Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Crack Attack - Virux or FakeAV


  • Please log in to reply
24 replies to this topic

#1 Scarlet Skippy

Scarlet Skippy

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 21 April 2014 - 09:46 AM

I clicked on a You Tube video link titled "Incredimail Crack", looking for a email converter. I wasn't aware of what crack meant. Since then,

 

1: A video ran without being able to be seen (just heard)

2: A popup ad appeared for a dating site, that didn't seem appropriate

3: Another popup ad appeared, that looks appropriate but only started appearing after running the You Tube video (and should have before then)

4: When clicking on a new tab, there are several panels on the screen of previously used websites. These were all changed to one site.

 

I have recently bought the laptop. It runs WIndows 8.1. I have Malwarebytes Pro & Norton 360 running. I have run full scans for both and there are no results.

 

The only info I have so far is that it could be a Virux or FakeAV Malware. I tried searching for Virux on Bleeping Computer and got no results.

 

I'd appreciate any suggestions on what it might be and how to fix it. Thanks in advance.



BC AdBot (Login to Remove)

 


#2 Scarlet Skippy

Scarlet Skippy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 21 April 2014 - 09:52 AM

Additionally, the download link was titled "ABC Amber Incredimail Converter Crack Keymaker - You Tube......" & was uploaded by Chau Brooks (if that helps).



#3 Scarlet Skippy

Scarlet Skippy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 23 April 2014 - 02:29 AM

I don't know if it is related, but I just deleted a new user that was listed under C:\Users  . It had auto at the end of its name. I didn't think to write down the name as I was alarmed that it was even there.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:54 AM

Posted 23 April 2014 - 11:58 AM

Lets also run these...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Scarlet Skippy

Scarlet Skippy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 28 April 2014 - 09:01 AM

Hi Boopme.

 

Thanks for your help. I ran Mini Toolbox and it said it was finding IPConfig (after immediately writing the Result.txt file). I closed it using Task Manager as it wouldn't otherwise close. I posted Result.txt below.

 

I then disabled Norton 360 Anti Virus & Firewall & ran TDSSKiller.exe from the Desktop. I wasn’t able to copy the report though (rightclick won’t work in this context).

 

I then ran ADW Cleaner. The report is posted below.

 

I then ran JRT. It came up with an error – “Non 7z Archive”.

 

I ran ESET & it found 5 infections, and cleaned 4. The log is below.

 

--------------------------------------------------------------------------------------------------------------

MiniToolBox by Farbar  Version: 23-01-2014

Ran by Thomas (administrator) on 28-04-2014 at 20:39:42

Running from "C:\Users\David\Desktop"

Microsoft Windows 8.1  (X64)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ==============================

 

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

 

 

 

========================= IP Configuration: ================================

 

Qualcomm Atheros AR956x Wireless Network Adapter = Wi-Fi (Connected)

Qualcomm Atheros AR8171/8175 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)

Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Media disconnected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled

set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="Bluetooth Network Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set interface interface="other_2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

set subinterface interface=?? subinterface=ethernet_7 mtu=1400

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : Vincents2

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Bluetooth Network Connection 2:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2

   Physical Address. . . . . . . . . : 48-D2-24-83-BA-6C

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Local Area Connection* 2:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter

   Physical Address. . . . . . . . . : 1A-D2-24-83-9A-C8

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wi-Fi:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Qualcomm Atheros AR956x Wireless Network Adapter

   Physical Address. . . . . . . . . : 48-D2-24-83-9A-C8

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::41d7:fcb2:3f5:1c89%6(Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.0.22(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : Sunday, 27 April 2014 4:16:36 PM

   Lease Expires . . . . . . . . . . : Tuesday, 29 April 2014 2:40:03 PM

   Default Gateway . . . . . . . . . : 192.168.0.1

   DHCP Server . . . . . . . . . . . : 192.168.0.1

   DHCPv6 IAID . . . . . . . . . . . : 105435684

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-0E-43-0F-00-8C-FA-90-54-FB

   DNS Servers . . . . . . . . . . . : 192.168.0.1

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Ethernet:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Qualcomm Atheros AR8171/8175 PCI-E Gigabit Ethernet Controller (NDIS 6.30)

   Physical Address. . . . . . . . . : 00-8C-FA-90-54-FB

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{230F0EE8-805C-41DD-986E-93E8E8E5ACFE}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:46c:146d:8569:9af4(Preferred)

   Link-local IPv6 Address . . . . . : fe80::46c:146d:8569:9af4%10(Preferred)

   Default Gateway . . . . . . . . . : ::

   DHCPv6 IAID . . . . . . . . . . . : 402653184

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-0E-43-0F-00-8C-FA-90-54-FB

   NetBIOS over Tcpip. . . . . . . . : Disabled

DNS request timed out.

    timeout was 2 seconds.

Server:  UnKnown

Address:  192.168.0.1

 

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

 

Pinging google.com [74.125.237.197] with 32 bytes of data:

Reply from 74.125.237.197: bytes=32 time=312ms TTL=58

Reply from 74.125.237.197: bytes=32 time=696ms TTL=58

 

Ping statistics for 74.125.237.197:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 312ms, Maximum = 696ms, Average = 504ms

DNS request timed out.

    timeout was 2 seconds.

Server:  UnKnown

Address:  192.168.0.1

 

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

-------------------------------------------------------------------------------------------------------------

 

# AdwCleaner v3.204 - Report created 28/04/2014 at 21:44:59

# Updated 26/04/2014 by Xplode

# Operating System : Windows 8.1  (64 bits)

# Username : Thomas - VINCENTS2

# Running from : C:\Users\David\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Users\Thomas\AppData\Local\PackageAware

File Deleted : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\nacrozkl.default\searchplugins\safesearch.xml

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17037

 

 

-\\ Mozilla Firefox v28.0 (en-US)

 

[ File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\nacrozkl.default\prefs.js ]

 

 

[ File : C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\qht09ket.default\prefs.js ]

 

 

*************************

 

AdwCleaner[R0].txt - [1022 octets] - [28/04/2014 21:41:53]

AdwCleaner[S0].txt - [949 octets] - [28/04/2014 21:44:59]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1008 octets] ##########

-----------------------------------------------------------------------------------------------------------------------------------

 

C:\Users\All Users\{DEC6EE7E-A3CC-421D-A411-C328E73F4136}\setup.res           a variant of Win32/HiddenStart.A potentially unsafe application   

C:\ProgramData\{DEC6EE7E-A3CC-421D-A411-C328E73F4136}\setup.res               a variant of Win32/HiddenStart.A potentially unsafe application    deleted - quarantined

C:\Users\Thomas\Downloads\ccsetup411.exe  Win32/Bundled.Toolbar.Google.D potentially unsafe application                deleted - quarantined

C:\Users\Thomas\Downloads\FoxitReader614.0217_enu_Setup.exe     a variant of Win32/OpenCandy.A potentially unsafe application           deleted - quarantined

C:\Users\Thomas\Downloads\spsetup125.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application                deleted - quarantined



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:54 AM

Posted 28 April 2014 - 12:27 PM

Well I doesn't look bad now// A crack is an illegal application.. these are usually combined with malware. Looks like you did not install it.
Was the TDSS log clean. At the end it will found 0...

Lets run one more

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Scarlet Skippy

Scarlet Skippy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 29 April 2014 - 06:11 AM

TDSS was clean. Before I run aswMBR, Firefox & Internet Explorer are now corrupted. I mainly use Firefox. Issues include;

 

1: I set the Download option to ask me where to save files, and it resets to save to Downloads without asking me.

2: When I restart Firefox I get three tabs. 2 are Firefox, and the third is for a Password Addon that I had installed for Firefox. I had set my homepage to The Guardian newspaper.

3: I have a programme called Multirow Toolbar, where I store Bookmarks I regularly use. I can set how many rows to display, which I set to 3 rows. However it keeps resetting and asking me to set how many rows I want to display

4: The Firefox icon in the Quick Launch toolbar loses its icon picture. Pressing it still takes me to Firefox, but it is not behaving as it should.

 

There may be other problems, but I haven't investigated further. Do you still want me to run aswMBR?



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:54 AM

Posted 29 April 2014 - 01:15 PM

You may want to reset them to default and then make modifications again.

How to reset Internet Explorer settings
Reset Firefox to its default state

Now to fix the other issues...
Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Scarlet Skippy

Scarlet Skippy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 30 April 2014 - 08:46 AM

I reset Firefox & Internet Explorer, and Firefox at least seems to be ok. I don't use Internet Explorer.

 

I then tried running Windows Repair (All in One). I unchecked the automatic install and unchecked the AVG? toolbar & Home page they wanted me to install. It scanned my system, and then wanted me to pay for the programme. It says on one of your screenshots that the programme is free. I guess it is only free if I install their toolbar.

 

As long as I can uninstall the thing at the end I don't mind installing it in this instance. Are you sure I can uninstall it at the end?

 

Also I asked if you wanted me to still run aswMBR but got no reply.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:54 AM

Posted 30 April 2014 - 06:24 PM

Did you select one of these?
- Mirror #1 MajorGeeks.com

- Mirror #2 OlderGeeks.com
- Mirror #3 BleepingComputer.com
- Mirror #4 TechSpot.com

- Direct Download

I see there are a couple updates needed for the canned with this latest version.

Skip the Online steps 1 and 2,after install for now.
we can get it off.


EDIT and run aswMBR, first..

Edited by boopme, 30 April 2014 - 06:25 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Scarlet Skippy

Scarlet Skippy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 03 May 2014 - 04:34 AM

I ran aswMBR.

 

I then ran Windows Repair (All in One). Unfortunately, after starting I realised I needed to disable the antivirus, which meant switching to my Admin account. I turned off the Norton 360 Firewall & Antivirus, and Malwarebytes Protection. I switched back to my normal user account, and it completed. It then asked me to restart. I did, and a blue screen saying "Operations arein progress, please wait. The machine will be turned off automatically after the operations are complete" appeared. I left the laptop on overnight, and it was still on this morning.

 

I turned the laptop off and turned back on, and the blue screen and message were still there. I then tried pressing Control, ALt, Delete. There was no response. I then turned it off and closed the lid. Opening the lid, the message is still there.

 

I am writing from my spare laptop.

 

Can you please tell me what to do now? Thanks.



#12 Scarlet Skippy

Scarlet Skippy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 03 May 2014 - 04:38 AM

You also stated that for WIndows 8 users, Reset Registry Permissions is not checked by design. The screenshot shows that Registry Permissions is indeed checked (as happened for me). But the one under that (Reset File Permissions) was the one that was not checked. I hope that was what you meant.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:54 AM

Posted 03 May 2014 - 09:51 AM

Are you still blue screened?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Scarlet Skippy

Scarlet Skippy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 03 May 2014 - 08:58 PM

Yes. I don't know if it is the blue screen of death I've had on the Vista laptop & heard others talk of. The blue is the WIndows 8.1 blue. And the error message is still there. I had closed the lid for the last 24 hours, but I had it running for at least 24hrs prior to that and had no response as mentioned.

 

There is a recovery partition built into the laptop. Perhaps resetting the laptop is the solution?



#15 Scarlet Skippy

Scarlet Skippy
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:54 PM

Posted 04 May 2014 - 04:45 AM

Sorry. The power button on the laptop only put the computer to sleep. Holding it down for 5 secs turned it off (I only just bought it). It has rebooted fine. Below are the answMBR logs from when I first ran it on 1 May, and just now 4 May.

 

---------------------------------------------------------------------------------------------------------------------------------------------------

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-05-01 23:27:30
-----------------------------
23:27:30.578    OS Version: Windows x64 6.2.9200
23:27:30.578    Number of processors: 4 586 0x4501
23:27:30.579    ComputerName: VINCENTS2  UserName: Thomas
23:27:30.983    Initialze error 1
23:37:31.246    AVAST engine defs: 14042901
23:38:21.181    The log file has been saved successfully to "C:\Users\David\Documents\Personal\Computer\Logs\aswMBR.txt"

 

------------------------------------------------------------------------------------------------------------------------------------------------------

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-05-04 19:12:33
-----------------------------
19:12:33.521    OS Version: Windows x64 6.2.9200
19:12:33.521    Number of processors: 4 586 0x4501
19:12:33.521    ComputerName: VINCENTS2  UserName: Thomas
19:12:33.818    Initialze error 1
19:32:08.086    AVAST engine defs: 14050400
19:42:00.844    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000033
19:42:00.844    Disk 0 Vendor: TOSHIBA_MQ01ABD075 AX0A4M Size: 715404MB BusType: 11
19:42:01.031    Disk 0 MBR read successfully
19:42:01.031    Disk 0 MBR scan
19:42:01.172    Disk 0 unknown MBR code
19:42:01.203    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
19:42:01.203    Disk 0 scanning C:\Windows\system32\drivers
19:42:01.219    Service scanning
19:42:01.891    Modules scanning
19:42:01.891    Disk 0 trace - called modules:
19:42:01.907    ntoskrnl.exe CLASSPNP.SYS disk.sys Wdf01000.sys THAccel.sys hal.dll
19:42:01.907    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000e96f2770]
19:42:01.907    3 CLASSPNP.SYS[fffff800b067027b] -> nt!IofCallDriver -> [0xffffe000e96f4040]
19:42:01.954    AVAST engine scan C:\Windows






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users