Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Blue Screen Twice in the last 4 Days

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Blue Screen Twice in the last 4 Days

Unread postby pgmigg » October 21st, 2014, 10:46 pm

Hello Dave,

I:\WD SmartWare.swstor\OWNER-PC\Volume.31c3bf67.fd27.11e2.a5e5.4c72b92e3e25\Downloads\Flight zips\F1Download.zip a variant of Win32/Packed.Themida potentially unwanted application
I:\WD SmartWare.swstor\OWNER-PC\Volume.31c3bf67.fd27.11e2.a5e5.4c72b92e3e25\Downloads\Flight zips\F1Download@ac77a5bd24774e3bb2cc91e910b44622.zip a variant of Win32/Packed.Themida potentially unwanted application
I:\WD SmartWare.swstor\OWNER-PC\Volume.31c3bf67.fd27.11e2.a5e5.4c72b92e3e25\Downloads\Flight zips\F1Download@c3e6b12db1b449a2847aee302d04d765.zip a variant of Win32/Packed.Themida potentially unwanted application
I:\WD SmartWare.swstor\OWNER-PC\Volume.31c3bf67.fd27.11e2.a5e5.4c72b92e3e25\Laptop 091610\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jojlg90v.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}\chrome\iobitcom.jar Win32/Toolbar.Conduit.A potentially unwanted application
I:\WD SmartWare.swstor\OWNER-PC\Volume.31c3bf67.fd27.11e2.a5e5.4c72b92e3e25\Laptop 091610\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jojlg90v.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}\chrome\iobitcom@c8ceff39c00943d59089a510d7a48a90.jar Win32/Toolbar.Conduit.A potentially unwanted application
Such files (were marked by ESET scanner) are elements of your incremental backup system and probably contain a real infections.
I:\Passport Backup\Downloads\filehelper_setup_docx.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
I:\Passport Backup\Downloads\Flight zips\F1Download.zip a variant of Win32/Packed.Themida potentially unwanted application
I:\Passport Backup\Downloads\Flight zips\FSHost\PFPortChecker.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
I:\Passport Backup\Laptop 091610\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jojlg90v.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}\chrome\iobitcom.jar Win32/Toolbar.Conduit.A potentially unwanted application
I:\Passport Backup\Laptop 091610\Users\Owner\Downloads\asc-setup(2).exe Win32/Toolbar.Conduit.A potentially unwanted application
I:\Passport Backup\MGtools\Process.exe Win32/PrcView potentially unsafe application
This set of files looks like manual backup but potential problems are the same.

Except for all "I:\..." files from the ESET list your computer is clean. My opinion is that potentially infected files, especially inside of backup must be removed, but the final decision is yours. I could recommend to delete the whole backup and start the new fresh one - now when your computer is clean it is a good starting point.

Only problem I had was D:\Program Files\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Unused Aircraft\Flight1 1 ATR72\Flight1 ATR 72-500.rar was too large to upload for a scan. It is not a critical file for me so I can simply delete if that is ok.
In such case, I will delete it with other files below.

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :Files
    D:\Program Files\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Unused Aircraft\Flight1 1 ATR72\Flight1 ATR 72-500.rar
    H:\Downloads\Flight zips\F1Download.zip
    H:\Downloads\Flight zips\FSHost\PFPortChecker.exe
    H:\Downloads\Flight zips\EzDok\EZCA-Update-1.16.zip
    
    :Commands
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear - close it.

Your latest set of logs appear to be clean! :cheers:
This is my general post for when your logs show no more signs of malware.
Before I give you instructions how to keep your computer clean and secure, you need to make a few additional steps.

Step 2.
OTL - Run Script
You should still have OTL on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [CREATERESTOREPOINT]
    
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    
  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 3.
OTL-Cleanup
You should still have OTL on your desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Press the CleanUp button.
  3. When done, you will be prompted to reboot your system to finish file removal, please select OK to reboot your computer.

Step 4.
Hide Hidden and System files
  1. Close all programs so that you are at your desktop.
  2. Press Image.
  3. Click the Start Search box on the Start Menu
  4. Copy and paste the following value, in the open text entry box:
    change search options for files and folders
  5. Click on the View tab, then under the "Hidden files and folders" section
    • UNSELECT "Show hidden files and folders"
    • Place check mark in check box "Hide extensions for known file types"
    • Place check mark in check box "Hide protected operating system files"
  6. Press the Apply, then the OK buttons.

Step 5.
Please download delfix and save it to your desktop.
  1. Right-click on delfix.exe and select " Run as administrator " to run it.
  2. Check the following boxes then click on Run.
    1. Activate UAC
    2. Remove disinfection tools
    3. Create registry backup
    4. Purge system restore
    5. Reset system settings
  3. All tools we used to clean your computer should be gone now.
  4. You can now delete any tools/logs we used if they remain on your computer.

Step 6.
You can now delete any tools/logs we used if they remain on your Desktop.

Please don't forget to enable and update all your defense software!

Then:
Computer free from infections is very good, but in your case the problem does not stop there. The fact that the "Blue Screen" has not yet appeared is not mean anything. The problem related to the main hard drive of your machine - Check Disk Utility as well as Event Viewer reported about multiple errors and instability, but it is not for our forum any more.

I strongly recommend you to get technical help for your not related to malware problems and would like to refer you to a technical support forum like: Tech Support Guy.
Feel free to refer to this topic for any reason.

Finally:
Please click HERE to find a short guide to staying safer online.

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove

Re: Blue Screen Twice in the last 4 Days

Unread postby Gary R » October 26th, 2014, 2:52 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 415 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware