Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help with Dell Vostro 1500 BSODs


  • Please log in to reply
23 replies to this topic

#1 oldcapri

oldcapri

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 05 August 2014 - 02:09 AM

I have a friend's laptop and it is randomly blue screening. 0x000000a sometimes. At least that is what it did with me. Anyway, there are other codes in these mini-dump files.

Why won't the forum let me upload the minidump file? Do I need to zip it?

Barry


Edited by hamluis, 05 August 2014 - 01:54 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 05 August 2014 - 02:32 AM

Ah, never mind. Here is the text from NirSoft viewer

 

 

==================================================
Dump File         : 073014-34242-01.dmp
Crash Time        : 7/31/2014 12:17:31 AM
Bug Check String  : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x0000000a
Parameter 1       : 0x96373008
Parameter 2       : 0x00000002
Parameter 3       : 0x00000001
Parameter 4       : 0x82cfa03d
Caused By Driver  : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+40b7f
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+40b7f
Stack Address 1   : ntkrnlpa.exe+b003d
Stack Address 2   : ntkrnlpa.exe+9ef9c
Stack Address 3   : ntkrnlpa.exe+9f632
Computer Name     :
Full Path         : C:\Windows\Minidump\073014-34242-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 145,760
Dump File Time    : 7/30/2014 10:18:40 PM
==================================================

==================================================
Dump File         : 072214-84022-01.dmp
Crash Time        : 7/22/2014 12:40:33 PM
Bug Check String  : BAD_POOL_CALLER
Bug Check Code    : 0x000000c2
Parameter 1       : 0x00000007
Parameter 2       : 0x0000109b
Parameter 3       : 0x00000000
Parameter 4       : 0x9b153008
Caused By Driver  : Ntfs.sys
Caused By Address : Ntfs.sys+a7711
File Description  : NT File System Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+120c6b
Stack Address 1   : ntkrnlpa.exe+121a76
Stack Address 2   : Ntfs.sys+13857
Stack Address 3   : Ntfs.sys+983e9
Computer Name     :
Full Path         : C:\Windows\Minidump\072214-84022-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 145,760
Dump File Time    : 7/22/2014 10:42:40 AM
==================================================

==================================================
Dump File         : 062514-25240-01.dmp
Crash Time        : 6/25/2014 10:40:36 AM
Bug Check String  : CRITICAL_OBJECT_TERMINATION
Bug Check Code    : 0x000000f4
Parameter 1       : 0x00000003
Parameter 2       : 0x865edbd8
Parameter 3       : 0x865edd44
Parameter 4       : 0x82e28ec0
Caused By Driver  : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+debfc
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+debfc
Stack Address 1   : ntkrnlpa.exe+2de3af
Stack Address 2   : ntkrnlpa.exe+25c009
Stack Address 3   : ntkrnlpa.exe+25bf4c
Computer Name     :
Full Path         : C:\Windows\Minidump\062514-25240-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 145,712
Dump File Time    : 6/25/2014 8:41:54 AM
==================================================

==================================================
Dump File         : 062014-24133-01.dmp
Crash Time        : 6/20/2014 6:40:15 PM
Bug Check String  : MEMORY_MANAGEMENT
Bug Check Code    : 0x0000001a
Parameter 1       : 0x00003452
Parameter 2       : 0x75600000
Parameter 3       : 0xc0803260
Parameter 4       : 0x00000000
Caused By Driver  : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+c0443
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : 32-bit
Crash Address     : ntkrnlpa.exe+c0443
Stack Address 1   : ntkrnlpa.exe+bee2e
Stack Address 2   : ntkrnlpa.exe+269aa7
Stack Address 3   : ntkrnlpa.exe+27d3f7
Computer Name     :
Full Path         : C:\Windows\Minidump\062014-24133-01.dmp
Processors Count  : 2
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 145,768
Dump File Time    : 6/20/2014 4:41:14 PM
==================================================
 

 

Should I get more than just the last four mini dumps?

Barry



#3 hamluis

hamluis

    Moderator


  • Moderator
  • 55,874 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:00 AM

Posted 05 August 2014 - 09:29 AM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#4 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 05 August 2014 - 09:47 AM

What a load of fun this one is. It was loaded with PUPs and maybe a little malware. That wasn't hard to clean, just annoying.

From MIniToolBox:

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by chris (administrator) on 05-08-2014 at 09:36:44
Running from "C:\Users\chris\Downloads"
Microsoft Windows 7 Enterprise  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/05/2014 01:08:23 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x80042302).

Error: (08/05/2014 01:08:23 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80004002, No such interface supported
.

Error: (08/05/2014 01:08:23 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and Name Coordinator is [0x80004002, No such interface supported
].

Error: (08/05/2014 01:06:18 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80004002, No such interface supported
.


Operation:
   Instantiating VSS server

Error: (08/05/2014 01:06:18 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name IVssCoordinatorEx2 is [0x80004002, No such interface supported
].


Operation:
   Instantiating VSS server

Error: (08/05/2014 01:05:31 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80004002, No such interface supported
.


Operation:
   Instantiating VSS server

Error: (08/05/2014 01:05:31 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name IVssCoordinatorEx2 is [0x80004002, No such interface supported
].


Operation:
   Instantiating VSS server

Error: (08/05/2014 00:47:06 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\servicing\TrustedInstaller.exe; Description = Windows Modules Installer; Error = 0x80042302).

Error: (08/05/2014 00:47:06 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80004002, No such interface supported
.

Error: (08/05/2014 00:47:06 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f} and Name Coordinator is [0x80004002, No such interface supported
].


System errors:
=============
Error: (08/05/2014 01:55:56 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/05/2014 01:55:55 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/05/2014 01:55:55 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/05/2014 01:55:54 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/05/2014 01:55:54 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/05/2014 01:02:06 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/05/2014 01:02:01 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/03/2014 06:12:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Update for Windows 7 (KB2923545).

Error: (08/03/2014 06:04:28 PM) (Source: Service Control Manager) (User: )
Description: The Comcast AntiSpyware service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/31/2014 11:27:37 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.


Microsoft Office Sessions:
=========================
Error: (08/05/2014 01:08:23 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80042302

Error: (08/05/2014 01:08:23 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80004002, No such interface supported

Error: (08/05/2014 01:08:23 AM) (Source: VSS)(User: )
Description: {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f}Coordinator0x80004002, No such interface supported

Error: (08/05/2014 01:06:18 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80004002, No such interface supported


Operation:
   Instantiating VSS server

Error: (08/05/2014 01:06:18 AM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80004002, No such interface supported


Operation:
   Instantiating VSS server

Error: (08/05/2014 01:05:31 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80004002, No such interface supported


Operation:
   Instantiating VSS server

Error: (08/05/2014 01:05:31 AM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80004002, No such interface supported


Operation:
   Instantiating VSS server

Error: (08/05/2014 00:47:06 AM) (Source: System Restore)(User: )
Description: C:\Windows\servicing\TrustedInstaller.exeWindows Modules Installer0x80042302

Error: (08/05/2014 00:47:06 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80004002, No such interface supported

Error: (08/05/2014 00:47:06 AM) (Source: VSS)(User: )
Description: {0b5a2c52-3eb9-470a-96e2-6c6d4570e40f}Coordinator0x80004002, No such interface supported



=========================== Installed Programs ============================
7-Zip 9.21 (HKLM\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CA Pest Patrol Realtime Protection (HKLM\...\{F05A5232-CE5E-4274-AB27-44EB8105898D}) (Version: 001.001.0034 - Computer Associates Inc.)
Comcast Desktop Software (v1.2.1) (HKLM\...\{118C3943-1683-42EF-824D-C22E70DB42E7}) (Version: 24 - Comcast)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell)
File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version:  - Trusted Software)
GOM Player (HKLM\...\GOM Player) (Version: 2.1.37.5085 - Gretech Corporation)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP Deskjet 1000 J110 series Help (HKLM\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
iLivid (HKCU\...\iLivid) (Version: 5.0.0.4286 - Bandoo Media Inc)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
LeapFrog Connect (HKLM\...\UPCShell) (Version: 4.2.9.15649 - LeapFrog)
LeapFrog Connect (Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog Leapster Explorer Plugin (Version: 4.2.11.15696 - LeapFrog) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MotoConnect (HKLM\...\{DDC5B3E0-C656-4070-9CF0-E592EC60AD42}) (Version: 1.1.25 - Motorola)
Motorola Driver Installation 4.6.0 (HKLM\...\{1EBEC42C-5E3F-4077-933B-411E33A0C3A4}) (Version: 4.6.0 - Motorola Inc.)
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version:  - )
Revo Uninstaller Pro 2.5.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.7 - VS Revo Group, Ltd.)
RICOH R5U8xx Media Driver ver.3.62.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.62.02 - RICOH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin) (HKLM\...\LeapsterExplorerPlugin) (Version:  - LeapFrog)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 2038.04 MB
Available physical RAM: 1167.22 MB
Total Pagefile: 4076.09 MB
Available Pagefile: 2822.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1955.78 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.88 GB) (Free:68.2 GB) NTFS

========================= Users: ========================================

User accounts for \\CHRIS-PC

Administrator            chris                    Guest                    
The Kids                 


**** End of log ****
 

 

From Speccy: http://speccy.piriform.com/results/NxP8WEr8tMEyooychGsaoN3



#5 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 05 August 2014 - 09:49 AM

Did I mention this lappy has TWO old installations of Windows in folders "Windows.old" and "Windows.old.000"?



#6 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 05 August 2014 - 10:38 AM

The failure to form Restore Point stuff is from the uninstallation of various PUPs. Why it did that I don't know.
Re-installing Windows, properly this time, is not out of the question.



#7 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 05 August 2014 - 11:40 PM

Okay, quiet in here.

I see this thread got moved to "Am I infected? What do I do?" I believe this is a Windows issue, possibly a driver issue, not an infection issue, but whatever it takes to get this computer in tip top shape I will do.

Barry


Edited by oldcapri, 05 August 2014 - 11:43 PM.


#8 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 10 August 2014 - 12:41 PM

Help please.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:00 AM

Posted 11 August 2014 - 08:58 PM

Try this first...

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 4 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 5 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 12 August 2014 - 12:09 AM

Thank you.
Right now it is running check disk.

I work evenings which explains why I'm doing this at this hour.

System file check found some errors but couldn't fix quite all of them.

It's doing the Repair portion now.


Edited by oldcapri, 12 August 2014 - 12:57 AM.


#11 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 12 August 2014 - 11:45 PM

Here 'tis:

 

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Enterprise
OS Architecture: 32-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: CHRIS-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Current Profile: C:\Users\chris
Current Profile SID: S-1-5-21-4059500967-2262581582-2377838618-1001
Current Profile Classes: S-1-5-21-4059500967-2262581582-2377838618-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\chris\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 12:25:09

Process Count: 54
Commit Total: 1.19 GB
Commit Limit: 3.98 GB
Commit Peak: 1.26 GB
Handle Count: 17777
Kernel Total: 262.97 MB
Kernel Paged: 224.11 MB
Kernel Non Paged: 38.84 MB
System Cache: 1.12 GB
Thread Count: 722
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 1.99 GB
Memory Used: 972.84 MB(47.7342%)
Memory Avail.: 1.04 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 1.99 GB
Memory Used: 663.86 MB(32.5732%)
Memory Avail.: 1.34 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (8/12/2014 1:14:18 PM)

01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (8/12/2014 1:14:28 PM)
   Running Repair Under Current User Account
   Done (8/12/2014 1:14:46 PM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (8/12/2014 1:14:46 PM)
   Running Repair Under System Account
   Done (8/12/2014 1:22:30 PM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (8/12/2014 1:22:30 PM)
   Running Repair Under System Account
   Done (8/12/2014 1:24:52 PM)

03 - Reset Service Permissions
   Start (8/12/2014 1:24:53 PM)
   Running Repair Under System Account
   Done (8/12/2014 1:26:01 PM)

04 - Register System Files
   Start (8/12/2014 1:26:01 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:26:45 PM)

05 - Repair WMI
   Start (8/12/2014 1:26:45 PM)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   Microsoft Security Essentials Exported.
   avast! Antivirus Exported.

   Exporting AntiSpyware Info...
   Windows Defender Exported.
   avast! Antivirus Exported.
   Microsoft Security Essentials Exported.

   Exporting 3rd Party Firewall Info...
   No Firewall Products Reported.

   Running Repair Under Current User Account
   Done (8/12/2014 1:43:44 PM)

06 - Repair Windows Firewall
   Start (8/12/2014 1:43:44 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:44:26 PM)

07 - Repair Internet Explorer
   Start (8/12/2014 1:44:27 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:45:09 PM)

08 - Repair MDAC/MS Jet
   Start (8/12/2014 1:45:09 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:45:22 PM)

09 - Repair Hosts File
   Start (8/12/2014 1:45:22 PM)
   Running Repair Under System Account
   Done (8/12/2014 1:45:25 PM)

10 - Remove Policies Set By Infections
   Start (8/12/2014 1:45:25 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:45:36 PM)

11 - Repair Start Menu Icons Removed By Infections
   Start (8/12/2014 1:45:36 PM)
   Running Repair Under System Account
   Done (8/12/2014 1:45:39 PM)

12 - Repair Icons
   Start (8/12/2014 1:45:39 PM)
   Running Repair Under Current User Account
   Done (8/12/2014 1:45:43 PM)

13 - Repair Winsock & DNS Cache
   Start (8/12/2014 1:45:43 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:46:06 PM)

15 - Repair Proxy Settings
   Start (8/12/2014 1:46:07 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:46:13 PM)

17 - Repair Windows Updates
   Start (8/12/2014 1:46:13 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (8/12/2014 1:47:50 PM)

18 - Repair CD/DVD Missing/Not Working
   Start (8/12/2014 1:47:51 PM)
   iTunes was found, adding UpperFilters for iTunes Reg Key
   UpperFilters added?: True
   Done (8/12/2014 1:47:51 PM)

19 - Repair Volume Shadow Copy Service
   Start (8/12/2014 1:47:51 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:48:31 PM)

21 - Repair MSI (Windows Installer)
   Start (8/12/2014 1:48:31 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:48:52 PM)

23.01 - Repair bat Association
   Start (8/12/2014 1:48:52 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:49:03 PM)

23.02 - Repair cmd Association
   Start (8/12/2014 1:49:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:49:09 PM)

23.03 - Repair com Association
   Start (8/12/2014 1:49:09 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:49:16 PM)

23.04 - Repair Directory Association
   Start (8/12/2014 1:49:16 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:49:22 PM)

23.05 - Repair Drive Association
   Start (8/12/2014 1:49:23 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:49:29 PM)

23.06 - Repair exe Association
   Start (8/12/2014 1:49:29 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:49:40 PM)

23.07 - Repair Folder Association
   Start (8/12/2014 1:49:40 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:49:46 PM)

23.08 - Repair inf Association
   Start (8/12/2014 1:49:46 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:49:53 PM)

23.09 - Repair lnk (Shortcuts) Association
   Start (8/12/2014 1:49:53 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:49:59 PM)

23.10 - Repair msc Association
   Start (8/12/2014 1:49:59 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:50:06 PM)

23.11 - Repair reg Association
   Start (8/12/2014 1:50:06 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:50:16 PM)

23.12 - Repair scr Association
   Start (8/12/2014 1:50:17 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:50:23 PM)

24 - Repair Windows Safe Mode
   Start (8/12/2014 1:50:23 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:50:30 PM)

25 - Repair Print Spooler
   Start (8/12/2014 1:50:30 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:50:55 PM)

26 - Restore Important Windows Services
   Start (8/12/2014 1:50:55 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:51:21 PM)

27 - Set Windows Services To Default Startup
   Start (8/12/2014 1:51:21 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:51:42 PM)

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

31 - Repair Windows 'New' Submenu
   Start (8/12/2014 1:51:43 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/12/2014 1:51:49 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (8/12/2014 1:51:49 PM)
   Total Repair Time: 00:37:34


...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account
 



#12 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 13 August 2014 - 12:29 PM

In case of disaster I'm saving all files now.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:00 AM

Posted 13 August 2014 - 04:31 PM

Good idea, running any better,, I think it may be a mamory issue.
Les do this scan first.
 
 
ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 13 August 2014 - 11:58 PM

Memtest 86 passed with flying colors. Hitachi hard drive quick test = passed. Hitachi advanced hard drive test = failed with code 0x70. (I have Hiren's Boot CD and ran those from it.).

Have run Avast free once or twice, Malwarebytes Anti-Malware once or twice. Revo Uninstaller for junk programs.

MiniToolBox, as noted above, found a controller error and a bad block.

 

Keep the new tests coming! I'm running ESET now. I have temporarily turned off Avast.


Edited by oldcapri, 14 August 2014 - 12:00 AM.


#15 oldcapri

oldcapri
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:00 AM

Posted 14 August 2014 - 06:48 AM

ESET list exported to text file:

C:\Users\All Users\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Windows.old.000\Documents and Settings\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Windows.old.000\Documents and Settings\chris\AppData\Local\Temp\setup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Windows.old.000\Documents and Settings\chris\AppData\Local\Temp\is1293846689\BabylonTB_AfterDownload.exe    Win32/Toolbar.Babylon potentially unwanted application    
C:\Windows.old.000\Documents and Settings\chris\AppData\Local\Temp\is799009782\Setup32.exe    a variant of Win32/Toolbar.Babylon.H potentially unwanted application    
C:\Windows.old.000\Documents and Settings\chris\AppData\Local\Temp\~nsu.tmp\whitesmoke-silent.exe    Win32/Toolbar.Zugo potentially unwanted application    
C:\Windows.old.000\Documents and Settings\chris\AppData\Local\Temp\~nsu.tmp\wsget.exe    a variant of Win32/TrojanDownloader.FraudLoad.NAH trojan    
C:\Windows.old.000\Documents and Settings\chris\Application Data\CCC0A5B7F8B42A1949ECE238C1342AAA\enemies-names.txt    Win32/Adware.AntimalwareDoctor.AE.Gen application    
C:\Windows.old.000\Documents and Settings\chris\Application Data\CCC0A5B7F8B42A1949ECE238C1342AAA\local.ini    Win32/Adware.AntimalwareDoctor.AE.Gen application    
C:\Windows.old.000\Documents and Settings\chris\Application Data\FrostWire\.AppSpecialShare\frostwire-5.2.3.windows.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    
C:\Windows.old.000\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\cbbt89lv.default\extensions\plugin@yontoo.com\content\overlay.js    Win32/Adware.Yontoo application    
C:\Windows.old.000\Documents and Settings\chris\Application Data\Mozilla\Firefox\Profiles\cbbt89lv.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Windows.old.000\Documents and Settings\chris\Local Settings\Temp\setup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Windows.old.000\Documents and Settings\chris\Local Settings\Temp\is1293846689\BabylonTB_AfterDownload.exe    Win32/Toolbar.Babylon potentially unwanted application    
C:\Windows.old.000\Documents and Settings\chris\Local Settings\Temp\is799009782\Setup32.exe    a variant of Win32/Toolbar.Babylon.H potentially unwanted application    
C:\Windows.old.000\Documents and Settings\chris\Local Settings\Temp\~nsu.tmp\whitesmoke-silent.exe    Win32/Toolbar.Zugo potentially unwanted application    
C:\Windows.old.000\Documents and Settings\chris\Local Settings\Temp\~nsu.tmp\wsget.exe    a variant of Win32/TrojanDownloader.FraudLoad.NAH trojan    
C:\Windows.old.000\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Windows.old.000\Users\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Windows.old.000\Users\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Windows.old.000\Users\chris\AppData\Local\Temp\setup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Windows.old.000\Users\chris\AppData\Local\Temp\is1293846689\BabylonTB_AfterDownload.exe    Win32/Toolbar.Babylon potentially unwanted application    
C:\Windows.old.000\Users\chris\AppData\Local\Temp\is799009782\Setup32.exe    a variant of Win32/Toolbar.Babylon.H potentially unwanted application    
C:\Windows.old.000\Users\chris\AppData\Local\Temp\~nsu.tmp\whitesmoke-silent.exe    Win32/Toolbar.Zugo potentially unwanted application    
C:\Windows.old.000\Users\chris\AppData\Local\Temp\~nsu.tmp\wsget.exe    a variant of Win32/TrojanDownloader.FraudLoad.NAH trojan    
C:\Windows.old.000\Users\chris\AppData\Roaming\CCC0A5B7F8B42A1949ECE238C1342AAA\enemies-names.txt    Win32/Adware.AntimalwareDoctor.AE.Gen application    
C:\Windows.old.000\Users\chris\AppData\Roaming\CCC0A5B7F8B42A1949ECE238C1342AAA\local.ini    Win32/Adware.AntimalwareDoctor.AE.Gen application    
C:\Windows.old.000\Users\chris\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.2.3.windows.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    
C:\Windows.old.000\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\cbbt89lv.default\extensions\plugin@yontoo.com\content\overlay.js    Win32/Adware.Yontoo application    
C:\Windows.old.000\Users\chris\AppData\Roaming\Mozilla\Firefox\Profiles\cbbt89lv.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Windows.old.000\Users\chris\Application Data\CCC0A5B7F8B42A1949ECE238C1342AAA\enemies-names.txt    Win32/Adware.AntimalwareDoctor.AE.Gen application    
C:\Windows.old.000\Users\chris\Application Data\CCC0A5B7F8B42A1949ECE238C1342AAA\local.ini    Win32/Adware.AntimalwareDoctor.AE.Gen application    
C:\Windows.old.000\Users\chris\Application Data\FrostWire\.AppSpecialShare\frostwire-5.2.3.windows.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    
C:\Windows.old.000\Users\chris\Application Data\Mozilla\Firefox\Profiles\cbbt89lv.default\extensions\plugin@yontoo.com\content\overlay.js    Win32/Adware.Yontoo application    
C:\Windows.old.000\Users\chris\Application Data\Mozilla\Firefox\Profiles\cbbt89lv.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Windows.old.000\Users\chris\Local Settings\Temp\setup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    
C:\Windows.old.000\Users\chris\Local Settings\Temp\is1293846689\BabylonTB_AfterDownload.exe    Win32/Toolbar.Babylon potentially unwanted application    
C:\Windows.old.000\Users\chris\Local Settings\Temp\is799009782\Setup32.exe    a variant of Win32/Toolbar.Babylon.H potentially unwanted application    
C:\Windows.old.000\Users\chris\Local Settings\Temp\~nsu.tmp\whitesmoke-silent.exe    Win32/Toolbar.Zugo potentially unwanted application    
C:\Windows.old.000\Users\chris\Local Settings\Temp\~nsu.tmp\wsget.exe    a variant of Win32/TrojanDownloader.FraudLoad.NAH trojan    
C:\Windows.old.000\Users\chris\Zip Uncompressor\Uninstall\Uninstall.exe    a variant of Win32/InstallCore.D potentially unwanted application    
C:\Downloads\Software\adlsoft_uncompressor_3_3_last.exe    a variant of Win32/InstallCore.D potentially unwanted application    deleted - quarantined
C:\Downloads\Software\FreeFileViewer2010Setup.exe    a variant of Win32/InstallIQ.A potentially unwanted application    deleted - quarantined
C:\Downloads\Software\GraboidVideoSetup-1.73c-complete(1).exe    Win32/Graboid potentially unsafe application    deleted - quarantined
C:\Downloads\Software\GraboidVideoSetup-1.73c-complete.exe    Win32/Graboid potentially unsafe application    deleted - quarantined
C:\Program Files\Conduit\Community Alerts\Alert.dll    Win32/Toolbar.Conduit.Y potentially unwanted application    deleted - quarantined
C:\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-2025429265-117609710-839522115-1003\Dc224.exe    a variant of Win32/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
C:\RECYCLER\S-1-5-21-2025429265-117609710-839522115-1003\Dc228.EXE    a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application    deleted - quarantined
C:\Users\chris\AppData\Local\iLivid\Helper.dll    a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application    deleted - quarantined
C:\Users\chris\AppData\Local\iLivid\Uninstall.exe    a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application    deleted - quarantined
C:\Users\chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EP8IIXKV\freefileviewer_730.exe    a variant of Win32/InstallIQ.A potentially unwanted application    deleted - quarantined
C:\Users\chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\T2T2730A\ArcadeFrontierGames[1].exe    Win32/Toolbar.Conduit.R potentially unwanted application    deleted - quarantined
C:\Users\chris\AppData\Local\SupportSoft\ComcastUI\chris\CACHE\5599fea7-b9d0-4c48-84c3-66d697784679.exe    a variant of Win32/Toolbar.Visicom.A potentially unwanted application    deleted - quarantined
C:\Users\chris\Desktop\Improve Your PC.lnk    LNK/URL.B trojan    cleaned by deleting - quarantined
C:\Users\chris\Downloads\FreeFileViewer2010Setup.exe    a variant of Win32/InstallIQ.A potentially unwanted application    deleted - quarantined
C:\Users\chris\Downloads\FreeFileViewerSetup.exe    a variant of Win32/FileTypeAssistant.A potentially unwanted application    deleted - quarantined
C:\Users\chris\Downloads\spsetup126.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\chris\Downloads\vlcmediaplayer-setup.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Users\Guest\AppData\LocalLow\xfin_portal\comcastdx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application    deleted - quarantined
C:\Users\Guest\AppData\LocalLow\xfin_portal\comcasttb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application    deleted - quarantined
C:\Users\The Kids\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WWGGLUJI\iTunes_Setup (1).exe    a variant of Win32/InstallCore.PK potentially unwanted application    deleted - quarantined
C:\Users\The Kids\AppData\LocalLow\xfin_portal\comcastdx.dll    a variant of Win32/Toolbar.Visicom.B potentially unwanted application    deleted - quarantined
C:\Users\The Kids\AppData\LocalLow\xfin_portal\comcasttb.dll    a variant of Win32/Toolbar.Visicom.A potentially unwanted application    deleted - quarantined
C:\Windows\System32\Adobe\Shockwave 11\gt.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Windows.old.000\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    cleaned by deleting - quarantined
C:\Windows.old.000\Documents and Settings\chris\AppData\Local\Application Data\Temp\setup.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\Windows.old.000\Documents and Settings\chris\AppData\Local\Application Data\Temp\is1293846689\BabylonTB_AfterDownload.exe    Win32/Toolbar.Babylon potentially unwanted application    deleted - quarantined
C:\Windows.old.000\Documents and Settings\chris\AppData\Local\Application Data\Temp\is799009782\Setup32.exe    a variant of Win32/Toolbar.Babylon.H potentially unwanted application    deleted - quarantined
C:\Windows.old.000\Documents and Settings\chris\AppData\Local\Application Data\Temp\~nsu.tmp\whitesmoke-silent.exe    Win32/Toolbar.Zugo potentially unwanted application    deleted - quarantined
C:\Windows.old.000\Documents and Settings\chris\AppData\Local\Application Data\Temp\~nsu.tmp\wsget.exe    a variant of Win32/TrojanDownloader.FraudLoad.NAH trojan    cleaned by deleting - quarantined
C:\Windows.old.000\Documents and Settings\chris\AppData\Roaming\CCC0A5B7F8B42A1949ECE238C1342AAA\enemies-names.txt    Win32/Adware.AntimalwareDoctor.AE.Gen application    cleaned by deleting - quarantined
C:\Windows.old.000\Documents and Settings\chris\AppData\Roaming\CCC0A5B7F8B42A1949ECE238C1342AAA\local.ini    Win32/Adware.AntimalwareDoctor.AE.Gen application    cleaned by deleting - quarantined
C:\Windows.old.000\Documents and Settings\chris\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.2.3.windows.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    deleted - quarantined
C:\Windows.old.000\Documents and Settings\chris\AppData\Roaming\Mozilla\Firefox\Profiles\cbbt89lv.default\extensions\plugin@yontoo.com\content\overlay.js    Win32/Adware.Yontoo application    cleaned by deleting - quarantined
C:\Windows.old.000\Documents and Settings\chris\AppData\Roaming\Mozilla\Firefox\Profiles\cbbt89lv.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\Windows.old.000\Documents and Settings\chris\Zip Uncompressor\Uninstall\Uninstall.exe    a variant of Win32/InstallCore.D potentially unwanted application    deleted - quarantined
C:\Windows.old.000\Program Files\Ask.com\GenericAskToolbar.dll    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    deleted - quarantined
C:\Windows.old.000\Program Files\Ask.com\precache.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    deleted - quarantined
C:\Windows.old.000\Program Files\Ask.com\SaUpdate.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    deleted - quarantined
C:\Windows.old.000\Program Files\Ask.com\UpdateTask.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    deleted - quarantined
C:\Windows.old.000\Program Files\Ask.com\Updater\Updater.exe    a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    deleted - quarantined
C:\Windows.old.000\Program Files\Conduit\Community Alerts\Alert.dll    Win32/Toolbar.Conduit.Y potentially unwanted application    deleted - quarantined
C:\Windows.old.000\Program Files\PriceGong\2.1.0\PriceGongIE.dll    a variant of Win32/PriceGong.A potentially unwanted application    deleted - quarantined
C:\Windows.old.000\Program Files\PriceGong\2.1.0\FF\components\PriceGongFF.dll    a variant of Win32/PriceGong.A potentially unwanted application    deleted - quarantined
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users