Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How well do laptops swim?


  • Please log in to reply
14 replies to this topic

#1 on_the_edge

on_the_edge

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 29 October 2013 - 06:14 AM

Greetings everybody, 

 

I have been dealing with a infection of some sort...it started on my Windows 7 laptop which was only 4 months old at the time...yes, 4 months old because when my other laptop w/ win7 gave out on me I needed to replace it and be up and running asap as I run my small pool service company from my computer and I did not want to take the time to learn the new Windows 8 at the time and just figured I would get to that later on after I could gather a fair idea as to if it was a decent program or if it was another flop. (I was a victim of Vista and what a nightmare that was)  A month after I purchased the new windows 7 laptop I ended up purchasing 2 more laptops with Windows 8...one for my son for his graduation gift and the other for me as it was a great price and I thought I can work myself into 8 on my own leisure.....mine ended up sitting in it's box for 4 months before I opened it up....and that was only because my 7 was on the fritz. 

 

I took my computer to a large big box type store here in town who has a whole squad of geeks to assist you in further frustrations....errr I mean to help you. I fell for their "great service plan" and that was the first wrong thing I did in trying to correct the problem. Brought it home and looked at the computer and it still was not fixed...called their 800# for "support" to no avail. It was at that point that the old saying kicked in...if you want something done right you have to do it yourself....which lead me to here.I have spent many hours reading very useful and informative articles here. I just wish I would have jumped in and joined up then but I was afraid to even check my email or anything else online at that point...my life as I knew it personal and business was on hold. The information I found here helped me find the trojan that was on my windows 7 laptop

 

Ended up calling a local service here in town that I had success with in past times. First time they sent me somebody other than I requested and all this guy could do when I told him what was going on and issues I was having was say"Wow, that's really crazy", As we all know, that does not fix problems either. I called back and got who I asked for the first time...that guy came out and helped me a little but not much was at least honest enough to admit that virus issues were not part of his expertise. 

 

My next attempt was to call my local cable company as they are my ISP so I figured hey why not, after all they are the ISP right? Actually the lady I spoke with there took control of the computer and ran several scans that returned nothing and as a last resort low and behold she ran ComboFix..which I had already heard of because I had found this website in the process of this nightmare. (this forum is the "something good" that always comes from something bad in a life event)  When she ran ComboFix it found something, I'm not sure what but it did find and remove about a dozen things. I asked her what it was and she could not answer my question. In fact she said she did not know how to read the logs but she did know how to run the program. That completely made me feel at ease...NOT!!!  I gave the computer a little while to prove itself to me before I was willing to do anything vital on it again and it failed me so my next step was to put that on the shelf for now and open up my new laptop with Windows 8. 

 

What I did not realize until it was to late is that some of these viruses can jump right on your thumb drives. I had wondered about the possibility as I was pulling off very important files off of my windows 7 on the very first day of infection. I also backed up the rest of my things onto one of my external hard drives....well guess what.....yep....my external hd & thumb drives got sick too..so needless to say when I put the thumb drive into the new Windows 8 laptop to bring forward my documents and client files as well as my Quickbooks company file I was also lucky enough to bring the virus with it....yaayyy me. 

 

So my new Windows 8 laptop had become infected and started to act up so after trying to call the manufacturer and not finding anybody there with any kind of intelligence I decided well lets try Microsoft...I mean, after all, they did develop the OS right? HA!!! My first clue should have been that windows 8 does not even seem to want to work with windows 8 (that's a whole other story) after 6 hours on the phone with Microsoft answer desk....yes...6 hours..guess what? Yep..you may have guessed by now...the answer desk did not have any answers for me.  It was concluded that I should just do a complete fresh install of 8...

 

After contacting Samsung and spending another hour or so on the phone with them trying to get them to send me a OEM system disk so I could do a fresh install and waiting another week for the disk to arrive via snail mail. When I did the fresh install with the OEM disk and turned on the laptop for the first time it was then that I discovered that all the OEM disk had on it was the Windows 8 program...none of the other stuff put in by Samsung, which for the most part is ok with me but there were a few things that I did need and want to use...like drivers for one. I call them up and they tell me I can download all that stuff off of their website, what they did not tell me of course is that I would also get a Zbot trojan from their website!! Yes, and I know for a fact it was from their website where I downloaded this "SW Update" package that they have. I know this because I did the fresh install of 8, then installed my Kaspersky from the disc I have, then went to the Samsung site and downloaded the SW Update so I could get all the drivers for the laptop, then I installed Google then I installed my MS office from my disc, did the updates and then turned the laptop off because I needed to go purchase new software (Quickbooks Pro 2014, MS Streets & Trips, and because I happened to see it there on the store shelf I also picked up Malwarebytes) Came home and installed and updated the 3 softwares and then ran a full scan with my new Malwarebytes PRO and low and behold if there was not a bleeping Zbot trojan......I said son of a bleep bleep bleep..and a few other choice words that you will not hear in church. Malwarebytes forund it located here:

 
C:\Users\Public\Documents\SystemSoftware\SW Update\SystemSoftware\Sound Driver_6.0.1.6818\delay.exe (Trojan.PWS.Zbot.AI) -> Quarantined and deleted successfully.
 
I called up Samsung and thanked them for that and of course as you can figure they tried telling me that they do not have viruses that I must be mistaken....I told them that considering the fact that when you go to their support page for my laptop and their is nothing even mentioning anything related to windows 8 (all the support drivers are for XP & 7) that I think it is safe to assume that while they were not looking in at least the last year or so that somehow somebody must have slipped it in there. Of course even if they were aware of it they would not admit it but insisted that I should download the link again.....yeah..and maybe I should stand in front of a moving train too..because we all know that is not dangerous either right!! 
 
I keep reminding myself that I should buy a lottery ticket too because you can't lose if you don't play. So I guess you could say that I just like to bang my head into walls and get nowhere because after spending over a thousand dollars and dealing with people that work in call center and are given a few weeks of training and a book to follow and think they know what they are doing or talking about
I figure....hey lets try something different...something I should have just done in the first place and lets sign up for this great sight that seems to be full of smart and knowledgeable folks. I think it was dealing with the last tech from my ISP that told me...he knows what he is doing because he has been at this 22 years and not to worry....HA!! I asked him if he planned on turning off my Kaspersky and Malwarebytes while he ran the scans he told me he was going to run......only because I have read up on them here and the instructions say to turn off your security programs in order to get an accurate reading...well by the time he was done the problems were not fixed and now from time to time depending on what I am trying to do I get registry error complaints from my computer...but don't worry..he has been doing this for 22 years.........ya, famous last words. So I figure what is the worst thing that could happen here? My problems get solved and I make new connections to people that actually have some dang knowledge and common sense...I mean after all, I don't have much more to lose....my sanity went out the door about 2 weeks after this all began so no worries there....and I think I have everything to gain by being here....maybe I get lucky and find my sanity again too. 
 
Anyways, sorry for such a long hello and thanks for listening to me vent about my bleeping computer. Nice to meet you all and hopefully looking to be able to send some of you a little token of appreciation in exchange for somebody helping me to restore my sanity....errr I mean my bleeping computer. 
 
Have a great day ahead--
On_the_edge

 

Moderator Edit: Moved from Introductions to a more appropriate forum

Roger


Edited by rotor123, 29 October 2013 - 09:14 AM.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:50 AM

Posted 30 October 2013 - 12:05 AM

Hello and Welcome .....

At first I thought it was a case of "I got it wet" but then I continued -

 

Point 1 - Did they run ComboFix on your Windows 8 install

Point 2 - ComboFix is not designed for Windows 8 (yet)

Point 3 - Briefly what is the current problem with your computer (only 1 computer at a time)

Point 4 - What Operating System is on the computer that you would like us to look at

 

Point 5 - Your turn -

 

Thank You -



#3 on_the_edge

on_the_edge
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 30 October 2013 - 09:31 PM

Hello

Thank you for the welcome.
Point 1.... Combo Fix was ran on my other laptop that has windows 7 in it. It still was not acting correctly after that and due to the lady's response that she did not know how to read the logs but just knew how to run a scan I put it away for now and opened up my new laptop with the windows 8.

Point 2... I sure wish it was able to work on 8. Considering how many issues I have already had with windows 8 fighting with itself I can understand why CF has not been able to be put into working order.

Point 3&4 ... The current OS is windows 8. The current state of this computer is that Malwarebytes did find a ZBot (as reported in my short novel above) although it reported that it had removed it there were still things the computer was doing that were just not right and I was figuring it was still infected or had left over items from the Zbot so what I did was downloaded the Trojan Hunter scanner and ran a full scan and it did find the Zbot still in the computer. I ran the files through Virustotal and it confirmed it to be a true infection. The trojan hunter scan has also turned up several warnings regarding there being alternative data streams attached to the directory of C:program data/kaspersky.... Which not being totaly sure what that means I'm willing to bet that is why my task manager shows 2 running versions of Kaspersky which I was already suspicious about thinking that it looks like kaspersky....but seems to have a slightly difference appearance and I suspect it is the Zbot in control and responsible for this. When kaspersky acts as if it is updating itself it is not acting like it normally does. My windows update will not work, my malwarebytes did not start automatically like it should and kaspersky takes a good 3-4 minutes to turn itself on. In fact, I am running a full scan on it again right now that is almost done because I wanted to submit the report and possible files that it found to the folks over at Virustotal so they could check the files and confirm them clean or not clean. I figure if it helps out even a tiny bit in making the computer world a little safer than it is a good thing. When it is done scanning I will also post you a copy so you can take a look at it as well.

I think the best thing to do is to reformat and fresh install the OS again. I do have the OEM disk that samsung sent me however it just has the windows 8 on it, none of their drivers (as stated in my first post) My concern is that this Zbot monster may have spread to other partitions on the hard drive. So my question would be, is it possible for it to have done that? If so then how do I erase the whole entire hard drive so I can start over completely fresh?

Also, I typically use the Google chrome browser but the Zbot was found to be in a few of their update files on my computer. I am wondering if maybe it is somehow stuck attached to one of my bookmarked links and when I import my settings that I also import this virus because I just can't seem to get rid of this thing. I have never had so much problems in my life and it is just completely frustrating.

#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:50 AM

Posted 30 October 2013 - 10:42 PM

OK - Read my reply -

It was about 6 lines long and contained all the information required.

That is all I want in return - Not a full storey on several systems

 

 ... The current OS is windows 8 <= ComboFix will wreck a computer if ever used on Windows 8 systems -

Wrong tool for the wrong system - Use a Sledge Hammer as a Porsche 911 windscreen wiper -

 

Also, I typically use the Google chrome browser <=Fully Uninstall Chrome as it is Not the God it was meant to be -

Fully uninstall as best that you can, do not run any tools except basics (Antivirus) to install it -

Move everything to any other Operating System - Use Windows Internet Explorer 10 (it is better)

 

Post back after that -



#5 on_the_edge

on_the_edge
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 31 October 2013 - 12:09 AM

 

Sorry for long stories. I understand. I was only trying to be helpful. My apologies.

 

Combofix never used on my windows 8

sledgehammer never used on windows 8.....yet :smash:  :grinner:

 

 

3 days ago I uninstalled Google Chrome browser using Revo Uninstaller.

 

Fully uninstall as best that you can, do not run any tools except basics (Antivirus) to install it -

I'm not sure I understand... do you want me to install something?

 

Move everything to any other Operating System -

Not sure what you mean.  I have nothing to backup on this computer.

 

Use Windows Internet Explorer 10 (it is better)

I have been using Internet Explorer for last 3 days.

 

Thank you.


Edited by on_the_edge, 31 October 2013 - 12:45 AM.


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:50 AM

Posted 31 October 2013 - 01:27 AM

OK - I was only trying to be helpful. (I do understand)

 

1 - Do you have any Antivirus program installed ?? :unsure:

2 - You only mentioned Chrome above (glad you use I.E.) :)

3 - Was asking to move out of Chrome, to I.E.10 (you have) not perform back-ups.

 

Now - My turn to post programs -

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

 

Download MiniToolBox, Save it to your desktop and run it.
Checkmark the following boxes:
• List content of Hosts
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
Click Go and copy / paste the result (Result.txt).

 

 

 

Please read fully or copy this -

I'd like you to scan your machine with ESET OnlineScan
1. Hold down Control (Ctrl) key, and click HERE to open ESET OnlineScan in a new window.
2. Click the ESET Online Scanner button.

3 .NOTE :.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

 

- 1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
- 2. Double click on the ESET Online Scanner icon on your desktop.

 

4. Check "YES, I accept the Terms of Use."
 5. Click the Start button.
 6. Accept any security warnings from your browser.
 7. Under scan settings, check "Scan Archives" and "Remove found threats"
8. Click Advanced settings and select the following:

* Scan potentially unwanted applications
* Scan for potentially unsafe applications
* Enable Anti-Stealth technology

9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this will take some time to download the program for a first time, and then download updated data base (Several hours is not unusual)
10. When the scan completes, click List Threats
11. Click Export, and save the file to your desktop using a unique name, such as ESETScan.
- Include the contents of this report in your next reply.
12. Click the Back button.
13. Click the Finish button

NOTE:Sometimes if ESET finds no infections it will not create a log.
* If you lose the log it can be found at C:\Program Files\ESET\EsetOnlineScanner\log.txt
* If no infections are found then just tell me -

 

Thank You -



#7 on_the_edge

on_the_edge
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 31 October 2013 - 04:37 AM

1.  Yes, I have Kaspersky internet security & paid version of Malwarebytes PRO

2.  I mentioned Chrome because I always use it everyday for everything all day, every day.....until I removed it 3 days ago.

 

 

I am posting the results from the Security check 317  and the Mini tool box below and will start the ESET scan and let it run while I sleep and will post results in next post in the morning.

 

 

Results of screen317's Security Check version 0.99.76 
   x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Kaspersky Internet Security  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java 7 Update 45 
 Adobe Reader XI 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe  
 Kaspersky Lab Kaspersky Internet Security 2013 avp.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

 

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Colleen (administrator) on 31-10-2013 at 02:05:54
Running from "C:\Users\Colleen\Desktop"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

 

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/30/2013 08:02:10 PM) (Source: ESENT) (User: )
Description: taskhostex (4844) An attempt to open the file "C:\Users\Colleen\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/30/2013 08:01:42 PM) (Source: Desktop Window Manager) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)

Error: (10/30/2013 01:29:55 PM) (Source: ESENT) (User: )
Description: taskhostex (2784) An attempt to open the file "C:\Users\Colleen\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (10/27/2013 02:12:30 PM) (Source: Desktop Window Manager) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)

Error: (10/27/2013 00:29:28 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/27/2013 00:29:28 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4400}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/27/2013 00:29:28 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/27/2013 00:29:28 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/27/2013 00:29:28 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/27/2013 00:29:28 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

System errors:
=============
Error: (10/30/2013 01:31:31 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (10/30/2013 01:29:08 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:17:56 AM on ?10/?30/?2013 was unexpected.

Error: (10/30/2013 02:24:36 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (10/30/2013 00:27:43 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (10/30/2013 00:27:43 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (10/29/2013 04:45:51 PM) (Source: Service Control Manager) (User: )
Description: The SW Update Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (10/29/2013 04:45:45 PM) (Source: Service Control Manager) (User: )
Description: The SW Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/29/2013 01:35:15 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (10/29/2013 01:35:15 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (10/29/2013 00:13:04 PM) (Source: Service Control Manager) (User: )
Description: The SW Update Service service terminated unexpectedly.  It has done this 1 time(s).

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe Reader XI (11.0.05) (Version: 11.0.05)
Bitcasa version 0.9.20.4135 (Version: 0.9.20.4135)
Cisco Connect (Version: 1.3.11069.2)
CyberLink Power2Go 8 (Version: 8.0.0.1912)
CyberLink PowerDVD 10 (Version: 10.0.4421.02)
Help Desk (Version: 1.0.96)
Intel® Manageability Engine Firmware Recovery Agent (Version: 1.0.0.36843)
Intel® Management Engine Components (Version: 8.1.30.1349)
Intel® Processor Graphics (Version: 9.17.10.2963)
Intel® Rapid Storage Technology (Version: 11.7.0.1013)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Access database engine 2010 (English) (Version: 14.0.6029.1000)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Streets & Trips 2013 (Version: 19.0.17.2200)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.220)
Qualcomm Atheros Client Installation Program (Version: 10.0)
Quick Starter (Version: 1.0.2)
QuickBooks (Version: 24.0.4003.2403)
QuickBooks Pro 2014 (Version: 24.0.4001.2403)
QuickBooks Runtime Redistributable (Version: 1.00.0000)
Realtek Ethernet Controller Driver (Version: 8.4.907.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6818)
Recovery (Version: 6.0.10.0)
Revo Uninstaller 1.95 (Version: 1.95)
S Agent (Version: 1.1.45)
Settings (Version: 2.0.1)
Support Center (Version: 2.1.1106)
SW Update (Version: 2.1.21)
Synaptics Pointing Device Driver (Version: 16.2.14.2)
TrojanHunter 5.5 (Version: 5.5)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 3797.53 MB
Available physical RAM: 2511.76 MB
Total Pagefile: 4853.53 MB
Available Pagefile: 3028.4 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.76 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:441.99 GB) (Free:392.6 GB) NTFS

========================= Users: ========================================

User accounts for \\COLLEEN8

Administrator            Colleen                  Guest                   

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

Thank you and will post last result in the morning. :thumbup2:



#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:50 AM

Posted 31 October 2013 - 03:15 PM

2.  I mentioned Chrome because I always use it everyday for everything all day, every day.....until I removed it 3 days ago.

Google is good, but they should never have released Chrome, as it is ****

 

This is now over-kill please remove it - TrojanHunter 5.5

 

 

Run System File Check from an Elevated Command Prompt
1 Open Elevated Command Prompt as per directions
2 Type sfc /scannow and press Enter (note the space between c and / it must be there)
3 This should take no longer than ~ 20 minutes to finish (often quite less)
4 NOTE : Do not touch the keyboard while this is running.

There is no log output, but it may mention repairing files (or similar)

 

 

Once all is completed a clean up of Temp File garbage -

Download TFC by OldTimer to your desktop

  • Please double-click TFC.exe to run it.
    (Note: If you are running on Vista,W7,W8 right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.  Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

 

Thank You -



#9 on_the_edge

on_the_edge
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 01 November 2013 - 03:41 PM

Good day,

I have been unable to get the ESET scanner to download. i think it might be Kaspersky that is not allowing it as I have discovered they are pretty serious about their security. I was thinking that maybe I could uninstall Kaspersky first and then go to the ESET scanner and let that run and the reinstall Kaspersky. I do have Malwarebytes that is also running so I would still have a layer of protection running.

Do you think that this is ok to do it that way? I wanted to ask you first before doing it because I do not want to make any kind of mistake.

I also have not yet run any of the instructions as you have listed above because I have not been able to do the ESET scanner and I want to follow your directions as given.

Please advise me if I can do your instructions listed in post #8 before I run ESET scanner.

I will do nothing further until I receive your reply as I do not want to mess up anything.

Thank you so very much

#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:50 AM

Posted 03 November 2013 - 12:22 AM

Hi -

Sorry I missed your note. See if this advice helps -

How To Temporarily Disable Your Anti-virus

Yes your Antivirus may be blocling it

 

Regards -



#11 on_the_edge

on_the_edge
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 05 November 2013 - 09:03 AM

Hello,

 

That is ok, I have been out of town and have not had a chance to do much of anything but I will be working on or fighting with my laptop in just a bit and will be getting back here with reports in just a little bit. See you soon.



#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:50 AM

Posted 05 November 2013 - 04:28 PM

Thanks for the Update -

 

I will look again tonight -



#13 on_the_edge

on_the_edge
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 09 November 2013 - 04:05 AM

Hello,

I have tried everything possible to get the ESET scanner to run to no avail. At this point in time I have a bunch of work that is going to keep me busy for the next few weeks and I dont have much time to work with this problem so you can go ahead and close this out just so I dont leave you hanging. When I get some more time I will come back and request to revisit this topic. I thank you for your time and assistance.

#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:50 AM

Posted 09 November 2013 - 04:20 AM

No Problem -

 

I will keep an eye here when you return and will use other methods -

Solve this problem with updating your nVIDIA graphic card driver which version is 306.23~!

If you use an nVIDIA graphic card you'd better try this~

 

 

Regards -


Edited by noknojon, 09 November 2013 - 04:30 AM.


#15 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:50 AM

Posted 14 November 2013 - 04:59 AM

Hi -

I think the Experts may be the better ones to help you -

 

Please follow the instructions in THIS PREP GUIDE starting at Step #6.

NOTE - If you cannot complete a step, skip it and continue.

 

 Once the proper DDS logs are created, then make a NEW TOPIC and Copy / Paste the logs to =>
Virus, Trojan, Spyware, and Malware Removal Logs. area -

 

Thank You -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users