Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: CPU suddenly goes 100%. always requiring hard reboot. Please help

  1. #11
    Member sanjupan's Avatar
    Join Date
    Sep 2010
    Posts
    45

    Default mbr check logs

    Logs below
    Thanks
    Sanjupan

    -------------------------------------------------------------------
    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows 7 Professional
    Windows Information: Service Pack 1 (build 7601), 32-bit
    Base Board Manufacturer: Dell Inc.
    BIOS Manufacturer: Dell Inc.
    System Manufacturer: Dell Inc.
    System Product Name: Latitude E5500
    Logical Drives Mask: 0x0000001c

    Kernel Drivers (total 203):
    0x82E17000 \SystemRoot\system32\ntkrnlpa.exe
    0x83229000 \SystemRoot\system32\halmacpi.dll
    0x80B97000 \SystemRoot\system32\kdcom.dll
    0x8C208000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
    0x8C28D000 \SystemRoot\system32\PSHED.dll
    0x8C29E000 \SystemRoot\system32\BOOTVID.dll
    0x8C2A6000 \SystemRoot\system32\CLFS.SYS
    0x8C2E8000 \SystemRoot\system32\CI.dll
    0x8C417000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x8C488000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x8C496000 \SystemRoot\system32\drivers\ACPI.sys
    0x8C4DE000 \SystemRoot\system32\drivers\WMILIB.SYS
    0x8C4E7000 \SystemRoot\system32\drivers\msisadrv.sys
    0x8C4EF000 \SystemRoot\system32\drivers\pci.sys
    0x8C519000 \SystemRoot\system32\drivers\vdrvroot.sys
    0x8C524000 \SystemRoot\System32\drivers\partmgr.sys
    0x8C535000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x8C53D000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x8C548000 \SystemRoot\system32\drivers\volmgr.sys
    0x8C558000 \SystemRoot\System32\drivers\volmgrx.sys
    0x8C5A3000 \SystemRoot\system32\DRIVERS\pcmcia.sys
    0x8C5D1000 \SystemRoot\System32\drivers\mountmgr.sys
    0x8C393000 \SystemRoot\system32\drivers\vmbus.sys
    0x8C5E7000 \SystemRoot\system32\drivers\winhv.sys
    0x8C637000 \SystemRoot\system32\DRIVERS\iaStor.sys
    0x8C711000 \SystemRoot\system32\drivers\amdxata.sys
    0x8C71A000 \SystemRoot\system32\drivers\fltmgr.sys
    0x8C74E000 \SystemRoot\system32\drivers\fileinfo.sys
    0x8C75F000 \SystemRoot\System32\Drivers\PxHelp20.sys
    0x8C833000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x8C962000 \SystemRoot\System32\Drivers\msrpc.sys
    0x8C98D000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x8C9A0000 \SystemRoot\System32\Drivers\cng.sys
    0x8C800000 \SystemRoot\System32\drivers\pcw.sys
    0x8C80E000 \SystemRoot\System32\Drivers\Fs_Rec.sys
    0x8CA3D000 \SystemRoot\system32\drivers\ndis.sys
    0x8CAF4000 \SystemRoot\system32\drivers\NETIO.SYS
    0x8CB32000 \SystemRoot\System32\Drivers\ksecpkg.sys
    0x8CC02000 \SystemRoot\System32\drivers\tcpip.sys
    0x8CD4C000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x8CD7D000 \SystemRoot\system32\drivers\vmstorfl.sys
    0x8CD86000 \SystemRoot\system32\drivers\volsnap.sys
    0x8CDC5000 \SystemRoot\System32\Drivers\spldr.sys
    0x8CDCD000 \SystemRoot\System32\drivers\rdyboost.sys
    0x8CB57000 \SystemRoot\system32\DRIVERS\PBADRV.sys
    0x8CB62000 \SystemRoot\System32\Drivers\mup.sys
    0x8CB72000 \SystemRoot\System32\drivers\hwpolicy.sys
    0x8CB7A000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x8CBAC000 \SystemRoot\system32\DRIVERS\disk.sys
    0x8CBBD000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    0x91713000 \SystemRoot\system32\drivers\cdrom.sys
    0x91732000 \SystemRoot\System32\Drivers\Null.SYS
    0x91739000 \SystemRoot\System32\Drivers\Beep.SYS
    0x91740000 \SystemRoot\System32\drivers\vga.sys
    0x9174C000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x9176D000 \SystemRoot\System32\drivers\watchdog.sys
    0x9177A000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x91782000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x9178A000 \SystemRoot\system32\drivers\rdprefmp.sys
    0x91792000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x9179D000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x917AB000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x917C2000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x8C769000 \SystemRoot\system32\drivers\afd.sys
    0x917CE000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x91600000 \SystemRoot\system32\DRIVERS\wfplwf.sys
    0x91607000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x8CBEF000 \SystemRoot\system32\DRIVERS\vwififlt.sys
    0x8CA00000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x8CA0E000 \SystemRoot\system32\DRIVERS\serial.sys
    0x8CA28000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x8C817000 \SystemRoot\system32\drivers\termdd.sys
    0x8C3BD000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x8C828000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x8C7C3000 \SystemRoot\system32\drivers\mssmbios.sys
    0x8CDFA000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
    0x8C7CD000 \SystemRoot\System32\drivers\discache.sys
    0x9203D000 \SystemRoot\system32\drivers\csc.sys
    0x920A1000 \SystemRoot\System32\Drivers\dfsc.sys
    0x920B9000 \SystemRoot\system32\DRIVERS\blbdrive.sys
    0x920C7000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x92C1B000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
    0x9323D000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x932F4000 \SystemRoot\System32\drivers\dxgmms1.sys
    0x9332D000 \SystemRoot\system32\DRIVERS\usbuhci.sys
    0x93338000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x93383000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x93392000 \SystemRoot\system32\drivers\HDAudBus.sys
    0x9481F000 \SystemRoot\system32\DRIVERS\NETw5s32.sys
    0x94800000 \SystemRoot\system32\DRIVERS\vwifibus.sys
    0x933B1000 \SystemRoot\system32\DRIVERS\b57nd60x.sys
    0x920E8000 \SystemRoot\system32\drivers\1394ohci.sys
    0x92C00000 \SystemRoot\system32\drivers\sdbus.sys
    0x9480A000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
    0x92115000 \SystemRoot\system32\drivers\i8042prt.sys
    0x9212D000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
    0x933F2000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x92166000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x92173000 \SystemRoot\system32\DRIVERS\serenum.sys
    0x9217D000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x9481B000 \SystemRoot\system32\DRIVERS\CmBatt.sys
    0x92183000 \SystemRoot\system32\drivers\wmiacpi.sys
    0x921B5000 \SystemRoot\system32\DRIVERS\intelppm.sys
    0x921C7000 \SystemRoot\system32\drivers\CompositeBus.sys
    0x921D4000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
    0x921E6000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x92000000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x9200B000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x9218C000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x8C7D9000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x8C600000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x921A4000 \SystemRoot\System32\Drivers\PdiPorts.sys
    0x921A7000 \SystemRoot\system32\DRIVERS\rdpbus.sys
    0x9202D000 \SystemRoot\system32\DRIVERS\VClone.sys
    0x9580A000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
    0x95830000 \SystemRoot\system32\drivers\swenum.sys
    0x95832000 \SystemRoot\system32\drivers\ks.sys
    0x95866000 \SystemRoot\system32\drivers\umbus.sys
    0x95874000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x958B8000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x958C9000 \SystemRoot\system32\DRIVERS\stwrt.sys
    0x95931000 \SystemRoot\system32\DRIVERS\portcls.sys
    0x95960000 \SystemRoot\system32\DRIVERS\drmk.sys
    0x95979000 \SystemRoot\system32\drivers\IntcHdmi.sys
    0x81F60000 \SystemRoot\System32\win32k.sys
    0x9599C000 \SystemRoot\System32\drivers\Dxapi.sys
    0x959A6000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x91626000 \SystemRoot\System32\Drivers\dump_iaStor.sys
    0x959B3000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0x959C4000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x821C0000 \SystemRoot\System32\TSDDD.dll
    0x81E00000 \SystemRoot\System32\cdd.dll
    0x959CF000 \SystemRoot\system32\drivers\luafv.sys
    0x92A32000 \SystemRoot\system32\DRIVERS\WavxDMgr.sys
    0x92A69000 \SystemRoot\system32\drivers\WudfPf.sys
    0x92A83000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0x92A8E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0x92AA1000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0x92AA8000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x92AAA000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0x92AB5000 \SystemRoot\system32\DRIVERS\kbdhid.sys
    0x92AC1000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x92AD8000 \SystemRoot\system32\DRIVERS\acpials.sys
    0x92AE0000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
    0x92B01000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x92B11000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0x92B57000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0x92B67000 \SystemRoot\system32\DRIVERS\pnarp.sys
    0x92B71000 \SystemRoot\system32\DRIVERS\purendis.sys
    0x92B7B000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0x92B8E000 \SystemRoot\system32\DRIVERS\vwifimp.sys
    0x9D037000 \SystemRoot\system32\drivers\HTTP.sys
    0x9D0BC000 \SystemRoot\system32\DRIVERS\bowser.sys
    0x9D0D5000 \SystemRoot\System32\drivers\mpsdrv.sys
    0x9D0E7000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x9D10A000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0x9D145000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0x9D160000 \SystemRoot\system32\drivers\peauth.sys
    0x9D000000 \SystemRoot\System32\Drivers\secdrv.SYS
    0x9D00A000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0x92B97000 \SystemRoot\System32\drivers\tcpipreg.sys
    0x92BA4000 \SystemRoot\System32\DRIVERS\srv2.sys
    0xB3A16000 \SystemRoot\System32\DRIVERS\srv.sys
    0xB3A68000 \SystemRoot\System32\Drivers\fastfat.SYS
    0x77400000 \Windows\System32\ntdll.dll
    0x479F0000 \Windows\System32\smss.exe
    0x77640000 \Windows\System32\apisetschema.dll
    0x00F30000 \Windows\System32\autochk.exe
    0x775B0000 \Windows\System32\comdlg32.dll
    0x77320000 \Windows\System32\kernel32.dll
    0x77560000 \Windows\System32\gdi32.dll
    0x77180000 \Windows\System32\setupapi.dll
    0x76FC0000 \Windows\System32\iertutil.dll
    0x76F60000 \Windows\System32\difxapi.dll
    0x76EB0000 \Windows\System32\rpcrt4.dll
    0x76E70000 \Windows\System32\ws2_32.dll
    0x77550000 \Windows\System32\nsi.dll
    0x76DD0000 \Windows\System32\advapi32.dll
    0x76C70000 \Windows\System32\ole32.dll
    0x76BE0000 \Windows\System32\oleaut32.dll
    0x76B90000 \Windows\System32\Wldap32.dll
    0x76B60000 \Windows\System32\imagehlp.dll
    0x76B40000 \Windows\System32\imm32.dll
    0x76AA0000 \Windows\System32\usp10.dll
    0x769F0000 \Windows\System32\msvcrt.dll
    0x768D0000 \Windows\System32\wininet.dll
    0x76840000 \Windows\System32\clbcatq.dll
    0x77540000 \Windows\System32\normaliz.dll
    0x76720000 \Windows\System32\urlmon.dll
    0x766C0000 \Windows\System32\shlwapi.dll
    0x765F0000 \Windows\System32\user32.dll
    0x76520000 \Windows\System32\msctf.dll
    0x758D0000 \Windows\System32\shell32.dll
    0x758C0000 \Windows\System32\lpk.dll
    0x758B0000 \Windows\System32\psapi.dll
    0x75890000 \Windows\System32\sechost.dll
    0x75860000 \Windows\System32\cfgmgr32.dll
    0x75840000 \Windows\System32\devobj.dll
    0x75810000 \Windows\System32\wintrust.dll
    0x75780000 \Windows\System32\comctl32.dll
    0x75730000 \Windows\System32\KernelBase.dll
    0x75610000 \Windows\System32\crypt32.dll
    0x75600000 \Windows\System32\msasn1.dll

    Processes (total 100):
    0 System Idle Process
    4 System
    300 C:\Windows\System32\smss.exe
    472 csrss.exe
    524 C:\Windows\System32\wininit.exe
    536 csrss.exe
    580 C:\Windows\System32\services.exe
    596 C:\Windows\System32\lsass.exe
    604 C:\Windows\System32\lsm.exe
    668 C:\Windows\System32\winlogon.exe
    756 C:\Windows\System32\svchost.exe
    816 C:\Program Files\Fingerprint Sensor\AtService.exe
    852 C:\Windows\System32\svchost.exe
    896 C:\Windows\System32\svchost.exe
    992 C:\Windows\System32\svchost.exe
    1044 C:\Windows\System32\svchost.exe
    1076 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\stacsv.exe
    1248 C:\Windows\System32\svchost.exe
    1420 WUDFHost.exe
    1488 C:\Windows\System32\svchost.exe
    1680 C:\Windows\System32\spoolsv.exe
    1744 C:\Windows\System32\svchost.exe
    1932 C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
    1976 C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
    2000 C:\Program Files\Bonjour\mDNSResponder.exe
    2020 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    112 C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
    488 C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
    600 C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    944 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    1360 C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
    396 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    1764 C:\Windows\System32\java.exe
    708 C:\Windows\System32\conhost.exe
    2136 C:\Program Files\Iomega Storage Manager\pCloudd.exe
    2156 C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
    2220 C:\Windows\System32\svchost.exe
    2264 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
    2328 dllhost.exe
    2420 WmiPrvSE.exe
    2488 unsecapp.exe
    2576 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    2940 WmiPrvSE.exe
    3008 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    3132 C:\Windows\System32\taskhost.exe
    3184 C:\Windows\System32\dwm.exe
    3484 C:\Windows\explorer.exe
    3664 C:\Program Files\DellTPad\Apoint.exe
    3676 C:\Program Files\IDT\WDM\sttray.exe
    3704 C:\Windows\System32\hkcmd.exe
    3724 C:\Windows\System32\igfxpers.exe
    3732 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    3740 C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
    3752 C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
    3788 C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
    3796 C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
    3808 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    3816 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    3824 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
    4084 C:\Program Files\pdfconverter.com\PDF Converter Elite\2009\pcSONPrnDisp.exe
    1564 C:\Windows\System32\igfxsrvc.exe
    2372 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    3072 C:\Windows\System32\svchost.exe
    3532 C:\Windows\System32\svchost.exe
    3904 C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
    1416 C:\Program Files\Acer Display\eDisplay Management\dthtml.exe
    3556 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    2364 C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
    4152 C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
    4328 C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
    4336 C:\Windows\System32\conhost.exe
    4344 C:\Program Files\DellTPad\ApMsgFwd.exe
    4404 C:\Program Files\DellTPad\hidfind.exe
    4412 C:\Program Files\DellTPad\ApntEx.exe
    4432 C:\Windows\System32\conhost.exe
    4504 C:\Windows\System32\igfxext.exe
    4852 C:\Program Files\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe
    5112 C:\Windows\System32\svchost.exe
    5300 C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
    5316 C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe
    5516 C:\Program Files\Internet Explorer\iexplore.exe
    5564 C:\Program Files\Internet Explorer\iexplore.exe
    3696 C:\Windows\System32\taskmgr.exe
    4140 dllhost.exe
    5884 C:\Windows\System32\svchost.exe
    5384 C:\Windows\System32\svchost.exe
    4308 C:\Users\Sanjana\AppData\Roaming\Aventail\ewpca\ewpca.exe
    4828 C:\Program Files\Internet Explorer\iexplore.exe
    732 C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
    5028 C:\Program Files\Java\jre6\bin\java.exe
    572 C:\Windows\System32\conhost.exe
    5372 C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
    3020 C:\Program Files\Java\jre6\bin\java.exe
    4072 C:\Windows\System32\conhost.exe
    1740 C:\Windows\System32\audiodg.exe
    2808 <unknown>
    5916 dllhost.exe
    924 dllhost.exe
    3024 C:\Data\MalwareRemoval\9thApr2012\MBRCheck.exe
    688 C:\Windows\System32\conhost.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`ac000000 (NTFS)

    PhysicalDrive0 Model Number: SAMSUNGHM250HI, Rev: 2AC101C4

    Size Device Name MBR Status
    --------------------------------------------
    232 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
    SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979

  2. #12
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    14,570

    Default

    Your fine. No infection in that area.

    Sometimes when you have high CPU use and lockups, it could be either hardware or software related, can you think back if you installed any new software programs or a piece of hardware like a printer prior to you having this problem ? Let me know if it persists and if so I can link you to a windows forum to help you sort out anything that may be causing problems
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #13
    Member sanjupan's Avatar
    Join Date
    Sep 2010
    Posts
    45

    Default thanks

    Thanks Ken545. Will do. Until now no issues. Let me know if I need to run any other tests to detect hardware issues.
    Thanks
    Sanjupan

  4. #14
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    14,570

    Default

    Good Morning,

    Looks like your good to go

    • Click START then RUN
    • Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.






    Malwarebytes is the free version and yours to keep and will not be removed





    Safe Surfn
    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  5. #15
    Member sanjupan's Avatar
    Join Date
    Sep 2010
    Posts
    45

    Default

    I spoke too soon. My CPU went to 100 requiring a reboot one time today. Is there anything else I can look at ?
    Thanks
    Sanjupan

  6. #16
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    14,570

    Default

    Lets go ahead and get a fresh copy of Combofix, make sure to run it from your desktop

    Download ComboFix from one of these locations:

    Link 1
    Link 2


    * IMPORTANT !!! Save ComboFix.exe to your Desktop


    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    • See this Link for programs that need to be disabled and instruction on how to disable them.
    • Remember to re-enable them when we're done.

    • Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.




    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    *If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  7. #17
    Member sanjupan's Avatar
    Join Date
    Sep 2010
    Posts
    45

    Default combofix logs

    ComboFix 12-05-03.01 - Sanjana 05/03/2012 5:15.6.2 - x86 NETWORK
    Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3539.2689 [GMT -4:00]
    Running from: c:\data\MalwareRemoval\9thApr2012\ComboFix.exe
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Sanjana\AppData\Local\assembly\tmp
    c:\windows\system32\test
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-04-03 to 2012-05-03 )))))))))))))))))))))))))))))))
    .
    .
    2012-05-03 09:24 . 2012-05-03 09:24 -------- d-----w- c:\users\TEMP\AppData\Local\temp
    2012-05-03 09:24 . 2012-05-03 09:24 -------- d-----w- c:\users\Public\AppData\Local\temp
    2012-05-03 09:24 . 2012-05-03 09:24 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-05-03 05:31 . 2012-05-03 05:31 -------- d-----w- c:\program files\ESET
    2012-05-02 04:06 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8698DCAD-E1DE-4492-B0F1-8FAB9B1EBDCC}\mpengine.dll
    2012-04-19 17:28 . 2012-04-19 17:28 -------- d-----w- c:\program files\SDA
    2012-04-19 17:27 . 2012-04-19 17:27 -------- d-----w- c:\users\Sanjana\AppData\Local\Downloaded Installations
    2012-04-19 14:51 . 2012-03-13 23:18 2469760 ----a-w- c:\windows\system32\BootMan.exe
    2012-04-19 14:51 . 2011-07-29 17:54 19840 ----a-w- c:\windows\system32\EuEpmGdi.dll
    2012-04-19 14:51 . 2011-07-29 17:54 86408 ----a-w- c:\windows\system32\setupempdrv03.exe
    2012-04-19 14:51 . 2011-07-29 17:54 8456 ----a-w- c:\windows\system32\EuGdiDrv.sys
    2012-04-19 14:51 . 2011-07-29 17:54 14216 ----a-w- c:\windows\system32\epmntdrv.sys
    2012-04-19 14:51 . 2012-04-19 14:51 -------- d-----w- c:\program files\EASEUS
    2012-04-12 17:03 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2012-04-12 17:03 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
    2012-04-12 17:03 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
    2012-04-12 17:03 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
    2012-04-12 17:03 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-04-12 17:03 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-04-09 06:56 . 2012-04-16 11:22 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-05-03 02:38 . 2010-02-05 01:18 0 ----a-w- c:\users\Sanjana\AppData\Local\WavXMapDrive.bat
    2012-04-16 11:22 . 2011-07-27 17:41 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-03-14 19:00 . 2010-05-15 21:41 2478272 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
    2012-02-23 14:18 . 2010-02-05 02:35 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-02-17 05:34 . 2012-03-14 13:36 826880 ----a-w- c:\windows\system32\rdpcore.dll
    2012-02-17 04:14 . 2012-03-14 13:36 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-02-17 04:13 . 2012-03-14 13:36 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
    2012-02-15 16:01 . 2012-02-15 16:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
    2012-02-15 16:01 . 2012-02-15 16:01 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
    2012-02-14 16:09 . 2012-02-14 16:09 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
    2012-02-10 05:38 . 2012-03-14 13:37 1077248 ----a-w- c:\windows\system32\DWrite.dll
    2011-08-23 16:44 . 2011-07-27 17:50 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
    @="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
    [HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
    2009-06-12 00:41 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
    @="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
    [HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
    2009-06-12 00:41 49152 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
    "Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-19 249856]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-08-01 458844]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-03 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-03 174104]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-03 151064]
    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
    "DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-06-12 656384]
    "DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2009-10-06 1826816]
    "ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2009-06-03 184320]
    "WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2009-07-27 134656]
    "USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2009-08-14 15872]
    "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
    "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
    "nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-12 642856]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240]
    "PDF Converter Elite Print Dispatcher"="c:\program files\pdfconverter.com\PDF Converter Elite\2009\pcSONPrnDisp.exe" [2009-11-13 53248]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "PivotSoftware"="c:\program files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" [2010-05-13 110192]
    "DT ACR"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2010-06-30 121456]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "GrpConv"="grpconv -o" [X]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-11 795936]
    Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-7-16 1245472]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    "Google Update"="c:\users\Sanjana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
    "DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" start
    "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    "TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" -osboot
    .
    R2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2009-05-15 1803512]
    R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-04-27 293968]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [2009-07-16 382752]
    R2 gupdate1caaec57f5ab489;Google Update Service (gupdate1caaec57f5ab489);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 133104]
    R2 LinksysUpdater;Linksys Updater;c:\program files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-11-13 204800]
    R2 PCloudd;PCloudd;c:\program files\Iomega Storage Manager\pCloudd.exe [2011-02-17 206336]
    R2 PdiService;Portrait Displays SDK Service;c:\program files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-04-16 109168]
    R2 SMManager;Smith Micro Connection Manager Service;c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [2009-10-06 76288]
    R3 acpials;ALS Sensor Filter;c:\windows\system32\DRIVERS\acpials.sys [2009-07-13 7680]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 253088]
    R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
    R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 45736]
    R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-31 29472]
    R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
    R3 EraserUtilDrv11010;EraserUtilDrv11010;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11010.sys [x]
    R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 133104]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 122368]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
    R3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NvtSp50.sys [x]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
    R3 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2009-07-02 47104]
    R3 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [2009-07-01 49152]
    R3 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [2009-07-05 38400]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-09 48128]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-26 1343400]
    R3 WPFFontCache_v0400;WPFFontCache_v0400;c:\windows\Microsoft.NET\Framework\v4.0.30128\WPF\WPFFontCache_v0400.exe [x]
    R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
    R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-05-03 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 11:22]
    .
    2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 05:04]
    .
    2012-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 05:04]
    .
    2012-04-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1208262141-4149667152-2894938055-1000Core.job
    - c:\users\Sanjana\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-28 01:25]
    .
    2012-05-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1208262141-4149667152-2894938055-1000UA.job
    - c:\users\Sanjana\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-28 01:25]
    .
    2012-04-29 c:\windows\Tasks\Norton Security Scan for Sanjana.job
    - c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-05-28 14:06]
    .
    .
    ------- Supplementary Scan -------
    .
    mStart Page = hxxp://www.yahoo.com
    uInternet Settings,ProxyOverride = local;*.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
    IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    Trusted Zone: barcap.com\connect
    Trusted Zone: google.com
    Trusted Zone: google.com\local
    Trusted Zone: google.com\maps
    Trusted Zone: google.com\www
    Trusted Zone: google.com.sg\www
    TCP: DhcpNameServer = 218.186.1.58 218.186.2.16 218.186.2.6
    DPF: {3BA494B1-D507-4C11-9BDA-D47E1A65DFCF} - hxxps://mcpuk1.jpmorgan.com/llclient/myonedesk-amer/winnt/AXNTEE.dll
    FF - ProfilePath - c:\users\Sanjana\AppData\Roaming\Mozilla\Firefox\Profiles\lps6crmv.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-1208262141-4149667152-2894938055-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "scansk"=hex(0):7f,af,35,60,0d,ba,19,77,58,09,13,4d,26,61,d8,9a,e5,f8,6d,09,79,
    c0,32,d9,a3,ec,dd,34,40,6d,92,49,27,d7,b2,7f,00,8d,82,32,00,00,00,00,00,00,\
    .
    [HKEY_USERS\S-1-5-21-1208262141-4149667152-2894938055-1000_Classes\CLSID\{7a41ce08-36ed-4270-8a34-880f76d8acda}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "Model"=dword:0000012e
    "Therad"=dword:0000001e
    "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
    38,95,44,85,b1,12,f9,90,dd,23,a1,8a,df,a8,03,3f,97,a3,12,d7,99,f3,3a,88,2b,\
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'Explorer.exe'(3244)
    c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
    .
    Completion time: 2012-05-03 05:27:47
    ComboFix-quarantined-files.txt 2012-05-03 09:27
    ComboFix2.txt 2011-12-06 18:28
    ComboFix3.txt 2011-02-06 23:01
    ComboFix4.txt 2011-02-04 04:10
    ComboFix5.txt 2012-05-03 09:14
    .
    Pre-Run: 86,896,922,624 bytes free
    Post-Run: 88,273,031,168 bytes free
    .
    - - End Of File - - A9F5E6F35A6862276648A3D1D9C555A9

  8. #18
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    14,570

    Default

    Hi,

    Nothing bad on your log, lets do this, post in this windows forum for help, explain exactly whats going on with your system, link them to this thread so they can see what we have done and that we believe that malware is not the problem.

    This site is free but you will need to register and post in there Windows Forum

    http://forums.whatthetech.com/index.php?showforum=119


    Good Luck

    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •