Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Locking Up Issue


  • This topic is locked This topic is locked
40 replies to this topic

#1 NJMike92

NJMike92

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:09:55 AM

Posted 05 October 2014 - 11:13 PM

This issue only just started about a week ago. This only happens when I first boot up my ASUS K73SV laptop, it will run fine for about five minutes, but then it will gradually start to lock everything up, to where whatever programs I was using stop responding, then the taskbar is the next to go, and then anything else. The only thing I can do is move my cursor around as the blue wheel spins, and wait precisely five minutes until everything starts back up again. I was going to try a system restore, but the access points do not go far enough back. My computer is very frequently cleaned with CCLeaner, and I have avast! to help make sure nothing is infecting me. I've made sure I have no suspicious programs installed and everything. I am at a loss. I do not know what else is left to do.


Edited by hamluis, 06 October 2014 - 08:56 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 05 October 2014 - 11:30 PM

Please download VEW and save it to your Desktop: http://images.malwareremoval.com/vino/VEW.exe

Double-click VEW.exe (Vista, Windows 7 and Windows 8 users right click VEW.exe and choose Run As Administrator then under Select log to query, select:
Application
System


Under Select type to list, select:
Critical (Vista, Windows 7 and Windows 8 only)
Error


Click the radio button for Number of events
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

In Notepad, click Edit > Select all then Edit > Copy
Reply to this post, click in the reply window and press Ctrl+V on your keyboard to paste the log.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 NJMike92

NJMike92
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:09:55 AM

Posted 05 October 2014 - 11:42 PM

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 06/10/2014 12:41:00 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 04/10/2014 7:31:40 PM
Type: Error Category: 0
Event: 8210 Source: System Restore
An unspecified error occurred during System Restore: (avast! antivirus system restore point). Additional information: 0xc0000022.

Log: 'Application' Date/Time: 04/10/2014 7:18:44 PM
Type: Error Category: 0
Event: 8210 Source: System Restore
An unspecified error occurred during System Restore: (Windows Update). Additional information: 0xc0000022.

Log: 'Application' Date/Time: 04/10/2014 6:45:00 PM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 6:44:05 PM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 6:30:40 PM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 6:51:11 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 6:45:01 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 5:51:11 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 5:45:01 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 4:51:11 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 4:45:03 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 3:51:10 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 3:45:00 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 2:51:10 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 2:45:00 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 1:51:10 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 1:45:01 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 12:51:10 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 04/10/2014 12:45:01 AM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

Log: 'Application' Date/Time: 03/10/2014 11:51:11 PM
Type: Error Category: 0
Event: 11316 Source: MsiInstaller
Product: Google Update Helper -- Error 1316. The specified account already exists.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/09/2014 7:42:30 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/09/2014 8:02:43 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/09/2014 7:48:51 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 03/09/2014 1:28:27 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 02/08/2014 5:59:09 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 08/06/2014 2:54:34 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 06/10/2014 3:48:56 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.

Log: 'System' Date/Time: 06/10/2014 3:48:14 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.

Log: 'System' Date/Time: 06/10/2014 3:47:44 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.

Log: 'System' Date/Time: 06/10/2014 3:45:33 AM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.

Log: 'System' Date/Time: 06/10/2014 3:38:28 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 06/10/2014 12:22:18 AM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 06/10/2014 12:21:42 AM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 05/10/2014 6:43:37 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 05/10/2014 6:42:52 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 04/10/2014 7:32:32 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Windows Media Player Network Sharing Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 04/10/2014 7:32:32 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.

Log: 'System' Date/Time: 04/10/2014 7:31:08 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 04/10/2014 7:17:39 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 04/10/2014 7:16:52 PM
Type: Error Category: 0
Event: 46 Source: volmgr
Crash dump initialization failed!

Log: 'System' Date/Time: 04/10/2014 6:30:36 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 03/10/2014 7:36:23 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 02/10/2014 7:39:35 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Windows Update service hung on starting.

Log: 'System' Date/Time: 02/10/2014 7:32:59 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 01/10/2014 7:31:46 PM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The Intel(R) Management and Security Application User Notification Service service hung on starting.

Log: 'System' Date/Time: 01/10/2014 7:23:05 PM
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).


Edited by NJMike92, 06 October 2014 - 03:31 PM.


#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 06 October 2014 - 01:16 AM

It seems like you might have a malware/virus issue. Let's run a scan or two and if anything turns up we can move this topic to the malware section of the forum before continuing.

Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the scan log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 NJMike92

NJMike92
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:09:55 AM

Posted 06 October 2014 - 03:31 PM

I was not prompted to restart my computer, so I skipped the last two square-bullet-pointed steps.

 

Here are the scan's log details:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/6/2014
Scan Time: 3:56:30 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.06.09
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mike

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 373133
Time Elapsed: 29 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.Highlightly, HKLM\SOFTWARE\WOW6432NODE\Highlightly, Quarantined, [344d5eb33d3f95a17d85323f798b05fb],
PUP.Optional.Adpeak, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Scorpion Saver, Quarantined, [423f9d742854e650fdad9ea7669d9c64],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.WhiteSmoke.A, C:\Users\Mike\AppData\LocalLow\WhiteSmoke_New, Quarantined, [651cc34ef686122417441ec81ee454ac],
PUP.Optional.WhiteSmoke.A, C:\Users\Mike\AppData\LocalLow\WhiteSmoke_New\Logs, Quarantined, [651cc34ef686122417441ec81ee454ac],

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 06 October 2014 - 05:18 PM

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 NJMike92

NJMike92
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:09:55 AM

Posted 06 October 2014 - 05:40 PM

# AdwCleaner v3.311 - Report created 06/10/2014 at 18:35:06
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mike - MIKE-PC
# Running from : C:\Users\Mike\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\m3qu6zn1.default-1411685599887\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [12596 octets] - [25/09/2014 20:37:18]
AdwCleaner[R1].txt - [1000 octets] - [06/10/2014 18:35:06]
AdwCleaner[S0].txt - [11330 octets] - [25/09/2014 20:38:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1121 octets] ##########



#8 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 06 October 2014 - 05:47 PM

Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished this time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#9 NJMike92

NJMike92
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:09:55 AM

Posted 06 October 2014 - 06:15 PM

# AdwCleaner v3.311 - Report created 06/10/2014 at 19:09:17
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mike - MIKE-PC
# Running from : C:\Users\Mike\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\m3qu6zn1.default-1411685599887\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [12596 octets] - [25/09/2014 20:37:18]
AdwCleaner[R1].txt - [1201 octets] - [06/10/2014 18:35:06]
AdwCleaner[R2].txt - [1261 octets] - [06/10/2014 19:06:04]
AdwCleaner[S0].txt - [11330 octets] - [25/09/2014 20:38:50]
AdwCleaner[S1].txt - [1186 octets] - [06/10/2014 19:09:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1246 octets] ##########



#10 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 06 October 2014 - 06:18 PM

Any improvement in your computer's performance?


The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#11 NJMike92

NJMike92
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:09:55 AM

Posted 06 October 2014 - 06:49 PM

Well seeing as the issue only occurs after the first boot-up of the day, I will have to wait until tomorrow afternoon which would be the next first-day boot-up, and see if that five-minute freeze happens again. I'll get back to you after that, if you don't mind?



#12 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 06 October 2014 - 06:53 PM

OK I'll wait to hear back from you.


The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#13 NJMike92

NJMike92
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:09:55 AM

Posted 07 October 2014 - 02:37 PM

Hi, it's me again.

 

I regret to inform, but the issue still persists.



#14 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:55 PM

Posted 07 October 2014 - 03:29 PM

DownloadMalwarebytes Anti-Rootkit to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"

Edited by Budapest, 07 October 2014 - 03:29 PM.

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#15 NJMike92

NJMike92
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:09:55 AM

Posted 07 October 2014 - 05:06 PM

mbar-log-2014-10-07 (17-26-51).txt

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.10.07.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17280
Mike :: MIKE-PC [administrator]

10/7/2014 5:26:51 PM
mbar-log-2014-10-07 (17-26-51).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 375232
Time elapsed: 36 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

system-log.txt

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17280

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 8497811456, free: 4567891968

Downloaded database version: v2014.10.07.12
Downloaded database version: v2014.09.19.01
=======================================
Initializing...
------------ Kernel report ------------
     10/07/2014 17:26:41
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\sptd.sys
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbfiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\usp10.dll
\Windows\System32\imagehlp.dll
\Windows\System32\lpk.dll
\Windows\System32\comdlg32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\sechost.dll
\Windows\System32\normaliz.dll
\Windows\System32\gdi32.dll
\Windows\System32\iertutil.dll
\Windows\System32\clbcatq.dll
\Windows\System32\psapi.dll
\Windows\System32\nsi.dll
\Windows\System32\wininet.dll
\Windows\System32\shell32.dll
\Windows\System32\kernel32.dll
\Windows\System32\difxapi.dll
\Windows\System32\imm32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\user32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\msctf.dll
\Windows\System32\advapi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\urlmon.dll
\Windows\System32\setupapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\ole32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8009a0c060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8007e7e050
Lower Device Driver Name: \Driver\iaStor\
IRP handler 0 of \Driver\iaStor is hooked
IRP handler 2 of \Driver\iaStor is hooked
IRP handler 14 of \Driver\iaStor is hooked
IRP handler 15 of \Driver\iaStor is hooked
IRP handler 16 of \Driver\iaStor is hooked
IRP handler 22 of \Driver\iaStor is hooked
IRP handler 23 of \Driver\iaStor is hooked
IRP handler 27 of \Driver\iaStor is hooked
Unhooking enabled.
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8009a0c060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8007e7e050
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8009a0c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009a0cb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009a0c060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007e78630, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007e7e050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a011f5c490, 0xfffffa8009a0c060, 0xfffffa800d30d570
Lower DeviceData: 0xfffff8a002c77f80, 0xfffffa8007e7e050, 0xfffffa8009c303a0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: AA9693FE

Partition information:

    Partition 0 type is Other (0x1c)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 52428800

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 52430848  Numsec = 614526976
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 666957824  Numsec = 798187520

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 750156374016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1465129168-1465149168)...
Done!
File "C:\Users\Mike\AppData\Roaming\SecondLife\browser_profile\WebpageIcons.db" is compressed (flags = 1)
File "C:\Users\Mike\AppData\Roaming\SecondLife\logs\Singularity.log" is compressed (flags = 1)
File "C:\Users\Mike\AppData\Roaming\Skype\abyss1992\bistats.db-journal" is compressed (flags = 1)
File "C:\Users\Mike\AppData\Roaming\Skype\abyss1992\keyval.db-journal" is compressed (flags = 1)
File "C:\Users\Mike\AppData\Roaming\Skype\abyss1992\main.db-journal" is compressed (flags = 1)
File "C:\Users\Mike\AppData\Roaming\Skype\abyss1992\msn.db-journal" is compressed (flags = 1)
File "C:\Users\Mike\AppData\Roaming\Skype\abyss1992\statistics.db-journal" is compressed (flags = 1)
File "C:\Users\Mike\AppData\Roaming\Skype\shared_dynco\dc.db-journal" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-52430848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

Edited by NJMike92, 07 October 2014 - 05:11 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users