Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP.Optional found, INVALID_P...PT bluscrn crash, explorer.exe crashes freq.


  • This topic is locked This topic is locked
2 replies to this topic

#1 Audiotape

Audiotape

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:46 AM

Posted 23 February 2014 - 05:24 PM

  1. My PC will sometimes go to bluescreen at Windows Login Screen when I use both the touchpad and click buttons to move the mouse to select User Account. The Bluescreen error has been included as an attachment and I've transcribed technical information:
    1. INVALID_PROCESS_ATTACH_ATTEMPT STOP: 0x00000005 (0xFFFFFA8003B4F740, 0xFFFFFA800659DB30, 0x0000000000000000, 0x0000000000000001)
      1. Dumping of Physical Information always reaches 100, then computer shuts down. When PC is turned on, 100% fan is indefinite through normal boot (which is always sluggish and I get options to boot normally, safe mode, safeM + CMD,...etc.) and throughout usage. If I do not manually restart the computer, the computer fan will sit at 100% indefinitely. Laptop and vents have not been disassembled and cleaned in one year, and Laptop has never shut down from overheating nor has ever warned about overheating.
    2. Keyboard Keys do NOT send PC to bluescreen.
    3. If for some reason my Login Account is already selected, even if I enter password and hit enter, i can crash at any time if the touchpad is simply touched, up until the blue loading screen vanishes revealing desktop.
    4. Using a mouse or any USB ports do not send PC to bluescreen.
    5. I've tried waiting a few minutes for the computer to sit at Windows Login screen before using trackpad and click buttons, but it still goes to bluescreen.
    6. Happens with all combinations of battery installed/absent + plugged in/unplugged.
    7. My Computer Repair guy told me to unplug battery, unplug charging cable, and hold the power button down for 20 seconds. Did not resolve issue nor does it succeed in resolving 100% fan speed during post-crash boot.
    8. He also told me to run a CHKDSK, and during the CHKDSK there was some error, I do not recall if it navigated this error and finished CHKDSK or not, it was many months ago. September/October most likely. Haven't run CHKDSK since, as failing during CHKDSK doesn't sound too healthy.
  2. There was recent Trojan.Horse Virus found by AVG during user scan that was moved to VV and eventually deleted, if i recall correctly. I cannot find its name. I might not have taken the threat seriously because I remember downloading multiple trialwear or something that stated antivirus can falsely flag it. I probably deleted the file after it was moved to VV.
  3. explorer.exe crashes and restarts after clicking ok on a .NET Runtime error popup. Additional information is displayed but I do not have any more info about it to post at the moment. Note: explorer.exe only crashes after I click ok or hit enter on keyboard to close/acknowledge the popup. Programs frequently crash and documents sometimes close during this process. I have not found a cause and it seems to happen randomly. Sometimes 4-5 times in a ~4 hour period. I don't know what to do about it.
    1. Event Viewed log from one crash: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5236.  Message ID: [0x2509].
  4. I recall explorer.exe crashing due to some C++ redistrutable error, or possibly the .NET error has C++ lingo in it.
  5. Possibly nothing, but Malwarebytes continuily tells me it is out of date by seemingly random time frames, sometimes as long as a year. This happens multiple times a day, and as frequently as every 20 minutes via taskbar notifs.
    1. Recently deleted MBAM, and redownloaded installer from their website, as well as upgraded to to MBAM Pro.
  6. MBAM has quarantined 3 potential malware recently
    1. PUP.Optional.Conduit.A; PUP.Optional.Browse; PUP.Optional.4.Shared
    2. MBAM must be set to automatically delete quarantines, because MBAM has flagged and quarantined many more malware over they year+ I have been using it, and they disappear and these recently found will probably disappear in due time as well. 
  7. Unrelated to the Combofix, a few days prior, my PC encountered an error during Windows Update, proceeded to hang for a few minutes at the update screen, then my PC's fan began oscillating between (what sounded like) 50%-100% speed. The period of oscillation was roughly 3-4 seconds. This lasted until the Windows said it was "cleaning up.... ...", this finished and the computer rebooted. Many of my icons on my task bar refused to show and it took many reboots to get them to show. I left this out on the initial thread I made on the forums.
    1. Windows Update has been manually turned off and will remain so until instructed otherwise.

 

EDIT: ADDITIONAL INFO in this thread here detailing other antimalware tools I ran along with Combofix out of curiosity. 

http://www.bleepingcomputer.com/forums/t/525470/performed-surgery-on-my-pc-with-no-knowledge-of-post-op-carei-ran-combofix/

 

Attachments appear to be hidden from public; when I click edit post they show attached. Let me know If I need to "add attachments to post" after attaching.

 

EDIT2: Fixed attachments.

Edit (hopefully the last one): Added info about .NET error found in E.V., Added info from father post about Window Update Issue.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by Chad at 15:47:50 on 2014-02-23
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3894.824 [GMT -5:00]
.
AV: AVG Internet Security 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\SysWOW64\NlsSrv32.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Chad\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Logitech Gaming Software\LU_1\LULnchr.exe
C:\Program Files\Logitech Gaming Software\LU_1\LogitechUpdate.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SndVol.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
C:\Program Files (x86)\Steam\GameOverlayUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\msdtc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\prevhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\mmc.exe
C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <-loopback>
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [F.lux] "C:\Users\Chad\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [BrowserSafeguard] "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3B580B6A-4A90-4BC6-813E-30869AEBFFE9} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3B580B6A-4A90-4BC6-813E-30869AEBFFE9}\14962777166756D23303D21323 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{3B580B6A-4A90-4BC6-813E-30869AEBFFE9}\14962777166756D23323D20353 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{3B580B6A-4A90-4BC6-813E-30869AEBFFE9}\34861646723702A2E45677A202960586F6E65602 : DHCPNameServer = 172.26.38.1 172.26.38.2
TCP: Interfaces\{3B580B6A-4A90-4BC6-813E-30869AEBFFE9}\3557D6D6562737931313 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{3B580B6A-4A90-4BC6-813E-30869AEBFFE9}\84F4D454D273233423 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{D464C8EA-66C1-409F-AFD1-454BD35D85B9} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\48na09ov.default\
FF - ExtSQL: 2014-01-23 20:43; {F003DA68-8256-4b37-A6C4-350FA04494DF}; C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF - ExtSQL: 2014-02-01 23:28; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\Chad\AppData\Roaming\Mozilla\Firefox\Profiles\48na09ov.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-11-25 196376]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-25 150808]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 243480]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2014-2-13 46368]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2013-9-24 1358944]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-1-22 3788816]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2013-6-7 376144]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2013-4-30 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2013-8-15 72216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-22 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-22 701512]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\System32\NlsSrv32.exe --> C:\Windows\System32\NlsSrv32.exe [?]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-2-13 1772056]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-6 248248]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-20 169584]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2013-5-30 64280]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-22 25928]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192Ce.sys [2010-4-28 932384]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-7-3 34544]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-2-19 2151744]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-13 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-15 289256]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-15 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-15 1255736]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
.
=============== Created Last 30 ================
.
2014-02-23 13:07:02 -------- d-----w- C:\Users\Chad\My Tools and Settings
2014-02-23 12:17:50 -------- d-----w- C:\Users\Chad\My Apps
2014-02-23 12:16:51 -------- d-----w- C:\Apps
2014-02-22 13:54:18 -------- d-----w- C:\Program Files\Logitech Gaming Software
2014-02-22 12:52:47 53248 ----a-r- C:\Users\Chad\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2014-02-22 10:02:06 -------- d-sh--w- C:\$RECYCLE.BIN
2014-02-22 10:00:27 -------- d-s---w- C:\ComboFix
2014-02-22 09:28:52 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-22 09:28:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-22 03:55:50 -------- d-----w- C:\Users\Chad\AppData\Local\LogMeInIgnition
2014-02-22 03:42:09 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FDAC2E69-E4D7-4A81-B433-9BD162299956}\mpengine.dll
2014-02-20 06:19:12 -------- d-----w- C:\Users\Chad\AppData\Roaming\AVS4YOU
2014-02-20 06:18:56 -------- d-----w- C:\ProgramData\AVS4YOU
2014-02-20 06:17:07 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia
2014-02-20 06:16:56 -------- d-----w- C:\Program Files (x86)\AVS4YOU
2014-02-20 05:59:21 -------- d-----w- C:\Windows\en
2014-02-20 03:59:03 -------- d-----w- C:\Users\Chad\AppData\Roaming\VideoEditor
2014-02-20 03:48:19 -------- d-----w- C:\Program Files (x86)\Pure Motion
2014-02-20 03:48:15 -------- d-----w- C:\Program Files (x86)\DebugMode
2014-02-20 03:48:13 -------- d-----w- C:\Program Files (x86)\Sonic Foundry
2014-02-20 03:31:49 -------- d-----w- C:\Program Files (x86)\TrashReg
2014-02-20 03:08:30 -------- d-----w- C:\ProgramData\HighAndes
2014-02-20 03:05:21 -------- d-----w- C:\Program Files (x86)\HighAndes
2014-02-20 02:23:36 -------- d-----w- C:\Users\Chad\AppData\Roaming\ProductData
2014-02-20 02:23:28 -------- d-----w- C:\Users\Chad\AppData\Roaming\IObit
2014-02-20 02:23:26 -------- d-----w- C:\ProgramData\IObit
2014-02-20 02:23:25 -------- d-----w- C:\ProgramData\ProductData
2014-02-20 02:23:22 -------- d-----w- C:\Program Files (x86)\IObit
2014-02-20 02:00:05 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2014-02-20 01:46:52 -------- d-----w- C:\Program Files (x86)\Time Stopper
2014-02-17 10:01:03 -------- d-----w- C:\ProgramData\Pinnacle VideoSpin
2014-02-17 09:53:52 -------- d-----w- C:\ProgramData\VideoSpin
2014-02-17 09:53:52 -------- d-----w- C:\Program Files (x86)\Common Files\Yahoo!
2014-02-17 08:36:05 257624 ----a-w- C:\Windows\System32\unrar64.dll
2014-02-17 08:35:59 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2014-02-17 08:20:04 -------- d-----w- C:\Windows\Migration
2014-02-17 07:38:28 -------- d-----w- C:\Users\Chad\temp
2014-02-17 07:37:03 -------- d-----w- C:\Users\Chad\AppData\Local\Avid
2014-02-17 07:36:47 -------- d-----w- C:\Program Files (x86)\Common Files\Pinnacle
2014-02-17 07:20:59 540688 ----a-w- C:\Windows\System32\d3dx10_38.dll
2014-02-17 07:19:30 -------- d-----w- C:\ProgramData\Avid
2014-02-17 07:19:01 -------- d-----w- C:\Users\Chad\AppData\Local\PMB Files
2014-02-17 07:18:56 -------- d-----w- C:\Program Files (x86)\Pando Networks
2014-02-17 07:18:50 -------- d-----w- C:\Users\Chad\AppData\Local\Pando_Temp
2014-02-17 07:17:52 -------- d-----w- C:\ProgramData\PCTV Systems
2014-02-17 07:13:54 -------- d-----w- C:\Users\Chad\AppData\Local\Pinnacle
2014-02-17 07:13:44 -------- d-----w- C:\Program Files (x86)\Pinnacle
2014-02-17 07:13:33 -------- d-----w- C:\Users\Chad\AppData\Local\Downloaded Installations
2014-02-17 04:47:21 -------- d-----w- C:\Users\Chad\AppData\Roaming\MPC-HC
2014-02-17 04:41:16 218200 ----a-w- C:\Windows\SysWow64\unrar.dll
2014-02-15 20:42:29 -------- d-----w- C:\Program Files\McAfee Security Scan
2014-02-13 18:11:46 -------- d-----w- C:\Users\Chad\AppData\Local\AVG SafeGuard toolbar
2014-02-13 18:11:36 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-02-13 18:11:00 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2014-02-13 18:10:59 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2014-02-13 18:10:58 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2014-02-13 08:01:10 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-13 08:01:10 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-12 16:36:59 -------- d-----w- C:\Users\Chad\AppData\Roaming\Dogecoin
2014-02-12 16:33:03 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-12 16:33:03 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-02-12 16:33:03 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-12 16:33:03 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-11 03:02:31 -------- d-----w- C:\Users\Chad\AppData\Roaming\avidemux
2014-02-11 03:02:26 -------- d-----w- C:\Program Files\Avidemux 2.6 - 64bits
2014-02-06 18:00:59 -------- d-----w- C:\Program Files (x86)\Western Digital
2014-02-06 18:00:59 -------- d-----w- C:\Program Files (x86)\Common Files\Western Digital
2014-02-06 17:57:39 -------- d-----w- C:\Program Files (x86)\CrystalDiskInfo
2014-02-06 17:43:12 98816 ----a-w- C:\Windows\sed.exe
2014-02-06 17:43:12 256000 ----a-w- C:\Windows\PEV.exe
2014-02-06 17:43:12 208896 ----a-w- C:\Windows\MBR.exe
2014-02-06 14:32:36 -------- d-----w- C:\Program Files (x86)\Easy Video Splitter
2014-02-06 11:35:07 -------- d-----w- C:\Users\Chad\AppData\Local\HighAndes
2014-02-06 11:35:01 66560 ----a-w- C:\Windows\SysWow64\NlsSrv32.exe
2014-02-06 11:34:42 -------- d-----w- C:\Users\Chad\AppData\Roaming\Blue Cat Audio
2014-02-06 11:10:05 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-02-06 11:09:54 -------- d-----w- C:\Windows\PCHEALTH
2014-02-06 11:09:21 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2014-02-06 11:09:21 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
2014-02-06 11:09:21 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
2014-02-06 11:09:21 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
2014-02-06 11:09:20 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll
2014-02-06 11:09:20 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2014-02-06 11:09:19 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2014-02-06 11:09:19 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2014-02-06 11:08:49 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2014-02-06 11:08:49 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2014-02-06 11:08:31 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2014-02-06 11:08:31 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2014-02-06 11:08:18 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bc22c9761cf232b04\DSETUP.dll
2014-02-06 11:08:18 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bc22c9761cf232b04\DXSETUP.exe
2014-02-06 11:08:18 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bc22c9761cf232b04\dsetup32.dll
2014-02-06 11:07:59 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b15d84c61cf232b02\DSETUP.dll
2014-02-06 11:07:59 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b15d84c61cf232b02\DXSETUP.exe
2014-02-06 11:07:59 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b15d84c61cf232b02\dsetup32.dll
2014-02-06 11:07:52 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aba979651cf232b01\DSETUP.dll
2014-02-06 11:07:52 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aba979651cf232b01\DXSETUP.exe
2014-02-06 11:07:52 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aba979651cf232b01\dsetup32.dll
2014-02-06 11:07:32 -------- d-----w- C:\Users\Chad\AppData\Local\Windows Live
2014-02-06 11:07:22 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2014-02-04 22:29:56 -------- d-----w- C:\Program Files (x86)\XviD
2014-02-04 22:10:50 -------- d-----w- C:\Program Files\Eraser
2014-02-03 23:09:41 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-03 20:36:23 -------- d-----w- C:\ProgramData\McAfee Security Scan
2014-02-02 08:18:58 -------- d-----w- C:\Users\Chad\.MCTranscodingSDK
2014-02-02 08:17:27 -------- d-----w- C:\ProgramData\Geevs
2014-02-02 08:16:15 -------- d-----w- C:\Program Files\Lightworks
2014-02-02 06:28:48 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-02 04:32:48 -------- d-----w- C:\Users\Chad\dwhelper
2014-01-29 19:12:32 41008 ----a-w- C:\Windows\SysWow64\RGBAcodec.dll
2014-01-28 00:46:09 -------- d-----w- C:\HashiCorp
2014-01-28 00:39:14 -------- d-----w- C:\Users\Chad\.VirtualBox
2014-01-28 00:37:59 252688 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2014-01-28 00:33:22 126736 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2014-01-28 00:33:17 -------- d-----w- C:\Program Files\Oracle
.
==================== Find3M  ====================
.
2014-02-22 18:13:34 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2014-02-21 01:56:35 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 01:56:35 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-01-24 00:56:20 82920 ----a-w- C:\Windows\SysWow64\mslvddsfilter2.ax
2014-01-22 01:00:29 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2014-01-22 01:00:28 92488 ----a-w- C:\Windows\System32\LMIinit.dll
2014-01-22 01:00:28 35656 ----a-w- C:\Windows\System32\LMIport.dll
2014-01-10 18:31:32 322240 ----a-w- C:\Windows\WLXPGSS.SCR
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-18 22:16:44 154896 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
2013-12-18 22:16:44 140560 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2013-12-18 22:13:30 204048 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
2013-12-18 11:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-12 19:52:35 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll
2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-26 11:40:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys
2013-11-26 08:16:50 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-11-26 02:47:22 196376 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-11-26 02:47:20 243480 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-26 02:47:20 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
.
============= FINISH: 15:48:14.21 ===============

Attached Files


Edited by Audiotape, 23 February 2014 - 06:47 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:46 AM

Posted 27 February 2014 - 09:19 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:46 AM

Posted 03 March 2014 - 09:39 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users