Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Keeps Deleting Everything After Restart


  • Please log in to reply
9 replies to this topic

#1 SlevinDslave

SlevinDslave

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:01 AM

Posted 10 December 2014 - 12:46 PM

Topic title says it all. I'm a gamer, and recently i'm constantly having to reinstall everything because its gone after a restart. Any help would be greatly appreciated. 


Edited by hamluis, 11 December 2014 - 11:46 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Holzamiam

Holzamiam

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 10 December 2014 - 12:52 PM

try dban or kill disk then a fresh windows instalation

Edited by Queen-Evie, 10 December 2014 - 01:01 PM.
edited to make teeny tiny font size readable


#3 SlevinDslave

SlevinDslave
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:01 AM

Posted 10 December 2014 - 12:58 PM

where do i find these things



#4 Holzamiam

Holzamiam

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 10 December 2014 - 01:03 PM

haha true sorry im new hear.

http://www.dban.org/

do not use the 35 pass u will fry ur hard drive i believe 1 quick pass will be enough

http://www.killdisk.com/


read up on them an pick what 1 u like most u do have to wait a few hours though dban quick takes me 3 hours for 1 pass killdisk i fell a sleep when it was doing it so i dont no lol i hope this works for you.



#5 hamluis

hamluis

    Moderator


  • Moderator
  • 56,130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:01 AM

Posted 10 December 2014 - 03:14 PM

Well...before I even thought about employing such a drastic maneuver as reinstalling...I would first run a hard drive diagnostic to check the functional state of the drive Windows was/is installed upon or where the games are being installed (if not on the Windows partition).

 

And before I did that...I would try to move any valued data files from the questionable drive to other storage, unless I did not care what data files are lost while attempting to assess the problem.

 

Louis



#6 SlevinDslave

SlevinDslave
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:01 AM

Posted 10 December 2014 - 03:17 PM

Thank you, Some more information i want to provide, is nearly everything i open says (bad image) and when i reinstall things it says its putting them in x86



#7 hamluis

hamluis

    Moderator


  • Moderator
  • 56,130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:01 AM

Posted 10 December 2014 - 05:32 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#8 SlevinDslave

SlevinDslave
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:01 AM

Posted 10 December 2014 - 05:50 PM

here is the screenshot http://speccy.piriform.com/results/iHhmlm8AvkZIfBYBs0T5YOz

and the log from the other program




MiniToolBox by Farbar  Version: 30-11-2014
Ran by Taylor (administrator) on 10-12-2014 at 16:48:27
Running from "C:\Users\Taylor\AppData\Local\temp\n3gtqrhc.tmp"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/10/2014 04:39:08 PM) (Source: Application Hang) (User: )
Description: The program Wow.exe version 6.0.3.19243 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1990
 
Start Time: 01d014c7b0238d81
 
Termination Time: 352
 
Application Path: C:\Program Files\World of Warcraft\Wow.exe
 
Report Id:
 
Error: (12/10/2014 03:38:18 PM) (Source: Application Hang) (User: )
Description: The program Wow.exe version 6.0.3.19243 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1490
 
Start Time: 01d014bbb5574011
 
Termination Time: 148
 
Application Path: C:\Program Files\World of Warcraft\Wow.exe
 
Report Id:
 
Error: (12/10/2014 02:07:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: Safari.exe, version: 5.34.57.2, time stamp: 0x4f982b5e
Faulting module name: Safari.dll, version: 7534.57.2.4, time stamp: 0x4f982b22
Exception code: 0xc0000005
Fault offset: 0x00093503
Faulting process id: 0x884
Faulting application start time: 0xSafari.exe0
Faulting application path: Safari.exe1
Faulting module path: Safari.exe2
Report Id: Safari.exe3
 
Error: (12/10/2014 01:08:32 PM) (Source: Application Hang) (User: )
Description: The program Wow.exe version 6.0.3.19243 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 15d0
 
Start Time: 01d014a721283cf8
 
Termination Time: 382
 
Application Path: C:\Program Files\World of Warcraft\Wow.exe
 
Report Id:
 
Error: (12/10/2014 11:20:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2014 09:05:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6194
 
Error: (12/10/2014 09:05:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6194
 
Error: (12/10/2014 09:05:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/10/2014 09:05:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4446
 
Error: (12/10/2014 09:05:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4446
 
 
System errors:
=============
Error: (12/10/2014 00:27:43 PM) (Source: DCOM) (User: )
Description: "C:\windows\system32\igfxsrvc.exe" -Embedding5{C2BFE331-6739-4270-86C9-493D9A04CD38}
 
Error: (12/10/2014 00:27:41 PM) (Source: DCOM) (User: )
Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}
 
Error: (12/10/2014 11:32:16 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (12/10/2014 11:19:25 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:30:26 AM on ‎12/‎10/‎2014 was unexpected.
 
Error: (12/10/2014 09:44:33 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (12/10/2014 09:44:32 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (12/10/2014 09:38:31 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (12/10/2014 09:38:10 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (12/10/2014 09:34:59 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
Error: (12/10/2014 09:31:58 AM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
 
 
Microsoft Office Sessions:
=========================
Error: (12/10/2014 04:39:08 PM) (Source: Application Hang)(User: )
Description: Wow.exe6.0.3.19243199001d014c7b0238d81352C:\Program Files\World of Warcraft\Wow.exe
 
Error: (12/10/2014 03:38:18 PM) (Source: Application Hang)(User: )
Description: Wow.exe6.0.3.19243149001d014bbb5574011148C:\Program Files\World of Warcraft\Wow.exe
 
Error: (12/10/2014 02:07:57 PM) (Source: Application Error)(User: )
Description: Safari.exe5.34.57.24f982b5eSafari.dll7534.57.2.44f982b22c00000050009350388401d014b4674144a8C:\Program Files (x86)\Safari\Safari.exeC:\Program Files (x86)\Safari\Safari.dll3b83e5d7-80a8-11e4-b026-dc0ea1cc8cf2
 
Error: (12/10/2014 01:08:32 PM) (Source: Application Hang)(User: )
Description: Wow.exe6.0.3.1924315d001d014a721283cf8382C:\Program Files\World of Warcraft\Wow.exe
 
Error: (12/10/2014 11:20:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/10/2014 09:05:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6194
 
Error: (12/10/2014 09:05:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6194
 
Error: (12/10/2014 09:05:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/10/2014 09:05:38 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4446
 
Error: (12/10/2014 09:05:38 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4446
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-12-09 10:36:39.904
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-09 10:36:39.826
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-28 12:15:09.243
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-28 12:15:09.240
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-28 12:15:09.237
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-28 12:15:09.197
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-28 12:15:09.195
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-28 12:15:09.192
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-24 11:33:19.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-05-24 11:33:19.015
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
 
=========================== Installed Programs ============================
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.293 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.240 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
COMODO Programs Manager (HKLM\...\{D968E920-3A49-48EB-BA1D-8964DCDF0CA9}) (Version: 1.3_build_30 - COMODO)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.51 - Conexant)
COWON Media Center - jetAudio Basic VX (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.0.17 - COWON)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DriverRestore (HKLM\...\DriverRestore) (Version: 1.0 - 383 Media, Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Energy Management (x32 Version: 6.0.2.0 - Lenovo) Hidden
File Extractor (HKLM-x32\...\Tweaks File Extractor) (Version: 1.1.1 - Tweaks)
File Extractor Packages (HKCU\...\File Extractor Packages) (Version:  - )
GeekBuddy (HKLM\...\{E98902C5-09AF-487A-AFAE-D4C386F506C0}) (Version: 4.18.121 - Comodo Security Solutions Inc)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HP ENVY 4500 series Basic Device Software (HKLM\...\{38A08516-1847-43E4-8076-9540B60EC43B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.11.616.1 - Vimicro)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)
Lenovo Games Console (HKLM-x32\...\Lenovo Games Console) (Version: 1.2.6.436 - Oberon Media Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.6.0.0 - LG Electronics)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Defragmenter (HKLM-x32\...\{91566393-AD20-4B92-A81B-B17F31527DD4}) (Version: 1.0 - ConsumerSoft)
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{3A5F6684-5FD8-4660-A4DA-BF60A20FCCFC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Strongvault Online Backup (x32 Version: 5.0.2.34 - Strongvault Online Backup) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.0.0 - Synaptics Incorporated)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 59%
Total physical RAM: 4039.86 MB
Available physical RAM: 1655.17 MB
Total Pagefile: 8077.9 MB
Available Pagefile: 5726.53 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.71 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:254.14 GB) (Free:161.71 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.46 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\SHARON-PC
 
Administrator            Guest                    Sharon                   
Taylor                   
 
========================= Restore Points ==================================
 
05-12-2014 16:43:25 Checkpoint by HitmanPro
05-12-2014 16:52:55 Checkpoint by HitmanPro
05-12-2014 17:00:52 Checkpoint by HitmanPro
08-12-2014 01:21:36 Windows Backup
09-12-2014 11:49:55 Windows Update
09-12-2014 15:42:23 Revo Uninstaller's restore point - Safari
 
**** End of log ****


#9 hamluis

hamluis

    Moderator


  • Moderator
  • 56,130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:01 AM

Posted 11 December 2014 - 11:45 AM

Let's try the following:

 

Uninstall all Lavasoft, Avast, and Comodo (including Geek Buddy) software, usng Add/Remove Programs.

 

You also reflect a service for Norton AV which is disabled.  I would run the Norton Removal Tool   to try to remove any remnants left after a previous attempt to uninstall the Symantec/Norton application.

 

Then...reinstall/update/run the Avast AV and enable the Windows firewall (currently disabled).

 

Run the chkdsk /r command...follow that with running the sfc /scannow command.

 

Chkdsk From Command Prompt, Win 7 - http://www.bleepingcomputer.com/forums/t/496613/contextmenu-is-causing-explorerexe-to-crash/?p=3067880

 

SFC -SCANNOW Run in Command Prompt at Boot - Windows 7 Forums - http://www.sevenforums.com/tutorials/139810-sfc-scannow-run-command-prompt-boot.html

 

Forget all of the above for now...it looks like you may be infected.  Moving topic to Am I Infected forum.

 

Your Driver Restore program appears to be associated with possible malware. 

 

Louis



#10 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 15 December 2014 - 11:40 AM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
Step One:
Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
Step Two:
Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

Step Three:
Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

Thanks and good luck!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users