Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

JS/Blacole.AW killing my pc!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

JS/Blacole.AW killing my pc!

Unread postby mydget » December 30th, 2011, 9:18 pm

Fell asleep watching a movie on my pc last night. woke upto a blue screen with a memory dump error. turned it off and back on. it brought up an error stating overclocking/voltage changes causing booting errors, however nothing had been overclocked other than my vid card (which i did recently but only minor and hadnt been a problem before). checked bios. nothing showing as overclocked. when pc finally booted it was horribly slow. MSE and bitdefender both showed JS/BLacole.AW threats identified. the bitdefender one disappeared but the MSE one wanted it removed. i clicked clean. i had a previous MSE warning of JS/Blacole a couple of days ago and hit clean on it and hadnt had a problem until today. Logs are as follows. Computer will run fine in safe mode. Your help would be greatly appreciated :)

DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421
Run by Todd at 12:09:53 on 2011-12-31
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8175.7263 [GMT 11:00]
.
AV: Bitdefender Antivirus *Disabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antispyware *Disabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
FW: Bitdefender Firewall *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
uRun: [AdobeBridge]
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRunOnce: [DES2] C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2.exe state
StartupFolder: C:\Users\Todd\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FORTEM~1.LNK - C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLUA = 2 (0x2)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
TCP: DhcpNameServer = 211.29.152.116 192.168.0.1
TCP: Interfaces\{12B6F435-D30A-4CDA-BFC2-A43A8B13EF54} : DhcpNameServer = 211.29.152.116 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
mRun-x64: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRunOnce-x64: [DES2] C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2.exe state
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Todd\AppData\Roaming\Mozilla\Firefox\Profiles\v5h2v5ws.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ashampoo US Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT24810 ... hSource=13
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-8-10 103504]
R3 avchv;avchv Function Driver;C:\Windows\system32\DRIVERS\avchv.sys --> C:\Windows\system32\DRIVERS\avchv.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S0 avc3;avc3;C:\Windows\system32\DRIVERS\avc3.sys --> C:\Windows\system32\DRIVERS\avc3.sys [?]
S1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
S1 BDVEDISK;BDVEDISK;C:\Windows\system32\DRIVERS\bdvedisk.sys --> C:\Windows\system32\DRIVERS\bdvedisk.sys [?]
S1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
S2 DES2 Service;DES2 Service for Energy Saving.;C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2011-11-25 68136]
S2 Smart TimeLock;Smart TimeLock Service;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2011-11-25 114688]
S2 UPDATESRV;BitDefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [2011-12-21 62512]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
S3 avckf;avckf;C:\Windows\system32\DRIVERS\avckf.sys --> C:\Windows\system32\DRIVERS\avckf.sys [?]
S3 bdsandbox;bdsandbox;\??\C:\Windows\system32\drivers\bdsandbox.sys --> C:\Windows\system32\drivers\bdsandbox.sys [?]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 etdrv;etdrv;C:\Windows\etdrv.sys [2011-11-25 25640]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2011-11-25 30528]
S3 LADF_DHP2;G35 DHP2 Filter Driver;C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys --> C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys [?]
S3 LADF_SBVM;G35 SBVM Filter Driver;C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys --> C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys [?]
S3 LGDDCDevice;LGDDCDevice;C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [2011-11-29 14336]
S3 LGII2CDevice;LGII2CDevice;C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [2011-11-29 18432]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]
S3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-14 466736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-12-31 00:11:29 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AFD3C4B6-A3B6-4045-992E-03DC18B1A9FE}\offreg.dll
2011-12-30 22:32:26 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AFD3C4B6-A3B6-4045-992E-03DC18B1A9FE}\mpengine.dll
2011-12-21 06:30:39 442088 ----a-w- C:\Windows\System32\drivers\bdfsfltr.sys
2011-12-20 19:38:24 -------- d-----w- C:\Program Files (x86)\AMD APP
2011-12-20 18:07:59 192396 ----a-w- C:\ProgramData\1324404195.bdinstall.bin
2011-12-20 18:06:21 -------- d-----w- C:\Users\Todd\AppData\Roaming\Bitdefender
2011-12-20 18:06:13 -------- d-----w- C:\ProgramData\Bitdefender
2011-12-20 18:05:03 -------- d-----w- C:\Program Files\Bitdefender
2011-12-20 18:04:32 -------- d-----w- C:\Users\Todd\AppData\Roaming\QuickScan
2011-12-20 18:04:17 329800 ----a-w- C:\Windows\System32\drivers\trufos.sys
2011-12-20 18:02:51 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2011-12-20 18:02:49 -------- d-----w- C:\Program Files (x86)\Common Files\Bitdefender
2011-12-15 04:40:29 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-15 04:40:29 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-15 04:40:29 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-15 04:40:28 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-15 04:40:27 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-15 04:40:27 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-09 15:27:20 -------- d-----w- C:\Users\Todd\AppData\Local\Xara
2011-12-09 15:26:39 -------- d-----w- C:\Program Files (x86)\Xara
2011-12-09 15:26:39 -------- d-----w- C:\Program Files (x86)\Common Files\Xara
2011-12-09 15:26:31 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-12-09 15:26:31 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-12-09 15:26:31 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-12-09 15:26:31 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-12-09 15:26:31 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-12-09 15:26:26 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-12-09 15:26:26 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-12-07 08:59:57 -------- d-----w- C:\ATI
2011-12-07 08:54:52 -------- d-----w- C:\Users\Todd\AppData\Local\ATI
2011-12-07 08:54:20 0 ----a-w- C:\Windows\ativpsrm.bin
2011-12-07 08:50:11 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2011-12-07 08:49:42 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-12-07 08:49:30 58880 ----a-w- C:\Windows\System32\SET6A75.tmp
2011-12-07 08:49:30 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-12-07 08:49:06 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-12-07 08:49:04 -------- d-----w- C:\Program Files\ATI
2011-12-07 08:47:44 -------- d-----w- C:\Program Files\ATI Technologies
2011-12-06 12:34:51 -------- d-----w- C:\Users\Todd\AppData\Roaming\Mumble
2011-12-06 12:34:31 -------- d-----w- C:\Program Files (x86)\Mumble
2011-12-05 22:02:23 -------- d-----w- C:\Users\Todd\AppData\Roaming\NVIDIA
2011-12-05 11:24:33 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2011-12-04 06:46:27 -------- d-----w- C:\Users\Todd\AppData\Local\Chromium
2011-12-04 05:00:37 -------- d-----w- C:\ProgramData\Rockstar Games
2011-12-04 04:59:47 -------- d-----w- C:\Program Files (x86)\Rockstar Games
2011-12-04 01:06:01 -------- d-----w- C:\Users\Todd\AppData\Roaming\Ashampoo
2011-12-04 01:03:58 -------- d-----w- C:\Program Files (x86)\Conduit
2011-12-04 01:03:57 -------- d-----w- C:\Users\Todd\AppData\Local\Conduit
2011-12-04 01:03:30 -------- d-----w- C:\Users\Todd\AppData\Local\ashampoo
2011-12-04 01:03:30 -------- d-----w- C:\ProgramData\ashampoo
2011-12-04 01:03:01 -------- d-----w- C:\Program Files (x86)\Ashampoo
2011-12-01 12:53:56 -------- d-----w- C:\ProgramData\IObit
2011-12-01 12:53:56 -------- d-----w- C:\Program Files (x86)\IObit
2011-12-01 10:32:03 -------- d-----w- C:\Users\Todd\AppData\Roaming\PunkBuster
2011-12-01 10:20:48 255552 ----a-w- C:\Windows\SysWow64\drivers\mcdbus.sys
2011-12-01 10:20:48 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys
2011-12-01 10:20:47 -------- d-----w- C:\Program Files (x86)\MagicDisc
.
==================== Find3M ====================
.
2011-12-31 00:16:08 25640 ----a-w- C:\Windows\gdrv.sys
2011-12-28 02:30:18 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-12-28 02:30:18 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-12-28 01:55:22 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-12-20 19:55:07 30528 ----a-w- C:\Windows\GVTDrv64.sys
2011-12-20 18:38:13 543528 ----a-w- C:\Windows\System32\drivers\avckf.sys
2011-12-20 18:38:09 258736 ----a-w- C:\Windows\System32\drivers\avchv.sys
2011-12-20 18:38:08 685192 ----a-w- C:\Windows\System32\drivers\avc3.sys
2011-12-12 14:43:00 25640 ----a-w- C:\Windows\etdrv.sys
2011-12-07 09:54:32 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-11-27 07:32:31 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-26 16:48:56 319488 ----a-w- C:\Windows\HideWin.exe
2011-11-10 03:45:30 10567680 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-11-10 03:20:50 25218048 ----a-w- C:\Windows\System32\atio6axx.dll
2011-11-10 03:17:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-11-10 03:16:56 774656 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-11-10 03:15:20 927232 ----a-w- C:\Windows\System32\aticfx64.dll
2011-11-10 03:12:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-11-10 03:12:10 516608 ----a-w- C:\Windows\System32\atieclxx.exe
2011-11-10 03:11:32 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-11-10 03:10:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-11-10 03:09:58 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-11-10 03:09:52 360448 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-11-10 03:09:40 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-11-10 03:09:34 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-11-10 03:09:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-11-10 03:09:24 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-11-10 03:06:20 6077952 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-11-10 02:58:20 18996224 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-11-10 02:51:18 7405056 ----a-w- C:\Windows\System32\atidxx64.dll
2011-11-10 02:40:52 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-11-10 02:40:18 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-11-10 02:40:04 4061696 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-11-10 02:34:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-11-10 02:34:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-11-10 02:34:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-11-10 02:34:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-11-10 02:34:28 13552640 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-11-10 02:33:52 5852672 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-11-10 02:29:58 11300864 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-11-10 02:29:46 4200960 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-11-10 02:24:26 7439360 ----a-w- C:\Windows\System32\atiumd64.dll
2011-11-10 02:13:32 494592 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-11-10 02:13:22 348160 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-11-10 02:13:08 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-11-10 02:13:00 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-11-10 02:12:52 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-11-10 02:12:44 325632 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-11-10 02:11:54 41984 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-11-10 02:11:46 32256 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-11-10 02:11:40 39424 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-11-10 02:11:32 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-11-10 02:10:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-11-09 11:39:50 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-11-09 11:39:44 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-11-09 11:39:36 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-11-09 11:39:32 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-11-09 11:39:22 17442304 ----a-w- C:\Windows\System32\amdocl64.dll
2011-11-09 11:38:40 14375936 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-11-09 11:37:50 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-11-09 11:37:46 44032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-26 02:04:28 892416 ----a-w- C:\Windows\System32\SET6A15.tmp
2011-10-26 01:46:12 5041664 ----a-w- C:\Windows\System32\SET45E8.tmp
2011-10-26 01:21:12 40960 ----a-w- C:\Windows\System32\SET441F.tmp
2011-10-25 10:21:40 66560 ----a-w- C:\Windows\System32\OVDecoder64.dll
2011-10-25 10:21:34 56832 ----a-w- C:\Windows\SysWow64\OVDecoder.dll
2011-10-21 09:16:12 1843200 ----a-w- C:\Windows\SysWow64\SlotMaximizerBe.dll
2011-10-21 09:15:46 104448 ----a-w- C:\Windows\SysWow64\SlotMaximizerAg.dll
2011-10-21 09:12:32 2763264 ----a-w- C:\Windows\System32\SlotMaximizerBe.dll
2011-10-21 09:07:42 125440 ----a-w- C:\Windows\System32\SlotMaximizerAg.dll
2011-10-17 17:40:50 93712 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2011-10-14 13:54:52 321856 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
============= FINISH: 12:10:17.32 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 25-Nov-11 5:30:38 PM
System Uptime: 31-Dec-11 11:59:59 AM (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | P67A-UD3P-B3
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz | Socket 1155 | 3292/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 244 GiB total, 183.62 GiB free.
D: is FIXED (NTFS) - 98 GiB total, 16.483 GiB free.
E: is FIXED (NTFS) - 270 GiB total, 34.897 GiB free.
F: is FIXED (NTFS) - 146 GiB total, 112.846 GiB free.
G: is FIXED (NTFS) - 244 GiB total, 42.266 GiB free.
H: is FIXED (NTFS) - 297 GiB total, 188.283 GiB free.
I: is CDROM ()
J: is CDROM ()
L: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP43: 23-Dec-11 7:38:01 PM - Windows Update
RP44: 27-Dec-11 12:21:01 PM - Windows Update
RP45: 31-Dec-11 9:32:14 AM - Windows Update
.
==== Installed Programs ======================
.
@BIOS
µTorrent
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.1.1)
Ashampoo Burning Studio 11 v.11.0.2
Assassin's Creed Revelations
AutoGreen B10.1021.1
AutoHotkey 1.0.48.05
Battlefield 3™
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
CCC Help English
DES 2.0
Easy Tune 6 B10.1216.1
ESN Sonar
forteManager
Game Booster 3
Gridiron Grudge Match ScreenSaver (NFC)
HydraVision
Intel(R) Control Center
Intel(R) Management Engine Components
L.A. Noire
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 8.0.1 (x86 en-US)
MSI Afterburner 2.1.0
Mumble 1.2.3
ON_OFF Charge B11.0110.1
Origin
PDF Settings CS6
PunkBuster Services
Realtek Ethernet Controller Driver
Renesas Electronics USB 3.0 Host Controller Driver
Rockstar Games Social Club
Skype Click to Call
Skype™ 5.5
Smart 6 B10.1221.1
Star Wars: The Old Republic
Ubisoft Game Launcher
VLC media player 1.1.11
WinSCP 4.3.5
Xara3D6
.
==== Event Viewer Messages From Past Week ========
.
31-Dec-11 12:07:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
31-Dec-11 12:07:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
31-Dec-11 12:07:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
31-Dec-11 12:07:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
31-Dec-11 12:00:25 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AppleCharger avc3 BDVEDISK discache MpFilter spldr trufos Wanarpv6
31-Dec-11 11:49:31 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
31-Dec-11 11:29:00 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver has restarted scanning items and is out of pass through mode.
31-Dec-11 11:28:04 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
31-Dec-11 11:28:04 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
31-Dec-11 11:25:38 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
31-Dec-11 11:25:06 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
31-Dec-11 11:23:33 AM, Error: Service Control Manager [7022] - The Security Center service hung on starting.
31-Dec-11 11:21:58 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SSDP Discovery service to connect.
31-Dec-11 11:21:58 AM, Error: Service Control Manager [7000] - The SSDP Discovery service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
31-Dec-11 11:21:28 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
31-Dec-11 11:21:28 AM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
31-Dec-11 11:20:28 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect.
31-Dec-11 11:20:28 AM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
31-Dec-11 11:19:58 AM, Error: Service Control Manager [7022] - The Background Intelligent Transfer Service service hung on starting.
31-Dec-11 11:16:04 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
31-Dec-11 11:15:53 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: trufos
31-Dec-11 11:14:18 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Print Spooler service to connect.
31-Dec-11 11:14:18 AM, Error: Service Control Manager [7000] - The Print Spooler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
31-Dec-11 11:08:44 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
31-Dec-11 11:08:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
31-Dec-11 11:08:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
31-Dec-11 11:08:39 AM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
31-Dec-11 11:08:29 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AppleCharger avc3 bdfsfltr bdfwfpf BDVEDISK CSC DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx trufos Wanarpv6 WfpLwf
31-Dec-11 11:08:26 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
31-Dec-11 11:08:26 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
31-Dec-11 11:08:26 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
31-Dec-11 11:08:26 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
31-Dec-11 11:08:26 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
31-Dec-11 11:08:26 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
31-Dec-11 11:08:26 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
31-Dec-11 11:08:26 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
31-Dec-11 11:08:26 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
31-Dec-11 11:08:26 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
31-Dec-11 10:48:51 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
31-Dec-11 10:48:39 AM, Error: Service Control Manager [7001] - The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
31-Dec-11 10:47:37 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Base Filtering Engine service to connect.
31-Dec-11 10:47:37 AM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
31-Dec-11 10:47:37 AM, Error: Service Control Manager [7000] - The Base Filtering Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
31-Dec-11 10:41:03 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000008887, 0xfffffa8000185970, 0xfffffa8000191880, 0x0000000000000306). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 123111-13119-01.
30-Dec-11 5:12:36 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
30-Dec-11 12:26:09 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
27-Dec-11 1:35:00 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
25-Dec-11 6:58:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DES2 Service service.
25-Dec-11 10:26:17 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24-Dec-11 12:33:27 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
24-Dec-11 1:30:54 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
.
==== End Of File ===========================

mydget wrote:note: dds reports were from safemode. pc locks up and wont do anything in normal mode. hope thats okay
Last edited by NonSuch on December 31st, 2011, 12:14 am, edited 1 time in total.
Reason: Edited to add information from removed post.
mydget
Active Member
 
Posts: 2
Joined: December 30th, 2011, 9:04 pm
Advertisement
Register to Remove

Re: JS/Blacole.AW killing my pc!

Unread postby diver79 » January 2nd, 2012, 9:15 am

Hi and welcome to MalwareRemoval.com, sorry for any delay in answering your request for help, the forum is really busy.
My name is Diver79, and I will be helping you with your malware problems. I am currently in training at the Malware University. All of my instructions need to be checked and approved by a teacher, which may lead to a slight delay.

Before we start please note the following important guidelines.
  • The instructions given are for THIS computer only! Using these instructions on a different computer, can make it inoperable!
  • Please DO NOT run any other software or scans whilst I am helping you.

Note: If you haven't done so already, please ensure you have read the following article. ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
diver79 wrote:Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
Because of this, I advise you to backup any personal files and folders before you start.
How do I backup my files and folders in XP?
How to backup your data - Vista/Win7

Looking into your logs now. Will post instructions soon...

diver79.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: JS/Blacole.AW killing my pc!

Unread postby diver79 » January 2nd, 2012, 3:52 pm

Hi mydget,

I need you to remove some programs before we can continue. It is possible that having multiple Anti Virus programs is causing the instability. Follow the instructions below to remove One of your AV programs and utorrent. You can do this in safe mode. Once removed, try to run the other scans in Normal mode.


Remove P2P Programs
  • I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.
    µTorrent
  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.


multiple Anti Virus programs
  • It looks like you are operating your computer with multiple Anti Virus programs running in memory at once:
    Bitdefender Antivirus
    Microsoft Security Essentials
  • Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer.
  • Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.
  • Please remove one of them.
    • Click on the start button
    • In the Search Programs and files text area type appwiz.cpl and press Enter
    • Press the "Remove" or "Change/Remove"...button to uninstall one of the programs listed above and the uTorrent application.


Run CKScanner
  • Please download CKScanner from Here
  • Important: - Save it to your desktop.
  • Right Click on CKScanner.exe, select Run as Administrator and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please Run the program only once.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


Scan with WVCheck:
Please download WVCheck and save it to the desktop.
  • Right Click on WVCheck.exe and select Run as Administrator and follow the prompts.
  • The scan may take some time depending on the Hard-Drive size.
  • Please post the contents of the notepad file WVCheck_1436_dd-mm-yyyy that can be located on the desktop.


OTL Scan
  • Download OTL to your desktop.
  • Right Click on the icon and select Run as Administrator. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: JS/Blacole.AW killing my pc!

Unread postby deltalima » January 5th, 2012, 4:17 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: ataa92 and 55 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware