Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

waiting for cahe


  • Please log in to reply
15 replies to this topic

#1 hapybus

hapybus

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:06:06 AM

Posted 25 October 2015 - 08:56 AM

seems to be the only "visible" indicator we have.. we have used AVG and downloaded your ADWClean..  they each found a culprit  or two... still computer drags using both Chrome and IE

THank you for your help

Windows 8



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 AM

Posted 25 October 2015 - 08:59 AM

Hi hapybus :)

My name is Aura and I'll be assisting you with your issue. Follow the instructions below please.

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the executable file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • Flush DNS;
    • Report IE Proxy Settings;
    • Reset IE Proxy Settings;
    • Report FF Proxy Settings;
    • Reset FF Proxy Settings;
    • List content of Hosts;
    • List IP Configuration;
    • List Last 10 Event Viewer Errors;
    • List Installed Programs;
    • List Devices - Only Problems;
    • List Users, Partitions and Memory size;
      B8oLpa3.png
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 hapybus

hapybus
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:06:06 AM

Posted 25 October 2015 - 12:40 PM

  • MiniToolBox by Farbar  Version: 25-07-2015 01
    Ran by Biffaths (administrator) on 25-10-2015 at 13:39:41
    Running from "C:\Users\Biffaths\Downloads"
    Microsoft Windows 8.1  (X64)
    Model: Inspiron 660 Manufacturer: Dell Inc.
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.
    ========================= Hosts content: =================================

     

    ========================= IP Configuration: ================================

    Realtek PCIe GBE Family Controller = Ethernet (Connected)
    Dell Wireless 1506 802.11b|g|n (2.4GHz) = Wi-Fi (Media disconnected)

    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global icmpredirects=enabled
    set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="wireless_11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

    popd
    # End of IPv4 configuration

     

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : The_boss
       Primary Dns Suffix  . . . . . . . :
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No

    Wireless LAN adapter Local Area Connection* 11:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
       Physical Address. . . . . . . . . : 1E-85-56-D1-95-D9
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter Ethernet:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
       Physical Address. . . . . . . . . : A4-1F-72-7B-6A-C4
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::8189:179b:a1e4:aa1f%4(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Friday, October 23, 2015 6:24:39 PM
       Lease Expires . . . . . . . . . . : Monday, October 26, 2015 1:31:05 PM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DHCPv6 IAID . . . . . . . . . . . : 363077490
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-4A-D4-5E-BC-85-56-D1-95-D9
       DNS Servers . . . . . . . . . . . : 192.168.1.1
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Wireless LAN adapter Wi-Fi:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Dell Wireless 1506 802.11b|g|n (2.4GHz)
       Physical Address. . . . . . . . . : BC-85-56-D1-95-D9
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{79414DED-DF23-4B95-A13B-BAF4877CE08E}:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 13:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:4b6:2947:519a:c0b0(Preferred)
       Link-local IPv6 Address . . . . . : fe80::4b6:2947:519a:c0b0%7(Preferred)
       Default Gateway . . . . . . . . . : ::
       DHCPv6 IAID . . . . . . . . . . . : 150994944
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-4A-D4-5E-BC-85-56-D1-95-D9
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter isatap.{566B5584-77A6-4BEA-8988-FC1363B4CD0D}:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    Server:  UnKnown
    Address:  192.168.1.1

    Name:    google.com
    Addresses:  2607:f8b0:4009:80a::200e
       216.58.216.78

    Pinging google.com [216.58.216.78] with 32 bytes of data:
    Reply from 216.58.216.78: bytes=32 time=33ms TTL=51
    Reply from 216.58.216.78: bytes=32 time=31ms TTL=51

    Ping statistics for 216.58.216.78:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 31ms, Maximum = 33ms, Average = 32ms
    Server:  UnKnown
    Address:  192.168.1.1

    Name:    yahoo.com
    Addresses:  2001:4998:58:c02::a9
       2001:4998:c:a06::2:4008
       2001:4998:44:204::a7
       206.190.36.45
       98.138.253.109
       98.139.183.24

    Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
    Reply from 98.138.253.109: bytes=32 time=60ms TTL=46
    Reply from 98.138.253.109: bytes=32 time=59ms TTL=46

    Ping statistics for 98.138.253.109:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 59ms, Maximum = 60ms, Average = 59ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
      8...1e 85 56 d1 95 d9 ......Microsoft Wi-Fi Direct Virtual Adapter
      4...a4 1f 72 7b 6a c4 ......Realtek PCIe GBE Family Controller
      3...bc 85 56 d1 95 d9 ......Dell Wireless 1506 802.11b|g|n (2.4GHz)
      1...........................Software Loopback Interface 1
      5...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
      7...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
      6...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     10
            127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
            127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
      127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
          192.168.1.0    255.255.255.0         On-link       192.168.1.2    266
          192.168.1.2  255.255.255.255         On-link       192.168.1.2    266
        192.168.1.255  255.255.255.255         On-link       192.168.1.2    266
            224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link       192.168.1.2    266
      255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      255.255.255.255  255.255.255.255         On-link       192.168.1.2    266
    ===========================================================================
    Persistent Routes:
      None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
     If Metric Network Destination      Gateway
      7    306 ::/0                     On-link
      1    306 ::1/128                  On-link
      7    306 2001::/32                On-link
      7    306 2001:0:5ef5:79fd:4b6:2947:519a:c0b0/128
                                        On-link
      4    266 fe80::/64                On-link
      7    306 fe80::/64                On-link
      7    306 fe80::4b6:2947:519a:c0b0/128
                                        On-link
      4    266 fe80::8189:179b:a1e4:aa1f/128
                                        On-link
      1    306 ff00::/8                 On-link
      4    266 ff00::/8                 On-link
      7    306 ff00::/8                 On-link
    ===========================================================================
    Persistent Routes:
      None

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (10/24/2015 05:59:36 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 31063

    Error: (10/24/2015 05:59:36 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 31063

    Error: (10/24/2015 05:59:36 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/24/2015 05:59:20 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 15438

    Error: (10/24/2015 05:59:20 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 15438

    Error: (10/24/2015 05:59:20 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/24/2015 12:25:31 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 52750

    Error: (10/24/2015 12:25:31 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 52750

    Error: (10/24/2015 12:25:31 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/24/2015 12:25:22 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 43687

    System errors:
    =============
    Error: (10/25/2015 11:33:50 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
    Description: 4

    Error: (10/25/2015 10:58:59 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
    Description: 4

    Error: (10/25/2015 04:54:32 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
    Description: 4

    Error: (10/25/2015 12:49:43 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
    Description: 4

    Error: (10/24/2015 07:24:43 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
    Description: 4

    Error: (10/24/2015 06:47:39 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
    Description: 4

    Error: (10/24/2015 05:59:42 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
    Description: 4

    Error: (10/24/2015 05:59:04 PM) (Source: Service Control Manager) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DellDataVault service.

    Error: (10/24/2015 02:47:36 PM) (Source: disk) (User: )
    Description: The device, \Device\Harddisk0\DR0, has a bad block.

    Error: (10/24/2015 02:47:34 PM) (Source: disk) (User: )
    Description: The device, \Device\Harddisk0\DR0, has a bad block.

    Microsoft Office Sessions:
    =========================
    Error: (10/24/2015 05:59:36 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 31063

    Error: (10/24/2015 05:59:36 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 31063

    Error: (10/24/2015 05:59:36 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/24/2015 05:59:20 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 15438

    Error: (10/24/2015 05:59:20 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 15438

    Error: (10/24/2015 05:59:20 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/24/2015 12:25:31 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 52750

    Error: (10/24/2015 12:25:31 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 52750

    Error: (10/24/2015 12:25:31 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/24/2015 12:25:22 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 43687

    CodeIntegrity Errors:
    ===================================
      Date: 2015-10-22 07:49:21.486
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-10-22 07:49:21.252
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-10-19 14:14:24.431
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-10-19 14:14:24.260
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-10-17 12:53:08.311
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-10-17 12:53:08.010
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-10-13 17:01:11.678
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-10-13 17:01:11.522
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-10-12 18:29:41.750
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-10-12 18:29:41.601
      Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    =========================== Installed Programs ============================

    Ability Office 6 (HKLM-x32\...\{095EC0BF-830E-49D6-801A-1454FD15B831}) (Version: 6.0.14 - Ability Software International)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Autodesk Design Review 2013 (HKLM-x32\...\{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}) (Version: 13.0.0.82 - Autodesk, Inc.) Hidden
    Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
    Autodesk Inventor Content Center Libraries 2015 (Desktop Content) (HKLM\...\{B46DECD1-1964-4EF1-0000-22D71E81877C}) (Version: 19.0.15900.0000 - Autodesk)
    Autodesk Revit Interoperability for Inventor 2015 (HKLM\...\{0BB716E0-1500-0210-0000-097DC2F354DF}) (Version: 15.0.166.0 - Autodesk) Hidden
    Autodesk Revit Interoperability for Inventor 2015 (HKLM\...\Autodesk Revit Interoperability for Inventor 2015) (Version: 15.0.166.0 - Autodesk)
    AVG (HKLM\...\{91BBDE8E-7611-4016-9A96-8D6956BB6EE5}) (Version: 16.4.7163 - AVG Technologies) Hidden
    AVG 2016 (HKLM\...\{1F079BC6-BEE5-40C9-8948-EE4AA470816C}) (Version: 16.0.4455 - AVG Technologies) Hidden
    AVG Protection (HKLM\...\AVG) (Version: 2016.4.7163 - AVG Technologies)
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.8.599 - AVG Technologies)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Camel Audio CamelPhat (HKLM-x32\...\Camel Audio CamelPhat) (Version: 3.50.0 - Camel Audio)
    Camel Audio CamelPhat64 (HKLM-x32\...\Camel Audio CamelPhat64) (Version: 3.50.0 - Camel Audio)
    CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
    Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.12.0 - Conexant)
    Configurator 360 addin (HKLM-x32\...\{8FE324B0-B934-4D68-BAB5-DE2136036237}) (Version: 19.0.11300.9000 - Autodesk, Inc.)
    Cross - Discover DJ 1.2.9 (HKLM-x32\...\MixVibes Cross - Discover DJ 1.2.9) (Version: 1.2.9 - MixVibes)
    CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.6 - Dell Inc.)
    Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.6 - Dell Inc.)
    Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
    Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.4.0 - Dell Inc.) Hidden
    Dell Digital Delivery (HKLM-x32\...\{4B3230C5-F069-416B-9169-1B84A216ED6A}) (Version: 2.5.1400.0 - Dell Products, LP)
    Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
    Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
    Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
    Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 10.0 - Dell)
    DJUCED 18° (HKLM-x32\...\{34F730A3-77BA-4741-A02A-D40762FEF274}) (Version: 1.0.95 - Guillemot)
    Eco Materials Adviser for Autodesk Inventor 2015 (64-bit) (HKLM\...\{2F7441CB-A646-41F1-B1CB-518AB311138B}) (Version: 5.3.8.0 - Granta Design Limited)
    FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
    Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
    FMW 1 (HKLM\...\{FE787B85-D93D-48FC-A974-0A70CACBAC35}) (Version: 1.22.2 - AVG Technologies) Hidden
    GameMaker: Player (HKLM-x32\...\GameMakerPlayer) (Version: 1.4.552.36800 - YoYo Games Ltd.)
    GameMaker-Studio 1.4 (HKCU\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    GoPro CineForm Studio 1.3.2 (HKLM-x32\...\GoPro CineForm Studio) (Version: 1.3.2 - CineForm, Inc & GoPro, Inc.)
    HitFilm 2 Express (HKLM\...\{5D249E93-D4B4-44EE-AA07-865093316560}) (Version: 2.0.3010.30403 - FXhome)
    HitFilm 3 Express (HKLM\...\{0259351A-DAB0-402F-BBAC-CD4074D2DD3B}) (Version: 3.1.4321.38300 - FXhome)
    HP ENVY 4500 series Basic Device Software (HKLM\...\{6915424E-704F-4F5D-9057-9C7B406B36DB}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
    HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
    HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
    IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
    Itibiti RTC (HKLM-x32\...\{730E03E4-350E-48E5-9D3E-4329903D454D}) (Version: 0.0.1 - Itibiti Inc) Hidden
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
    Knctr (HKLM-x32\...\Itibiti_is1) (Version:  - Itibiti Inc.)
    MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
    MAGIX Goya burnR (MSI) (HKLM\...\{099D5322-82F4-44ED-9A7D-B5945D60A960}) (Version: 4.3.1.6 - MAGIX AG) Hidden
    MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{099D5322-82F4-44ED-9A7D-B5945D60A960}) (Version: 4.3.1.6 - MAGIX AG)
    MAGIX Music Maker 2014 (HKLM\...\{92D71205-2FC1-4B3D-8D78-30AC1BF59E3F}) (Version: 20.0.0.28 - MAGIX AG) Hidden
    MAGIX Music Maker 2014 (HKLM-x32\...\MX.{92D71205-2FC1-4B3D-8D78-30AC1BF59E3F}) (Version: 20.0.0.28 - MAGIX AG)
    MAGIX Music Maker 2014 Premium (HKLM\...\{088A4B09-8FB2-48D0-932A-7F90BE050543}) (Version: 20.0.2.35 - MAGIX AG) Hidden
    MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{088A4B09-8FB2-48D0-932A-7F90BE050543}) (Version: 20.0.2.35 - MAGIX AG)
    MAGIX Music Maker 2014 Soundpools (HKLM\...\{EACF43E1-072C-4E0D-B813-2557C67A8053}) (Version: 1.0.0.0 - MAGIX AG) Hidden
    MAGIX Speed burnR (MSI) (HKLM\...\{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}) (Version: 7.0.1.27 - MAGIX AG) Hidden
    MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}) (Version: 7.0.1.27 - MAGIX AG)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Meshmixer (HKLM\...\Meshmixer_x64) (Version: 10.9.297 - Autodesk, Inc.)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    Mockup 360 Addin 2015 (HKLM-x32\...\{E4D4242C-FC14-4B4F-B1D9-6760D8C241D5}) (Version: 1.1.0 - Autodesk)
    Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{FE052581-1CD8-11E2-B617-F04DA23A5C58}) (Version: 12.0.576 - Sony)
    Movie Studio Platinum 12.0 (HKLM-x32\...\{24906A70-0A81-11E3-99B6-F04DA23A5C58}) (Version: 12.0.1183 - Sony)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
    Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
    NetTools 5.0 (HKLM-x32\...\NetTools_is1) (Version: 5.0 - Mohammad Ahmadi Bidakhvidi)
    NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
    NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
    OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
    Product Improvement Study for HP ENVY 4500 series (HKLM\...\{58139103-BACF-4BDC-B71C-955F9164ADA6}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
    QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
    reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
    Serato DJ  (HKLM-x32\...\{08e57b0a-70dc-4825-bc3c-4c404c1a89f9}) (Version: 1.7.1.3310 - )
    Serato DJ  (HKLM-x32\...\{FD13DCA7-3EBB-44B9-A937-B0C51D661A2F}) (Version: 1.7.1.3310 - Serato) Hidden
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    SketchUp 2014 (HKLM-x32\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited)
    Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
    Spotify (HKCU\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
    Stencyl (HKLM-x32\...\Stencyl) (Version: /root/.jenkins/jobs/Stencyl-Windows/workspace/build - Stencyl, LLC)
    Sylenth1 Demo v2.20 (HKLM-x32\...\Sylenth1Demo_is1) (Version:  - )
    Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version:  - )
    TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
    Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
    VirtualDJ 8 (HKLM-x32\...\{A5BE332D-FF14-42E5-ADB3-FAC10AAE8D68}) (Version: 8.0.2031.0 - Atomix Productions)
    VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
    VirtualDJ LE (HKLM-x32\...\{4625B789-A203-40FC-ADFA-A26AFF29898D}) (Version: 7.3 - Atomix Productions)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Vita 2 (HKLM\...\{1EEF6249-D3F8-48BC-BE73-239A89755B7D}) (Version: 1.0.0.0 - MAGIX AG) Hidden
    Vita Drum Engine (HKLM\...\{1CE67FD4-7DC4-4351-8D40-50BF05EA3A9C}) (Version: 1.0.0.0 - MAGIX AG) Hidden
    Vita Electric Piano (HKLM\...\{A50C6C08-4C3A-465F-832E-C0C2E62DDA11}) (Version: 1.0.0.0 - MAGIX AG) Hidden
    Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
    WinPcap 3.0 (HKLM-x32\...\WinPcapInst) (Version:  - Politecnico di Torino)
    WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

    ========================= Devices: ================================

    ========================= Memory info: ===================================

    Percentage of memory in use: 22%
    Total physical RAM: 8063.54 MB
    Available physical RAM: 6256.59 MB
    Total Virtual: 9663.54 MB
    Available Virtual: 6506.63 MB

    ========================= Partitions: =====================================

    1 Drive c: (OS) (Fixed) (Total:1849.59 GB) (Free:1641.62 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\THE_BOSS

    Administrator            Biffaths                 Guest                   
    UpdatusUser             

    **** End of log ****



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 AM

Posted 25 October 2015 - 01:09 PM

Alright seems like we have to take care of a few things first. Follow the instructions below please.

Uninstall the following programs:
  • AVG Web TuneUp;
  • Bonjour;
  • Java 8 Update 45;
  • Knctr;
Once done, let's run a chkdsk /r to address these bad blocks errors in the Event Viewer.

EndqYRa.pngCheck Disk (chkdsk)
Follow the instructions below to run a CHKDSK scan on your Windows partition;
  • On Windows Vista & 7, click on the Windows Start Menu, then enter cmd in the search box, right-click on the cmd icon and select Run as Administrator
  • On Windows 8, drag your cursor in the bottom-left corner, and right-click on the metro menu preview, then select Command Prompt (Admin);
  • On Windows 8.1, right click on the Windows logo in the bottom-left corner and select Command Prompt (Admin);
  • Enter the command chkdsk /r (there's a space between "chkdsk" and "/r") and press on Enter;
  • A message will be returned, stating that the drive cannot be locked because it's already in use, and you'll be asked if you want to schedule the scan for the next restart. Enter y and press on Enter;
  • Restart your computer, and the chkdsk scan will be launched automatically;
  • Once the chkdsk scan is complete and you're back in Windows, find the log in the Event Viewer and copy/paste it in your next reply;
WARNING: Depending on your hard drive (specs, free space, fragmentation, etc.) this scan can be relatively long to complete. Give it all the time it needs to finish. Do not interrupt it for any reason there is, or you might be damaging your drive in the process and make your Windows unbootable. It's suggested to let this scan run overnight or when you leave the house for a few hours (when you go to work for example). If you are running this scan on a laptop, don't forget to leave it plugged in;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 hapybus

hapybus
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:06:06 AM

Posted 25 October 2015 - 04:11 PM

Well I have done it now- had difficulties deleting said programs- then attempted to run chkdsk and it stumbled - now I can not get windows to boot- round and round I go with retire points or advanced options- I have killed my PC

#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 AM

Posted 25 October 2015 - 04:47 PM

More like your hard drive could be failing. Are you able to boot in any Safe Mode at all?

http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 hapybus

hapybus
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:06:06 AM

Posted 25 October 2015 - 05:13 PM

Can not get any safe mode option to open

#8 hapybus

hapybus
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:06:06 AM

Posted 25 October 2015 - 06:10 PM

In your above directions you have a red warning- if windows becomes unbootable is there a workaround or solution?

#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 AM

Posted 25 October 2015 - 06:13 PM

I do not. Are you able to enter the Recovery Environment and open the command prompt? What happens when you try to boot normally or boot in Safe Mode?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 hapybus

hapybus
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:06:06 AM

Posted 25 October 2015 - 06:24 PM

When attempting to boot normally I get blue screen message saying pc has problems - it then runs through a series of tries and I get nowhere- just round n round
Can not get safe mode with command prompt to boot

#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 AM

Posted 25 October 2015 - 06:28 PM

Do you have your Windows installation media?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 hapybus

hapybus
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:06:06 AM

Posted 25 October 2015 - 06:29 PM

Unable to open recovery mode

#13 hapybus

hapybus
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:06:06 AM

Posted 25 October 2015 - 06:30 PM

At this moment I don't know where they would be

#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:06 AM

Posted 25 October 2015 - 06:43 PM

You might be able to Reset or Refresh your computer from the Recovery Environment.

http://www.howtogeek.com/132428/everything-you-need-to-know-about-refreshing-and-resetting-your-windows-8-pc/

But without an installation media, you cannot run a Repair Install sadly.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 hapybus

hapybus
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:06:06 AM

Posted 25 October 2015 - 06:57 PM

Well- thank u for your help




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users