Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

exe files will not load propted to have adobe open which dosent work


  • Please log in to reply
1 reply to this topic

#1 Anna42

Anna42

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 20 August 2011 - 10:38 AM

two days ago a few of my short cuts stopped working and my Vaio asked which program to open them with... Now this is for most all of my loaded softwhere with the exception of IE. I think it might be a virus that came from a public hotspot. I also found the following log file on my desk top that just showed up/

#
# A fatal error has been detected by the Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x6d413f5f, pid=4948, tid=5148
#
# JRE version: 6.0_21-b07
# Java VM: Java HotSpot™ Client VM (17.0-b17 mixed mode, sharing windows-x86 )
# Problematic frame:
# C 0x6d413f5f
#
# If you would like to submit a bug report, please visit:
# http://java.sun.com/webapps/bugreport/crash.jsp
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#

--------------- T H R E A D ---------------

Current thread (0x0d128c00): JavaThread "main" [_thread_in_native, id=5148, stack(0x032c0000,0x034c0000)]

siginfo: ExceptionCode=0xc0000005, reading address 0x00000000

Registers:
EAX=0x00000000, EBX=0x3420a250, ECX=0x0a2eb178, EDX=0x034bd5cc
ESP=0x034bd5a8, EBP=0x034bd5b8, ESI=0x00000000, EDI=0x0d128c00
EIP=0x6d413f5f, EFLAGS=0x00050202

Top of Stack: (sp=0x034bd5a8)
0x034bd5a8: 034bd5cc 034bd5b4 3420a250 00000000
0x034bd5b8: 034bd5f8 10199f47 0d128d18 034bd600
0x034bd5c8: 03ca9d30 00000000 0d129488 fffffffe
0x034bd5d8: 034bd5d8 3420a250 034bd60c 34213058
0x034bd5e8: 00000000 3420a250 00000000 034bd608
0x034bd5f8: 034bd634 10192f07 34212a68 10198286
0x034bd608: 03ca9d30 00000000 32295d78 034bd614
0x034bd618: 3420a1bf 034bd63c 34213058 00000000

Instructions: (pc=0x6d413f5f)
0x6d413f4f: 33 f6 85 c0 7c 3a 8b 45 fc 8d 55 14 52 89 75 14
0x6d413f5f: 8b 08 50 ff 91 a0 00 00 00 85 c0 7c 1a 8b 75 14


Stack: [0x032c0000,0x034c0000], sp=0x034bd5a8, free space=7f5034bd0dck
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C 0x6d413f5f
j sun.plugin2.main.server.IExplorerPlugin.getDocumentBase0(J)Ljava/lang/String;+0
j sun.plugin2.main.server.IExplorerPlugin.getDocumentBase()Ljava/lang/String;+31
j sun.plugin2.main.server.JVMInstance.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZIZZ)Z+14
j sun.plugin2.main.server.JVMManager.startAppletImpl(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZLjava/lang/String;ZIZ)Lsun/plugin2/main/server/AppletID;+240
j sun.plugin2.main.server.JVMManager.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZLjava/lang/String;)Lsun/plugin2/main/server/AppletID;+16
j sun.plugin2.main.server.JVMManager.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZ)Lsun/plugin2/main/server/AppletID;+19
j sun.plugin2.main.server.IExplorerPlugin.maybeStartApplet()V+192
j sun.plugin2.main.server.IExplorerPlugin.access$200(Lsun/plugin2/main/server/IExplorerPlugin;)V+1
j sun.plugin2.main.server.IExplorerPlugin$BackgroundStarter$1.run()V+7
v ~StubRoutines::call_stub
C 0x6d8f3abc
C 0x6d9865b1
C 0x6d8f3b3d
C 0x6d8fd5cf
C 0x6d9003c7
C 0x6d4117a5
C 0x6d418647
C 0x6d417b19
C [USER32.dll+0x1fd72]
C [USER32.dll+0x1fe4a]
C [USER32.dll+0x2018d]
C [USER32.dll+0x2022b]
C [IEFRAME.dll+0xf1acc]
C [IEFRAME.dll+0x111996]
C [iertutil.dll+0x1415b0]
C [IEFRAME.dll+0xffcdb]
C [kernel32.dll+0x4d309]
C [ntdll.dll+0x416c3]
C [ntdll.dll+0x41696]

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j sun.plugin2.main.server.IExplorerPlugin.getDocumentBase0(J)Ljava/lang/String;+0
j sun.plugin2.main.server.IExplorerPlugin.getDocumentBase()Ljava/lang/String;+31
j sun.plugin2.main.server.JVMInstance.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZIZZ)Z+14
j sun.plugin2.main.server.JVMManager.startAppletImpl(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZLjava/lang/String;ZIZ)Lsun/plugin2/main/server/AppletID;+240
j sun.plugin2.main.server.JVMManager.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZLjava/lang/String;)Lsun/plugin2/main/server/AppletID;+16
j sun.plugin2.main.server.JVMManager.startApplet(Ljava/util/Map;Lsun/plugin2/main/server/Plugin;JJZ)Lsun/plugin2/main/server/AppletID;+19
j sun.plugin2.main.server.IExplorerPlugin.maybeStartApplet()V+192
j sun.plugin2.main.server.IExplorerPlugin.access$200(Lsun/plugin2/main/server/IExplorerPlugin;)V+1
j sun.plugin2.main.server.IExplorerPlugin$BackgroundStarter$1.run()V+7
v ~StubRoutines::call_stub

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x12689400 JavaThread "JRE 1.6.0.21 Worker Thread" [_thread_blocked, id=2280, stack(0x12eb0000,0x12fb0000)]
0x12688c00 JavaThread "JRE 1.6.0.21 Output Reader Thread" [_thread_in_native, id=2008, stack(0x12cb0000,0x12db0000)]
0x12687000 JavaThread "JRE 1.6.0.21 Output Reader Thread" [_thread_in_native, id=1372, stack(0x124a0000,0x125a0000)]
0x12686c00 JavaThread "Thread-0" [_thread_in_native, id=3152, stack(0x12ae0000,0x12be0000)]
0x12685400 JavaThread "Java Plug-In Pipe Worker Thread (Server-Side)" daemon [_thread_in_native, id=3628, stack(0x0e780000,0x0e880000)]
0x0ed99c00 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=3876, stack(0x123a0000,0x124a0000)]
0x0ed71800 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=4672, stack(0x0c020000,0x0c120000)]
0x0ed6c800 JavaThread "CompilerThread0" daemon [_thread_blocked, id=4812, stack(0x0e490000,0x0e590000)]
0x0ed6b800 JavaThread "Attach Listener" daemon [_thread_blocked, id=4804, stack(0x0e630000,0x0e730000)]
0x0ed69400 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=3980, stack(0x0e390000,0x0e490000)]
0x0ed65000 JavaThread "Finalizer" daemon [_thread_blocked, id=3792, stack(0x0fec0000,0x0ffc0000)]
0x0ed60400 JavaThread "Reference Handler" daemon [_thread_blocked, id=4792, stack(0x0f6b0000,0x0f7b0000)]
=>0x0d128c00 JavaThread "main" [_thread_in_native, id=5148, stack(0x032c0000,0x034c0000)]

Other Threads:
0x0ed5ec00 VMThread [stack: 0x12270000,0x12370000] [id=3944]
0x0ed81400 WatcherThread [stack: 0x0e880000,0x0e980000] [id=4820]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 4928K, used 1220K [0x32200000, 0x32750000, 0x32ca0000)
eden space 4416K, 27% used [0x32200000, 0x323313a0, 0x32650000)
from space 512K, 0% used [0x32650000, 0x32650000, 0x326d0000)
to space 512K, 0% used [0x326d0000, 0x326d0000, 0x32750000)
tenured generation total 10944K, used 0K [0x32ca0000, 0x33750000, 0x34200000)
the space 10944K, 0% used [0x32ca0000, 0x32ca0000, 0x32ca0200, 0x33750000)
compacting perm gen total 12288K, used 710K [0x34200000, 0x34e00000, 0x38200000)
the space 12288K, 5% used [0x34200000, 0x342b1948, 0x342b1a00, 0x34e00000)
ro space 10240K, 51% used [0x38200000, 0x3872b700, 0x3872b800, 0x38c00000)
rw space 12288K, 54% used [0x38c00000, 0x392976c0, 0x39297800, 0x39800000)

Dynamic libraries:
0x01040000 - 0x010f8000 C:\Program Files\Internet Explorer\iexplore.exe
0x77330000 - 0x77458000 C:\Windows\system32\ntdll.dll
0x75270000 - 0x7534c000 C:\Windows\system32\kernel32.dll
0x76590000 - 0x76656000 C:\Windows\system32\ADVAPI32.dll
0x75520000 - 0x755e3000 C:\Windows\system32\RPCRT4.dll
0x756d0000 - 0x7576d000 C:\Windows\system32\USER32.dll
0x75680000 - 0x756cb000 C:\Windows\system32\GDI32.dll
0x75470000 - 0x7551a000 C:\Windows\system32\msvcrt.dll
0x76290000 - 0x762e9000 C:\Windows\system32\SHLWAPI.dll
0x75770000 - 0x76281000 C:\Windows\system32\SHELL32.dll
0x76730000 - 0x76875000 C:\Windows\system32\ole32.dll
0x76480000 - 0x76590000 C:\Windows\system32\urlmon.dll
0x76980000 - 0x76a0d000 C:\Windows\system32\OLEAUT32.dll
0x76a10000 - 0x76bc8000 C:\Windows\system32\iertutil.dll
0x75350000 - 0x7546a000 C:\Windows\system32\WININET.dll
0x77470000 - 0x77473000 C:\Windows\system32\Normaliz.dll
0x76d70000 - 0x76d8e000 C:\Windows\system32\IMM32.DLL
0x76660000 - 0x76728000 C:\Windows\system32\MSCTF.dll
0x77490000 - 0x77499000 C:\Windows\system32\LPK.DLL
0x76880000 - 0x768fd000 C:\Windows\system32\USP10.dll
0x73f40000 - 0x740de000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
0x69d90000 - 0x6a6d5000 C:\Windows\system32\IEFRAME.dll
0x77460000 - 0x77467000 C:\Windows\system32\PSAPI.DLL
0x73610000 - 0x7364d000 C:\Windows\system32\OLEACC.dll
0x76900000 - 0x76973000 C:\Windows\system32\comdlg32.dll
0x67220000 - 0x67251000 C:\Program Files\Internet Explorer\IEShims.dll
0x73f00000 - 0x73f3f000 C:\Windows\system32\uxtheme.dll
0x750d0000 - 0x750e4000 C:\Windows\system32\Secur32.dll
0x76d40000 - 0x76d6d000 C:\Windows\system32\WS2_32.dll
0x77480000 - 0x77486000 C:\Windows\system32\NSI.dll
0x74ae0000 - 0x74af9000 C:\Windows\system32\iphlpapi.dll
0x74a60000 - 0x74a95000 C:\Windows\system32\dhcpcsvc.DLL
0x74ca0000 - 0x74ccc000 C:\Windows\system32\DNSAPI.dll
0x74a50000 - 0x74a57000 C:\Windows\system32\WINNSI.DLL
0x74a20000 - 0x74a42000 C:\Windows\system32\dhcpcsvc6.DLL
0x64280000 - 0x64e39000 C:\Windows\system32\MSHTML.dll
0x748d0000 - 0x748d8000 C:\Windows\system32\VERSION.dll
0x67170000 - 0x6721b000 C:\Windows\system32\d2d1.dll
0x66c40000 - 0x66d48000 C:\Windows\system32\DWrite.dll
0x745c0000 - 0x745fb000 C:\Windows\system32\rsaenh.dll
0x755f0000 - 0x75674000 C:\Windows\system32\CLBCatQ.DLL
0x676e0000 - 0x67712000 C:\Program Files\Internet Explorer\ieproxy.dll
0x74130000 - 0x74183000 C:\Windows\system32\ACTXPRXY.DLL
0x75040000 - 0x7506c000 C:\Windows\system32\apphelp.dll
0x713b0000 - 0x713e0000 C:\Windows\system32\MLANG.dll
0x74560000 - 0x74581000 C:\Windows\system32\NTMARTA.DLL
0x75220000 - 0x75269000 C:\Windows\system32\WLDAP32.dll
0x74cf0000 - 0x74d01000 C:\Windows\system32\SAMLIB.dll
0x71430000 - 0x7147a000 C:\Windows\system32\RASAPI32.dll
0x73730000 - 0x73744000 C:\Windows\system32\rasman.dll
0x74f00000 - 0x74f76000 C:\Windows\system32\NETAPI32.dll
0x73690000 - 0x736c1000 C:\Windows\system32\TAPI32.dll
0x73a00000 - 0x73a0c000 C:\Windows\system32\rtutils.dll
0x73650000 - 0x73682000 C:\Windows\system32\WINMM.dll
0x750f0000 - 0x7510e000 C:\Windows\system32\USERENV.dll
0x74b40000 - 0x74c32000 C:\Windows\system32\CRYPT32.dll
0x74cd0000 - 0x74ce2000 C:\Windows\system32\MSASN1.dll
0x6fc40000 - 0x6fc46000 C:\Windows\system32\sensapi.dll
0x749c0000 - 0x749c7000 C:\Windows\system32\credssp.dll
0x74650000 - 0x74696000 C:\Windows\system32\schannel.dll
0x74860000 - 0x7489b000 C:\Windows\system32\mswsock.dll
0x74520000 - 0x74525000 C:\Windows\System32\wshtcpip.dll
0x73ed0000 - 0x73edf000 C:\Windows\system32\NLAapi.dll
0x74f80000 - 0x74fdf000 C:\Windows\system32\SXS.DLL
0x6f6b0000 - 0x6f6b6000 C:\Windows\system32\rasadhlp.dll
0x748c0000 - 0x748c5000 C:\Windows\System32\wship6.dll
0x6f360000 - 0x6f36f000 C:\Windows\system32\napinsp.dll
0x6f1c0000 - 0x6f1d2000 C:\Windows\system32\pnrpnsp.dll
0x6f350000 - 0x6f358000 C:\Windows\System32\winrnr.dll
0x66660000 - 0x6681b000 C:\Windows\System32\jscript9.dll
0x6b580000 - 0x6b58b000 C:\Windows\system32\msimtf.dll
0x72ee0000 - 0x72eec000 C:\Windows\system32\dwmapi.dll
0x73810000 - 0x738cb000 C:\Windows\system32\PROPSYS.dll
0x66bc0000 - 0x66c40000 C:\Windows\system32\dxgi.dll
0x74330000 - 0x7435d000 C:\Windows\system32\WINTRUST.dll
0x76cc0000 - 0x76ce9000 C:\Windows\system32\imagehlp.dll
0x66560000 - 0x6665d000 c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
0x63cc0000 - 0x64280000 c:\Program Files\Microsoft Silverlight\4.0.60531.0\agcore.dll
0x74530000 - 0x74535000 C:\Windows\system32\MSIMG32.dll
0x733b0000 - 0x734a4000 C:\Windows\system32\windowscodecs.dll
0x67130000 - 0x67163000 C:\Windows\system32\windowscodecsext.dll
0x717d0000 - 0x7192b000 C:\Windows\System32\msxml6.dll
0x61e60000 - 0x6248e000 C:\Windows\system32\Macromed\Flash\Flash10t.ocx
0x66840000 - 0x668b0000 C:\Windows\system32\DSOUND.dll
0x74540000 - 0x7455a000 C:\Windows\system32\POWRPROF.dll
0x664f0000 - 0x66552000 C:\Windows\system32\mscms.dll
0x6fc70000 - 0x6fcb2000 C:\Windows\system32\WINSPOOL.DRV
0x762f0000 - 0x7647a000 C:\Windows\system32\setupapi.dll
0x672a0000 - 0x672cc000 C:\Windows\system32\d3d10_1.dll
0x67260000 - 0x6729a000 C:\Windows\system32\d3d10_1core.dll
0x668b0000 - 0x669dc000 C:\Windows\system32\D3D10Warp.dll
0x67380000 - 0x673ab000 C:\Windows\system32\msls31.dll
0x690a0000 - 0x690ac000 C:\Windows\system32\ImgUtil.dll
0x66410000 - 0x6647a000 C:\Windows\system32\vbscript.dll
0x71ed0000 - 0x71ef6000 C:\Windows\system32\dssenh.dll
0x749d0000 - 0x74a05000 C:\Windows\system32\ncrypt.dll
0x74970000 - 0x749b5000 C:\Windows\system32\bcrypt.dll
0x74600000 - 0x74615000 C:\Windows\system32\GPAPI.dll
0x74b00000 - 0x74b3a000 C:\Windows\system32\slc.dll
0x6c4c0000 - 0x6c4db000 C:\Windows\system32\cryptnet.dll
0x70350000 - 0x70365000 C:\Windows\system32\Cabinet.dll
0x73580000 - 0x735af000 C:\Windows\system32\wdmaud.drv
0x735e0000 - 0x735e4000 C:\Windows\system32\ksuser.dll
0x74360000 - 0x74388000 C:\Windows\system32\MMDevAPI.DLL
0x74450000 - 0x74457000 C:\Windows\system32\AVRT.dll
0x73550000 - 0x73571000 C:\Windows\system32\AUDIOSES.DLL
0x734e0000 - 0x73546000 C:\Windows\system32\audioeng.dll
0x735d0000 - 0x735d9000 C:\Windows\system32\msacm32.drv
0x734c0000 - 0x734d4000 C:\Windows\system32\MSACM32.dll
0x734b0000 - 0x734b7000 C:\Windows\system32\midimap.dll
0x71480000 - 0x714e0000 C:\Windows\system32\WINHTTP.dll
0x63ab0000 - 0x63bb2000 C:\Windows\system32\d3d10.dll
0x66d50000 - 0x66d83000 C:\Windows\system32\d3d10core.dll
0x6c590000 - 0x6c59d000 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
0x72370000 - 0x72413000 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
0x6bdf0000 - 0x6be2a000 C:\Windows\system32\Dxtrans.dll
0x73eb0000 - 0x73ec4000 C:\Windows\system32\ATL.DLL
0x74290000 - 0x7429a000 C:\Windows\system32\ddrawex.dll
0x6e5a0000 - 0x6e685000 C:\Windows\system32\DDRAW.dll
0x6f810000 - 0x6f816000 C:\Windows\system32\DCIMAN32.dll
0x63950000 - 0x639a9000 C:\Windows\system32\Dxtmsft.dll
0x6f8b0000 - 0x6f9e6000 C:\Windows\System32\msxml3.dll
0x6be70000 - 0x6bea8000 C:\Windows\system32\icm32.dll
0x10000000 - 0x10068000 C:\Windows\system32\deployJava1.dll
0x71970000 - 0x719f5000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll
0x70120000 - 0x70127000 C:\Windows\system32\WSOCK32.dll
0x6d7d0000 - 0x6d7eb000 C:\Program Files\Java\jre6\bin\wsdetect.dll
0x624b0000 - 0x6256b000 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll

VM Arguments:
jvm_args: -Xbootclasspath/a:C:\PROGRA~1\Java\jre6\lib\deploy.jar;C:\PROGRA~1\Java\jre6\lib\javaws.jar;C:\PROGRA~1\Java\jre6\lib\plugin.jar -Xmx32m -Djava.awt.headless=true -Dkernel.background.download=false -Dkernel.download.dialog=false -XX:MaxDirectMemorySize=64m
java_command: <unknown>
Launcher Type: generic

Environment Variables:
PATH=C:\Program Files\Internet Explorer;;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Intuit\QBPOSSDKRuntime;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Windows Live\Shared;C:\Windows\System32\WindowsPowerShell\v1.0\
USERNAME=omx1170
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel



--------------- S Y S T E M ---------------

OS: Windows Vista Build 6002 Service Pack 2

CPU:total 2 (2 cores per cpu, 1 threads per core) family 6 model 15 stepping 13, cmov, cx8, fxsr, mmx, sse, sse2, sse3, ssse3

Memory: 4k page, physical 3008832k(1751132k free), swap 6228896k(4956536k free)

vm_info: Java HotSpot™ Client VM (17.0-b17) for windows-x86 JRE (1.6.0_21-b07), built on Jul 17 2010 01:10:15 by "java_re" with MS VC++ 7.1 (VS2003)

time: Thu Aug 18 12:26:29 2011
elapsed time: 8 seconds

Edit: Moved topic from Vista to the more appropriate forum, at the request of staff. ~ Animal

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:50 PM

Posted 20 August 2011 - 11:33 AM

Welcome aboard Posted Image

Download and run exeHelper.

  • Please download exeHelper from Raktor to your desktop.
  • Double-click on exeHelper.com to run the fix.
  • A black window should pop up, press any key to close once the fix is completed.
  • A log file named log.txt will be created in the directory where you ran exeHelper.com
  • Attach the log.txt file to your next message.

Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

=================================================================

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users