Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Defender Turns Off


  • Please log in to reply
16 replies to this topic

#1 MrsG94

MrsG94

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 AM

Posted 05 August 2012 - 11:40 PM

Hi. This is a new problem for me. I am posting in the "Am I infected? What do I do?" forum, because i just removed the searchnu.com/405 evil off of my computer by following along with the advice given to a fellow victim. I don't know if when I performed all the necessary tasks to remove the virus, I inadvertently changed something that now makes Windows Defender stay off. I have Spybot S & D on my computer, but I have had it for a while and have never had a problem with Windows Defender until now. I don't think they are interfering with each other. Please help. There seems to be no other similar posts anywhere out on the web. Thank you very much! BTW, I am running Windows Vista Home Basics

Edited by MrsG94, 05 August 2012 - 11:44 PM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:17 AM

Posted 05 August 2012 - 11:43 PM

I would start by removing spybot if it were my machine.
Also windows defender not coming on is a good thing. :)
Do you have micorsoft security essentials installed on your machine?If so it automatically disables windows defender.

#3 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 AM

Posted 05 August 2012 - 11:48 PM

Hi, no I don't have MSE. I'm just now learning how beneficial it can be. Do you not care for Spybot? Is is not a good program? Thanks.

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:17 AM

Posted 05 August 2012 - 11:52 PM

Spybot is garbage I could write a book on how terrible it is.

Please download FarbarServiceScanner and run it on the computer with the issue.


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please Copy and paste the log to your reply.

Please download MINITOOLBOX and run it.

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and attach the result.

Edited by InadequateInfirmity, 05 August 2012 - 11:53 PM.


#5 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 AM

Posted 06 August 2012 - 09:43 AM

Hi, Sorry for the delay in response. I had to sleeeeeep. Here are the requested logs. The first is the FSS log.

Farbar Service Scanner Version: 04-08-2012 01
Ran by Heather (administrator) on 06-08-2012 at 10:32:38
Running from "C:\Users\Heather\Desktop"
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#6 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 AM

Posted 06 August 2012 - 09:45 AM

I hope I am doing this correctly. And now for the toolbox report:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Heather (administrator) on 06-08-2012 at 10:35:58
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
add address name="Local Area Connection" address=0.0.0.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Heather-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection
Physical Address. . . . . . . . . : 00-1D-09-95-77-5E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1978:8c62:d355:5de1%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.148(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 06, 2012 10:07:06 AM
Lease Expires . . . . . . . . . . : Tuesday, August 07, 2012 10:07:06 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 251665673
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-14-5E-85-00-1D-09-95-77-5E
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{F11995B2-3063-40C5-BFF4-2A42302544DC}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1834:297a:3f57:ff6b(Preferred)
Link-local IPv6 Address . . . . . : fe80::1834:297a:3f57:ff6b%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4002:802::1008
74.125.137.102
74.125.137.113
74.125.137.138
74.125.137.139
74.125.137.100
74.125.137.101



Pinging google.com [74.125.139.113] with 32 bytes of data:

Reply from 74.125.139.113: bytes=32 time=18ms TTL=45

Reply from 74.125.139.113: bytes=32 time=18ms TTL=45



Ping statistics for 74.125.139.113:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 18ms, Maximum = 18ms, Average = 18ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=37ms TTL=47

Reply from 209.191.122.70: bytes=32 time=37ms TTL=47



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 37ms, Maximum = 37ms, Average = 37ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 1d 09 95 77 5e ...... Intel® 82562V-2 10/100 Network Connection
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.{F11995B2-3063-40C5-BFF4-2A42302544DC}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.148 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.148 276
192.168.0.148 255.255.255.255 On-link 192.168.0.148 276
192.168.0.255 255.255.255.255 On-link 192.168.0.148 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.148 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.148 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:4137:9e76:1834:297a:3f57:ff6b/128
On-link
11 276 fe80::/64 On-link
10 266 fe80::/64 On-link
10 266 fe80::1834:297a:3f57:ff6b/128
On-link
11 276 fe80::1978:8c62:d355:5de1/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/06/2012 10:07:33 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2012 11:55:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2012 11:16:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2012 10:55:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2012 06:20:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid. hr = 0x80070539.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {52336720-39ea-4840-839e-3ec108fffda3}

Error: (08/05/2012 05:59:00 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid. hr = 0x80070539.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {97cd50e1-aa6b-475c-877c-809d3905b812}

Error: (08/05/2012 05:40:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6568

Error: (08/05/2012 05:40:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6568

Error: (08/05/2012 05:40:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/05/2012 05:40:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5133


System errors:
=============
Error: (08/06/2012 10:09:06 AM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (08/06/2012 10:07:34 AM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (08/06/2012 10:07:03 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.101 for the Network Card with network address 001D0995775E has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (08/05/2012 11:56:53 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (08/05/2012 11:55:20 PM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (08/05/2012 11:17:57 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (08/05/2012 11:16:21 PM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (08/05/2012 11:09:21 PM) (Source: Service Control Manager) (User: )
Description: XAudioService1

Error: (08/05/2012 10:56:40 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (08/05/2012 10:55:06 PM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 2.1.5)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Reader 8.3.1 (Version: 8.3.1)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Agent Ransack Version 1.7.3
AIO_CDB_ProductContext (Version: 82.0.242.000)
AIO_CDB_Software (Version: 82.0.242.000)
AIO_Scan (Version: 82.0.173.000)
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft Print Creations (Version: 2.8.255.384)
ASPCA Reminder by We-Care.com v4.0.19.1 (Version: 4.0.19.1)
AT&T Internet Security Wizard 1.5.11 (Version: 1.5.11)
AT&T Pop-Up Catcher
AT&T Service & Support Tool
AT&T Toolbar
AXIS Media Control Embedded
AXIS Media Control Embedded Installer (Version: 4.1.4)
Barbie™ as Rapunzel
Barbie™ of Swan Lake Demo
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 82.0.173.000)
CCScore (Version: 7.00.0000.0001)
Cisco Connect (Version: 1.3.11069.2)
Conexant D850 PCI V.92 Modem
Copy (Version: 120.0.214.000)
Coupon Printer for Windows (Version: 4.0)
Coupon Printer for Windows (Version: 5.0.0.1)
CustomerResearchQFolder (Version: 1.00.0000)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Getting Started Guide (Version: 1.00.0000)
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 110.0.180.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Line Detect (Version: 1.21)
DocProc (Version: 8.1.0.0)
DocProcQFolder (Version: 1.00.0000)
EDocs
ESSBrwr (Version: 8.00.0000.0001)
ESSCDBK (Version: 8.00.0000.0001)
ESScore (Version: 8.00.0000.0001)
ESSgui (Version: 8.00.0000.0001)
ESSini (Version: 8.00.0000.0001)
ESSPCD (Version: 7.01.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
eSupportQFolder (Version: 1.00.0000)
F300 (Version: 82.0.242.000)
F300_Help (Version: 82.0.242.000)
F300Trb (Version: 82.0.242.000)
Family Tree Maker 2006
Fax (Version: 120.0.194.000)
fflink (Version: 6.02.1001.0001)
FlipShare (Version: 5.10.25.0)
Free 3GP Video Converter version 5.0.11.504 (Version: 5.0.11.504)
FTMVistaUpdater (Version: 1.0.0)
Google Drive (Version: 1.2.3123.250)
Google Update Helper (Version: 1.3.21.115)
GoToAssist 8.0.0.514
HP Customer Participation Program 8.0 (Version: 8.0)
HP Driver Diagnostics (Version: 1.03.0005)
HP Imaging Device Functions 8.0 (Version: 8.0)
HP OCR Software 8.0 (Version: 8.0)
HP Photosmart Essential (Version: 1.12.0.46)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (Version: 8.0)
HP Product Assistant (Version: 100.000.001.000)
HP Product Detection (Version: 9.7.2)
HP Solution Center 8.0 (Version: 8.0)
HP Update (Version: 5.002.008.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPProductAssistant (Version: 82.0.173.000)
HPSSupply (Version: 2.1.3.0000)
iCloud (Version: 1.1.0.40)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.11.0 (Version: )
iTunes (Version: 10.6.1.7)
Java™ 6 Update 5 (Version: 1.6.0.50)
Junk Mail filter update (Version: 15.4.3502.0922)
Kodak EasyShare software
MarketResearch (Version: 82.0.174.000)
Mega Mission Helmet (Version: 2.00)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Modem Diagnostic Tool (Version: 1.0.17.8)
Moraff's Maximum MahJongg
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Music, Photos & Videos Launcher (Version: 1.00.0000)
netbrdg (Version: 7.01.0000.0001)
NETGEAR XE104 Powerline Encryption Utility (Version: 2.0.0.4)
NetWaiting (Version: 2.5.44)
OfotoXMI (Version: 7.02.0000.0001)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Photo Story 3 for Windows (Version: 3.0.1115.11)
PowerDVD (Version: 7.0)
Product Documentation Launcher (Version: 1.00.0000)
Publix Preschool Pals
QuickTime (Version: 7.71.80.42)
Reader Rabbit Thinking Adventures Ages 4-6
Realtek High Definition Audio Driver
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.34.55.3)
Samsung USB Driver (MCCI 4.34) WHQL v3.4 (Version: 4.34.4)
SaveVid Plug-in (Version: 2.0.0.443)
Savevid Toolbar (Version: 3.0.0.123706)
Scan (Version: 8.1.0.0)
screensaver_1280x1024
Segoe UI (Version: 15.4.2271.0615)
SFR (Version: 7.01.0000.0003)
SHASTA (Version: 7.01.0000.0001)
skin0001 (Version: 8.00.0000.0001)
SKINXSDK (Version: 7.01.0000.0001)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.0 (Version: 5.0.156)
SolutionCenter (Version: 82.0.188.000)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Spybot - Search & Destroy (Version: 1.6.2)
staticcr (Version: 8.00.0000.0001)
Status (Version: 110.0.180.000)
swMSM (Version: 12.0.0.1)
TablEdit 2.69
TEFView 2.69
Toolbox (Version: 82.0.173.000)
TrayApp (Version: 110.0.180.000)
TurboTax 2008
TurboTax 2008 wgaiper (Version: 008.000.0120)
TurboTax 2008 WinPerFedFormset (Version: 008.000.0332)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0217)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0189)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.0993)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0426)
TurboTax 2008 wrapper (Version: 008.000.0063)
TurboTax 2009
TurboTax 2009 wgaiper (Version: 009.000.0820)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2068)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0238)
TurboTax 2009 wrapper (Version: 009.000.0145)
Unity Web Player (Version: )
UnloadSupport (Version: 1.00.0000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VPRINTOL (Version: 7.01.0000.0001)
WebEx
WebReg (Version: 82.0.173.000)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner (Version: 1.0.0.0)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WIRELESS (Version: 7.02.0000.0001)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 2036.45 MB
Available physical RAM: 1076.97 MB
Total Pagefile: 4322.21 MB
Available Pagefile: 3071.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.45 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:222.78 GB) (Free:120.88 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:6.01 GB) NTFS

========================= Users: ========================================

User accounts for \\HEATHER-PC

Administrator Guest Heather


**** End of log ****

#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:17 AM

Posted 06 August 2012 - 11:56 AM

Uninstall the programs below.

AT&T Internet Security Wizard 1.5.11 (Version: 1.5.11)
AT&T Pop-Up Catcher
AT&T Service & Support Tool
AT&T Toolbar
Spybot search and destroy


Then reboot and install Avast free.
http://files.avast.com/iavs5x/avast_free_antivirus_setup.exe




Also finally to keep your machine running smoothly Run updated once a week or at least twice a month scans with superantispyware and malwarebytes.Run the quick scans offered by both programs just make sure to update prior to each scan also after you use them make sure and disable them from startup because the free versions do not offer realtime protection.

http://www.malwarebytes.org/mbam/program/mbam-setup.exe
http://cdn.superantispyware.com/SUPERAntiSpyware.exe

You may want to wait on a moderator to give you further instruction Good day. :)

#8 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 AM

Posted 06 August 2012 - 12:48 PM

Thank you! I have just a couple more questions for you if you don't mind. 1-Do you recommend MSE? 2-If you don't recommend MSE, is that why you suggested the Avast, malwarebytes, and superantispyware programs? 3-Is is okay for me to assume that these three are compatible with each other? and 4-I saved the farbar service scanner and the minitoolbox to my desktop and ran them from there. Is there a proper way to uninstall them? Okay, that was a couple more than a couple but I couldn't help myself. :huh:

Thank you very much for the help you have been giving me. I'll let you know how it goes.

#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:17 AM

Posted 06 August 2012 - 01:02 PM

Mse is crap in my opinion I help out on a lot of forums and always when someone with mse is hit with a virus there goes there internet connection I think of it like why would microsoft want to protect your machine when they are in the computer business????

Also superantispyware and malwarebytes work well together and wont conflict with avast they are free and do not provide realtime protection,even if they did they are not antivirus applications just kinda like having an extra gun when going hunting if you know what I mean.If you are willing to pay for an antivirus I suggest kaspersky. :)

#10 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 AM

Posted 06 August 2012 - 01:38 PM

Hi again. Yes, I am all about the free. I kinda figured that MSE was crap. I've heard more negative than positive about all microsoft products.

I just want to make sure about that last question I had: Is there a special uninstall for the farbar service scanner and the minitoolbox? I saved them to my desktop and ran them from there.

Thanks!

#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:17 AM

Posted 06 August 2012 - 01:44 PM

You can just put them in the recycle bin and delete that way. :)
Clean your temp files and recycle bin with tfc.exe
http://www.bleepingcomputer.com/download/tfc/

#12 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 AM

Posted 06 August 2012 - 04:47 PM

Hi again. I have successfully downloaded all three of the suggested programs. Everything seems to be going fine, but I have another small problem. I cannot open Windows Defender. I don't mind that it will stay off now that I have the other helpful programs. However, I cannot even open it. I get the following error message: Application failed to initialize: 0x800106ba. A problem caused this program's service to stop. To start the service, restart your computer or search Help and Support for how to start a service manually.

I can't open anything related to Windows Defender. I know that I wont be using it, but I still would like to be able to have access to the program if needed. Please help! Thanks!

#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:17 AM

Posted 06 August 2012 - 07:34 PM

Open an Elevated command Prompt and copy and paste the contents of the code box and hit enter after completion reboot and see if you are able to open defender.


	sfc /SCANNOW /OFFBOOTDIR=c:\ /OFFWINDIR=d:\Windows


If that fails then Run Farbar Service Scanner /again,with all boxes checked,post the log.

#14 MrsG94

MrsG94
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 AM

Posted 06 August 2012 - 09:10 PM

Hi, I don't know what I did, but I kept fooling around with it and got it to open. I don't get that error message anymore. I'm pretty sure I have it disabled even though I am still able to open it. I think. :o

Seems okay for now. I cannot thank you enough for your help! Maybe you won't have to answer any more questions from me for at least a few minutes... :wacko:

#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:17 AM

Posted 06 August 2012 - 09:18 PM

To disable it see link.
http://www.wintuts.com/How-to-disable-Windows-Defender




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users