Jump to content

MalwareBytes freezes during quick and full scan.


AlidaV
 Share

Recommended Posts

Hello, I have just installed malwarebytes in order to deal with a blue screen of death problem I have been having. When I tried running a quick scan, I got another blue screen of death. Running a full scan causes my entire computer to freeze up after about 5-10mins. I changed the file extension to .bat (advice from a friend) and ran both quick and full scan which found no problems. I continue to get blue screen of death issues. I have also attempted a full scan with MSE, which causes the program to shut down and reboot (also after 5-10mins).

Here are the log files from dds.com:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514

Run by Alida Verster at 19:58:48 on 2012-01-17

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.8174.5989 [GMT -8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.bat.exe

C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\system32\mmc.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\notepad.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

TCP: DhcpNameServer = 192.168.1.254 75.153.176.9

TCP: Interfaces\{1552B88F-15B7-4AE6-AE5D-A1620430412E} : DhcpNameServer = 192.168.1.254 75.153.176.9

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

.

============= SERVICES / DRIVERS ===============

.

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-12-27 13592]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]

R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-27 136176]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-27 136176]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2033-01-02 03:40:42 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2033-01-02 03:40:36 -------- d-----w- C:\Users\Alida Verster\AppData\Local\Microsoft Help

2012-01-18 03:12:14 -------- d-----w- C:\Users\Alida Verster\AppData\Roaming\Malwarebytes

2012-01-18 03:12:08 -------- d-----w- C:\ProgramData\Malwarebytes

2012-01-18 03:12:07 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-01-18 03:12:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-01-18 03:08:03 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A4A6DD9-D6B4-484E-8F42-34564CF69661}\offreg.dll

2012-01-17 16:41:42 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{ED201BBB-989E-4697-BB5D-9D739C445849}

2012-01-17 16:41:31 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{DDB6953A-95B4-4EDD-8D05-DB6FDE55B915}

2012-01-17 11:38:15 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A4A6DD9-D6B4-484E-8F42-34564CF69661}\mpengine.dll

2012-01-17 04:41:19 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{BF120DC3-19F8-4ED5-A634-A5119EAFB5F9}

2012-01-17 04:41:09 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{612FD100-C096-4A6D-8198-EE1CFF34B049}

2012-01-17 02:36:04 -------- d-----w- C:\Program Files (x86)\Program Files

2012-01-16 16:40:45 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{DE7A9919-38F2-498A-BF73-DE60491EC63E}

2012-01-16 16:40:34 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{F100DD14-75B5-4902-A557-63E4D95DEF57}

2012-01-15 19:48:59 902656 ----a-w- C:\Windows\System32\d2d1.dll

2012-01-15 19:48:59 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-01-15 19:48:59 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-01-15 19:48:59 1139200 ----a-w- C:\Windows\System32\FntCache.dll

2012-01-15 19:48:59 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-01-15 18:51:28 -------- d-----w- C:\Users\Alida Verster\AppData\Local\Adobe

2012-01-15 18:30:10 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{7B006FA4-76F0-492D-AD85-DF64CCA8749A}

2012-01-15 06:29:36 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{9B705F5C-44C5-454C-B937-D2F08AE2131B}

2012-01-15 06:29:25 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{CE8F50E8-0858-43D4-AEC3-F91B3A3C9451}

2012-01-14 17:28:47 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{26BCBA8C-B0C2-4D56-85BE-9E3DFE9281D8}

2012-01-14 17:28:32 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{CC9B9706-05D2-422E-8B82-82702AD02A39}

2012-01-14 00:17:08 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{50351695-F170-4B3C-91C4-7E381C299FB5}

2012-01-14 00:16:58 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{A32FA531-47AB-443D-A27E-20A7E49FA54B}

2012-01-12 16:09:51 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{087281C8-945C-4F62-99E2-1FA6D1C3D31D}

2012-01-12 16:09:40 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{B4BA04CC-B98C-4092-8F2C-4205CD8D4B9B}

2012-01-12 01:40:51 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{33E49B01-57EE-40F6-98DB-B9A04E92408D}

2012-01-12 01:40:43 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-01-12 01:40:43 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-01-12 01:40:43 1572864 ----a-w- C:\Windows\System32\quartz.dll

2012-01-12 01:40:43 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll

2012-01-12 01:40:38 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{08141BEE-2FEE-4C4C-89E7-0A3233CAA9ED}

2012-01-12 01:40:37 77312 ----a-w- C:\Windows\System32\packager.dll

2012-01-12 01:40:37 1731920 ----a-w- C:\Windows\System32\ntdll.dll

2012-01-12 01:40:37 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll

2012-01-12 01:40:36 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2012-01-10 23:48:02 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{0ABFFB81-329A-4B98-A788-D81CD5A42093}

2012-01-10 23:47:38 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{B07A4C99-159B-44A0-A7D1-E2A2A104E4C6}

2012-01-09 18:57:44 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{A4BC8FA5-B5B7-4E40-90C7-A3977AC14B5C}

2012-01-09 18:57:22 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{F00A8387-8E2D-49BA-AAAB-A52A9DCFCAFC}

2012-01-09 06:57:09 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{3F4BBCA4-82D7-4D94-8D67-A23FCE40A6D1}

2012-01-09 06:56:47 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{288C50B7-774E-44F2-96ED-87F3B2A2F43D}

2012-01-08 18:56:28 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{DDB2B04E-9189-4617-8DD5-DA45AB853528}

2012-01-08 18:56:10 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{A769FE53-B7BE-4839-B9D6-D259BE45FB3E}

2012-01-08 04:45:51 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{14A45396-B6DF-4734-991B-8DD0D64E9BAF}

2012-01-07 01:27:51 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{BE0D2E73-856F-4EE0-8374-383B03DC62BC}

2012-01-07 01:27:40 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{E2C1BFAE-2164-4E8B-AFB6-D2DDD92FFE0B}

2012-01-06 05:59:26 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{4D5F4C8D-A274-4C72-951F-CF4BB613829E}

2012-01-06 05:59:04 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{A3B291BF-A2C6-4AAE-8AE8-3A8566134B1C}

2012-01-06 04:05:22 -------- d-----w- C:\Windows\AutoKMS

2012-01-05 17:58:40 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{E79EA885-E277-4332-BE27-BC126294A043}

2012-01-05 05:58:05 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{0371606D-64F7-4AEA-8C78-E586AB4F2DA3}

2012-01-04 17:57:31 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{EEDE60A1-B8D4-4CC1-9EB0-EFBF13EEAEA5}

2012-01-04 05:56:56 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{7C1CC832-DCA0-48D4-A626-360291F578D4}

2012-01-03 17:56:23 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{76752526-357C-401B-B08E-D0288C438ECA}

2012-01-03 05:55:48 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{79A8E7D4-53D7-42FD-8A0C-F91D5FD93FDA}

2012-01-02 18:53:00 -------- d-----w- C:\Users\Alida Verster\AppData\Local\Skyrim

2012-01-02 17:55:13 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{7B055A01-0CEF-472C-83A2-33F5ADF516DA}

2012-01-02 05:54:37 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{3012E433-C169-4A79-A1C6-490E65BA3667}

2012-01-02 01:22:05 -------- d-----w- C:\Program Files (x86)\uTorrent

2012-01-02 01:21:42 -------- d-----w- C:\Users\Alida Verster\AppData\Roaming\uTorrent

2012-01-01 17:54:03 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{A4D1B641-C401-4781-92A0-9362DB649AE1}

2012-01-01 05:53:14 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{3268E796-A1EF-4316-8DE4-CC578C856B3B}

2012-01-01 05:53:02 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{7532760E-A123-48DC-9667-575ECC1C87B6}

2011-12-31 17:50:10 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{9A0ECACA-E19D-4163-BDDF-1ED48C2C3727}

2011-12-31 17:49:48 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{2B37A5D1-C463-4115-9E4D-F0CFACBE46B8}

2011-12-31 07:18:46 -------- d-----w- C:\Program Files\Ventrilo

2011-12-31 07:18:23 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2011-12-31 05:49:23 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{DFA78FE1-0DC5-4F32-B89E-816E48252BAF}

2011-12-31 05:49:01 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{D68A6468-8A7C-4AD5-846D-90E801382BD4}

2011-12-31 05:49:01 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{52472A1C-0ECA-45A3-8395-484A17D60FDD}

2011-12-30 17:48:37 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{8B46397B-4EE8-4637-8E08-3A33768B0576}

2011-12-30 17:48:14 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{167224D7-4B5F-4A98-8924-F202BDEBFC5C}

2011-12-30 11:00:47 -------- d-----w- C:\Program Files (x86)\MSXML 4.0

2011-12-30 05:48:01 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{EBF6A221-E7BC-4BD5-B5D4-86F7ECF20E2B}

2011-12-30 05:47:36 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{C18D1661-AD51-4CBE-9069-6D3C1DE46ABC}

2011-12-29 17:47:23 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{D20D0BDB-07C9-4FF4-9C3E-5ACB2FEF4BF9}

2011-12-29 17:47:12 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{D62955C6-4BCC-4968-962A-EED3613A81CE}

2011-12-29 11:28:47 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-12-29 08:07:02 2565632 ----a-w- C:\Windows\System32\esent.dll

2011-12-29 08:07:01 96768 ----a-w- C:\Windows\System32\fsutil.exe

2011-12-29 08:07:01 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe

2011-12-29 08:07:01 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys

2011-12-29 08:07:01 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys

2011-12-29 08:07:01 189824 ----a-w- C:\Windows\System32\drivers\storport.sys

2011-12-29 08:07:01 1699328 ----a-w- C:\Windows\SysWow64\esent.dll

2011-12-29 08:07:01 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys

2011-12-29 08:07:01 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2011-12-29 08:07:01 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys

2011-12-29 08:07:01 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys

2011-12-29 07:32:24 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2011-12-29 07:32:24 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys

2011-12-29 07:32:24 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2011-12-29 07:32:24 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2011-12-29 07:32:24 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2011-12-29 07:32:24 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2011-12-29 07:32:24 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2011-12-29 02:14:13 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{434CD708-79CC-4AA8-8227-DE8D785ED458}

2011-12-29 02:13:47 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{3F9612B7-6C55-450D-9CED-C0640DCA3FA5}

2011-12-28 20:24:05 -------- d-----w- C:\Windows\SysWow64\Wat

2011-12-28 20:24:05 -------- d-----w- C:\Windows\System32\Wat

2011-12-28 18:12:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2011-12-28 18:12:29 2048 ----a-w- C:\Windows\System32\tzres.dll

2011-12-28 18:08:59 -------- d-----w- C:\Program Files\VLC

2011-12-28 18:04:42 961024 ----a-w- C:\Windows\System32\CPFilters.dll

2011-12-28 18:03:57 499200 ----a-w- C:\Windows\System32\drivers\afd.sys

2011-12-28 18:03:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-12-28 18:03:25 613376 ----a-w- C:\Windows\System32\vbscript.dll

2011-12-28 18:03:25 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll

2011-12-28 18:03:20 1395712 ----a-w- C:\Windows\System32\mfc42.dll

2011-12-28 18:03:20 1359872 ----a-w- C:\Windows\System32\mfc42u.dll

2011-12-28 18:03:19 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll

2011-12-28 18:03:19 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll

2011-12-28 18:01:24 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

2011-12-28 18:01:24 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

2011-12-28 18:01:24 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll

2011-12-28 18:01:24 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

2011-12-28 18:01:24 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

2011-12-28 18:01:22 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-12-28 18:01:22 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-12-28 18:01:20 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys

2011-12-28 18:01:18 3145216 ----a-w- C:\Windows\System32\win32k.sys

2011-12-28 18:01:17 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-12-28 18:01:17 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-12-28 18:01:16 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2011-12-28 18:01:16 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-12-28 17:13:09 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2011-12-28 17:13:08 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2011-12-28 17:13:00 142336 ----a-w- C:\Windows\System32\poqexec.exe

2011-12-28 17:13:00 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe

2011-12-28 17:09:19 2871808 ----a-w- C:\Windows\explorer.exe

2011-12-28 17:09:19 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe

2011-12-28 16:59:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-12-28 16:59:28 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-12-28 16:59:28 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-12-28 16:46:47 6144 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll

2011-12-28 16:46:47 6144 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll

2011-12-28 16:35:39 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe

2011-12-28 16:35:39 31232 ----a-w- C:\Windows\System32\prevhost.exe

2011-12-28 16:35:39 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe

2011-12-28 16:33:47 655872 ----a-w- C:\Windows\SysWow64\msvcr90.dll

2011-12-28 16:33:47 568832 ----a-w- C:\Windows\SysWow64\msvcp90.dll

2011-12-28 16:33:47 224768 ----a-w- C:\Windows\SysWow64\msvcm90.dll

2011-12-28 16:33:30 82432 ----a-w- C:\Windows\SysWow64\msxml4r.dll

2011-12-28 16:33:30 53248 ----a-w- C:\Windows\SysWow64\CommonDL.dll

2011-12-28 16:33:30 44544 ----a-w- C:\Windows\SysWow64\msxml4a.dll

2011-12-28 16:33:02 -------- d-----w- C:\ProgramData\LGMOBILEAX

2011-12-28 16:04:47 -------- d-----w- C:\Windows\Panther

2011-12-28 14:13:20 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{273126FA-3B24-4EA9-99B2-272A89238222}

2011-12-28 14:12:52 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{98372508-DF58-4F0F-A535-AC4449F8A4EB}

2011-12-28 09:37:24 -------- d-----w- C:\Users\Alida Verster\AppData\Local\Apple Computer

2011-12-28 09:37:22 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2011-12-28 09:37:22 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll

2011-12-28 09:37:22 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2011-12-28 09:37:09 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2011-12-28 09:37:09 -------- d-----w- C:\Program Files\iTunes

2011-12-28 09:37:09 -------- d-----w- C:\Program Files\iPod

2011-12-28 09:37:09 -------- d-----w- C:\Program Files (x86)\iTunes

2011-12-28 09:36:58 -------- d-----w- C:\Users\Alida Verster\AppData\Local\Apple

2011-12-28 09:36:45 -------- d-----w- C:\Program Files\Bonjour

2011-12-28 09:36:45 -------- d-----w- C:\Program Files (x86)\Bonjour

2011-12-28 08:53:14 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{32C2C4E6-8116-4033-84DD-D0680EBAE35A}\gapaengine.dll

2011-12-28 08:44:17 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-12-28 08:33:54 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2011-12-28 08:33:50 -------- d-----w- C:\Program Files\Microsoft Security Client

2011-12-28 07:51:41 -------- d-----w- C:\Program Files (x86)\Steam

2011-12-28 07:51:41 -------- d-----w- C:\Program Files (x86)\Common Files\Steam

2011-12-28 03:12:55 -------- d-----w- C:\Users\Alida Verster\AppData\Local\SWTOR

2011-12-28 02:33:26 4991496 ----a-w- C:\Windows\System32\D3DX9_38.dll

2011-12-28 02:33:26 3850760 ----a-w- C:\Windows\SysWow64\D3DX9_38.dll

2011-12-28 02:11:44 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{7EF77CAE-C00C-44BE-B78A-4F76C5A716F2}

2011-12-28 02:11:30 -------- d-----w- C:\Users\Alida Verster\AppData\Local\{36C83782-403E-46FF-9B41-85EAEC963F88}

2011-12-28 02:11:16 -------- d-----w- C:\Users\Alida Verster\Tracing

2011-12-28 01:47:51 -------- d-----w- C:\Windows\PCHEALTH

2011-12-28 01:45:32 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6209a6301ccc50201\Silverlight.4.0.exe

2011-12-28 01:43:07 -------- d-----w- C:\Users\Alida Verster\AppData\Local\Windows Live

2011-12-28 01:43:07 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2011-12-28 01:42:59 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare

2011-12-28 00:55:23 -------- d-----w- C:\Program Files (x86)\World of Warcraft

2011-12-28 00:55:23 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2011-12-28 00:55:07 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2011-12-28 00:41:33 21992 ----a-w- C:\Windows\System32\drivers\cpuz135_x64.sys

2011-12-28 00:41:33 -------- d-----w- C:\Program Files\CPUID

2011-12-28 00:41:13 -------- d-----w- C:\Users\Alida Verster\AppData\Local\ATI

2011-12-28 00:41:08 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies

2011-12-28 00:40:31 -------- d-----w- C:\Program Files\Common Files\ATI Technologies

2011-12-28 00:40:27 116240 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys

2011-12-28 00:39:54 450560 ----a-w- C:\Windows\System32\ATIDEMGX.dll

2011-12-28 00:39:26 -------- d-----w- C:\Program Files (x86)\ATI Technologies

2011-12-28 00:38:59 -------- d-----w- C:\Program Files\ATI Technologies

2011-12-28 00:38:54 -------- d-----w- C:\Program Files\ATI

2011-12-28 00:38:31 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation

2011-12-28 00:35:14 -------- d-----w- C:\Users\Alida Verster\AppData\Roaming\Intel Corporation

2011-12-28 00:34:35 0 ----a-w- C:\Windows\ativpsrm.bin

2011-12-28 00:31:19 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3

2011-12-28 00:30:45 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll

2011-12-28 00:30:32 56344 ----a-w- C:\Windows\System32\drivers\HECIx64.sys

2011-12-28 00:29:37 557848 ----a-w- C:\Windows\System32\drivers\iaStor.sys

2011-12-28 00:28:48 533096 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys

2011-12-28 00:28:47 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll

2011-12-28 00:28:47 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll

2011-12-28 00:28:03 -------- d-----w- C:\Windows\SysWow64\RTCOM

2011-12-28 00:28:03 -------- d-----w- C:\Program Files\Realtek

2011-12-28 00:25:54 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll

2011-12-28 00:25:36 -------- d-----w- C:\Intel

2011-12-28 00:25:23 -------- d-----w- C:\Users\Alida Verster\AppData\Local\Diagnostics

2011-12-28 00:23:58 -------- d-sh--w- C:\Windows\Installer

2011-12-28 00:23:54 -------- d-----w- C:\Users\Alida Verster\AppData\Local\Google

.

==================== Find3M ====================

.

2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys

2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll

2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll

2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll

2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll

2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll

2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll

2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe

2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll

2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll

2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll

2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll

.

============= FINISH: 19:59:05.54 ===============

Attach.txt

Link to post
Share on other sites

  • 1 month later...

Hello,

Please advise if you have resolved your issue. If not, and you need guided help, do the following to get fresh reports.

Keep in mind, if I do not hear back from you in 4 days, I will close this topic.

First, we need more detail than just "blue screen of death". I need the actual STOP Code and description shown whenever you get BSOD.

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

To show all files:

  • Go to your Desktop
  • Double-Click the Computer icon.
  • From the menu options, Select Tools, then Folder Options.
  • Next click the View tab.
  • Locate and uncheck Hide file extensions for known file types.
  • Locate and uncheck Hide protected operating system files (Recommended).
  • Locate and click Show hidden files and folders and drives.
  • Click Apply > OK.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5

Close all open browsers at this point.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Start Internet Explorer

Using Internet Explorer browser only, go to BitDefender Quickscan website:

http://quickscan.bitdefender.com

and click "Start Scan".

Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.

Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.

If prompted, reply yes to allow it to run.

Press the Allow button and follow prompts.

Press the "Start Scan" once more.

You'll see the EULA in a pop-up window. Click the I accept & then the OK button

Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/

and that QuickScan has no removal capability.

The site boasts a 60-second scan. Do have patience as it likely will take longer.

It may seem to stall at moments, but have patience; it will move on.

You'll see a progress bar at top right of window.

Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.

The log report will show in your text editor. Save the log.

Do a Select ALL, Copy. Then paste contents into your next reply.

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender.

Use separate replies as needed if logs do not fit into one reply box.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.