Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Runtime error 216


  • Please log in to reply
4 replies to this topic

#1 lingle873333

lingle873333

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 06 May 2014 - 07:38 PM

I have been unable, for the past 2 days, to open any video file with any software: Zoom Player, VLC, Media Player Classic, Windows Media Player, Quicktime Player.  I receive the following messages, in order:

1.  "Access violation at address 77BA32CD in module ntdll.dll. Read of address 06F480C0"

2.  "The instruction at 0x77ba332f referenced memory at 0x00000004.  The memory could not be read."

3.  "Runtime error 216 at 77BA332F"

 

On other forums, I have heard that this problem is caused by an infection by a Trojan called SubSeven.  I've scanned the machine with Malwarebytes, Super Anti Spyware and AVG.  If SubSeven is there, none of these programs found it.  The problem is still there--same error messages.  Any ideas?



BC AdBot (Login to Remove)

 


#2 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 07 May 2014 - 05:51 PM

Hallo lingle873333 and :welcome:

Would you do the following:

Download Screen317 Security Check HERE and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do so

Please download MiniToolBox HERE to your desktop to run it.
Checkmark the following boxes:
* List content of Hosts
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (do NOT change any settings here)
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and Copy / Paste the result. (result.txt)

 

Also try running ChkDsk to check your drive for errors. Right-click your Drive icon/ Properties/ Tools/ Error Checking.  Try it first by not checking either box (this will run it in a Read-only mode) to see if it flags any hard drive or file problems.  If it does, restart  it by ticking both boxes, and rerun it to allow it to attempt to fix any found problems.

 

Thank you!



#3 lingle873333

lingle873333
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 08 May 2014 - 02:28 PM

Thanks very much, Alex&Vanko, for helping me out.  Here are the logs you requested:

 

MiniTooBox--

MiniToolBox by Farbar  Version: 23-01-2014
Ran by jfitch (administrator) on 08-05-2014 at 15:23:35
Running from "C:\Users\jfitch.THEFITCHSTUDIO\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/08/2014 03:19:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: solitaire.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc9f9
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x2e48
Faulting application start time: 0xsolitaire.exe0
Faulting application path: solitaire.exe1
Faulting module path: solitaire.exe2
Report Id: solitaire.exe3
 
Error: (05/08/2014 03:07:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: solitaire.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc9f9
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x2ed0
Faulting application start time: 0xsolitaire.exe0
Faulting application path: solitaire.exe1
Faulting module path: solitaire.exe2
Report Id: solitaire.exe3
 
Error: (05/08/2014 03:07:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: minesweeper.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc9f5
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x2d58
Faulting application start time: 0xminesweeper.exe0
Faulting application path: minesweeper.exe1
Faulting module path: minesweeper.exe2
Report Id: minesweeper.exe3
 
Error: (05/08/2014 03:06:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: minesweeper.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc9f5
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x73c
Faulting application start time: 0xminesweeper.exe0
Faulting application path: minesweeper.exe1
Faulting module path: minesweeper.exe2
Report Id: minesweeper.exe3
 
Error: (05/08/2014 02:51:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: minesweeper.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc9f5
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x276c
Faulting application start time: 0xminesweeper.exe0
Faulting application path: minesweeper.exe1
Faulting module path: minesweeper.exe2
Report Id: minesweeper.exe3
 
Error: (05/08/2014 01:19:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: HPSF.exe, version: 7.4.45.4, time stamp: 0x5277ff0b
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x2cac
Faulting application start time: 0xHPSF.exe0
Faulting application path: HPSF.exe1
Faulting module path: HPSF.exe2
Report Id: HPSF.exe3
 
Error: (05/08/2014 02:20:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.
 
Error: (05/07/2014 03:43:21 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2472173757-1120821206-786247379-1131.old).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {904783f4-4f12-4276-beee-ade948625c51}
 
Error: (05/07/2014 00:50:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: Acrobat.exe, version: 10.1.9.22, time stamp: 0x52b1d7e3
Faulting module name: TouchUp.api, version: 10.1.9.22, time stamp: 0x52b1e4e0
Exception code: 0xc0000005
Fault offset: 0x0009e24a
Faulting process id: 0x1318
Faulting application start time: 0xAcrobat.exe0
Faulting application path: Acrobat.exe1
Faulting module path: Acrobat.exe2
Report Id: Acrobat.exe3
 
Error: (05/07/2014 00:53:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "asmv2:clrClassInvocation1".Error in manifest or policy file "asmv2:clrClassInvocation2" on line asmv2:clrClassInvocation3.
The element asmv2:clrClassInvocation appears as a child of element urn:schemas-microsoft-com:asm.v1^entryPoint which is not supported by this version of Windows.
 
 
System errors:
=============
Error: (05/08/2014 03:05:54 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (05/08/2014 02:07:46 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (05/08/2014 01:13:47 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (05/07/2014 06:37:55 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (05/07/2014 11:45:53 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (05/07/2014 05:08:37 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (05/07/2014 05:08:35 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (05/06/2014 07:27:36 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (05/05/2014 00:38:23 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.
 
Error: (05/05/2014 00:38:21 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 252.
 
 
Microsoft Office Sessions:
=========================
Error: (04/19/2014 03:20:59 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 46520 seconds with 360 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-22 09:55:59.989
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-22 09:55:59.911
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-10-15 12:38:57.468
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ac3filter64.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-15 12:38:57.443
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-15 12:21:53.545
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ac3filter64.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-15 12:21:53.523
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-15 12:08:01.518
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ac3filter64.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-15 12:08:01.496
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-15 10:19:12.003
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ac3filter64.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-10-15 10:19:11.982
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
AC3Filter 1.63b (Version: 1.63b)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.9)
Adobe AIR (Version: 4.0.0.1390)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Design Standard (Version: 5.5)
Adobe Digital Editions 2.0 (Version: 2.0.1)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Akamai NetSession Interface
AMD Catalyst Control Center (Version: 2014.0417.2226.38446)
AMD Catalyst Install Manager (Version: 8.0.916.0)
AMD Wireless Display v3.0 (Version: 1.0.0.15)
Anti-Twin (Installation 8/23/2013)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Burning Studio 6 FREE v.6.80 (Version: 6.8.0)
ATI Stream SDK v2 Developer (Version: 2.2.0.0)
AVG 2014 (Version: 14.0.3931)
AVG 2014 (Version: 14.0.4577)
AVG 2014 (Version: 2014.0.4577)
AVG SafeGuard toolbar (Version: 15.2.0.5)
AVS Audio Converter 7 (Version: 7.0.6.519)
AVS Audio Editor 7.1 (Version: 7.1.6.484)
AVS Audio Recorder version 4.0 (Version: 4.0.1.21)
AVS Screen Capture version 2.0.2
AVS Update Manager 1.0
AVS Video Converter 8 (Version: 8.3.3.535)
AVS Video Editor 6 (Version: 6.3.3.235)
AVS Video Recorder 2.5 (Version: 2.5.4.84)
AVS4YOU Software Navigator 1.4
AxCrypt 1.7.2687.0 (Version: 1.7.2687.0)
Bass Audio Decoder (remove only)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Belarc Advisor 8.2 (Version: 8.2.6.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Bonjour (Version: 2.0.5.0)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
calibre (Version: 1.21.0)
CameraHelperMsi (Version: 13.40.836.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2014.0417.2226.38446)
Catalyst Control Center InstallProxy (Version: 2014.0417.2226.38446)
Catalyst Control Center Localization All (Version: 2014.0417.2226.38446)
CCC Help Chinese Standard (Version: 2014.0417.2225.38446)
CCC Help Chinese Traditional (Version: 2014.0417.2225.38446)
CCC Help Czech (Version: 2014.0417.2225.38446)
CCC Help Danish (Version: 2014.0417.2225.38446)
CCC Help Dutch (Version: 2014.0417.2225.38446)
CCC Help English (Version: 2014.0417.2225.38446)
CCC Help Finnish (Version: 2014.0417.2225.38446)
CCC Help French (Version: 2014.0417.2225.38446)
CCC Help German (Version: 2014.0417.2225.38446)
CCC Help Greek (Version: 2014.0417.2225.38446)
CCC Help Hungarian (Version: 2014.0417.2225.38446)
CCC Help Italian (Version: 2014.0417.2225.38446)
CCC Help Japanese (Version: 2014.0417.2225.38446)
CCC Help Korean (Version: 2014.0417.2225.38446)
CCC Help Norwegian (Version: 2014.0417.2225.38446)
CCC Help Polish (Version: 2014.0417.2225.38446)
CCC Help Portuguese (Version: 2014.0417.2225.38446)
CCC Help Russian (Version: 2014.0417.2225.38446)
CCC Help Spanish (Version: 2014.0417.2225.38446)
CCC Help Swedish (Version: 2014.0417.2225.38446)
CCC Help Thai (Version: 2014.0417.2225.38446)
CCC Help Turkish (Version: 2014.0417.2225.38446)
ccc-utility64 (Version: 2014.0417.2226.38446)
CCleaner (Version: 3.11)
CD Audio Reader Filter (remove only)
Chuzzle Deluxe (Version: 2.2.0.95)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CutePDF Writer 3.0 (Version:  3.0)
D3DX10 (Version: 15.4.2368.0902)
DCoder Image Source (remove only)
DGN to DWG Converter
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DirectVobSub (remove only)
Dora's World Adventure (Version: 2.2.0.95)
DScaler 5 Mpeg Decoders
dupeGuru Music Edition (Version: 6.5.1)
Duplicate Finder v4.2.0.0
DVD Menu Pack for HP MediaSmart Video (Version: 4.2.4412)
DWG TrueView 2012 (Version: 18.2.51.0)
EasyDuplicateFinder v4.5
Epson Customer Participation (Version: 1.0.0.0)
Epson Event Manager (Version: 2.50.0000)
Epson FAX Utility (Version: 1.46.00)
EPSON Scan
EPSON WF-7510 Series Printer Uninstall
EpsonNet Print (Version: 2.5.00)
erLT (Version: 1.20.138.34)
Escape Rosecliff Island (Version: 2.2.0.95)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
ffdshow v1.1.3996 [2011-10-13] (Version: 1.1.3996.0)
FFMPEG Core Files (remove only)
File Shredder 2.0
FileZilla Client 3.5.2 (Version: 3.5.2)
Final Drive Nitro (Version: 2.2.0.95)
Folder Size 2.9.0.0 (Version: 2.9.0.0)
Free Hide Folder
FreeFileSync v5.3 (Version: 5.3)
FVD Suite 2.7.5
Gabest MPEG Splitter (remove only)
Gadwin PrintScreen (Version: 4.7)
Google Apps Migration For Microsoft Outlook® 2.3.12.34 (Version: 2.3.12.34)
Google Chrome (Version: 34.0.1847.131)
Google Desktop (Version: 5.9.1005.12335)
Google Earth (Version: 7.1.2.2041)
Google SketchUp Pro 8 (Version: 3.0.14346)
Google Talk Plugin (Version: 5.3.1.18536)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.5111.1712)
Google Update Helper (Version: 1.3.24.7)
GoToMeeting 6.0.0.1259 (Version: 6.0.0.1259)
GPL Ghostscript (Version: 9.07)
gPodder version 3.6.1 (Version: 3.6.1)
Haali Media Splitter
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000)
HP Auto (Version: 1.0.12494.3472)
HP Client Services (Version: 1.0.12656.3472)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Game Console
HP Games (Version: 1.0.1.5)
HP MediaSmart DVD (Version: 4.2.4725)
HP MediaSmart Music (Version: 4.2.4517)
HP MediaSmart Photo (Version: 4.2.4513)
HP MediaSmart SmartMenu (Version: 3.1.2.4)
HP MediaSmart Video (Version: 4.2.4522)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.4.0)
HP Odometer (Version: 2.10.0000)
HP Setup (Version: 8.4.4400.3525)
HP Setup Manager (Version: 1.0.12844.3519)
HP Support Assistant (Version: 7.4.45.4)
HP Support Information (Version: 10.1.1000)
HP Update (Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.1.6.0)
Hulu Desktop (Version: 0.9.13)
HydraVision (Version: 4.2.180.0)
IDT Audio (Version: 1.0.6302.0)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
IrfanView (remove only) (Version: 4.30)
iTunes (Version: 10.3.1.55)
IZArc 4.1.6 (Version: 4.1.6)
Java 7 Update 45 (Version: 7.0.450)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.8)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
join.me (Version: 1.13.1.118)
K-Lite Codec Pack 5.2.0 (64-bit) (Version: 5.2.0)
LabelPrint (Version: 2.5.3130)
LastPass (uninstall only)
LAV Filters (remove only)
LightScribe System Software (Version: 1.18.20.1)
Live Sound Recorder
Logitech Webcam Software (Version: 2.40)
LogMeIn (Version: 4.1.1890)
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.40.835.0)
LWS Help_main (Version: 13.40.845.0)
LWS Launcher (Version: 13.40.836.0)
LWS Motion Detection (Version: 13.40.844.0)
LWS Pictures And Video (Version: 13.40.844.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Machete 3.7 (Version: 3.7.33)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Masterworks (Version: 7.3.1.0)
Masterworks Paragraph Builder (Version: 1.1.0)
Maxthon Cloud Browser (Version: 4.1.0.4000)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (Version: 1.5.2.3456)
MediaInfo 0.7.52 (Version: 0.7.52)
Meridian Systems Prolog WebSite 2007 R2 Client (Version: 7.72.0005)
Meridian Systems Prolog Website 2007 R2 File Management Control (Version: 7.72.0005)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.5.0216.0)
Microsoft Security Essentials (Version: 4.5.216.0)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 28.0 (x86 en-US) (Version: 28.0)
Mozilla Maintenance Service (Version: 28.0)
Mozilla Thunderbird 17.0.6 (x86 en-US) (Version: 17.0.6)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Music Manager
MusicBee 2.0 (Version: 2.0)
Mystery P.I. - The London Caper (Version: 2.2.0.95)
OpenSource AVI Splitter (remove only)
OpenSource DTS/AC3/DD+ Source Filter (remove only)
OpenSource Flash Video Splitter (remove only)
PDF Settings CS5 (Version: 10.0)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.7717)
Picture Resizer 1.0
PictureMover (Version: 3.5.0.33)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4329)
PowerDirector (Version: 8.0.3129)
PressReader (Version: 5.10.1102.0)
Python 2.7 PyGTK 2.24.0 (Version: 2.24.0)
Python 2.7.3 (Version: 2.7.3150)
qBittorrent 3.1.4 (Version: 3.1.4)
QuickBooks (Version: 21.0.4008.904)
QuickBooks File Doctor (Version: 3.5.5)
QuickBooks Premier: Accountant Edition 2011 (Version: 21.0.4008.904)
Quicken 2012 (Version: 21.1.7.18)
QuickTime (Version: 7.74.80.86)
RealMedia (remove only)
Recovery Manager (Version: 5.5.3219)
ReNamer (Version: 5.72)
RoxioNow Player (Version: 1.9.5.101)
RxFilters3D (Version: 16.0.4.5286)
Skype Click to Call (Version: 7.2.15747.10003)
Skype™ 6.11 (Version: 6.11.102)
Software Updater (Version: 4.2.1)
Solway's Plain Backup 1.71 (Version: 1.71)
Spotify (Version: 0.9.8.296.g91f68827)
SUPERAntiSpyware (Version: 5.0.1132)
TeamViewer 6 (Version: 6.0.11117)
TuneUp 3.0.7.0 (Version: 3.0.7.0)
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Vectorworks 2013 Help (Version: 2.0)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 1.1.11 (Version: 1.1.11)
Wheel of Fortune 2 (Version: 2.2.0.95)
Winamp (Version: 5.63 )
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
WinRAR 4.10 beta 4 (64-bit) (Version: 4.10.4)
Zinio Reader 4 (Version: 4.0.3184)
Zoom Player (remove only)
Zuma Deluxe (Version: 2.2.0.95)
 
========================= Devices: ================================
 
Name: CDC Serial
Description: CDC Serial
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: SAMSUNG_Android_SCH-I535
Description: SAMSUNG_Android_SCH-I535
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 52%
Total physical RAM: 12270.5 MB
Available physical RAM: 5795.03 MB
Total Pagefile: 24539.17 MB
Available Pagefile: 18563.39 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.85 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:918.13 GB) (Free:543.34 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:13.29 GB) (Free:1.64 GB) NTFS
4 Drive f: (Seagate Pocket Drive) (Fixed) (Total:232.88 GB) (Free:228.78 GB) NTFS
5 Drive g: (LAB ARCHIVE) (Fixed) (Total:931.48 GB) (Free:330.55 GB) NTFS
6 Drive h: (OS) (Network) (Total:927.96 GB) (Free:357.95 GB) NTFS
7 Drive i: (OS) (Network) (Total:927.96 GB) (Free:357.95 GB) NTFS
8 Drive j: (TFS-Backup) (Fixed) (Total:465.76 GB) (Free:51.43 GB) NTFS
9 Drive m: (OS) (Network) (Total:927.96 GB) (Free:357.95 GB) NTFS
10 Drive q: (OS) (Network) (Total:927.96 GB) (Free:357.95 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\QUERCUS
 
Administrator            Guest                    Jfitch                   
labadmin                 
 
 
**** End of log ****
 
SecurityCheck log--

 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2014   
Microsoft Security Essentials     
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 TuneUp 3.0.7.0    
 Java 7 Update 45  
 Java version out of Date! 
 Adobe Flash Player 13.0.0.206  
 Mozilla Firefox (28.0) 
 Mozilla Thunderbird (17.0.6) 
 Google Chrome 34.0.1847.116  
 Google Chrome 34.0.1847.131  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 AVG avgwdsvc.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 
I anxiously await your reply.


#4 lingle873333

lingle873333
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:08:19 PM

Posted 08 May 2014 - 02:29 PM

One other thing.  I ran ChkDsk.  No problems detected.



#5 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 09 May 2014 - 01:13 PM

Hallo lingle873333!

Because you have used Combofix and I am not authorized to give instruction, please fully read and follow the instructions in the Preparation Guide starting at Step #6.

http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/
 If you are unable to complete any step, please post the topic and leave a full description of your problems
When you have done that, start a new topic and post the required logs to  Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts.
Please Use Copy / Paste for your responses, and Do Not Attach them unless your helper requests this.
If Help Bot responds to your topic, please follow his Step #1 so the team will be notified.
After doing this, please reply back in this thread with a link to the new topic so we can close this one.
Thank you!


Edited by Alex&Vanko, 09 May 2014 - 01:13 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users