Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Acronis & Windows fails to backup, IE10 redirects & Malwarebyt

Acronis fails Windows backup fails IE10 redirects Malwarebytes BSOD

  • Please log in to reply

#16
Cairnsy

Cairnsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Hi Buddierdl,

 

Yes thanks - Computer's running a lot better now, except as you say MBAM

 

It will be interesting to see what you find in the minidumps

 

  • Fixlist log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-06-2014
Ran by Ian at 2014-07-01 07:10:39 Run:2
Running from C:\Users\Ian\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AppInit_DLLs: c:\progra~2\sw_x64~1.boo => c:\progra~2\sw_x64~1.boo File Not Found
AppInit_DLLs-x32: c:\progra~2\sw30e4~1.boo => "c:\progra~2\sw30e4~1.boo" File Not Found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
HKU\S-1-5-21-4005721135-716239972-1406188448-1000\...\Run: [se] => "C:\Users\Ian\AppData\Roaming\SkypEmoticons\SE.exe"  /minimized
C:\Users\Ian\AppData\Roaming\SkypEmoticons
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: NextCoup - {F57F2283-FAA5-883D-4454-CE70306B2D43} - C:\Program Files (x86)\NextCoup\YAeMM61.x64.dll No File
C:\Program Files (x86)\NextCoup
C:\ProgramData\NextCoup
BHO-x32: NextCoup - {F57F2283-FAA5-883D-4454-CE70306B2D43} - C:\Program Files (x86)\NextCoup\YAeMM61.dll No File
C:\Users\Ian\AppData\Local\Torch
C:\Users\Ian\AppData\Local\Chromatic Browser
C:\Users\HomeGroupUser$\AppData\Local\Torch
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
C:\Users\Guest\AppData\Local\Torch
C:\Users\Guest\AppData\Local\Chromatic Browser
C:\Users\ASPNET\AppData\Local\Torch
C:\Users\ASPNET\AppData\Local\Chromatic Browser
C:\Users\Administrator\AppData\Local\Torch
C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder: C:\Windows\ShellNew
C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
C:\Users\Ian\AppData\Local\Temp\nsjC61F.exe
C:\Users\Ian\AppData\Local\Temp\Quarantine.exe
C:\Users\Ian\AppData\Local\Temp\vmgrremok.exe
C:\Windows\SysWOW64\setup.exe

*****************

"c:\progra~2\sw_x64~1.boo" => Value Data removed successfully.
"c:\progra~2\sw30e4~1.boo" => Value Data removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec => Moved successfully.
HKU\S-1-5-21-4005721135-716239972-1406188448-1000\Software\Microsoft\Windows\CurrentVersion\Run\\se => value deleted successfully.
"C:\Users\Ian\AppData\Roaming\SkypEmoticons" => File/Directory not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Error deleting key. The key could be protected.
'HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F57F2283-FAA5-883D-4454-CE70306B2D43}' => Key deleted successfully.
'HKCR\CLSID\{F57F2283-FAA5-883D-4454-CE70306B2D43}' => Key deleted successfully.
C:\Program Files (x86)\NextCoup => Moved successfully.
C:\ProgramData\NextCoup => Moved successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F57F2283-FAA5-883D-4454-CE70306B2D43}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{F57F2283-FAA5-883D-4454-CE70306B2D43}' => Key deleted successfully.
C:\Users\Ian\AppData\Local\Torch => Moved successfully.
C:\Users\Ian\AppData\Local\Chromatic Browser => Moved successfully.
C:\Users\HomeGroupUser$\AppData\Local\Torch => Moved successfully.
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser => Moved successfully.
C:\Users\Guest\AppData\Local\Torch => Moved successfully.
C:\Users\Guest\AppData\Local\Chromatic Browser => Moved successfully.
C:\Users\ASPNET\AppData\Local\Torch => Moved successfully.
C:\Users\ASPNET\AppData\Local\Chromatic Browser => Moved successfully.
C:\Users\Administrator\AppData\Local\Torch => Moved successfully.
C:\Users\Administrator\AppData\Local\Chromatic Browser => Moved successfully.

========================= Folder: C:\Windows\ShellNew ========================

2006-09-22 00:25 - 2006-09-22 00:25 - 0008714 _____ () C:\Windows\ShellNew\EXCEL12.XLSX
2005-12-13 19:15 - 2005-12-13 19:15 - 0059904 _____ () C:\Windows\ShellNew\MSPUB.PUB
2006-09-22 00:32 - 2006-09-22 00:32 - 0027140 _____ () C:\Windows\ShellNew\PWRPNT12.PPTX

====== End of Folder: ======

C:\ProgramData\PKP_DLeo.DAT => Moved successfully.
C:\ProgramData\PKP_DLes.DAT => Moved successfully.
C:\ProgramData\PKP_DLet.DAT => Moved successfully.
C:\ProgramData\PKP_DLev.DAT => Moved successfully.
C:\Users\Ian\AppData\Local\Temp\nsjC61F.exe => Moved successfully.
C:\Users\Ian\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Ian\AppData\Local\Temp\vmgrremok.exe => Moved successfully.
C:\Windows\SysWOW64\setup.exe => Moved successfully.

==== End of Fixlog ====

  • ESET log

C:\FRST\Quarantine\c\Program Files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\NP14EISB.dll.xBAD Win32/Toolbar.MyWebSearch potentially unwanted application
C:\FRST\Quarantine\c\Program Files (x86)\TotalRecipeSearch_14EI\TotalRecipeSearch_14EI\Installr\1.bin\14EIPlug.dll Win32/Toolbar.MyWebSearch potentially unwanted application
C:\FRST\Quarantine\c\Program Files (x86)\TotalRecipeSearch_14EI\TotalRecipeSearch_14EI\Installr\1.bin\14EZSETP.dll Win32/Toolbar.MyWebSearch.Q potentially unwanted application
C:\FRST\Quarantine\c\ProgramData\Assistant\Assistant_x64.dll a variant of Win64/SProtector.A potentially unwanted application
C:\FRST\Quarantine\c\ProgramData\BEstSSaveFForYou\yLVY3.dll.xBAD a variant of Win32/AdWare.MultiPlug.Y application
C:\FRST\Quarantine\c\ProgramData\BEstSSaveFForYou\yLVY3.x64.dll.xBAD a variant of Win64/Adware.MultiPlug.B application
C:\FRST\Quarantine\c\progra~2\sw_x64~1.boo.xBAD a variant of Win64/SProtector.B potentially unwanted application
C:\FRST\Quarantine\c\Users\Ian\AppData\Local\Temp\nsjC61F.exe.xBAD Win32/Conduit.SearchProtect.R potentially unwanted application
C:\FRST\Quarantine\c\Windows\SysWOW64\setup.exe.xBAD a variant of Win32/AdWare.MultiPlug.R application
C:\Program Files (x86)\HyperCam 2\hctoolbar.exe Win32/Somoto.F potentially unwanted application
C:\Users\Ian\Desktop\Computer Stuff\CCleaner ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Ian\Documents\GPS Stuff\Software\2013-12-30GPS Babble InstallConverter_brie.exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
C:\Users\Public\Documents\Car stuff\iLividSetup.exe Win32/Toolbar.SearchSuite potentially unwanted application
C:\Users\Public\Documents\Computer Stuff\2013-09-29 InternationalPrimoPDF.exe Win32/OpenCandy potentially unsafe application
C:\Users\Public\Documents\Computer Stuff\Internet_Explorer_10_TSA13R4YB.exe Win32/Toolbar.Conduit.AE potentially unwanted application
C:\Users\Public\Documents\Computer Stuff\Avira AV\2011-11-12 2012 Version avira_free_antivirus_en.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\Public\Documents\Computer Stuff\Avira AV\2012-10-20 2013 AV avira_free_antivirus_en.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\Public\Documents\Computer Stuff\DIM Digital Image Mover\Digial Image Mover setupDIM5_build223.exe.exe a variant of Win32/InstalleRex.R potentially unwanted application
C:\Users\Public\Documents\Computer Stuff\DIM Digital Image Mover\Dim5Manual.pdf.exe a variant of Win32/InstalleRex.R potentially unwanted application
C:\Users\Public\Documents\Computer Stuff\Geeks to Go Stuff\ccsetup411.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Public\Documents\Computer Stuff\HyperCam\2012-02-27 HyperCam HC2Setup.exe Win32/Somoto.F potentially unwanted application
C:\Users\Public\Documents\Computer Stuff\Speccy\Speccy spsetup125.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
 

  • SecurityCheck log

 Results of screen317's Security Check version 0.99.85 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 55 
 Java™ SE Development Kit 6 Update 27
 Java version out of Date!
  Adobe Flash Player 11.7.700.169 Flash Player out of Date! 
 Adobe Reader XI 
 Google Chrome 35.0.1916.114 
 Google Chrome 35.0.1916.153 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

 

Thanks & Regards

Ian
 


  • 0

Advertisements


#17
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts

Sorry for the late reply; been very busy.

 

Let's try to fix MBAM. Can you please follow the instructions for a clean install here.

 

Then, see if you can run a scan.


  • 0

#18
Cairnsy

Cairnsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Hi Buddierdl,

 

No worries - I have too

 

I did a MBAM clean install twice (2nd time uninstalling & running in Windows Safe Mode)

 

The progress bar appeared to stall for a very long time this time and it eventually took the Laptop down requiring disk checks and the like

 

MBAM Log below:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 3/07/2014 8:22:29 PM, SYSTEM, IANS-HP-4520S, Manual, Rootkit Database, 2014.2.20.1, 2014.7.1.1,
Update, 3/07/2014 8:22:44 PM, SYSTEM, IANS-HP-4520S, Manual, Malware Database, 2014.3.4.9, 2014.7.3.1,

(end)

 

Thanks & Regards

Ian


  • 0

#19
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts

Just to clarify, did the computer blue screen when you tried to install MBAM, or when you ran a scan?

 

Could you attach the latest minidumps?


  • 0

#20
Cairnsy

Cairnsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Hi Buddierdl,

 

Don't think it blue screened last time, so tried again and - Yes blue screened when I ran it - not when I re-installed though

 

Latest Minidump attached

 

Thanks & Regards

Ian

Attached Files


  • 0

#21
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
While I look at the minidumps, let's run one more scan:

Download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it. Allow virtualization if offered. Click the "Scan" button to start scan.

aswMBRScan.gif.pagespeed.ce.LUmbzwGQt-.g

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBRsavelog.gif.pagespeed.ce.koDAEoybV
  • 0

#22
Cairnsy

Cairnsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Hi Buddierdl,

 

aswMBR.exe asked if I wanted to install Avast for a better scan - I decided not to - is this OK?

 

Log file below:

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-08 07:03:39
-----------------------------
07:03:39.160    OS Version: Windows x64 6.1.7601 Service Pack 1
07:03:39.160    Number of processors: 4 586 0x2505
07:03:39.160    ComputerName: IANS-HP-4520S  UserName: Ian
07:03:41.300    Initialize success
07:03:41.320    VM: initialized successfully
07:03:41.330    VM: Intel CPU supported
07:03:46.810    VM: supported disk I/O iaStor.sys
07:04:34.048    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
07:04:34.048    Disk 0 Vendor: ST950056 SD23 Size: 476940MB BusType: 3
07:04:34.118    VM: Disk 0 MBR read successfully
07:04:34.118    Disk 0 MBR scan
07:04:34.118    Disk 0 Windows 7 default MBR code
07:04:34.128    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          235 MB offset 2048
07:04:34.128    Disk 0 default boot code
07:04:34.138    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       460564 MB offset 483328
07:04:34.138    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        14453 MB offset 943718400
07:04:34.148    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0     1686 MB offset 973318144
07:04:34.158    Disk 0 scanning C:\Windows\system32\drivers
07:04:39.158    Service scanning
07:04:45.300    Service SafeBoot C:\Windows\System32\Drivers\SafeBoot.sys **LOCKED** 32
07:04:48.720    Modules scanning
07:04:48.720    Disk 0 trace - called modules:
07:04:48.730    ntoskrnl.exe fltsrv.sys tdrpman.sys CLASSPNP.SYS disk.sys hpdskflt.sys vsflt67.sys ACPI.sys iaStor.sys hal.dll
07:04:48.740    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80099f7060]
07:04:48.740    3 CLASSPNP.SYS[fffff88001c7543f] -> nt!IofCallDriver -> [0xfffffa80099f6b10]
07:04:48.740    5 hpdskflt.sys[fffff88001860189] -> nt!IofCallDriver -> [0xfffffa80099f2870]
07:04:48.750    7 vsflt67.sys[fffff88000db67cd] -> nt!IofCallDriver -> [0xfffffa8007aeab20]
07:04:48.750    9 ACPI.sys[fffff88000d587a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007aef050]
07:04:48.760    Scan finished successfully
07:05:29.223    Disk 0 MBR has been saved successfully to "C:\Users\Public\Documents\Computer Stuff\Geeks to Go\2014-06-19 Google redirect problem\2014-07-08\MBR.dat"
07:05:29.253    The log file has been saved successfully to "C:\Users\Public\Documents\Computer Stuff\Geeks to Go\2014-06-19 Google redirect problem\2014-07-08\2014-07-08 aswMBR LOG.txt"

 

 

Thanks & Regards

Ian
 


  • 0

#23
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts

Could you please upload C:\Windows\System32\Drivers\SafeBoot.sys to VirusTotal and send me the URL of the results page.


  • 0

#24
Cairnsy

Cairnsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Hi Buddierdl,

 

Looks OK to me https://www.virustot...sis/1404804685/

 

Thanks & Regards

Ian


  • 0

#25
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts

Your computer is looking clean. The only symptom left is the MBAM blue screens, right? Does the computer BSOD on any other occasions?

 

I am not making much of the minidumps; it is not really my area of expertise. It looks like the BSOD may be related to a video card or ATI driver. I am going to ask a tech to take a look.


  • 0

Advertisements


#26
Cairnsy

Cairnsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Hi Buddierdl,

 

That's great - thanks for getting me this far - MUCH appreciated

 

Yes only Blue screens -

  • Definitely with MBAM
  • Pretty sure when I do Acronis unattended backups too, although I don't think it could even lock the system to start last time I tried.
  • I get the occational BSOD when running SolidWorks too - SolidWorks haven't developed a driver for the HP ProBook, so that is almost to be expected 

I tried reading the minidumps too, but didn't have much luck with the MS Developer app & couldn't even open them

 

Best Regards

Ian


  • 0

#27
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Ok. I have received a suggestion to try a memory test. But first, let's clean up the tools and update.
 
First, I want to explain about what ESET found:
 

C:\Program Files (x86)\HyperCam 2\hctoolbar.exe Win32/Somoto.F potentially unwanted application
C:\Users\Public\Documents\Computer Stuff\HyperCam\2012-02-27 HyperCam HC2Setup.exe Win32/Somoto.F potentially unwanted application

 
This is a bundled toolbar with the HyperCam program. If you don't use it, I would uninstall. You could try deleting C:\Program Files (x86)\HyperCam 2\hctoolbar.exe, but it may break HyperCam.
 

C:\Users\Public\Documents\Car stuff\iLividSetup.exe Win32/Toolbar.SearchSuite potentially unwanted application

 
You'll want to delete this file, as it is an adware program.
 

C:\Users\Public\Documents\Computer Stuff\Internet_Explorer_10_TSA13R4YB.exe Win32/Toolbar.Conduit.AE potentially unwanted application

 
I don't know what this is, but it is bundled with the Conduit toolbar. If you don't need it, delete it.
 

C:\Users\Ian\Desktop\Computer Stuff\CCleaner ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Ian\Documents\GPS Stuff\Software\2013-12-30GPS Babble InstallConverter_brie.exe a variant of Win32/Toolbar.Conduit.AE potentially unwanted application
C:\Users\Public\Documents\Computer Stuff\2013-09-29 InternationalPrimoPDF.exe Win32/OpenCandy potentially unsafe application
C:\Users\Public\Documents\Computer Stuff\Internet_Explorer_10_TSA13R4YB.exe Win32/Toolbar.Conduit.AE potentially unwanted application
C:\Users\Public\Documents\Computer Stuff\Avira AV\2011-11-12 2012 Version avira_free_antivirus_en.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\Public\Documents\Computer Stuff\Avira AV\2012-10-20 2013 AV avira_free_antivirus_en.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\Public\Documents\Computer Stuff\DIM Digital Image Mover\Digial Image Mover setupDIM5_build223.exe.exe a variant of Win32/InstalleRex.R potentially unwanted application
C:\Users\Public\Documents\Computer Stuff\DIM Digital Image Mover\Dim5Manual.pdf.exe a variant of Win32/InstalleRex.R potentially unwanted application
C:\Users\Public\Documents\Computer Stuff\Geeks to Go Stuff\ccsetup411.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Public\Documents\Computer Stuff\Speccy\Speccy spsetup125.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application


The rest of these are adwares bundled with legitimate installers. Be careful when you install free programs to uncheck any unwanted extras.
 
Now to update,
 
Please update these programs, as old versions pose a security risk.
  • Java
     
    WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
    See this article and this article.
    I would recommend that you completely uninstall Java unless you need it to run an important software.
    In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)
     
    If you do need java, then you should definitely update to the latest version:
     
    Please download JavaRa to your desktop and unzip it to its own folder
    • Run JavaRa.exe, then click Remove JRE.
    • Run the built-in uninstallers for all copies of java listed. If Java SE Development Kit 6 Update 27 is not listed, remove it using the Control Panel.
    • Click the Next button
    • Click the Next button again
    • Click the Java Manual Download link
    • A browser window will open with the Java download page
    • Click the Windows Offline (32-bit) or Windows Offline (64-bit) link to download Java (based on your browser type)
    • Run the installer
    • Close JavaRa
  • Adobe Flash -> You can get the latest version here.
  • Adobe Reader -> Open Adobe Reader and select Help > About. If you don't have version 11.0.07, get it here.
     
    I would recommend securing Adobe Reader against the latest exploits as follows:
    • Launch Adobe Reader.
    • Click on Edit and select Preferences.
    • On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
    • Click on the Security (Enhanced) category and Uncheck Automatically trust sites from my Win OS security zones.
    • Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
    • Click the OK button.
  • Cleanup:

    bwebb7v.jpgDownload Delfix from here and save it to your desktop.
    • Ensure Remove disinfection tools is checked.
    • Also place a checkmark next to:
      • Create registry backup
      • Purge system restore
      delfix.jpg
    • Click the Run button.
    Now for a memory test:
    Please follow the instructions here to test your memory. Let me know if any errors are found.

  • 0

#28
Cairnsy

Cairnsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Hi Buddierdl,

 

Thanks for all that

 

WOW - not sure if there's anything using Java, but have always updated to the latest annoying version

 

There were not errors found on the Windoz Memory test - no message popped up on login - any ideas where the message log would be that it said it would show on login?

 

I'll run HP's Memory Test too on the way home - from memory (excuse the pun) last time I ran it - it was all OK too

 

DelFix LOG below:

 

# DelFix v10.7 - Logfile created 10/07/2014 at 12:55:57
# Updated 27/04/2014 by Xplode
# Username : Ian - IANS-HP-4520S
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTM
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Ian\Desktop\GooredFix Backups
Deleted : C:\TDSSKiller.3.0.0.39_19.06.2014_20.05.21_log.txt
Deleted : C:\Users\Ian\Desktop\Addition.txt
Deleted : C:\Users\Ian\Desktop\AdwCleaner.exe
Deleted : C:\Users\Ian\Desktop\aswmbr.exe
Deleted : C:\Users\Ian\Desktop\Fixlog.txt
Deleted : C:\Users\Ian\Desktop\FRST.txt
Deleted : C:\Users\Ian\Desktop\GooredFix.txt
Deleted : C:\Users\Ian\Desktop\JRT.txt
Deleted : C:\Users\Ian\Desktop\SecurityCheck.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #397 [Windows Update | 07/06/2014 10:56:43]
Deleted : RP #398 [Windows Update | 07/09/2014 09:22:18]
Deleted : RP #399 [Windows Update | 07/09/2014 09:28:40]

New restore point created !

########## - EOF - ##########


  • 0

#29
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts

 

 

I'll run HP's Memory Test too on the way home - from memory (excuse the pun) last time I ran it - it was all OK too

 

Let's see what that says.


  • 0

#30
Cairnsy

Cairnsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Hi Buddierdl,

 

I've finally done some testing - both Windoz & HP Memory tests come back OK

 

HOWEVER the HP HDD Test failed

 

The HP burn-in Test failed on the HDD test too

 

I'm wondering if this could have anything to do with it being a Hybrid DD?

 

I just checked & noticed the 500GB Seagate Momentus HDD Firmware I'm running is SD23 & there's an important update to SD28 - should I update this?

 

Do you think this might fix the BSOD?

 

If you're Hardware guy has any comments it would be great to hear too

 

Thanks & Regards

Ian


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP