Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Crashing apps, frequent 0xe0000001 and 0xc0000005 errors


  • This topic is locked This topic is locked
8 replies to this topic

#1 Energy.D

Energy.D

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 12 November 2012 - 11:27 AM

Im getting alot of errors.
im in the middle of data recovery in a different progz and all of them is crashing in scanning process or after that.
also getting crashes and errors in other non-recovery related programs.
most notably are with 0xe0000001 and 0xc0000005 Exception codes with EventId 1000 (witch i traced in event viewer). and more unknown problems

waiting for your diagnostics and further actions after

win7 x64 SP1
i7 2600K
P8Z68 Deluxe Gen3
8GB DDR3 1600
GTX460
Vertex2

DDS:
DDS (Ver_2012-11-07.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16450  BrowserJavaVersion: 10.9.2
Run by Rephael2012 at 18:13:55 on 2012-11-12
Microsoft Windows 7 Ultimate   6.1.7601.1.1255.972.1033.18.8159.3101 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\alg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Users\Rephael2012\Local Settings\Apps\F.lux\flux.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\uTorrent204\uTorrent.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Macrium\Reflect\Reflect.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files\Defraggler\Defraggler64.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Rephael2012\Downloads\bleepingcomputer\Disable your CD Emulation Software\Defogger.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.co.il/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent204\uTorrent.exe"
uRun: [F.lux] "C:\Users\Rephael2012\Local Settings\Apps\F.lux\flux.exe" /noshow
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
mRun: [Driver Genius] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} - hxxp://download.microsoft.com/download/vizact2000/Install/10/WIN98Me/EN-US/msorun.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: NameServer = 192.117.235.236 62.219.186.7
TCP: Interfaces\{3E490316-3033-45F0-A6E8-66724A6361C2} : DHCPNameServer = 192.117.235.236 62.219.186.7
TCP: Interfaces\{3E490316-3033-45F0-A6E8-66724A6361C2}\2456A75617F5733313261683 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{3E490316-3033-45F0-A6E8-66724A6361C2}\4505D2C494E4B423031323 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3E490316-3033-45F0-A6E8-66724A6361C2}\4505D2C494E4B4F5343493439303 : DHCPNameServer = 10.0.0.138 192.168.1.1
TCP: Interfaces\{3E490316-3033-45F0-A6E8-66724A6361C2}\759664961323 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{3E490316-3033-45F0-A6E8-66724A6361C2}\D24505D2 : DHCPNameServer = 192.117.235.236 62.219.186.7
TCP: Interfaces\{3E490316-3033-45F0-A6E8-66724A6361C2}\D24505F5 : DHCPNameServer = 10.0.0.138 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 174.133.70.198 localhost
Hosts: 174.133.70.98 localhost
.
============= SERVICES / DRIVERS ===============
.
R0 hotcore3;hc3ServiceName;C:\Windows\System32\drivers\hotcore3.sys [2012-4-8 37456]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2012-8-28 70256]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2012-3-21 21992]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-9 13592]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2012-1-26 148104]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-3-20 301720]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-8-1 917656]
R3 athur;Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2012-4-21 1930240]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-13 28832]
R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-1-11 34304]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-2-22 28160]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2012-8-15 15680000]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-13 36000]
S3 AthDfu;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2011-3-13 51872]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-13 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-13 154272]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-13 280224]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2012-11-5 16776]
S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2012-11-5 9096]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech Webcam C160(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 PSMounter;Macrium Reflect Image Explorer Service;C:\Windows\System32\drivers\psmounter.sys [2012-3-20 43672]
S3 PSVolAcc;PSVolAcc;C:\Windows\System32\drivers\PSVolAcc.sys [2012-3-20 13464]
S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2012-10-22 19032]
S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2012-10-22 12384]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-11-11 31800]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-14 1255736]
S4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
S4 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912]
S4 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2012-11-6 2568120]
S4 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
.
=============== File Associations ===============
.
FileExt: .ini: Ini File="C:\Program Files (x86)\GetDiz\GetDiz.exe" "%1"
.
=============== Created Last 30 ================
.
2012-11-12 15:06:59	--------	d-----w-	C:\Program Files\Defraggler
2012-11-12 12:37:45	--------	d-----w-	C:\Program Files\HitmanPro
2012-11-12 12:34:28	69000	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7DE443E9-F751-4C51-9C63-CF03997B8308}\offreg.dll
2012-11-12 12:34:13	9291768	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7DE443E9-F751-4C51-9C63-CF03997B8308}\mpengine.dll
2012-11-11 16:03:30	9291768	------w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-11 15:41:59	--------	d-----w-	C:\NVIDIA
2012-11-11 14:33:22	2871808	----a-w-	C:\Windows\explorer.exe
2012-11-11 14:33:22	122960	----a-w-	C:\Windows\System32\drivers\NV_AGP.SYS
2012-11-11 14:33:22	--------	d-----w-	C:\Packs
2012-11-11 13:58:53	--------	d-----w-	C:\ProgramData\DriverGenius
2012-11-11 13:58:40	--------	d-----w-	C:\Program Files (x86)\Driver-Soft
2012-11-11 11:55:57	--------	d-----w-	C:\Windows\CheckSur
2012-11-11 08:42:47	--------	d-----w-	C:\Users\Rephael2012\AppData\Roaming\Wise Registry Cleaner
2012-11-11 08:42:32	--------	d-----w-	C:\Program Files (x86)\Wise
2012-11-11 08:29:56	--------	d-----w-	C:\Users\Rephael2012\AppData\Local\VS Revo Group
2012-11-11 08:29:55	31800	----a-w-	C:\Windows\System32\drivers\revoflt.sys
2012-11-11 08:29:54	--------	d-----w-	C:\Program Files\VS Revo Group
2012-11-11 08:01:12	--------	d-----w-	C:\Program Files (x86)\ZSoft
2012-11-11 06:18:05	485376	----a-w-	C:\Windows\System32\MyDefragScreenSaver_v4.3.1.scr
2012-11-11 06:18:05	1147392	----a-w-	C:\Windows\System32\MyDefragScreenSaver_v4.3.1.exe
2012-11-11 06:18:05	--------	d-----w-	C:\Program Files\MyDefrag v4.3.1
2012-11-10 22:03:08	--------	d-----w-	C:\Program Files\UltraDefrag
2012-11-10 20:20:22	972192	------w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F2430428-A9AE-475A-86D7-9F89EA7D58A6}\gapaengine.dll
2012-11-10 20:16:25	--------	d-----w-	C:\Program Files (x86)\Microsoft Security Client
2012-11-10 20:16:24	--------	d-----w-	C:\Program Files\Microsoft Security Client
2012-11-10 18:01:56	638976	----a-w-	C:\ESET Uninstaller 4.0.15.5.exe
2012-11-09 12:21:34	--------	d-----w-	C:\MGADiagToolOutput
2012-11-09 10:05:45	--------	d-----w-	C:\Program Files (x86)\RW-Everything
2012-11-09 09:46:54	--------	d-----w-	C:\Windows\SysWow64\NV
2012-11-09 09:46:54	--------	d-----w-	C:\Windows\System32\NV
2012-11-08 16:35:51	--------	d-----w-	C:\mydigitallife.info win loader and watfix
2012-11-08 06:57:35	294248	----a-w-	C:\Windows\System32\drivers\VMM.sys
2012-11-08 06:57:29	96768	----a-w-	C:\Windows\SysWow64\sspicli.dll
2012-11-08 06:57:29	458712	----a-w-	C:\Windows\System32\drivers\cng.sys
2012-11-08 06:57:29	340992	----a-w-	C:\Windows\System32\schannel.dll
2012-11-08 06:57:29	307200	----a-w-	C:\Windows\System32\ncrypt.dll
2012-11-08 06:57:29	247808	----a-w-	C:\Windows\SysWow64\schannel.dll
2012-11-08 06:57:29	220160	----a-w-	C:\Windows\SysWow64\ncrypt.dll
2012-11-08 06:57:29	22016	----a-w-	C:\Windows\SysWow64\secur32.dll
2012-11-08 06:57:29	154480	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2012-11-08 06:57:29	1448448	----a-w-	C:\Windows\System32\lsasrv.dll
2012-11-06 22:08:59	--------	d-----w-	C:\Program Files (x86)\iCare Data Recovery
2012-11-06 19:57:58	--------	d-----w-	C:\Users\Rephael2012\AppData\Local\PDF Writer
2012-11-06 19:56:35	101376	----a-w-	C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2012-11-06 19:55:41	--------	d-----w-	C:\Program Files\Common Files\Bullzip
2012-11-06 19:55:40	227840	----a-w-	C:\Windows\SysWow64\bzFlRdr.dll
2012-11-06 19:55:40	139264	----a-w-	C:\Windows\SysWow64\bzpdfc.dll
2012-11-06 19:55:40	103424	----a-w-	C:\Windows\SysWow64\bzDCT.dll
2012-11-06 19:55:40	--------	d-----w-	C:\Users\Rephael2012\AppData\Roaming\PDF Writer
2012-11-06 19:55:40	--------	d-----w-	C:\ProgramData\PDF Writer
2012-11-06 19:55:38	218624	----a-w-	C:\Windows\System32\bzpdf.dll
2012-11-06 19:55:35	--------	d-----w-	C:\Program Files\Bullzip
2012-11-06 19:55:20	--------	d-----w-	C:\Users\Rephael2012\AppData\Local\Programs
2012-11-06 18:51:53	--------	d-----w-	C:\Users\Rephael2012\AppData\Roaming\Mp3tag
2012-11-06 18:51:43	--------	d-----w-	C:\Program Files (x86)\Mp3tag
2012-11-06 06:34:47	847272	----a-w-	C:\Windows\System32\WibuCm64.dll
2012-11-06 06:34:47	666024	----a-w-	C:\Windows\SysWow64\WibuCm32.dll
2012-11-06 06:34:46	--------	d-----w-	C:\Program Files\CodeMeter
2012-11-06 06:34:46	--------	d-----w-	C:\Program Files (x86)\CodeMeter
2012-11-06 06:34:39	--------	d-----w-	C:\Program Files (x86)\GetData
2012-11-06 00:27:14	--------	d---a-w-	C:\cce_linux
2012-11-05 16:44:56	--------	d-----w-	C:\Program Files\OO Software
2012-11-05 16:42:11	16256	----a-w-	C:\Windows\System32\EuEpmGdi.dll
2012-11-05 16:42:10	9096	----a-w-	C:\Windows\System32\EuGdiDrv.sys
2012-11-05 16:42:10	86408	----a-w-	C:\Windows\SysWow64\setupempdrv03.exe
2012-11-05 16:42:10	8456	----a-w-	C:\Windows\SysWow64\EuGdiDrv.sys
2012-11-05 16:42:10	3321728	----a-w-	C:\Windows\System32\BootMan.exe
2012-11-05 16:42:10	2469760	----a-w-	C:\Windows\SysWow64\BootMan.exe
2012-11-05 16:42:10	19840	----a-w-	C:\Windows\SysWow64\EuEpmGdi.dll
2012-11-05 16:42:10	16776	----a-w-	C:\Windows\System32\epmntdrv.sys
2012-11-05 16:42:10	14216	----a-w-	C:\Windows\SysWow64\epmntdrv.sys
2012-11-05 16:42:10	100232	----a-w-	C:\Windows\System32\setupempdrvx64.exe
2012-11-05 16:41:58	--------	d-----w-	C:\Program Files (x86)\EASEUS
2012-11-05 06:42:07	--------	d-----w-	C:\Users\Rephael2012\AppData\Roaming\ACD Systems
2012-11-05 06:38:09	--------	d-----w-	C:\Users\Rephael2012\AppData\Local\ACD Systems
2012-11-05 06:38:03	--------	d-----w-	C:\Program Files (x86)\Common Files\ACD Systems
2012-11-05 06:38:03	--------	d-----w-	C:\Program Files (x86)\ACD Systems
2012-11-05 06:37:47	10368	----a-w-	C:\Windows\SysWow64\drivers\pfc.sys
2012-11-05 06:36:00	--------	d-----w-	C:\Windows\Downloaded Installations
2012-10-29 09:00:22	--------	d-----w-	C:\Program Files (x86)\GuerillaSoft
2012-10-25 23:44:16	--------	d-----w-	C:\reco_tools
2012-10-25 15:13:00	--------	d-----w-	C:\Program Files (x86)\Active Data Recovery Software
2012-10-25 12:07:12	--------	d-----w-	C:\Users\Rephael2012\AppData\Roaming\uTorrent
2012-10-25 10:26:41	--------	d-----w-	C:\Windows\Panther
2012-10-25 09:47:55	--------	d-----w-	C:\Users\Rephael2012\AppData\Local\ElevatedDiagnostics
2012-10-24 09:22:40	--------	d-----w-	C:\Program Files (x86)\Microsoft Virtual PC
2012-10-24 09:00:52	--------	d-----w-	C:\Program Files\WinImage
2012-10-23 00:25:07	--------	d-----w-	C:\Users\Rephael2012\AppData\Local\Apple Computer
2012-10-23 00:24:57	--------	d-----w-	C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-10-23 00:24:57	--------	d-----w-	C:\Program Files\iTunes
2012-10-23 00:24:57	--------	d-----w-	C:\Program Files\iPod
2012-10-23 00:24:57	--------	d-----w-	C:\Program Files (x86)\iTunes
2012-10-23 00:24:46	--------	d-----w-	C:\Users\Rephael2012\AppData\Local\Apple
2012-10-23 00:24:40	--------	d-----w-	C:\Program Files\Bonjour
2012-10-23 00:24:40	--------	d-----w-	C:\Program Files (x86)\Bonjour
2012-10-22 17:31:17	--------	d-----r-	C:\Users\Rephael2012\Dropbox
2012-10-22 17:29:08	--------	d-----w-	C:\Users\Rephael2012\AppData\Roaming\Dropbox
2012-10-22 09:53:13	--------	d-----w-	C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 7.6.1
2012-10-22 09:42:04	2966720	----a-w-	C:\Windows\System32\pwNative.exe
2012-10-22 09:42:04	19032	------w-	C:\Windows\System32\pwdrvio.sys
2012-10-22 09:42:04	12384	------w-	C:\Windows\System32\pwdspio.sys
2012-10-21 21:42:35	--------	d-----w-	C:\Program Files (x86)\uTorrent204
2012-10-21 16:26:11	--------	d-----w-	C:\Windows\SysWow64\Adobe
2012-10-20 22:27:55	--------	d-----w-	C:\qtorrent
2012-10-19 11:14:34	1913200	----a-w-	C:\Windows\System32\drivers\tcpipreset
2012-10-19 11:14:33	1913200	----a-w-	C:\Windows\System32\drivers\tcpip.copy
2012-10-18 22:22:35	--------	d-----w-	C:\Users\Rephael2012\DoctorWeb
2012-10-18 12:40:22	--------	d-----w-	C:\Users\Rephael2012\AppData\Roaming\SUPERAntiSpyware.com
2012-10-18 12:39:59	--------	d-----w-	C:\ProgramData\SUPERAntiSpyware.com
2012-10-18 12:39:59	--------	d-----w-	C:\Program Files\SUPERAntiSpyware
2012-10-18 12:33:32	--------	d-----w-	C:\Program Files (x86)\Toolbar Cleaner
2012-10-18 12:04:31	95208	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-18 09:27:04	9728	----a-w-	C:\Windows\System32\hibernate4win.exe
2012-10-18 09:27:00	34304	----a-w-	C:\Windows\System32\wgx.dll
2012-10-18 09:26:48	204800	----a-w-	C:\Windows\System32\lua5.1a.dll
2012-10-18 09:26:38	64512	----a-w-	C:\Windows\System32\udefrag.dll
2012-10-18 09:26:34	363520	----a-w-	C:\Windows\System32\zenwinx.dll
2012-10-17 15:57:15	--------	d-----w-	C:\Program Files (x86)\777
2012-10-17 13:12:16	466456	----a-w-	C:\Windows\System32\wrap_oal.dll
2012-10-17 13:12:16	122904	----a-w-	C:\Windows\System32\OpenAL32.dll
2012-10-17 13:12:16	--------	d-----w-	C:\Program Files (x86)\OpenAL
2012-10-17 13:12:15	444952	----a-w-	C:\Windows\SysWow64\wrap_oal.dll
2012-10-17 13:12:15	109080	----a-w-	C:\Windows\SysWow64\OpenAL32.dll
2012-10-17 13:04:42	--------	d-----w-	C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-10-17 13:04:36	519000	----a-w-	C:\Windows\System32\d3dx10_40.dll
2012-10-17 13:04:36	452440	----a-w-	C:\Windows\SysWow64\d3dx10_40.dll
2012-10-17 13:04:36	2605920	----a-w-	C:\Windows\System32\D3DCompiler_40.dll
2012-10-17 13:04:36	2036576	----a-w-	C:\Windows\SysWow64\D3DCompiler_40.dll
2012-10-17 13:04:35	5631312	----a-w-	C:\Windows\System32\D3DX9_40.dll
2012-10-17 13:04:35	4379984	----a-w-	C:\Windows\SysWow64\D3DX9_40.dll
2012-10-17 12:51:03	--------	d-----w-	C:\Users\Rephael2012\AppData\Roaming\Torrent2Exe
2012-10-17 12:51:03	--------	d-----w-	C:\Program Files\Torrent2Exe
2012-10-15 05:10:51	220160	----a-w-	C:\Windows\System32\wintrust.dll
2012-10-15 05:10:51	172544	----a-w-	C:\Windows\SysWow64\wintrust.dll
2012-10-14 21:16:13	--------	d-----w-	C:\Users\Rephael2012\AppData\Roaming\deluge
.
==================== Find3M  ====================
.
2012-11-11 18:57:44	73656	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-11 18:57:44	697272	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-18 12:04:27	821736	----a-w-	C:\Windows\SysWow64\npDeployJava1.dll
2012-10-18 12:04:27	746984	----a-w-	C:\Windows\SysWow64\deployJava1.dll
2012-10-02 19:51:15	3536817	----a-w-	C:\Windows\System32\nvcoproc.bin
2012-10-02 19:51:11	3293544	----a-w-	C:\Windows\System32\nvsvc64.dll
2012-10-02 19:51:04	6200680	----a-w-	C:\Windows\System32\nvcpl.dll
2012-10-02 19:50:57	891240	----a-w-	C:\Windows\System32\nvvsvc.exe
2012-10-02 19:50:57	63336	----a-w-	C:\Windows\System32\nvshext.dll
2012-10-02 19:50:57	118120	----a-w-	C:\Windows\System32\nvmctray.dll
2012-10-02 11:15:52	430952	----a-w-	C:\Windows\SysWow64\nvStreaming.exe
2012-09-29 17:54:26	25928	----a-w-	C:\Windows\System32\drivers\mbam.sys
2012-09-28 20:32:08	2177688	----a-w-	C:\Windows\System32\coin92.dll
2012-09-22 18:17:23	348160	----a-w-	C:\Windows\SysWow64\msvcr71.dll
2012-09-22 18:17:23	1060864	----a-w-	C:\Windows\SysWow64\mfc71.dll
2012-09-18 20:18:09	12872	----a-w-	C:\Windows\System32\bootdelete.exe
2012-09-14 19:19:29	2048	----a-w-	C:\Windows\System32\tzres.dll
2012-09-14 18:28:53	2048	----a-w-	C:\Windows\SysWow64\tzres.dll
2012-09-13 06:23:20	222	----a-w-	C:\Windows\System32\ud-help.cmd
2012-09-02 10:38:00	16896	----a-w-	C:\Windows\AsTaskSched.dll
2012-08-31 18:19:35	1659760	----a-w-	C:\Windows\System32\drivers\ntfs.sys
2012-08-30 20:03:48	228768	----a-w-	C:\Windows\System32\drivers\MpFilter.sys
2012-08-30 20:03:48	128456	----a-w-	C:\Windows\System32\drivers\NisDrvWFP.sys
2012-08-30 18:03:45	5559664	----a-w-	C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02	3968880	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02	3914096	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2012-08-22 18:12:50	1913200	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40	950128	----a-w-	C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40	376688	----a-w-	C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33	288624	----a-w-	C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00	245760	----a-w-	C:\Windows\System32\OxpsConverter.exe
2012-08-21 11:01:20	33240	----a-w-	C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-08-21 11:01:20	125872	----a-w-	C:\Windows\System32\GEARAspi64.dll
2012-08-21 11:01:20	106928	----a-w-	C:\Windows\SysWow64\GEARAspi.dll
2012-08-20 18:48:44	362496	----a-w-	C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44	243200	----a-w-	C:\Windows\System32\wow64.dll
2012-08-20 18:48:44	13312	----a-w-	C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43	215040	----a-w-	C:\Windows\System32\winsrv.dll
2012-08-20 18:48:37	16384	----a-w-	C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35	424448	----a-w-	C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22	338432	----a-w-	C:\Windows\System32\conhost.exe
2012-08-20 17:40:21	14336	----a-w-	C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44	44032	----a-w-	C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18	274944	----a-w-	C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21	7680	----a-w-	C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20	2048	----a-w-	C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28	6144	---ha-w-	C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28	4608	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28	3584	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28	3072	---ha-w-	C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-15 12:18:42	933528	----a-w-	C:\Windows\System32\vnetlib64.dll
2012-08-15 12:18:40	357016	----a-w-	C:\Windows\SysWow64\vmnetdhcp.exe
2012-08-15 12:18:16	67224	----a-w-	C:\Windows\System32\drivers\vmx86.sys
2012-08-15 12:18:08	30360	----a-w-	C:\Windows\System32\drivers\vmnetuserif.sys
2012-08-15 12:17:26	435864	----a-w-	C:\Windows\SysWow64\vmnat.exe
2012-08-15 12:16:52	62104	----a-w-	C:\Windows\System32\vmnetbridge.dll
2012-08-15 12:16:52	48792	----a-w-	C:\Windows\System32\vnetinst.dll
2012-08-15 12:16:52	45720	----a-w-	C:\Windows\System32\drivers\vmnetbridge.sys
2012-08-15 12:16:50	24216	----a-w-	C:\Windows\System32\drivers\vmnet.sys
2012-08-15 12:16:50	20120	----a-w-	C:\Windows\System32\drivers\vmnetadapter.sys
2012-08-15 12:16:16	32920	----a-w-	C:\Windows\System32\drivers\VMkbd.sys
2012-08-15 10:33:44	353280	----a-w-	C:\Windows\SysWow64\vmnc.dll
.
============= FINISH: 18:14:07.79 ===============

OP being helped at:
http://www.sevenforums.com/crashes-debugging/263279-crashing-apps-need-solve-frequent-0xe0000001-0xc0000005-errors.html

Attached Files


Edited by nasdaq, 13 November 2012 - 10:22 AM.
Being helped at Sevenforums.com


BC AdBot (Login to Remove)

 


#2 Energy.D

Energy.D
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 13 November 2012 - 01:57 PM

The issue isnt solved, and their diagnosis is about more software related and yours are malware/virus/spyware related, and cause the problem havnt resolved i need this help plz. could you?

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:54 PM

Posted 13 November 2012 - 02:45 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

I'll see what I can find as far as malware. If it comes to a hardware issue you will have to hope that the other forum can help.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html


Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).

Please post the logs for my review.

#4 Energy.D

Energy.D
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 13 November 2012 - 03:27 PM

Hello. iv attached the logs requested with all the steps as described


Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 4.6
Malwarebytes Anti-Malware version 1.65.1.1000
Driver Cleaner.NET
Eusing Free Registry Cleaner
Toolbar Cleaner 1.1
Wise Registry Cleaner 7.53
Java 7 Update 9
Adobe Flash Player 11.5.502.110
Mozilla Firefox (16.0.2)
Mozilla Thunderbird 11.0. Thunderbird out of Date!
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 24% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

Attached Files


Edited by nasdaq, 14 November 2012 - 09:26 AM.


#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:54 PM

Posted 14 November 2012 - 09:33 AM

Look after the remarks in red on the Security Check log.

===

Remove the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Everything that was found will be deleted.
  • Follow the prompts to reboot the computer. A text file will open after the restart.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number)..

===

Open notepad and copy/paste the text in the quote box below into it:

Driver::
WinRing0_1_2_0

ClearJavaCache::



Save this as CFScript.txt on your desktop.

Posted Image

Referring to the picture above, drag CFScript into ComboFix.exe
Then post the resultant logs.

Please let me know what problem persists.

#6 Energy.D

Energy.D
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 14 November 2012 - 11:14 AM

Look after the remarks in red on the Security Check log.

===

Remove the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Everything that was found will be deleted.
  • Follow the prompts to reboot the computer. A text file will open after the restart.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number)..

===

Open notepad and copy/paste the text in the quote box below into it:

Driver::
WinRing0_1_2_0

ClearJavaCache::



Save this as CFScript.txt on your desktop.

Posted Image

Referring to the picture above, drag CFScript into ComboFix.exe
Then post the resultant logs.

Please let me know what problem persists.

Tnx. Thunderbird il update to latest vers, UAC is now enabled (highest). C drive is an ssd (ocz vertex) so i dont need to defrag, and the anti-virus was disabled during cause of instructions ("Close/disable all anti virus and anti malware programs").

i should tell you that after the combofix 2nd run (with the text file) the system is getting errors like this:
Posted Image

and when im trying to open any text file i got error of cant access,file marked for deletion. something like that. after iv restarted again this problem is not there but the utorrent error is still there.
i just wonder if il find more errors or corruption later (can we go on or its recommended to use restore point of combofix or something?)

p.s here is the logs:

Attached Files


Edited by Energy.D, 14 November 2012 - 11:17 AM.


#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:54 PM

Posted 14 November 2012 - 11:20 AM

and when im trying to open any text file i got error of cant access,file marked for deletion. something like that. after iv restarted again this problem is not there but the utorrent error is still there.
i just wonder what more errors or corruption i may find the future (can we go on or its recommended to use restore point of combofix or something?)


Restart the computer normally.

Let me know if the problem persists.
===

#8 Energy.D

Energy.D
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 AM

Posted 14 November 2012 - 05:30 PM

After alot of hours testing, the crashes of programz (and those codes associated with them - 0xe0000001 and 0xc0000005 ,0xc0000409 , 0xe0000001 still occurs. even the utorrent one. whats the next steps? tnx

Edited by Energy.D, 14 November 2012 - 05:36 PM.


#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:54 PM

Posted 15 November 2012 - 10:02 AM

As I said in my first post the type of stop error you are getting is not my domain.
The helper at Sevenforum.com is not answering your last post.

May be out Windows 7 Forum helpers can help.
http://www.bleepingcomputer.com/forums/forum167.html

Explain your problem and attach a copy of the Dump file you submitted to the other forum.

Good luck.

Time for some housekeeping

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users