Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

worm win32mytob-mf [wrm]


  • Please log in to reply
13 replies to this topic

#1 kerryb

kerryb

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:05 PM

Posted 07 April 2015 - 08:05 PM

Hello,

 

I believe my computer has been infected with a worm and was wondering if i could get some help getting rid of it.  When I opened Mozilla Firefox today, Avast popped up with a message stating that it had blocked a threat:

 

Object: C:\Users\...\icuuc52.dll

Infection Win32Mytob-MF [Wrm]

Action: Moved to Chest

 

Firefox: Couldnt load XPCOM

 

I have tried uninstalling and reinstalling Firefox and come up with the same message.  When I tried running Malwarebytes and SuperAntispyware, Avast popped up again and I had a similar error.  The only other thing i have done so far is download the farbar recovery tool and ran saved the 2 text files.

 

Please advise.

 

Thanks,

 

Kerry



BC AdBot (Login to Remove)

 


m

#2 kerryb

kerryb
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:05 PM

Posted 07 April 2015 - 08:16 PM

Also,

 

I am running windows 8 if that helps. 

 

Thanks,



#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:05 AM

Posted 07 April 2015 - 09:25 PM

Action: Moved to Chest

Hello  and welcome.

 

From your first post the above reply should have been more than enough. That meant it had been removed .....

 

 

First Temporarily Disable your Antivirus

Run ESET Online Scanner.

  • For Internet Explorer users only, hold down Control  (Ctrl) and click on This Link to open ESET OnlineScan in a new window.
  • Click the ESET Online button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives and Remove Threats"
  • Click Advanced settings and select the following:
    Scan potentially unwanted applications
     Scan for potentially unsafe applications
     Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • Please be patient as this will take some time (2 hours is not unusual for a first scan).
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 

We can reinstall Firefox once you finish. (note : Firefox has just released a new update as I just had it flash on my updates screen)

 

Do not post Farbar Logs in this area ..

 

Thanks.



#4 kerryb

kerryb
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:05 PM

Posted 08 April 2015 - 05:50 AM

Hi Noknojon,

 

Thanks for the quick reply! The following is the results of the scan:

 

C:\Users\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 Win32/Somoto.G potentially unwanted application deleted - quarantined
C:\Users\AppData\Local\Microsoft\Windows\INetCache\IE\IDJIWELF\OCSetupHlp[1].dll a variant of Win32/OpenCandy.C potentially unsafe application deleted - quarantined
C:\Users\AppData\Local\Microsoft\Windows\INetCache\IE\JY4I1U75\pcmechanicpm-standalone-setup[1].exe Win32/UniBlue.D potentially unwanted application deleted - quarantined
C:\Users\\AppData\Local\Temp\is-4RH86.tmp\pm-standalone-setup.exe Win32/UniBlue.D potentially unwanted application deleted - quarantined
C:\Users\Downloads\iiichan.part1.rar probably a variant of JS/Seeker.AF trojan deleted - quarantined
C:\Users\Downloads\iiichan\iiichan\stories.iiichan.net\stories\D\Dangerous Heights By kronos_recker\dangerous_heights.htm probably a variant of JS/Seeker.AF trojan cleaned by deleting - quarantined
C:\Users\Downloads\iiichan\iiichan\stories.iiichan.net\stories\G\Giant Melee - Peach Vs. Zelda By CubedCinder128\giant_melee.htm probably a variant of JS/Seeker.AF trojan cleaned by deleting - quarantined
C:\Users\Downloads\iiichan\iiichan\stories.iiichan.net\stories\M\Mile-High Dream By CubedCinder128\mile_high_dream.htm probably a variant of JS/Seeker.AF trojan cleaned by deleting - quarantined
C:\Users\Downloads\iiichan\iiichan\stories.iiichan.net\stories\M\Mile-High Dream By CubedCinder128\mile_high_dream_2.htm probably a variant of JS/Seeker.AF trojan cleaned by deleting - quarantined
C:\Users\Downloads\iiichan\iiichan\stories.iiichan.net\stories\M\Mile-High Dream By CubedCinder128\mile_high_dream_3.htm probably a variant of JS/Seeker.AF trojan cleaned by deleting - quarantined
C:\Users\Downloads\iiichan\iiichan\stories.iiichan.net\stories\M\Mushroom Gear By Various\mushroom_gear.htm probably a variant of JS/Seeker.AF trojan cleaned by deleting - quarantined
C:\Users\Downloads\iiichan\iiichan\stories.iiichan.net\stories\S\Sky-High Royalty By CubedCinder128\sky_high_royalty.htm probably a variant of JS/Seeker.AF trojan cleaned by deleting - quarantined
C:\Users\Downloads\iiichan\iiichan\stories.iiichan.net\stories\S\Sonic the Hedgehog - Sally and the Power Ring kat_warlord\sally_power_ring.htm probably a variant of JS/Seeker.AF trojan cleaned by deleting - quarantined
C:\Users\Downloads\iiichan\iiichan\stories.iiichan.net\stories\S\Sonic's Big Girls - Amy's Growth By kat_warlord\amy_growth.htm probably a variant of JS/Seeker.AF trojan cleaned by deleting - quarantined
C:\Users\Downloads\iiichan\iiichan\stories.iiichan.net\stories\W\Wuzilla By CubedCinder128 And rain_icecolt\wuzilla.htm probably a variant of JS/Seeker.AF trojan cleaned by deleting - quarantined
E:\Win\Incoming\ccsetup403.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
E:\Win\Incoming\free-rar-password-recovery.exe Win32/InstallMonetizer.BE potentially unwanted application deleted - quarantined
E:\Win\Incoming\MediaInfo_GUI_0.7.64_Windows.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
F:\Incoming\ccsetup403.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
F:\Incoming\free-rar-password-recovery.exe Win32/InstallMonetizer.BE potentially unwanted application deleted - quarantined
F:\Incoming\MediaInfo_GUI_0.7.64_Windows.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
 
Please advise,
 
Thanks.

Edited by kerryb, 08 April 2015 - 08:29 PM.


#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:05 AM

Posted 08 April 2015 - 04:34 PM

Hi -

Sorry but I was checking those lists, mainly the ilichan.net items.

 This link seems to lead to a dead-end. It may have been a list that you downloaded.

Will this mean anything to you, and is the computer performing better ??

 

Thanks -


Edited by noknojon, 08 April 2015 - 04:40 PM.


#6 kerryb

kerryb
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:05 PM

Posted 08 April 2015 - 05:03 PM

I have no idea what those lists are from.  I still can not open firefox as i am still getting a message that states "The program can't start because icuuc52.dll is missing from your computer.  Try reinstalling the program to fix the problem."  The next message states "Couldn't load XPCOM".

 

Thanks for the help.


Edited by kerryb, 08 April 2015 - 05:13 PM.


#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:05 AM

Posted 08 April 2015 - 05:40 PM

OK -

We need to collect a bit of information now to look for bad / missing applications.

Please post back if you have problems with any of these ...

 

 

Download Screen317 Security Check   and save it to your Desktop.
 * Double-click SecurityCheck.exe
 * Follow the onscreen instructions inside of the black box.
 * A Notepad document should open automatically called checkup.txt
 * Please post the contents of that document.
NOTE 1:: If any security program requests permission to access the Internet, allow it to do (the program is 100% safe)
NOTE 2. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! (or similar) message, restart computer and Security Check should run

 

 

Please download MiniToolBox  to desktop to run it.

 Checkmark the following boxes:

  • List content of Hosts
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 Click Go and Copy / Paste the result. (result.txt)

 

 

 

Please post a snapshot with Speccy for more system details -
How to Publish a snapshot with Speccy <<-- Full Directions Here (only Copy / Paste the link)

 

 

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
RKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed RKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
The program usually runs no longer than 2 minutes and only 1 version needs to run.
If it will not run, delete the download and try the other link
 Please Copy / Paste the small log back here.
 

 

Thank You



#8 kerryb

kerryb
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:05 PM

Posted 08 April 2015 - 06:00 PM

 Results of screen317's Security Check version 0.99.99  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
avast! Antivirus   
 Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
  Adobe Flash Player 16.0.0.305 Flash Player out of Date!
 Adobe Reader XI  
 Mozilla Firefox (37.0.1) 
 Google Chrome (41.0.2272.101) 
 Google Chrome (41.0.2272.118) 
````````Process Check: objlist.exe by Laurent````````
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng ngservice.exe 
 AVAST Software Avast avastui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
 

MiniToolBox by Farbar  Version: 09-03-2015
Ran by  (administrator) on 08-04-2015 at 18:49:06
Running from "C:\Users\Desktop"
Microsoft Windows 8.1  (X64)
Model: Z87X-D3H Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/08/2015 06:23:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
 
Error: (04/08/2015 06:58:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
 
Error: (04/08/2015 06:44:06 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
 
Error: (04/08/2015 06:42:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
 
Error: (04/07/2015 10:52:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
 
Error: (04/07/2015 10:52:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
 
Error: (04/07/2015 10:52:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
 
Error: (04/07/2015 10:52:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
 
Error: (04/07/2015 10:52:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
 
Error: (04/07/2015 07:51:05 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
 
System errors:
=============
Error: (04/08/2015 07:35:52 AM) (Source: DCOM) (User: KERRY)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (04/08/2015 00:28:08 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.
 
Error: (04/08/2015 00:28:06 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.
 
Error: (04/08/2015 00:28:05 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.
 
Error: (04/08/2015 00:28:03 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.
 
Error: (04/08/2015 00:28:01 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.
 
Error: (04/08/2015 00:27:59 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.
 
Error: (04/08/2015 00:27:57 AM) (Source: disk) (User: )
Description: The IO operation at logical block address 0x2e5b400 for Disk 2 (PDO name: \Device\00000060) failed due to a hardware error.
 
Error: (04/08/2015 00:27:55 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.
 
Error: (04/08/2015 00:27:53 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (04/08/2015 06:23:52 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Downloads\esetsmartinstaller_enu.exe
 
Error: (04/08/2015 06:58:41 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (04/08/2015 06:44:06 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (04/08/2015 06:42:32 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (04/07/2015 10:52:56 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Desktop\esetsmartinstaller_enu.exe
 
Error: (04/07/2015 10:52:54 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Desktop\esetsmartinstaller_enu.exe
 
Error: (04/07/2015 10:52:48 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\\Desktop\esetsmartinstaller_enu.exe
 
Error: (04/07/2015 10:52:48 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Desktop\esetsmartinstaller_enu.exe
 
Error: (04/07/2015 10:52:31 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Desktop\esetsmartinstaller_enu.exe
 
Error: (04/07/2015 07:51:05 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2147024883
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-12-03 22:35:31.248
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-03 22:35:31.154
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-03 22:35:31.076
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-03 22:35:30.982
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-03 22:35:30.888
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-03 22:35:30.810
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-03 22:35:30.716
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-03 22:35:30.623
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-03 22:35:30.529
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-03 22:35:30.435
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
 
=========================== Installed Programs ============================
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (x32 Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Definition Update for Microsoft Office 2010 (KB2956207) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{0E5D2277-B9CB-4FD2-92B7-7D145B0CE418}) (Version:  - Microsoft)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
f.lux (HKCU\...\Flux) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Network Connections 18.3.72.0 (HKLM\...\PROSetDX) (Version: 18.3.72.0 - Intel)
Intel® Network Connections 18.3.72.0 (Version: 18.3.72.0 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3186 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
ON_OFF Charge 2 B13.0506.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.0506.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Plex Media Server (HKLM-x32\...\{5ea93dc7-0906-47a6-8033-d26ed443f0a8}) (Version: 0.9.1101 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1101 - Plex, Inc.) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
StudioTax 2011 (HKLM\...\{61507AA6-FAC3-473C-95BA-7E5EC6025738}) (Version: 7.0.7.3 - BHOK IT Consulting)
StudioTax 2012 (HKLM\...\{F108C319-2308-47B5-ACF4-D2027CC87144}) (Version: 8.1.6.4 - BHOK IT Consulting)
StudioTax 2013 (HKLM-x32\...\{084EB219-709D-4724-A8C9-FC4BCA63A0A1}) (Version: 9.1.9.0 - BHOK IT Consulting)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1016 - SUPERAntiSpyware.com)
Update for Microsoft Access 2010 (KB2837601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{53FAC141-5C6B-4F97-ABC4-E635ABBC59E5}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{A4F91D60-654C-4892-BFD3-0D41ADA649B6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{A12F43A5-CF0B-44E3-942F-2441CD442F0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{0B7744D2-1FDD-4843-9987-7CE11B79F370}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D1C4AD0B-CC79-41D2-8D6A-571E7B30658C}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C1954E2B-1672-4E5C-B564-F8CB2D08345B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{A7AA9E77-A9F4-4596-8AFD-4910FF258C3D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2920813) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{74BC74BD-9032-4646-B248-F9F45E6D1326}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2956141) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{53FDC948-3ABA-4BDE-BCEB-F1465C93D91C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{82148027-13B5-4920-97F3-6A44A29B83D0}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{673FF853-6C60-4666-8E2F-CE9E2EB991AA}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{673FF853-6C60-4666-8E2F-CE9E2EB991AA}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2956128) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{FC666DD5-8A58-401B-9B1E-2CBB451932E8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2956203) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4C42857F-202A-4CB2-8FF7-74624CE22318}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DF548669-AAED-467B-A074-AE2B72A4A871}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878283) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{174382ED-333C-4C27-81BB-27288080CA16}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 25%
Total physical RAM: 8081.15 MB
Available physical RAM: 6022.36 MB
Total Pagefile: 9361.15 MB
Available Pagefile: 7159.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.52 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:223.23 GB) (Free:78.51 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:1863.01 GB) (Free:1194.51 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\KERRY
 
Administrator            Guest                  
 
 
**** End of log ****
 

 

http://speccy.piriform.com/results/0jFU81rdRSQ7gtInzeQEEGF

 

Rkill 2.7.0 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 04/08/2015 06:59:15 PM in x64 mode.
Windows Version: Windows 8.1 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\Desktop\SecurityCheck.exe (PID: 1160) [UP-HEUR]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 04/08/2015 06:59:27 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

Edited by kerryb, 08 April 2015 - 08:32 PM.


#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:05 AM

Posted 08 April 2015 - 06:59 PM

Thanks, and if this is Kerry ,very quick.

 

Main minor problems -

>> Description: The IO operation at logical block address 0x2e5b400 for Disk 2 (PDO name: \Device\00000060) failed due to a hardware error. <<

Do you have another external device that calls your computer ??

 

>> Error: (04/08/2015 00:27:53 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block. << Concerned that this can mean a failing hard drive (will check with others)

 

Flash Player Download Free, but untick the McAfee offer near the start as it is just advertising.

 

Update avast! Antivirus or uninstall it and use the default inbuilt Windows version.

 

If Internet Explorer works OK, please just use that for now.

 

Thanks -



#10 kerryb

kerryb
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:05 PM

Posted 08 April 2015 - 07:10 PM

I have an external hard drive that i occasionally plug into my computer, I'm wondering if that could be it.

 

I have updated Flash Player and the avast! Antivirus software.  Internet Explorer is working fine, it just seems to be affecting Firefox and some of my shortcut applications.

 

Thanks again.



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:05 AM

Posted 08 April 2015 - 08:02 PM

Uninstall Firefox Directions from their forum (if you can)
install Firefox once you finish.

 

Check both Hard Drives -
1. Open the The PC window (Windows + E).
2. Right click the drive that you want to check for errors, (do both drives individually) and click/tap on Properties.
3. Click / tap on the Tools tab, and click on the Check button under Error checking
4. Do either step 5 or 6 below for what you would like to do.
5. If No Errors are Found on Drive
A. } You could click/tap on on Cancel to not run chkdsk on the drive.
OR
B.} You could click/tap on Scan drive to run chkdsk on the drive anyways. Go to step 7
6. If Errors are Found on Drive > Click/tap on Repair drive, and go to step 7 below.
7. When the scan or repair is complete, you can click/tap on Show Details to have Event Viewer open to view the chkdsk logs of these results.
 

 

Sorry if we seem slow, but all items are checked :rolleyes:

 

Run a Full Scan with your antivirus and tell me if it is still there -

 

Thanks ......



#12 kerryb

kerryb
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:05 PM

Posted 08 April 2015 - 08:26 PM

That seemed to work! Thank you so much!  I think i figured out what was wrong with the drives.  I had the external drive plugged into my machine but I had left it without power.  That may have been the cause for the error. However, I think it is time for a new external drive anyways.

 

I found no errors in the drives even after running the chkdsk and when i installed firefox after disabling Avast, there seems to be no problem running the browser.

 

I ran a quick scan with Avast and no threats were found.

 

Thanks again!



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:05 AM

Posted 08 April 2015 - 08:35 PM

I ran a quick scan with Avast and no threats were found.

Try and run a full scan at times -

 

You are welcome if this helped, and I will watch it for a few days still ..... . :hello:



#14 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 5,949 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:07:05 PM

Posted 09 April 2015 - 07:19 AM

Noknojon sent me a PM about the query with your hard drive. If everything appears to be OK there is probably no cause for concern but run a 'chkdsk /r' scan sometime in the next few days. This will indicate if there are any problems with your hard drive that need further investigation.

 

If you haven't done this before, go to the top right of your screen until the 'Charms' appear then type 'Command' into the search box. The first item that should appear in the list is 'Command.exe'. RIGHT click on this and select 'Run as administrator' and the command window will open. Type 'chkdsk /r' (without the ' ') at the blinking cursor and press 'Enter'. You will get a message saying it cannot run, do you want it run at next boot Y / N ? Type 'Y' and press enter, then re-boot. Chkdsk will run and test your hard drive. If it finishes - and this can take up to about 40 minutes depending on the size of your hard drive - it will produce a report on screen. If this shows any problems start a topic in the Win 8 section and we will take it further and send me a PM to let you know you have done so.

 

I've had a look at your speccy report and it doesn't show any warnings so I don't think you will find any problems, but it is always a good idea to check !  Hard drives, being electro-mechanical devices - can, do and will fail eventually so on general principles you should have a back-up plan in place.

 

Chris Cosgrove






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users