on other sites

That is good news about my computer! I've been running scans on it with several online scanners now and it is finding stuff but I don't think it is anything more than adware, etc. My computer seems to be acting fine, other than the curser flyig across the screen now and then but maybe I just do things too fast sometimes.

 

I will do what you have said regarding the flash drive!!

 

THANK YOU EVERYONE FOR YOUR PATIENCE AND HELP!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

 

'Bye' from this oldlady.

Link to post
Share on other sites

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

 

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...