Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with malware or virus need help please


  • Please log in to reply
91 replies to this topic

#1 dreamrider12

dreamrider12

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:04 PM

Posted 10 May 2012 - 11:40 AM

Hello, I am new here, and not real computer savy, but learning! I love your site! I have been checking out your site and am certain I have either a virus or malware, maybe both! First reason is in the tasks I found several tasks saying HPCeeFilesForFamily, HPCeeFilesForRon, HPCeefilesForNathan I have two other user accounts and there were not any like that for those two accounts. I am the admin on the computer. There are a few tasks also that are monitoring my computer and reporting the results back, is that normal? Also, I found some locked files, in the tasks there are over 40 tasks that have a warning for admin to review, but I don't know how to review them. Also, in the Updates for Windows, not in the view hisotry part but the installed updates, 13 were installed yesterday, and now, almost all my installed updates now have the same dates on them, and they did not used to. I tried going to Malwarebytes to download it but it will not take me to the download section, just to Cnet. I used to have Malwarebytes on my computer, but I downloaded the paid version and ended up uninstalling it later. FYI I had Norton back then too and I had a virus that kept getting on and turning Norton off, so I deleted Norton and Malwarbytes, and now I just have MSE. I have Windows 7 64 bit sp1 with IE9. I have all my security set high/as reccomended, however, when I do a mr. fixit, it says each time I have no security features on, and says it will set it. Also when I try to manually download a new definition from MSE it will sometimes say do not download this file as it will harm your computer. So far MSE, Safety scan and the Malicious Software Removeal Tool from Microsoft have not found anything. I am not sure if my scanners have real definitions in them at this point! Sorry this is so long, Thanks for any help! Tammy

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:04 AM

Posted 10 May 2012 - 07:00 PM

Hi,

I realise you may still be having trouble downloading MBAM, but please try downloading it again in the relevant step below.
-------------------------------

I will be helping you with your problems

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

Step 1

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document in your next reply.


Step 2

Please download Farbar Service Scanner to your Desktop and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Step 3

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Step 4

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes'
    Anti-Malware
    and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log back here.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 dreamrider12

dreamrider12
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:04 PM

Posted 11 May 2012 - 12:32 PM

Hello and thank you for responding so quickly! I am trying to copy and paste the dircetions as you stated in Notepad, but it wont let me. Here is what it says: " C:\users\family\documents\first directions.txt then it says This file contains characters in Unicode format which will be lost if you save this file as an ANSI encoded text file. To keep the Unicode information, click cancel below and then select one of the Unicode options from the Encoding drop down list. Continue?" I don't know what to choose to save this as a file, and my printer is not working right now, as I don't have any black ink. I did write down all your directions and am getting ready to back up my files on a dvd. Please advise so I will know what options to chose going forward for copy/paste the rest going forward. Thank you Tammy

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:04 AM

Posted 11 May 2012 - 04:41 PM

Hi

Try this:

  • Copy the instructions (via Ctrl and C)
  • Click the "Windows Orb" start button
  • Click All Programs > Accesories > Notepad
  • In the windows that opens, Right click > Paste
  • Save the file to your Desktop with the File Name Instructions, Save as type: Text documents (.txt), and Encoding: Unicode

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 dreamrider12

dreamrider12
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:04 PM

Posted 14 May 2012 - 07:58 AM

Thanks for the assistance again! I don't get the chance to go on the computer over the weekend, have to fight the kids for it! I will get the back-up started once I return from the Dr office today. I have the info copy/pasted. Thank you. So far, the computer is running ok. My MSE definitions are updating, but the dates do not match as the dates I download, however, the definions do match the ones that are downloaded. The tasks are still looking suspicisious, and I think I'm getting redirected. Also I have 3 internet explorers?

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:04 AM

Posted 15 May 2012 - 07:17 PM

Hi

Please follow my instructions in my earlier post firstly.

If you're unable to do any step, please explain what happens in detail.

Edited by dev00790, 15 May 2012 - 07:18 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 dreamrider12

dreamrider12
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:04 PM

Posted 18 May 2012 - 04:35 PM

I do apologize, I have not done anything out of order. I am trying to figure out how to erase my DVD R back up discs from my first back up. I thought I had more blank dvd r to back up my computer, but I can't find them. Everytime I put them in, drive E goes to Auto play. My oldest son keeps telling me I dont need to worry about any of this stuff, just set my computer to an earlier date and the virus etc will be gone(as long as its before the virus etc was put on) But I dont agree with him. I have heard that is a myth! Anywhoo..I am disabled and can't drive/ so am unable to get to store for new dvd r 's to purchase at this time to do a new back up to begin! Sorry this is taking me so long to begin your steps. If you know how to direct me to erase my 3 dvd rs , I can do the back up. I can get as far as highlighting all the files on the first dvd r, but there is no option for "the delete key or button" I even tried the delete key on the key board. Thank you in advance, Tammy

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:04 AM

Posted 19 May 2012 - 08:04 PM

Hi

I believe that DVD-R discs cannot be rewritten - that is since it is a read only format.
If you want to make backups on DVDs (for example), which you can rewrite over the previous contents, then you will need:

1) To use DVD-RW (rewritable) discs,
2) A drive that is able to rewrite onto DVD-RW discs.

Other viable options are:

CD-RW discs & drives that can rewrite to them,
External Hard Disk Drives (HDDs)
USB Flash drive

Note:
When backing up, do not copy over any .exe, .com, .scr, or .bat files, since these (executable files) could result one or more of these (if any) may be infected by malware. Prevention is better than cure.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 dreamrider12

dreamrider12
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:04 PM

Posted 20 May 2012 - 08:57 AM

Thank you so much! I have obtained some blank dvds and am ready to back up the files. Thanks for the awesome info on the files not to copy as I was unaware of that! Will let you know what happens after step one! Tammy

#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:04 AM

Posted 20 May 2012 - 09:07 AM

:thumbup2:

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 dreamrider12

dreamrider12
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:04 PM

Posted 20 May 2012 - 05:06 PM

Hello I could not back up my computer! I tried several times and gave up! I almost erased everything myself, ended up accidntally saving a copy of an entire file C and making a new partition of some sort that said if it changed in any way my computer would basically be ruined ( make a long story short). I ended up restoring my computer to an earlier time to erase the damage I did! So... I ran the first step, and here are the resutls! I have not used any other tasks, so I do not have an update on anything else.

Security Check

Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

SpyroDriver
Adobe Reader X (10.1.3)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
``````````End of Log````````````

#12 dreamrider12

dreamrider12
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:04 PM

Posted 20 May 2012 - 05:25 PM

results from Fabar by the way, both times I tried to download The first strp Checkexe and Fabar, my said it was not safe to download, but of course I downloaded them anyway. Also, i don't know if it a conqusadinse or not but on 5/19 my bank account was hacked into, and I called my bank to let them know. Other than that, the only website I have tried to go to is this one and have not had any problems.

Farbar Service Scanner Version: 17-05-2012
Ran by family (administrator) on 20-05-2012 at 18:15:16
Running from "C:\Users\family\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#13 dreamrider12

dreamrider12
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:04 PM

Posted 20 May 2012 - 05:35 PM

I have not used any websites so far.


Mini Tool Box report

MiniToolBox by Farbar Version: 18-01-2012
Ran by family (administrator) on 20-05-2012 at 18:32:11
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : family-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 2C-27-D7-38-7D-31
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5095:eb10:f52c:f0c9%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, May 20, 2012 4:48:06 PM
Lease Expires . . . . . . . . . . : Sunday, May 20, 2012 7:15:29 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 271329239
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-68-7F-23-2C-27-D7-38-7D-31
DNS Servers . . . . . . . . . . . : 65.32.5.111
65.32.5.112
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{2A7C57A1-6C2E-4F40-B55E-90757EF8F2B4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1c36:29cf:3f57:fffd(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c36:29cf:3f57:fffd%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: google.com
Addresses: 74.125.134.101
74.125.134.102
74.125.134.113
74.125.134.138
74.125.134.139
74.125.134.100


Pinging google.com [173.194.37.66] with 32 bytes of data:
Reply from 173.194.37.66: bytes=32 time=22ms TTL=53
Reply from 173.194.37.66: bytes=32 time=23ms TTL=53

Ping statistics for 173.194.37.66:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 23ms, Average = 22ms
Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=95ms TTL=47
Reply from 98.139.183.24: bytes=32 time=88ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 88ms, Maximum = 95ms, Average = 91ms
Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...2c 27 d7 38 7d 31 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.2 276
192.168.0.2 255.255.255.255 On-link 192.168.0.2 276
192.168.0.255 255.255.255.255 On-link 192.168.0.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:4137:9e76:1c36:29cf:3f57:fffd/128
On-link
12 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::1c36:29cf:3f57:fffd/128
On-link
12 276 fe80::5095:eb10:f52c:f0c9/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/20/2012 04:59:45 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/20/2012 04:58:33 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/20/2012 04:52:35 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (05/20/2012 04:52:35 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/20/2012 04:48:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/20/2012 04:46:45 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (05/20/2012 04:46:45 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/20/2012 04:42:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/20/2012 07:40:02 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/20/2012 07:38:52 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (05/20/2012 04:48:15 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (05/20/2012 04:47:20 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/20/2012 04:42:32 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (05/20/2012 04:39:58 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/20/2012 07:28:46 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (05/20/2012 07:27:46 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/20/2012 05:22:32 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (05/19/2012 07:20:13 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (05/19/2012 07:19:14 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/18/2012 04:39:22 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.127.201.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (05/20/2012 04:59:45 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/20/2012 04:58:33 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/20/2012 04:52:35 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (05/20/2012 04:52:35 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: Performance1637070000000000000000000009030000

Error: (05/20/2012 04:48:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/20/2012 04:46:45 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (05/20/2012 04:46:45 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: Performance1637070000000000000000000009030000

Error: (05/20/2012 04:42:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/20/2012 07:40:02 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/20/2012 07:38:52 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
AMD APP SDK Runtime (Version: 2.5.793.1)
AMD Catalyst Install Manager (Version: 3.0.851.0)
AMD Fuel (Version: 2011.1013.1702.28713)
AMD Problem Report Wizard (Version: 3.0.851.0)
AMD VISION Engine Control Center (Version: 2011.1013.1702.28713)
Ask Toolbar (Version: 1.15.1.0)
Ask Toolbar Updater (Version: 1.2.1.22229)
BearShare (Version: 10.0.0.112380)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bejeweled 3 (Version: 2.2.0.95)
Bing Bar (Version: 7.1.362.0)
Bing Desktop (Version: 1.0.45.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.2.6699)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.0
Canon MP250 series MP Drivers
Canon MP250 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.1013.1702.28713)
Catalyst Control Center InstallProxy (Version: 2011.1013.1702.28713)
Catalyst Control Center Localization All (Version: 2011.1013.1702.28713)
ccc-utility64 (Version: 2011.1013.1702.28713)
CCC Help Chinese Standard (Version: 2011.1013.1701.28713)
CCC Help Chinese Traditional (Version: 2011.1013.1701.28713)
CCC Help Czech (Version: 2011.1013.1701.28713)
CCC Help Danish (Version: 2011.1013.1701.28713)
CCC Help Dutch (Version: 2011.1013.1701.28713)
CCC Help English (Version: 2011.1013.1701.28713)
CCC Help Finnish (Version: 2011.1013.1701.28713)
CCC Help French (Version: 2011.1013.1701.28713)
CCC Help German (Version: 2011.1013.1701.28713)
CCC Help Greek (Version: 2011.1013.1701.28713)
CCC Help Hungarian (Version: 2011.1013.1701.28713)
CCC Help Italian (Version: 2011.1013.1701.28713)
CCC Help Japanese (Version: 2011.1013.1701.28713)
CCC Help Korean (Version: 2011.1013.1701.28713)
CCC Help Norwegian (Version: 2011.1013.1701.28713)
CCC Help Polish (Version: 2011.1013.1701.28713)
CCC Help Portuguese (Version: 2011.1013.1701.28713)
CCC Help Russian (Version: 2011.1013.1701.28713)
CCC Help Spanish (Version: 2011.1013.1701.28713)
CCC Help Swedish (Version: 2011.1013.1701.28713)
CCC Help Thai (Version: 2011.1013.1701.28713)
CCC Help Turkish (Version: 2011.1013.1701.28713)
Chuzzle Deluxe (Version: 2.2.0.95)
Cobian Backup 10
Coupon Printer for Windows (Version: 5.0.0.1)
D3DX10 (Version: 15.4.2368.0902)
Daimonin Client 0.10.5 patch 2083
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Farm Frenzy (Version: 2.2.0.95)
FATE - The Traitor Soul (Version: 2.2.0.95)
Fiesta (Version: 10.0.0387)
File Type Assistant
FinalTorrent 2011
Free Realms
FrostWire 5.1.5 (Version: 5.1.5.0)
Google Chrome (Version: 19.0.1084.46)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.2.4)
HP LinkUp (Version: 2.01.028)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.6.0)
HP MovieStore (Version: 1.0.045)
HP MovieStore (Version: 2.0)
HP Odometer (Version: 2.10.0000)
HP Product Detection (Version: 11.14.0001)
HP Setup (Version: 8.6.4530.3651)
HP Setup Manager (Version: 1.1.13253.3682)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 10.1.1000)
HP Update (Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.5.0.0)
Hulu Desktop (Version: 0.9.13)
HydraVision (Version: 4.2.218.0)
Internet Explorer (Enable DEP)
Internet TV for Windows Media Center (Version: 4.2.2.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Kobo (Version: 1.6)
KODAK Share Button App (Version: 3.01.0000.0000)
LabelPrint (Version: 2.5.3609)
LEGO Universe
LightScribe System Software (Version: 1.18.20.1)
Mah Jong Medley (Version: 2.2.0.95)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Outspark Toolbar
Pando Media Booster (Version: 2.6.0.6)
PDF Complete Special Edition (Version: 4.0.35)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4817)
PressReader (Version: 5.10.1217.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6251)
Recovery Manager (Version: 5.5.3621)
Remote Graphics Receiver (Version: 5.4.5)
Rhapsody
RIFT (Version: 1.0.0)
RoxioNow Player (Version: 1.9.5.103)
ShopAtHome.com Toolbar
Slingo Supreme (Version: 2.2.0.95)
SPORE Creature Creator Trial Edition (Version: 1.00.0000)
SPORE Creature Creator Trial Edition (Version: 2.2.0.65)
SpyroDriver (Version: 1.07.0000)
SpyroPortalDriver (Version: 1.0.0)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
WebIQ Technology Engine (Version: 1.7.1114)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.5.30)
Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (Version: 01/29/2010 1.4.1.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Wizard101 (Version: 1.0.0)
Wizard101 Test (Version: 1.0.0)
World of Warcraft (Version: 4.3.4.15595)
Yahoo! Software Update
Yahoo! Toolbar
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)
Zinio Reader 4 (Version: 4.0.3184)
Zuma Deluxe (Version: 2.2.0.95)

========================= Devices: ================================

Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Activision Xbox360 Spyro Portal
Description: Activision Xbox360 Spyro Portal
Class Guid: {4a9c2fa7-d63f-44c5-a247-bb3289a3739f}
Manufacturer: Activision
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 3839.29 MB
Available physical RAM: 2795.99 MB
Total Pagefile: 7676.76 MB
Available Pagefile: 5975.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.21 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:920.18 GB) (Free:828.79 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.23 GB) (Free:0.56 GB) NTFS

========================= Users: ========================================

User accounts for \\FAMILY-HP

Administrator family Guest
Nathan Ron Tammy

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:04 AM

Posted 20 May 2012 - 06:17 PM

Hi

Step 1

Please follow step 4 of my earlier post next.
Post the log in your next reply.


Step 2

How is your computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 dreamrider12

dreamrider12
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:04 PM

Posted 21 May 2012 - 12:48 PM

Good Monday :hysterical:

I meant to ask you, was I supposed to unhide my files before I started the scanners? I know it's too late, but I can do it now, and rescan. I am going to be working on step #4 after I post this. Update on computer: all 3 downloads I had smartscreen warning saying dangerous download and not to proceed or it could harm my computer. Today I checked for updates as normal and had 1 optional MSE, as usual. It updated like it has latley, which is before I restart computer ( I don't remember for sure if it is supposed to , but I thought I had to restart computer and then open MSE and click the update button to make the updates work) Called my bank and verified charges are from an online fraudulent charge. Also hoping you can help with this(if it needs help) I was checking out tasks & services to see how they look since I ran steps 1-3, and while trying to copy/paste to show you ,I almost did a complete factory reset of computer! I went in system restore to make sure i didn't, but there I found 7 user profiles under System Properties. One says profile "Unknown user" size "524MG type "local" status "local" modified "5/4/12" 2nd profile "default profile" size "3.88mb" type "local" status "local" modified "9/16/11" 3rd is fam-hp/family" size "6.9" status "local" modified "5/21/12 4/th THIS ONE I DELETED A FEW WEEKS AGO "fam-hp/guest" size "654mb" status "temp" modified 5/8/12 5th profile "fam-hp/nate" size "5.23gb" type "local" status "local" modified "5/18/12 6th profile "fam-hp/Ron" size "924 mb" type "local" status "local" modified " 5/16/12 and 7th profile is fam-hp/tam "547mb" type "local" status "local" modified "5/18/12. Ihave wifi with a dsi is nates and a ps3 that has netflix a friend of rons on it, but desktop computer is not wireless. So to me tasks still look very very suspicious, and I need help in deleting the ones that need to go. Thanks!!!!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users