Dear Sirs
I am now 70 years old & I have in the last three months purchased a new Samsung 900X4C-A03 i7 running window 8 which is a big problem for me
Because I now live on the Island of Crete Greece, and purchased my new laptop here on the Island, it came with an American Keyboard, which I have had changed to an English, English Keyboard
My problem started after searching the internet and clicking somthing i did not want to click, my anti virus opened a box saying dangerous, but when trying to click remove I think I must have Clicked Allow
I have read and have tried to follow your list of jobs to do first before posting.
DDS: would not download, only received a Blank Page
GMER: Box saying, C:#windows#system33#config#system
The process cannot access the file because it is being used by another process (I cannot find back slash on my computer)
Clicked OK
Program opened, Unclicked IAT/EAT & show all
Box saying: gmer.exe has stopped working
A problem caused the program to stop working windows will close the program and notify you if a solution is available.
Clicked OK two times & the program opened
Clicked scan & when finished saved to my Desktop
Copied below
GMER 2.1.19163 - GMER - Rootkit Detector and Remover
Rootkit scan 2013-09-23 13:35:34
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003e LITEONIT_LMT-256M3M rev.VZJ4 238.47GB
Running: gmer.exe; Driver: C:\Users\Jack\AppData\Local\Temp\pxroypoc.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\windows\System32\win32k.sys!W32pServiceTable fffff96000224200 7 bytes [40, 3B, 82, 01, 00, 53, F2]
.text C:\windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000224208 7 bytes [01, 63, C0, FF, 00, 17, DB]
---- Threads - GMER 2.1 ----
Thread C:\windows\system32\csrss.exe [676:700] fffff960008c05e8
Thread C:\windows\system32\svchost.exe [892:6044] 000007faffdd1f34
Thread C:\windows\system32\svchost.exe [516:3384] 000007fb03461824
Thread C:\windows\system32\svchost.exe [516:4152] 000007fb018c51dc
Thread C:\windows\system32\svchost.exe [516:4156] 000007fb031b1470
Thread C:\windows\system32\svchost.exe [516:4168] 000007fb031b1470
Thread C:\windows\system32\svchost.exe [516:3840] 000007fb0b665c38
Thread C:\windows\system32\svchost.exe [516:4132] 000007fb08bc16b0
Thread C:\windows\system32\svchost.exe [516:9932] 000007fafde110f0
Thread C:\windows\System32\spoolsv.exe [1488:2736] 000007fb04b254c0
Thread C:\windows\System32\spoolsv.exe [1488:2780] 000007fb047030ec
Thread C:\windows\System32\spoolsv.exe [1488:2924] 000007fb04e65798
Thread C:\windows\System32\spoolsv.exe [1488:2976] 000007fb04eae080
Thread C:\windows\System32\spoolsv.exe [1488:3056] 000007fb04da81ac
Thread C:\windows\system32\svchost.exe [1532:1552] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1592] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1604] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1624] 000007fb0823c4f0
Thread C:\windows\system32\svchost.exe [1532:1692] 000007fb08248810
Thread C:\windows\system32\svchost.exe [1532:1700] 000007fb08265170
Thread C:\windows\system32\svchost.exe [1532:1704] 000007fb082484a0
Thread C:\windows\system32\svchost.exe [1532:1888] 000007fb064131a0
Thread C:\windows\system32\svchost.exe [1532:3672] 000007fb06419c68
Thread C:\windows\system32\svchost.exe [1532:4036] 000007fb020524e8
Thread C:\windows\system32\svchost.exe [1532:4048] 000007fb01cf4910
Thread C:\windows\system32\svchost.exe [1532:4072] 000007fb01c61544
Thread C:\windows\system32\svchost.exe [1532:4076] 000007fb01c455dc
Thread C:\windows\system32\svchost.exe [1532:6512] 000007fb01cf1044
Thread C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe [2120:4248] 00000000725a7419
Thread C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe [2120:4404] 00000000727ee520
Thread C:\windows\SysWOW64\svchost.exe [2224:2244] 0000000074c68064
Thread C:\windows\SysWOW64\svchost.exe [2224:2492] 000000001000d0d0
Thread C:\windows\SysWOW64\svchost.exe [2224:2516] 000000003af11400
Thread C:\windows\SysWOW64\svchost.exe [2224:3560] 0000000074c68064
Thread C:\windows\SysWOW64\svchost.exe [2224:5936] 000000006e9c1c6a
Thread C:\windows\SysWOW64\svchost.exe [2224:7500] 00000000774e50a7
Thread C:\windows\SysWOW64\svchost.exe [2224:9092] 00000000774e50a7
Thread C:\windows\SYSTEM32\ntdll.dll [3328:3332] 00000000008a1c94
Thread C:\windows\SYSTEM32\ntdll.dll [4252:4208] 0000000000416a76
Thread C:\windows\SYSTEM32\ntdll.dll [4252:4308] 0000000000409230
Thread C:\windows\SYSTEM32\ntdll.dll [5140:5144] 00000000004020c8
Thread C:\windows\SYSTEM32\ntdll.dll [5700:5704] 00000000004c82f4
Thread C:\windows\SYSTEM32\ntdll.dll [5700:5720] 0000000000427070
Thread C:\windows\SYSTEM32\ntdll.dll [7216:8388] 00000000010b1795
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
I am now 70 years old & I have in the last three months purchased a new Samsung 900X4C-A03 i7 running window 8 which is a big problem for me
Because I now live on the Island of Crete Greece, and purchased my new laptop here on the Island, it came with an American Keyboard, which I have had changed to an English, English Keyboard
My problem started after searching the internet and clicking somthing i did not want to click, my anti virus opened a box saying dangerous, but when trying to click remove I think I must have Clicked Allow
I have read and have tried to follow your list of jobs to do first before posting.
DDS: would not download, only received a Blank Page
GMER: Box saying, C:#windows#system33#config#system
The process cannot access the file because it is being used by another process (I cannot find back slash on my computer)
Clicked OK
Program opened, Unclicked IAT/EAT & show all
Box saying: gmer.exe has stopped working
A problem caused the program to stop working windows will close the program and notify you if a solution is available.
Clicked OK two times & the program opened
Clicked scan & when finished saved to my Desktop
Copied below
GMER 2.1.19163 - GMER - Rootkit Detector and Remover
Rootkit scan 2013-09-23 13:35:34
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003e LITEONIT_LMT-256M3M rev.VZJ4 238.47GB
Running: gmer.exe; Driver: C:\Users\Jack\AppData\Local\Temp\pxroypoc.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\windows\System32\win32k.sys!W32pServiceTable fffff96000224200 7 bytes [40, 3B, 82, 01, 00, 53, F2]
.text C:\windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000224208 7 bytes [01, 63, C0, FF, 00, 17, DB]
---- Threads - GMER 2.1 ----
Thread C:\windows\system32\csrss.exe [676:700] fffff960008c05e8
Thread C:\windows\system32\svchost.exe [892:6044] 000007faffdd1f34
Thread C:\windows\system32\svchost.exe [516:3384] 000007fb03461824
Thread C:\windows\system32\svchost.exe [516:4152] 000007fb018c51dc
Thread C:\windows\system32\svchost.exe [516:4156] 000007fb031b1470
Thread C:\windows\system32\svchost.exe [516:4168] 000007fb031b1470
Thread C:\windows\system32\svchost.exe [516:3840] 000007fb0b665c38
Thread C:\windows\system32\svchost.exe [516:4132] 000007fb08bc16b0
Thread C:\windows\system32\svchost.exe [516:9932] 000007fafde110f0
Thread C:\windows\System32\spoolsv.exe [1488:2736] 000007fb04b254c0
Thread C:\windows\System32\spoolsv.exe [1488:2780] 000007fb047030ec
Thread C:\windows\System32\spoolsv.exe [1488:2924] 000007fb04e65798
Thread C:\windows\System32\spoolsv.exe [1488:2976] 000007fb04eae080
Thread C:\windows\System32\spoolsv.exe [1488:3056] 000007fb04da81ac
Thread C:\windows\system32\svchost.exe [1532:1552] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1592] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1604] 000007fb0dd43c90
Thread C:\windows\system32\svchost.exe [1532:1624] 000007fb0823c4f0
Thread C:\windows\system32\svchost.exe [1532:1692] 000007fb08248810
Thread C:\windows\system32\svchost.exe [1532:1700] 000007fb08265170
Thread C:\windows\system32\svchost.exe [1532:1704] 000007fb082484a0
Thread C:\windows\system32\svchost.exe [1532:1888] 000007fb064131a0
Thread C:\windows\system32\svchost.exe [1532:3672] 000007fb06419c68
Thread C:\windows\system32\svchost.exe [1532:4036] 000007fb020524e8
Thread C:\windows\system32\svchost.exe [1532:4048] 000007fb01cf4910
Thread C:\windows\system32\svchost.exe [1532:4072] 000007fb01c61544
Thread C:\windows\system32\svchost.exe [1532:4076] 000007fb01c455dc
Thread C:\windows\system32\svchost.exe [1532:6512] 000007fb01cf1044
Thread C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe [2120:4248] 00000000725a7419
Thread C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe [2120:4404] 00000000727ee520
Thread C:\windows\SysWOW64\svchost.exe [2224:2244] 0000000074c68064
Thread C:\windows\SysWOW64\svchost.exe [2224:2492] 000000001000d0d0
Thread C:\windows\SysWOW64\svchost.exe [2224:2516] 000000003af11400
Thread C:\windows\SysWOW64\svchost.exe [2224:3560] 0000000074c68064
Thread C:\windows\SysWOW64\svchost.exe [2224:5936] 000000006e9c1c6a
Thread C:\windows\SysWOW64\svchost.exe [2224:7500] 00000000774e50a7
Thread C:\windows\SysWOW64\svchost.exe [2224:9092] 00000000774e50a7
Thread C:\windows\SYSTEM32\ntdll.dll [3328:3332] 00000000008a1c94
Thread C:\windows\SYSTEM32\ntdll.dll [4252:4208] 0000000000416a76
Thread C:\windows\SYSTEM32\ntdll.dll [4252:4308] 0000000000409230
Thread C:\windows\SYSTEM32\ntdll.dll [5140:5144] 00000000004020c8
Thread C:\windows\SYSTEM32\ntdll.dll [5700:5704] 00000000004c82f4
Thread C:\windows\SYSTEM32\ntdll.dll [5700:5720] 0000000000427070
Thread C:\windows\SYSTEM32\ntdll.dll [7216:8388] 00000000010b1795
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----