Author Topic: [InActive K] System Restore was unable to create a restore point.  (Read 550 times)

0 Members and 1 Guest are viewing this topic.

Offline Atomicdog1983

  • Bronze Member
  • Posts: 1
ComboFix 12-01-12.04 - DRLJE 01/12/2012  18:26:55.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1982.1258 [GMT -5:00]
Running from: c:\documents and settings\DRLJE\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Webroot SecureAnywhere *Enabled/Updated* {D486329C-1488-4CEB-9CC8-D662B732D904}
FW: Kaspersky Internet Security *Enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\1r81037631qks236
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\DFC5A2B2.TMP
c:\documents and settings\DRLJE\Templates\1r81037631qks236
.
.
(((((((((((((((((((((((((   Files Created from 2011-12-12 to 2012-01-12  )))))))))))))))))))))))))))))))
.
.
2012-01-12 11:45 . 2012-01-12 11:45   --------   d-----w-   c:\program files\CCleaner
2012-01-12 03:07 . 2012-01-12 03:07   --------   d-----w-   c:\documents and settings\DRLJE\Application Data\PCTools
2012-01-10 11:49 . 2012-01-10 11:49   --------   d-----w-   c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2012-01-10 11:18 . 2012-01-10 11:18   --------   d-----w-   c:\documents and settings\DRLJE\Local Settings\Application Data\Threat Expert
2012-01-10 06:18 . 2012-01-10 06:18   --------   d-----w-   c:\documents and settings\DRLJE\Application Data\Registry Mechanic
2012-01-10 06:13 . 2011-11-14 21:06   767952   ----a-w-   c:\windows\BDTSupport.dll
2012-01-10 06:13 . 2011-09-28 18:14   56840   ----a-w-   c:\windows\system32\drivers\PCTBD.sys
2012-01-10 06:13 . 2011-11-14 21:07   149456   ----a-w-   c:\windows\SGDetectionTool.dll
2012-01-10 06:13 . 2011-11-14 21:07   2246608   ----a-w-   c:\windows\PCTBDCore.dll
2012-01-10 06:13 . 2011-11-14 21:07   1681360   ----a-w-   c:\windows\PCTBDRes.dll
2012-01-10 06:10 . 2011-10-07 22:52   660992   ----a-w-   c:\windows\system32\drivers\pctEFA.sys
2012-01-10 06:10 . 2011-10-07 22:52   341656   ----a-w-   c:\windows\system32\drivers\pctDS.sys
2012-01-10 06:10 . 2011-11-23 00:38   253096   ----a-w-   c:\windows\system32\drivers\pctgntdi.sys
2012-01-10 06:10 . 2011-11-14 20:12   331880   ----a-w-   c:\windows\system32\drivers\PCTCore.sys
2012-01-10 06:10 . 2011-11-14 20:12   162584   ----a-w-   c:\windows\system32\drivers\PCTAppEvent.sys
2012-01-10 06:09 . 2011-11-23 00:42   185560   ----a-w-   c:\windows\system32\drivers\PCTSD.sys
2012-01-10 06:09 . 2011-11-23 00:41   17848   ----a-w-   c:\windows\system32\drivers\pctBTFix.sys
2012-01-04 04:49 . 2012-01-04 04:49   --------   d-----w-   c:\documents and settings\DRLJE\Application Data\Product_RM
2011-12-28 14:47 . 2011-12-28 14:47   --------   d-----w-   c:\windows\system32\wbem\Repository
2011-12-28 14:37 . 2011-12-28 14:41   --------   d-s---w-   c:\documents and settings\Administrator
2011-12-28 04:49 . 2011-12-28 09:07   --------   d---a-w-   C:\Kaspersky Rescue Disk 10.0
2011-12-15 03:24 . 2011-12-15 03:25   --------   d-----w-   C:\Music-Google 2011
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-15 23:55 . 2011-12-09 00:03   141272   ----a-w-   c:\windows\system32\WRusr.dll
2011-12-15 23:55 . 2011-12-09 00:03   107336   ----a-w-   c:\windows\system32\drivers\WRkrn.sys
2011-11-25 21:57 . 2004-08-04 12:00   293376   ----a-w-   c:\windows\system32\winsrv.dll
2011-11-23 13:25 . 2004-08-04 12:00   1859584   ------w-   c:\windows\system32\win32k.sys
2011-11-18 12:35 . 2004-08-04 12:00   60416   ------w-   c:\windows\system32\packager.exe
2011-11-16 14:21 . 2004-08-04 12:00   354816   ----a-w-   c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2004-08-04 12:00   152064   ----a-w-   c:\windows\system32\schannel.dll
2011-11-12 06:13 . 2011-05-18 23:25   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:20 . 2004-08-04 12:00   916992   ----a-w-   c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-08-04 12:00   43520   ------w-   c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2004-08-04 12:00   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-04 12:00   385024   ------w-   c:\windows\system32\html.iec
2011-11-03 15:28 . 2004-08-04 12:00   386048   ------w-   c:\windows\system32\qdvd.dll
2011-11-03 15:28 . 2004-08-04 12:00   1292288   ------w-   c:\windows\system32\quartz.dll
2011-11-01 16:07 . 2004-08-04 12:00   1288704   ----a-w-   c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2004-08-04 12:00   33280   ------w-   c:\windows\system32\csrsrv.dll
2011-10-25 13:33 . 2004-08-04 12:00   2192768   ------w-   c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-03 22:59   2069376   ------w-   c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2004-08-04 12:00   186880   ------w-   c:\windows\system32\encdec.dll
2011-07-08 07:16 . 2011-08-02 03:25   142296   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-27 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-25 202296]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-08 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"WRSVC"="c:\program files\Webroot\WRSA.exe" [2011-12-15 637208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Xfinity TV Downloads Media Manager.lnk]
backup=c:\windows\pss\Xfinity TV Downloads Media Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^DRLJE^Start Menu^Programs^Startup^FrostWire On Startup.lnk]
backup=c:\windows\pss\FrostWire On Startup.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2008-04-23 07:08   483328   ----a-w-   c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 11:22   59240   ----a-w-   c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-05-07 16:40   149040   ----a-w-   c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
2005-11-22 21:38   221184   ----a-w-   c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-02-15 01:32   1230704   ----a-w-   c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-11-13 05:24   421736   ----a-w-   c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KodakShareButtonApp]
2011-03-07 16:21   107008   ----a-w-   c:\program files\Kodak\KODAK Share Button App\Listener.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 03:12   3872080   ----a-w-   c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-16 02:02   153136   ----a-w-   c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-01-07 17:12   253672   ----a-w-   c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 21:45   313472   ----a-w-   c:\program files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Window Washer]
2007-11-26 19:47   1206600   ----a-w-   c:\program files\Webroot\Washer\wwDisp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\FrostWire 5\\FrostWire.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [1/10/2012 1:10 AM 331880]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [1/10/2012 1:10 AM 341656]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [1/10/2012 1:10 AM 660992]
R0 WRkrn;WRkrn;c:\windows\system32\drivers\WRkrn.sys [12/8/2011 7:03 PM 107336]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [12/27/2010 3:11 AM 13696]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [3/4/2011 1:23 PM 11352]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [1/10/2012 1:10 AM 253096]
R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [1/10/2012 1:09 AM 185560]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [1/10/2012 1:13 AM 546768]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [1/10/2012 12:50 AM 793048]
R2 SlingAgentService;SlingAgentService;c:\program files\Sling Media\SlingAgent\SlingAgentService.exe [11/3/2010 7:19 PM 94024]
R2 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe [2/20/2011 6:17 PM 598856]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [5/7/2010 12:06 PM 32856]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [11/2/2009 8:27 PM 19472]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [4/15/2011 2:07 PM 47360]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\drivers\PCTBD.sys [1/10/2012 1:13 AM 56840]
S0 89132439;89132439;c:\windows\system32\DRIVERS\89132439.sys --> c:\windows\system32\DRIVERS\89132439.sys [?]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S0 ssfs0bbc;ssfs0bbc;c:\windows\system32\DRIVERS\ssfs0bbc.sys --> c:\windows\system32\DRIVERS\ssfs0bbc.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/27/2010 11:11 AM 136176]
S2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [12/8/2011 7:02 PM 637208]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/27/2010 11:11 AM 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [1/10/2012 1:09 AM 70536]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools\PC Tools Security\pctsAuxs.exe [1/10/2012 1:09 AM 402336]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [5/6/2008 3:06 PM 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - PCTSDInjDriver32
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-27 16:11]
.
2012-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-27 16:11]
.
2012-01-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-963894560-725345543-1003Core.job
- c:\documents and settings\DRLJE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-16 05:23]
.
2012-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-963894560-725345543-1003UA.job
- c:\documents and settings\DRLJE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-11-16 05:23]
.
2012-01-12 c:\windows\Tasks\RMSchedule.job
- c:\program files\PC Tools\PC Tools Registry Mechanic\RegMech.exe [2012-01-10 19:06]
.
2012-01-12 c:\windows\Tasks\RMSmartUpdate.job
- c:\program files\PC Tools\PC Tools Registry Mechanic\Update.exe [2012-01-10 19:06]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
FF - ProfilePath - c:\documents and settings\DRLJE\Application Data\Mozilla\Firefox\Profiles\tohzejdk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q=
.
.
------- File Associations -------
.
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-RegistryMechanic - c:\program files\Registry Mechanic\RegMech.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-12 18:42
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(764)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
Completion time: 2012-01-12  18:49:58
ComboFix-quarantined-files.txt  2012-01-12 23:49
.
Pre-Run: 157,439,479,808 bytes free
Post-Run: 157,505,986,560 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - E741C10513FC7D8339AF2543CC6A9978
« Last Edit: January 16, 2012, 01:27:19 am by kevinf80 »



Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7342
Re: [InActive K] System Restore was unable to create a restore point.
« Reply #1 on: January 13, 2012, 05:32:36 am »
Hello Atomicdog1983 and welcome to SpywareHammer,

I'm kevinf80 and I will be helping with any malware issues you may have with your system.
  • Please be aware that some of the logs I may ask for can be very complex and can take a long time to decipher. I am a volunteer here with a job and family so I ask that you be patient when waiting for replies.
  • Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.
  • Either print or Save to Notepad all instructions and please follow them carefully, if there's something you don't understand or that will not work please let me know and we will go through it together.
  • Malware is often buggy and can be very unstable, with that in mind it is advisable to backup any important data before we begin.
  • If you do not reply within 72 hours the thread will be closed, if you need more time let me know. Likewise if I do not respond within 48 hours feel free to PM me.
  • If you have any P2P applications installed such as BitTorrent, uTorrent, Limewire etc etc, please uninstall them before we begin.
  • If you are using Cracked or Illegal software your thread will be locked and all help will cease.

Combofix is a very powerful tool and should never be run without guidance, unless of course you are an experienced user. There is no explanation in your log, jst the brief reference in the header.

If system restore is your only issue do the following and post the produced log:

Please download Farbar Service Scanner and run it on the computer with the issue.

Make sure the following options are checked:

  • System Restore
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Kevin


Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7342
Re: [InActive K] System Restore was unable to create a restore point.
« Reply #2 on: January 15, 2012, 02:20:15 am »
Do you still need help

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7342
Re: [InActive K] System Restore was unable to create a restore point.
« Reply #3 on: January 16, 2012, 01:26:40 am »
Due to the lack of feedback this topic is closed. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!