Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I/O device error, java crashed, malware crashed unable to update


  • This topic is locked This topic is locked
23 replies to this topic

#1 WOMB

WOMB

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 26 October 2015 - 11:38 AM

Yo Bleeping, Long time no see. 
 
Last night Java crashed, then this morning updates failed and things looked a bit fishy. (taskbar went white, start menu jitters, and random programs closing due to I/O device error ) 
To be clear IE, Java and Malwarebytes have closed due to device error. Also Java and Malware would not update.
I am seeing errors such as: 
 
"The instruction at 0x00000000603AEB10 reference memory at 0x00000000603AEB10. The required data was not placed into memory because of I/O error status of 0xc0000185. "
 
Thanks in advance!
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
Ran by Dante (administrator) on DANTE-PC (26-10-2015 12:14:59)
Running from C:\Users\Dante\Desktop
Loaded Profiles: Dante (Available Profiles: Dante)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\NETGEAR\WNA1000M\WlanWpsSvc.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212072 2015-07-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-06-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-06-26] (Adobe Systems Inc.)
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [GoogleChromeAutoLaunch_386607BCE745E16D8F0FF37FAB0D2025] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\MountPoints2: {96e593cf-e217-11e3-af06-806e6f6e6963} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-07-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-07-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-07-16] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1000M Genie.lnk [2015-07-05]
ShortcutTarget: NETGEAR WNA1000M Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1000M\WNA1000M.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2014-05-22]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk [2014-05-22]
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{953EDC54-F794-454A-B08C-57DCBF336F70}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FEA0EE7C-9E04-478A-9188-9D05C3BF69FD}: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
Internet Explorer:
==================
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-473301670-4211970619-3882544408-1000 -> {7429FDC3-07B6-4AE7-B486-247051C17D02} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-473301670-4211970619-3882544408-1000 -> {A17B19E4-34AB-47D4-BA2E-B8C60CCBB048} URL = 
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-26] (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-26] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-26] (Adobe Systems Incorporated)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-07-22] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-07-22] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-09-27] [not signed]
 
Chrome: 
=======
CHR Profile: C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-02]
CHR Extension: (AdBlock) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-05]
CHR Extension: (Gmail) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3259304 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [116224 2009-09-23] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files (x86)\NETGEAR\WNA1000M\WlanWpsSvc.exe [167936 2011-06-30] () [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [855144 2011-01-31] (Realtek Semiconductor Corporation                           )
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-26 12:14 - 2015-10-26 12:15 - 00015178 _____ C:\Users\Dante\Desktop\FRST.txt
2015-10-26 12:14 - 2015-10-26 12:15 - 00000000 ____D C:\FRST
2015-10-26 12:11 - 2015-10-26 12:10 - 02197504 _____ (Farbar) C:\Users\Dante\Desktop\FRST64.exe
2015-10-26 12:10 - 2015-10-26 12:10 - 02197504 _____ (Farbar) C:\Users\Dante\Downloads\FRST64.exe
2015-10-26 11:30 - 2015-10-26 12:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-26 11:26 - 2015-10-26 12:00 - 00000000 ____D C:\Users\Dante\Desktop\mbar
2015-10-26 11:26 - 2015-10-26 11:27 - 00000111 _____ C:\Users\Dante\Desktop\New Text Document (2).txt
2015-10-26 11:24 - 2015-10-26 11:24 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Dante\Downloads\mbar-1.09.3.1001.exe
2015-10-26 11:24 - 2015-10-26 11:24 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Dante\Desktop\mbar-1.09.3.1001.exe
2015-10-26 11:23 - 2015-10-26 11:23 - 00899072 _____ (Farbar) C:\Users\Dante\Downloads\FSS.exe
2015-10-26 11:23 - 2015-10-26 11:23 - 00899072 _____ (Farbar) C:\Users\Dante\Desktop\FSS.exe
2015-10-26 11:23 - 2015-10-26 11:22 - 00852720 _____ C:\Users\Dante\Desktop\SecurityCheck.exe
2015-10-26 11:22 - 2015-10-26 11:22 - 00852720 _____ C:\Users\Dante\Downloads\SecurityCheck.exe
2015-10-26 11:00 - 2015-10-26 11:00 - 00003136 _____ C:\Windows\System32\Tasks\{972676F2-96F6-49AF-8EB3-7ECF03985505}
2015-10-26 10:57 - 2015-10-26 10:57 - 00584288 _____ (Oracle Corporation) C:\Users\Dante\Downloads\chromeinstall-8u65.exe
2015-10-26 10:57 - 2015-10-26 10:57 - 00584288 _____ (Oracle Corporation) C:\Users\Dante\Desktop\chromeinstall-8u65.exe
2015-10-26 10:01 - 2015-10-26 10:38 - 493813295 _____ C:\Windows\MEMORY.DMP
2015-10-20 22:35 - 2015-10-21 15:56 - 00000000 ____D C:\Users\Dante\Downloads\Seinfeld.Complete.Series-720p.WEBrip.AAC.EN-SUB.x264-[MULVAcoded]
2015-10-20 22:34 - 2015-10-20 22:34 - 00361313 _____ C:\Users\Dante\Downloads\[kat.cr]seinfeld.complete.series.extras.720p.webrip.aac.en.sub.x264.mulvacoded (1).torrent
2015-10-20 22:24 - 2015-10-20 22:24 - 00000000 ____D C:\Users\Dante\AppData\LocalLow\uTorrent
2015-10-20 22:23 - 2015-10-20 22:24 - 00361313 _____ C:\Users\Dante\Downloads\[kat.cr]seinfeld.complete.series.extras.720p.webrip.aac.en.sub.x264.mulvacoded.torrent
2015-10-18 10:08 - 2015-10-18 10:16 - 00000000 ____D C:\Users\Dante\Downloads\Death Grips - Discography - 2014
2015-10-18 10:07 - 2015-10-18 10:08 - 00026863 _____ C:\Users\Dante\Downloads\[kat.cr]death.grips.discography.2011.2014.320kbps.torrent
2015-10-02 21:53 - 2015-10-02 21:54 - 00000000 ____D C:\Users\Dante\Downloads\Blood Simple [Director's Cut].1984.DVDRip.XviD-VLiS
2015-10-02 21:53 - 2015-10-02 21:53 - 00028785 _____ C:\Users\Dante\Downloads\[kat.cr]blood.simple.director.s.cut.1984.dvdrip.xvid.vlis.torrent
2015-09-27 10:04 - 2015-10-26 11:05 - 00000672 _____ C:\Windows\setupact.log
2015-09-27 10:04 - 2015-09-27 10:04 - 00001274 _____ C:\Windows\PFRO.log
2015-09-27 10:04 - 2015-09-27 10:04 - 00000000 _____ C:\Windows\setuperr.log
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-26 11:37 - 2014-05-22 23:18 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-26 11:33 - 2014-05-21 18:59 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-26 11:30 - 2014-05-21 22:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-26 11:26 - 2014-05-21 22:34 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-26 11:14 - 2014-05-21 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-26 11:14 - 2014-05-21 22:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-26 11:14 - 2009-07-14 00:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-26 11:14 - 2009-07-14 00:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-26 11:11 - 2014-05-21 22:32 - 00000000 ____D C:\Program Files\CCleaner
2015-10-26 11:10 - 2014-05-21 18:19 - 01292630 _____ C:\Windows\WindowsUpdate.log
2015-10-26 11:06 - 2014-05-22 23:18 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-26 11:05 - 2014-05-21 19:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-26 11:05 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-26 11:03 - 2009-07-14 01:08 - 00020186 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-26 10:59 - 2014-10-20 22:41 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-26 10:41 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-26 10:39 - 2015-02-19 19:45 - 00000000 ____D C:\Windows\Minidump
2015-10-26 09:58 - 2014-05-21 21:29 - 00000000 ____D C:\ProgramData\MFAData
2015-10-26 02:00 - 2014-05-21 18:58 - 00000000 ____D C:\Users\Dante\AppData\Local\Adobe
2015-10-22 14:15 - 2014-05-31 20:00 - 00000000 ____D C:\Users\Dante\AppData\Roaming\uTorrent
2015-10-20 22:34 - 2015-05-18 12:42 - 00000000 ____D C:\Users\Dante\Downloads\Seinfeld.Complete.Series.720p.REFLECTIONS
2015-10-16 23:33 - 2014-05-21 18:59 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-16 23:33 - 2014-05-21 18:59 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-16 23:33 - 2014-05-21 18:59 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-13 19:17 - 2015-05-20 17:23 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-07 20:37 - 2014-05-31 22:41 - 00000000 ____D C:\Users\Dante\AppData\Roaming\vlc
2015-10-07 12:17 - 2014-08-05 19:34 - 00000000 ____D C:\Users\Dante\Desktop\resumes
2015-10-05 10:58 - 2014-05-21 19:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-05 09:50 - 2014-05-21 22:34 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2014-05-21 22:33 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-01 13:38 - 2015-09-13 13:51 - 00000296 _____ C:\Users\Dante\Desktop\APTbills.txt
2015-09-29 09:04 - 2014-05-23 00:01 - 00000000 ____D C:\Users\Dante\Documents\Reciepts & Invoice 2014
2015-09-27 22:31 - 2014-10-19 19:18 - 00000000 ____D C:\Users\Dante\Downloads\Movies
2015-09-27 11:47 - 2014-09-30 20:09 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2015-09-27 11:47 - 2014-09-30 20:09 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2015-09-27 11:47 - 2014-09-30 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-09-27 09:46 - 2015-06-20 22:08 - 00000000 ____D C:\Users\Dante\AppData\Local\E5397DDD-9165-498F-8EA7-4AF5F35B01E1.aplzod
 
==================== Files in the root of some directories =======
 
2014-09-30 23:31 - 2014-09-30 23:31 - 0007605 _____ () C:\Users\Dante\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Dante\AppData\Local\Temp\cct.dll
C:\Users\Dante\AppData\Local\Temp\JavaIC.dll
C:\Users\Dante\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Dante\AppData\Local\Temp\msscct32.dll
C:\Users\Dante\AppData\Local\Temp\YSearchUtil.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-21 00:33
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by Dante (2015-10-26 12:15:32)
Running from C:\Users\Dante\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-05-21 22:34:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-473301670-4211970619-3882544408-500 - Administrator - Disabled)
Dante (S-1-5-21-473301670-4211970619-3882544408-1000 - Administrator - Enabled) => C:\Users\Dante
Guest (S-1-5-21-473301670-4211970619-3882544408-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-473301670-4211970619-3882544408-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.15 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4830 - AVG Technologies)
AVG 2014 (Version: 14.0.4447 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4830 - AVG Technologies) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CDisplayEx 1.10.28 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NETGEAR WNA1000M Wireless USB 2.0 Adapter (HKLM-x32\...\InstallShield_{62F7B391-E2B2-4714-BBAA-A14E4FAAB95C}) (Version: 1.01.10 - NETGEAR)
NETGEAR WNA1000M Wireless USB 2.0 Adapter (x32 Version: 1.01.10 - NETGEAR) Hidden
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WD SmartWare (HKLM\...\{E0143FF1-3162-489B-837E-AC03F001FAB7}) (Version: 1.1.1.4 - Western Digital)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-09-30 21:51 - 00450799 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15462 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {074D01B3-1D3F-4A1D-AA11-78B02021EA9F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {086ADF85-E7E7-490C-BB34-300F927EE061} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {103B6200-5FC8-4AE4-AC06-9F4D77B55C05} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {204958D3-88A3-4FF6-8EBA-7C3AC0B23CDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {288768E7-E68F-41DF-B3D9-4844E4FDFB10} - System32\Tasks\AdobeAAMUpdater-1.0-Dante-PC-Dante => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {437D8398-7A02-4B36-864A-54B25A74DB8B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {4F5B8CD0-1F5E-4C5F-8C46-60C09EF155DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8E789666-0C57-4327-B621-D18B5A99366C} - System32\Tasks\AVG_SYS_TASK_0415av_RUN => C:\ProgramData\Avg_Update_0415av\AVG-Secure-Search-Update_0415av.exe
Task: {95B86408-ACE1-42DC-B7BC-F41931978087} - System32\Tasks\{972676F2-96F6-49AF-8EB3-7ECF03985505} => pcalua.exe -a C:\Users\Dante\Desktop\chromeinstall-8u65.exe -d C:\Users\Dante\Desktop
Task: {9E05B02F-6009-479D-8B9B-C3CF8C1D2020} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-05-21 19:11 - 2014-03-04 09:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-08-19 16:49 - 2009-08-19 16:49 - 00049152 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
2009-02-25 15:18 - 2009-02-25 15:18 - 01196032 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\sqlite3.DLL
2011-06-30 22:23 - 2011-06-30 22:23 - 00167936 _____ () C:\Program Files (x86)\NETGEAR\WNA1000M\WlanWpsSvc.exe
2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-22 23:39 - 2015-10-20 10:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-22 23:39 - 2015-10-20 10:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:E1s5V1gHzk3BxxqZq
AlternateDataStreams: C:\ProgramData\Microsoft:rl4viaHGLetXUR5OoNLcKJbZMLf
AlternateDataStreams: C:\Users\Dante\Cookies:M9cSNKtquFBkZgDspQRYxEhS
AlternateDataStreams: C:\Users\Dante\Cookies:vjxMa2Nx88V3e3zPcgiF
AlternateDataStreams: C:\Users\Dante\Local Settings:byUWjY3G0bN1L0cSAFh4Nb
AlternateDataStreams: C:\Users\Dante\AppData\Local:byUWjY3G0bN1L0cSAFh4Nb
AlternateDataStreams: C:\Users\Dante\AppData\Local\Application Data:byUWjY3G0bN1L0cSAFh4Nb

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-473301670-4211970619-3882544408-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dante\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FA34704C-B9A6-483F-832C-CDE4717C8084}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{161265BC-38A9-4FD8-B993-613ACC70E1DF}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [TCP Query User{A6413EB0-3097-4C64-A541-96CA0B154671}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{60E5A0E6-D8D2-423E-BACB-EA5CB215B1E9}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [{6E3A0C64-F953-469A-806A-B8E19E54DD34}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{9FB9157E-F2AE-4A72-A548-6B6775DA5AD3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{154EC002-C333-4706-98C8-D1EEB641B32D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FFA8E4CA-E7C4-4B6E-A893-7FAFFA9E3ECE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{571D4546-61AE-4CA1-9FA4-0BFF0F112DEF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B29F4040-5017-4C27-8CDE-D8D92D174BCA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2BA5BD18-9798-4D71-8157-C199E2A663AA}] => (Allow) C:\Users\Dante\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B1CD876D-A51B-4A54-8612-8A9E52B4F9D2}] => (Allow) C:\Users\Dante\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AED1D3B9-DAB7-41F9-A038-021157050892}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B7690268-8089-41EC-95CB-292FA8922297}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{9F37BC37-2D99-4CD3-BEBE-E05B280F4E81}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{E9987C78-3193-4435-AECB-43164FEE8237}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{D2A31AE8-18CB-4760-AB89-135424F61385}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{B6C603E0-281F-4170-9355-180267E04EEC}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{7FBE85A2-3081-42A5-A4B8-3176B08740A9}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{64B9EDAC-545D-4FB8-AD19-BB442F5358D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Multimedia Audio Controller
Description: Multimedia Audio Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2015 11:30:40 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\dwmcore.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Desktop Window Manager because of this error.

Program: Desktop Window Manager
File: C:\Windows\System32\dwmcore.dll

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000185
Disk type: 3

Error: (10/26/2015 11:30:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: d3d11.dll, version: 6.2.9200.16570, time stamp: 0x5153b56b
Exception code: 0xc0000006
Fault offset: 0x000000000009b3cb
Faulting process id: 0xa6c
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (10/26/2015 11:17:15 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\ieframe.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Explorer because of this error.

Program: Windows Explorer
File: C:\Windows\System32\ieframe.dll

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000185
Disk type: 3

Error: (10/26/2015 11:17:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ieframe.dll, version: 11.0.9600.17937, time stamp: 0x55a806cb
Exception code: 0xc0000006
Fault offset: 0x00000000001f3508
Faulting process id: 0xab4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (10/26/2015 11:15:48 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\SearchIndexer.exe for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Microsoft Windows Search Indexer because of this error.

Program: Microsoft Windows Search Indexer
File: C:\Windows\System32\SearchIndexer.exe

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000185
Disk type: 3

Error: (10/26/2015 11:15:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.7601.17610, time stamp: 0x4dc0d019
Faulting module name: ntdll.dll, version: 6.1.7601.18933, time stamp: 0x55a6a196
Exception code: 0xc0000006
Fault offset: 0x00000000000514c4
Faulting process id: 0x16d0
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3

Error: (10/26/2015 11:15:21 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program AVG Diagnostics because of this error.

Program: AVG Diagnostics
File: C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000185
Disk type: 3

Error: (10/26/2015 11:15:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avgdiagex.exe, version: 14.0.0.4830, time stamp: 0x55b9260e
Faulting module name: avgdiagex.exe, version: 14.0.0.4830, time stamp: 0x55b9260e
Exception code: 0xc0000006
Fault offset: 0x0020c048
Faulting process id: 0x8cc
Faulting application start time: 0xavgdiagex.exe0
Faulting application path: avgdiagex.exe1
Faulting module path: avgdiagex.exe2
Report Id: avgdiagex.exe3

Error: (10/26/2015 11:15:04 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\RacEngn.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Host Process for Windows Tasks because of this error.

Program: Host Process for Windows Tasks
File: C:\Windows\System32\RacEngn.dll

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000185
Disk type: 3

Error: (10/26/2015 11:15:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: taskhost.exe, version: 6.1.7601.18010, time stamp: 0x50aee9f3
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000006
Fault offset: 0x000000000002a513
Faulting process id: 0x268
Faulting application start time: 0xtaskhost.exe0
Faulting application path: taskhost.exe1
Faulting module path: taskhost.exe2
Report Id: taskhost.exe3


System errors:
=============
Error: (10/26/2015 12:15:42 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (10/26/2015 12:08:04 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (10/26/2015 12:02:51 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (10/26/2015 12:02:51 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (10/26/2015 12:02:51 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (10/26/2015 12:02:51 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (10/26/2015 12:02:51 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (10/26/2015 12:02:51 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (10/26/2015 12:02:51 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (10/26/2015 12:00:12 PM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.


==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 44%
Total physical RAM: 4095.05 MB
Available physical RAM: 2269.62 MB
Total Virtual: 8188.3 MB
Available Virtual: 6165.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:647.83 GB) NTFS
Drive i: (WD SmartWare) (CDROM) (Total:0.62 GB) (Free:0 GB) UDF
Drive j: (My Book) (Fixed) (Total:930.86 GB) (Free:617.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3ACE7CDC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 0002AE3F)
Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 06 November 2015 - 10:21 AM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,622 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:28 AM

Posted 31 October 2015 - 11:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/594488 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 WOMB

WOMB
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 01 November 2015 - 09:46 AM

Yo Bleeping, Long time no see. 

 

Last night Java crashed, then this morning updates failed and things looked a bit fishy. (taskbar went white, start menu jitters, and random programs closing due to I/O device error ) 

To be clear IE, Java and Malwarebytes have closed due to device error. Also Java and Malware would not update.

I am seeing errors such as: 

 

"The instruction at 0x00000000603AEB10 reference memory at 0x00000000603AEB10. The required data was not placed into memory because of I/O error status of 0xc0000185. "

 

Thanks in advance!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Dante (administrator) on DANTE-PC (01-11-2015 09:41:49)
Running from C:\Users\Dante\Desktop
Loaded Profiles: Dante (Available Profiles: Dante)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\NETGEAR\WNA1000M\WlanWpsSvc.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212072 2015-07-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-06-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-06-26] (Adobe Systems Inc.)
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [GoogleChromeAutoLaunch_386607BCE745E16D8F0FF37FAB0D2025] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\MountPoints2: {96e593cf-e217-11e3-af06-806e6f6e6963} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-07-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-07-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-07-16] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1000M Genie.lnk [2015-07-05]
ShortcutTarget: NETGEAR WNA1000M Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1000M\WNA1000M.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2014-05-22]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk [2014-05-22]
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{953EDC54-F794-454A-B08C-57DCBF336F70}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FEA0EE7C-9E04-478A-9188-9D05C3BF69FD}: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-473301670-4211970619-3882544408-1000 -> {7429FDC3-07B6-4AE7-B486-247051C17D02} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-473301670-4211970619-3882544408-1000 -> {A17B19E4-34AB-47D4-BA2E-B8C60CCBB048} URL = 
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-26] (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-26] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-26] (Adobe Systems Incorporated)
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-07-22] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-07-22] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-09-27] [not signed]
 
Chrome: 
=======
CHR Profile: C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-01]
CHR Extension: (AdBlock) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-05]
CHR Extension: (Gmail) - C:\Users\Dante\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3259304 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [116224 2009-09-23] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files (x86)\NETGEAR\WNA1000M\WlanWpsSvc.exe [167936 2011-06-30] () [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [855144 2011-01-31] (Realtek Semiconductor Corporation                           )
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-01 09:41 - 2015-11-01 09:41 - 00000000 ____D C:\Users\Dante\Desktop\FRST-OlderVersion
2015-10-26 11:15 - 2015-10-26 11:16 - 00035153 _____ C:\Users\Dante\Desktop\Addition.txt
2015-10-26 11:14 - 2015-11-01 09:41 - 00015483 _____ C:\Users\Dante\Desktop\FRST.txt
2015-10-26 11:14 - 2015-11-01 09:41 - 00000000 ____D C:\FRST
2015-10-26 11:11 - 2015-11-01 09:41 - 02198016 _____ (Farbar) C:\Users\Dante\Desktop\FRST64.exe
2015-10-26 11:10 - 2015-10-26 11:10 - 02197504 _____ (Farbar) C:\Users\Dante\Downloads\FRST64.exe
2015-10-26 10:30 - 2015-10-26 11:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-26 10:26 - 2015-10-26 12:04 - 00000357 _____ C:\Users\Dante\Desktop\New Text Document (2).txt
2015-10-26 10:26 - 2015-10-26 11:00 - 00000000 ____D C:\Users\Dante\Desktop\mbar
2015-10-26 10:24 - 2015-10-26 10:24 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Dante\Downloads\mbar-1.09.3.1001.exe
2015-10-26 10:24 - 2015-10-26 10:24 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Dante\Desktop\mbar-1.09.3.1001.exe
2015-10-26 10:23 - 2015-10-26 10:23 - 00899072 _____ (Farbar) C:\Users\Dante\Downloads\FSS.exe
2015-10-26 10:23 - 2015-10-26 10:23 - 00899072 _____ (Farbar) C:\Users\Dante\Desktop\FSS.exe
2015-10-26 10:23 - 2015-10-26 10:22 - 00852720 _____ C:\Users\Dante\Desktop\SecurityCheck.exe
2015-10-26 10:22 - 2015-10-26 10:22 - 00852720 _____ C:\Users\Dante\Downloads\SecurityCheck.exe
2015-10-26 10:00 - 2015-10-26 10:00 - 00003136 _____ C:\Windows\System32\Tasks\{972676F2-96F6-49AF-8EB3-7ECF03985505}
2015-10-26 09:57 - 2015-10-26 09:57 - 00584288 _____ (Oracle Corporation) C:\Users\Dante\Downloads\chromeinstall-8u65.exe
2015-10-26 09:57 - 2015-10-26 09:57 - 00584288 _____ (Oracle Corporation) C:\Users\Dante\Desktop\chromeinstall-8u65.exe
2015-10-26 09:01 - 2015-10-26 09:38 - 493813295 _____ C:\Windows\MEMORY.DMP
2015-10-20 21:35 - 2015-10-21 14:56 - 00000000 ____D C:\Users\Dante\Downloads\Seinfeld.Complete.Series-720p.WEBrip.AAC.EN-SUB.x264-[MULVAcoded]
2015-10-20 21:34 - 2015-10-20 21:34 - 00361313 _____ C:\Users\Dante\Downloads\[kat.cr]seinfeld.complete.series.extras.720p.webrip.aac.en.sub.x264.mulvacoded (1).torrent
2015-10-20 21:24 - 2015-10-20 21:24 - 00000000 ____D C:\Users\Dante\AppData\LocalLow\uTorrent
2015-10-20 21:23 - 2015-10-20 21:24 - 00361313 _____ C:\Users\Dante\Downloads\[kat.cr]seinfeld.complete.series.extras.720p.webrip.aac.en.sub.x264.mulvacoded.torrent
2015-10-18 09:08 - 2015-10-18 09:16 - 00000000 ____D C:\Users\Dante\Downloads\Death Grips - Discography - 2014
2015-10-18 09:07 - 2015-10-18 09:08 - 00026863 _____ C:\Users\Dante\Downloads\[kat.cr]death.grips.discography.2011.2014.320kbps.torrent
2015-10-02 20:53 - 2015-10-02 20:54 - 00000000 ____D C:\Users\Dante\Downloads\Blood Simple [Director's Cut].1984.DVDRip.XviD-VLiS
2015-10-02 20:53 - 2015-10-02 20:53 - 00028785 _____ C:\Users\Dante\Downloads\[kat.cr]blood.simple.director.s.cut.1984.dvdrip.xvid.vlis.torrent
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-01 09:37 - 2014-05-22 22:18 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-01 09:33 - 2014-05-21 17:59 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-01 02:00 - 2014-05-21 17:58 - 00000000 ____D C:\Users\Dante\AppData\Local\Adobe
2015-10-31 18:37 - 2014-05-22 22:18 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-28 16:01 - 2014-05-21 17:19 - 01293200 _____ C:\Windows\WindowsUpdate.log
2015-10-26 11:15 - 2009-07-13 23:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-26 11:15 - 2009-07-13 23:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-26 10:30 - 2014-05-21 21:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-26 10:26 - 2014-05-21 21:34 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-26 10:14 - 2014-05-21 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-26 10:14 - 2014-05-21 21:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-26 10:11 - 2014-05-21 21:32 - 00000000 ____D C:\Program Files\CCleaner
2015-10-26 10:05 - 2015-09-27 09:04 - 00000672 _____ C:\Windows\setupact.log
2015-10-26 10:05 - 2014-05-21 18:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-26 10:05 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-26 10:03 - 2009-07-14 00:08 - 00020186 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-26 09:59 - 2014-10-20 21:41 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-26 09:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-26 09:39 - 2015-02-19 18:45 - 00000000 ____D C:\Windows\Minidump
2015-10-26 08:58 - 2014-05-21 20:29 - 00000000 ____D C:\ProgramData\MFAData
2015-10-22 13:15 - 2014-05-31 19:00 - 00000000 ____D C:\Users\Dante\AppData\Roaming\uTorrent
2015-10-20 21:34 - 2015-05-18 11:42 - 00000000 ____D C:\Users\Dante\Downloads\Seinfeld.Complete.Series.720p.REFLECTIONS
2015-10-16 22:33 - 2014-05-21 17:59 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-16 22:33 - 2014-05-21 17:59 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-16 22:33 - 2014-05-21 17:59 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-13 18:17 - 2015-05-20 16:23 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-07 19:37 - 2014-05-31 21:41 - 00000000 ____D C:\Users\Dante\AppData\Roaming\vlc
2015-10-07 11:17 - 2014-08-05 18:34 - 00000000 ____D C:\Users\Dante\Desktop\resumes
2015-10-05 09:58 - 2014-05-21 18:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-05 08:50 - 2014-05-21 21:34 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-05 08:50 - 2014-05-21 21:33 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
 
==================== Files in the root of some directories =======
 
2014-09-30 22:31 - 2014-09-30 22:31 - 0007605 _____ () C:\Users\Dante\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Dante\AppData\Local\Temp\cct.dll
C:\Users\Dante\AppData\Local\Temp\JavaIC.dll
C:\Users\Dante\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Dante\AppData\Local\Temp\msscct32.dll
C:\Users\Dante\AppData\Local\Temp\YSearchUtil.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-30 23:20
 
==================== End of FRST.txt ============================


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,574 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:28 AM

Posted 06 November 2015 - 10:28 AM

Greetings WOMB and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. I suspect this may be a hardware error but let's see what we find.

Please consider and do this.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have evidence of P2P downloads. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [AdobeBridge] => [X]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-10-26 11:00 - 2015-10-26 11:00 - 00003136 _____ C:\Windows\System32\Tasks\{972676F2-96F6-49AF-8EB3-7ECF03985505}
C:\Users\Dante\AppData\Local\Temp\cct.dll
C:\Users\Dante\AppData\Local\Temp\JavaIC.dll
C:\Users\Dante\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Dante\AppData\Local\Temp\msscct32.dll
C:\Users\Dante\AppData\Local\Temp\YSearchUtil.dll
AlternateDataStreams: C:\ProgramData\Microsoft:E1s5V1gHzk3BxxqZq
AlternateDataStreams: C:\ProgramData\Microsoft:rl4viaHGLetXUR5OoNLcKJbZMLf
AlternateDataStreams: C:\Users\Dante\Cookies:M9cSNKtquFBkZgDspQRYxEhS
AlternateDataStreams: C:\Users\Dante\Cookies:vjxMa2Nx88V3e3zPcgiF
AlternateDataStreams: C:\Users\Dante\Local Settings:byUWjY3G0bN1L0cSAFh4Nb
AlternateDataStreams: C:\Users\Dante\AppData\Local:byUWjY3G0bN1L0cSAFh4Nb
AlternateDataStreams: C:\Users\Dante\AppData\Local\Application Data:byUWjY3G0bN1L0cSAFh4Nb
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 WOMB

WOMB
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 06 November 2015 - 05:22 PM

Hi Oh my! thanks for your response. 
 
Here are the logs.

Fix result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Dante (2015-11-06 17:12:43) Run:1
Running from C:\Users\Dante\Desktop
Loaded Profiles: Dante (Available Profiles: Dante)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-473301670-4211970619-3882544408-1000\...\Run: [AdobeBridge] => [X]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-10-26 11:00 - 2015-10-26 11:00 - 00003136 _____ C:\Windows\System32\Tasks\{972676F2-96F6-49AF-8EB3-7ECF03985505}
C:\Users\Dante\AppData\Local\Temp\cct.dll
C:\Users\Dante\AppData\Local\Temp\JavaIC.dll
C:\Users\Dante\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Dante\AppData\Local\Temp\msscct32.dll
C:\Users\Dante\AppData\Local\Temp\YSearchUtil.dll
AlternateDataStreams: C:\ProgramData\Microsoft:E1s5V1gHzk3BxxqZq
AlternateDataStreams: C:\ProgramData\Microsoft:rl4viaHGLetXUR5OoNLcKJbZMLf
AlternateDataStreams: C:\Users\Dante\Cookies:M9cSNKtquFBkZgDspQRYxEhS
AlternateDataStreams: C:\Users\Dante\Cookies:vjxMa2Nx88V3e3zPcgiF
AlternateDataStreams: C:\Users\Dante\Local Settings:byUWjY3G0bN1L0cSAFh4Nb
AlternateDataStreams: C:\Users\Dante\AppData\Local:byUWjY3G0bN1L0cSAFh4Nb
AlternateDataStreams: C:\Users\Dante\AppData\Local\Application Data:byUWjY3G0bN1L0cSAFh4Nb
*****************

HKU\S-1-5-21-473301670-4211970619-3882544408-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect" => key removed successfully
VGPU => service removed successfully
C:\Windows\System32\Tasks\{972676F2-96F6-49AF-8EB3-7ECF03985505} => moved successfully
C:\Users\Dante\AppData\Local\Temp\cct.dll => moved successfully
C:\Users\Dante\AppData\Local\Temp\JavaIC.dll => moved successfully
C:\Users\Dante\AppData\Local\Temp\jre-8u65-windows-au.exe => moved successfully
C:\Users\Dante\AppData\Local\Temp\msscct32.dll => moved successfully
C:\Users\Dante\AppData\Local\Temp\YSearchUtil.dll => moved successfully
C:\ProgramData\Microsoft => ":E1s5V1gHzk3BxxqZq" ADS removed successfully.
C:\ProgramData\Microsoft => ":rl4viaHGLetXUR5OoNLcKJbZMLf" ADS removed successfully.
"C:\Users\Dante\Cookies" => ":M9cSNKtquFBkZgDspQRYxEhS" ADS not found.
"C:\Users\Dante\Cookies" => ":vjxMa2Nx88V3e3zPcgiF" ADS not found.
"C:\Users\Dante\Local Settings" => ":byUWjY3G0bN1L0cSAFh4Nb" ADS not found.
C:\Users\Dante\AppData\Local => ":byUWjY3G0bN1L0cSAFh4Nb" ADS removed successfully.
"C:\Users\Dante\AppData\Local\Application Data" => ":byUWjY3G0bN1L0cSAFh4Nb" ADS not found.

==== End of Fixlog 17:12:44 ====

Attached Files


Edited by Oh My!, 06 November 2015 - 06:57 PM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,574 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:28 AM

Posted 06 November 2015 - 07:08 PM

Thank you for the information.

Do you have all your information backed up? There is a possibility your hard drive may be the issue and although I don't know that your information is at risk I prefer not to take a chance while we have the opportunity to access your data files.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 WOMB

WOMB
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 06 November 2015 - 09:44 PM

yea i'm backed up



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,574 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:28 AM

Posted 06 November 2015 - 10:06 PM

Thanks,

 

Can you confirm your operating system is not on the solid state drive?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 WOMB

WOMB
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 06 November 2015 - 10:26 PM

Uhhh... i was unaware I had a SSD. My OS is NOT on my WD MyBook 1110.  



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,574 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:28 AM

Posted 06 November 2015 - 10:35 PM

Ah my apologies. Looking at wrong System Summary.

Can you remove all attached USB devices, reboot and see if your performance improves. If not, let me know how the computer runs in Safe Mode.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 WOMB

WOMB
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 07 November 2015 - 11:43 AM

Programs are no longer closing due to the I/O error, except randomly windows explorer has been crashing. I haven't been using the computer as frequently, so I'll just see the error, when i return to address the forum. I still cannot update Java and Internet Explorer will not open. Also, I uninstalled Java to try to reinstall it when i first noticed problems, but I never uninstalled Malware bytes, which seems to have disappeared from my Windows menu and programs list.  



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,574 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:28 AM

Posted 07 November 2015 - 03:08 PM

You don't mention whether or not you removed all external USB devices or tried Safe Mode.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 WOMB

WOMB
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 07 November 2015 - 04:59 PM

Sorry, I have removed the attached USB's and run Safe Mode, which runs fine. No problems that I could find.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,574 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:28 AM

Posted 07 November 2015 - 05:43 PM

What USB devices did you remove?

Leave the USB devices unattached, boot your computer normally and see if it runs OK/
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 WOMB

WOMB
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:07:28 AM

Posted 08 November 2015 - 11:07 AM

The USB device i'm referring to is my external hard drive. 

 

I have plugged in the external and am running the computer normally and it is running OK/






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users