Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer running really slow, email hacked, back button won't work on sites


  • Please log in to reply
6 replies to this topic

#1 sanslumiere

sanslumiere

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 10 August 2012 - 05:35 PM

I keep having the same issues so I think my computer has a virus ir trojan or something. It's going really, really slow and it used to be fairly fast. Everytime I go online it's using way more memory than before even if I have up only one page with no images or video. Before: 200mb, now: 1gb. Sometimes I'll be watching something on hulu and the full screen will turn off as if I'm doing something in the background but I'm not. When I do a search and click on a link, if I click the back button it won't go back to the search results. It just keeps reloading the same page. My internet email has been hacked and my husband's email (which I check for him) has been hacked.

I have run a defrag, run scans with AVG antivirus and Rootkit scanner, Malwarebytes scanner, superantispyware scanner. All they find are cookies. So I figure I have something pretty deeply embedded. After the defrag, there was an extra 10+gbs of space freed up on my computer. the next day I turn it on, and that space is gone again. <_<

I don't know for sure if I have a virus but I think I do. What do I do next to get this taken care of?

Thanks for any and all help,

sanslumiere

BC AdBot (Login to Remove)

 


#2 sanslumiere

sanslumiere
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 13 August 2012 - 10:00 PM

:thumbup2: I am running Windows Vista Home 32bit. Browser I use most is IE9. Today the browser shut down because of Data Execution Prevention (DEP). It shuts down quite a bit but I dont recall if this has been the reason or not.

Edited by sanslumiere, 14 August 2012 - 06:16 AM.


#3 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:43 AM

Posted 14 August 2012 - 11:24 AM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#4 sanslumiere

sanslumiere
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 14 August 2012 - 02:14 PM

Okay, here we go:



Results of screen317's Security Check version 0.99.43
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
I SPY Treasure Hunt
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.62.0.1300
Java™ 6 Update 33
Java version out of Date!
Adobe Flash Player 11.3.300.270
Adobe Reader X (10.1.3)
Mozilla Firefox 12.0 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2 % Defragment your hard drive soon!
````````````````````End of Log``````````````````````




======================================================================================================================================================================================


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.14.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Faith D :: CHOCOLATETHUNDR [administrator]

8/14/2012 1:03:32 PM
mbam-log-2012-08-14 (13-03-32).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 201871
Time elapsed: 11 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




==============================================================================================================================================================================================================================

Farbar Service Scanner Version: 06-08-2012
Ran by Faith D (administrator) on 14-08-2012 at 12:57:55
Running from "C:\Users\Faith D\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6ITGDL0V"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



==============================================================================================================================================================================================================================



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-14 13:21:11
-----------------------------
13:21:11.830 OS Version: Windows 6.0.6002 Service Pack 2
13:21:11.830 Number of processors: 2 586 0xF0D
13:21:11.831 ComputerName: CHOCOLATETHUNDR UserName: Faith D
13:21:13.958 Initialize success
13:22:08.923 AVAST engine defs: 12081400
13:27:58.189 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:27:58.193 Disk 0 Vendor: WDC_WD16 11.0 Size: 152627MB BusType: 3
13:27:58.214 Disk 0 MBR read successfully
13:27:58.218 Disk 0 MBR scan
13:27:58.228 Disk 0 Windows VISTA default MBR code
13:27:58.240 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
13:27:58.266 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 143707 MB offset 3074048
13:27:58.305 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 7419 MB offset 297385984
13:27:58.318 Disk 0 scanning sectors +312580096
13:27:58.393 Disk 0 scanning C:\Windows\system32\drivers
13:28:11.608 Service scanning
13:28:39.529 Modules scanning
13:28:45.437 Disk 0 trace - called modules:
13:28:45.842 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
13:28:45.852 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x862d0318]
13:28:45.861 3 CLASSPNP.SYS[881108b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x856f3028]
13:28:47.496 AVAST engine scan C:\Windows
13:28:50.469 AVAST engine scan C:\Windows\system32
13:32:24.252 AVAST engine scan C:\Windows\system32\drivers
13:32:40.825 AVAST engine scan C:\Users\Faith D
14:03:19.926 Disk 0 MBR has been saved successfully to "C:\Users\Faith D\Contacts\Desktop\MBR.dat"
14:03:19.950 The log file has been saved successfully to "C:\Users\Faith D\Contacts\Desktop\aswMBR.txt"




==============================================================================================================================================================================================================================



MiniToolBox by Farbar Version: 23-07-2012
Ran by Faith D (administrator) on 14-08-2012 at 13:00:21
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Disconnected)
Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : chocolatethundr
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.tn.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.tn.comcast.net.
Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
Physical Address. . . . . . . . . : 00-21-63-FC-C1-00
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8815:7bc6:3d4b:6f8%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, August 14, 2012 12:14:55 PM
Lease Expires . . . . . . . . . . : Wednesday, August 15, 2012 12:14:54 PM
Default Gateway . . . . . . . . . : fe80::fdfe:e2f3:ae29:67ae%11
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 285221219
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-20-83-C0-00-1E-33-96-D0-85
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.tn.comcast.net.
Description . . . . . . . . . . . : isatap.hsd1.tn.comcast.net.
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:30c5:f4a:3f57:fe9b(Preferred)
Link-local IPv6 Address . . . . . : fe80::30c5:f4a:3f57:fe9b%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4002:802::1000
173.194.37.69
173.194.37.78
173.194.37.66
173.194.37.68
173.194.37.71
173.194.37.65
173.194.37.64
173.194.37.70
173.194.37.72
173.194.37.73
173.194.37.67



Pinging google.com [74.125.45.100] with 32 bytes of data:

Reply from 74.125.45.100: bytes=32 time=25ms TTL=52

Reply from 74.125.45.100: bytes=32 time=24ms TTL=52



Ping statistics for 74.125.45.100:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 24ms, Maximum = 25ms, Average = 24ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=510ms TTL=48

Reply from 98.139.183.24: bytes=32 time=442ms TTL=48



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 442ms, Maximum = 510ms, Average = 476ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 21 63 fc c1 00 ...... Atheros AR5007EG Wireless Network Adapter
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.hsd1.tn.comcast.net.
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 281
192.168.1.100 255.255.255.255 On-link 192.168.1.100 281
192.168.1.255 255.255.255.255 On-link 192.168.1.100 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
11 281 ::/0 fe80::fdfe:e2f3:ae29:67ae
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:9d38:953c:30c5:f4a:3f57:fe9b/128
On-link
11 281 fe80::/64 On-link
12 266 fe80::/64 On-link
12 266 fe80::30c5:f4a:3f57:fe9b/128
On-link
11 281 fe80::8815:7bc6:3d4b:6f8/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/14/2012 00:16:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2012 06:00:43 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16447, time stamp 0x4fc9cd53, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x80008000,
process id 0xf30, application start time 0xiexplore.exe0.

Error: (08/14/2012 02:04:24 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16447, time stamp 0x4fc9cd53, faulting module Flash32_11_3_300_270.ocx, version 11.3.300.270, time stamp 0x50197f98, exception code 0xc0000005, fault offset 0x001cfb54,
process id 0x1654, application start time 0xiexplore.exe0.

Error: (08/13/2012 09:31:12 PM) (Source: Windows Backup) (User: )
Description: File backup failed due to an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check your hardware configuration. (0x81000006).

Error: (08/13/2012 09:22:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2012 01:46:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2012 01:17:01 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16447, time stamp 0x4fc9cd53, faulting module Flash32_11_3_300_270.ocx, version 11.3.300.270, time stamp 0x50197f98, exception code 0xc0000005, fault offset 0x004d19dd,
process id 0x174c, application start time 0xiexplore.exe0.

Error: (08/12/2012 06:22:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2012 04:48:53 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16447, time stamp 0x4fc9cd53, faulting module Flash32_11_3_300_270.ocx, version 11.3.300.270, time stamp 0x50197f98, exception code 0xc0000005, fault offset 0x001cfb54,
process id 0x1628, application start time 0xiexplore.exe0.

Error: (08/12/2012 04:37:27 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 6a4
Start Time: 01cd7859a28012c0
Termination Time: 335


System errors:
=============
Error: (08/14/2012 10:18:42 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (08/13/2012 04:21:45 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (08/13/2012 09:24:16 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (08/12/2012 09:56:02 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (08/11/2012 11:48:48 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (08/11/2012 10:08:49 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (08/11/2012 10:08:43 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (08/11/2012 10:08:34 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (08/11/2012 10:08:28 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (08/11/2012 10:08:21 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (08/14/2012 00:16:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2012 06:00:43 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164474fc9cd53unknown0.0.0.000000000c000000580008000f3001cd79f87dd5fc16

Error: (08/14/2012 02:04:24 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164474fc9cd53Flash32_11_3_300_270.ocx11.3.300.27050197f98c0000005001cfb54165401cd79c3c4b371b6

Error: (08/13/2012 09:31:12 PM) (Source: Windows Backup)(User: )
Description: E:\The backup location cannot be found or is not valid. Review your backup settings and check your hardware configuration. (0x81000006)

Error: (08/13/2012 09:22:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2012 01:46:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/13/2012 01:17:01 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164474fc9cd53Flash32_11_3_300_270.ocx11.3.300.27050197f98c0000005004d19dd174c01cd78f4a9be7618

Error: (08/12/2012 06:22:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2012 04:48:53 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164474fc9cd53Flash32_11_3_300_270.ocx11.3.300.27050197f98c0000005001cfb54162801cd786e43c07850

Error: (08/12/2012 04:37:27 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164476a401cd7859a28012c0335


=========================== Installed Programs ============================

3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1784.41616)
Adobe AIR (Version: 2.7.0.19530)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Amazon Unbox Video (Version: 2.1.0.126)
Atheros Driver Installation Program (Version: 5.2)
Atheros Wi-Fi Protected Setup Library
AVG 2012 (Version: 12.0.2180)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2180)
AVG Security Toolbar (Version: 10.0.0.7)
Big Fish Games: Game Manager (Version: 3.0.1.60)
CD/DVD Drive Acoustic Silencer (Version: 2.02.03)
Cisco EAP-FAST Module (Version: 2.1.6)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel PaintShop Photo Pro X3 (Version: 1.00.0000)
Corel PaintShop Photo Pro X3 (Version: 1.6.1.263)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dora the Explorer: Swiper's Big Adventure!
Doras Carnival Adventure
DVD MovieFactory for TOSHIBA (Version: 5.51)
ExtractNow
Facebook.WriterPlugin.Setup (Version: 1.0.0)
G'MIC for GIMP version 1.4.9.0 (Version: 1.4.9.0)
GearDrvs (Version: 5.0.0.2)
GIMP 2.6.11 (Version: 2.6.11)
Google Desktop (Version: 5.9.1005.12335)
Hotel Dash: Suite Success
I SPY Treasure Hunt (Version: 2.2.0.97)
ICA (Version: 1.6.1.263)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
IPM_PSP_CL (Version: 1.00.0000)
IPM_PSP_COM (Version: 1.00.0000)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
Learning Lodge Navigator
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.6123.5001)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.20.8730.4)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Opera 11.64 (Version: 11.64.1403)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PSPPContent (Version: 1.00.0000)
PSPPRO_DCRAW (Version: 13.0.0)
QuickBooks Financial Center (Version: 1.10.0000)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5599)
Realtek USB 2.0 Card Reader (Version: )
RealUpgrade 1.1 (Version: 1.1.0)
Respondus LockDown Browser (Version: 1.02.0001)
Segoe UI (Version: 15.4.2271.0615)
Serif WebPlus Starter Edition 3.0 (Version: 3.0.0.004)
Setup (Version: 1.6.1.263)
SUPERAntiSpyware (Version: 5.0.1150)
Synaptics Pointing Device Driver (Version: 11.2.4.0)
TOSHIBA Assist (Version: 2.01.08)
TOSHIBA ConfigFree (Version: 7.2.20)
TOSHIBA Desktop Links (Version: 1.7)
TOSHIBA Disc Creator (Version: 2.0.1.3)
TOSHIBA DVD PLAYER (Version: 1.31.14)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Hardware Setup (Version: 2.00.08)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.2)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA Service Station (Version: 1.1.14)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD04))
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 2.00.04)
TOSHIBA Value Added Package (Version: 1.1.24)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VTech Download Agent Library (Version: 1.00.0000)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Toshiba Games) (Version: 4.0.5.14)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Devices: ================================

Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8169
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 76%
Total physical RAM: 1915.25 MB
Available physical RAM: 450.7 MB
Total Pagefile: 4079.78 MB
Available Pagefile: 2172.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.21 MB

========================= Partitions: =====================================

1 Drive c: (SQ004816V03) (Fixed) (Total:140.34 GB) (Free:69.91 GB) NTFS
2 Drive d: (Rebirth new) (CDROM) (Total:4.38 GB) (Free:4.15 GB) UDF

========================= Users: ========================================

User accounts for \\CHOCOLATETHUNDR

Administrator Faith D Guest


**** End of log ****

Edited by sanslumiere, 14 August 2012 - 02:17 PM.


#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:43 AM

Posted 14 August 2012 - 04:10 PM

I don't see anything malicious there.

When I do a search and click on a link, if I click the back button it won't go back to the search results

What browser?

My internet email has been hacked and my husband's email (which I check for him) has been hacked.

Web based email?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 sanslumiere

sanslumiere
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:43 AM

Posted 14 August 2012 - 08:38 PM

Yes, web based email. Internet Explorer 9 which constantly crashes,internet settings won't stick when I change them and when I watch videos in this browser, I'm constantly fighting to keep it on full screen because it keeps jumping into the small screen. My dvd/cd player also won't read disks most of the time because it says something else is using that application. The amount of memory keeps changing without me adding or erasing anything.

Are you certain you don't see anything there? It's never done this before a couple months ago. It's driving me nuts.

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:43 AM

Posted 14 August 2012 - 08:55 PM

Web based email is prone to hacking from the outside. Your computer doesn't have to be involved.
Change email account passwords and see how it goes.

As for IE, open it, go Tools>Internet options>Advanced tab and click on "Reset" button.
Restart IE and see how it goes.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users