Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Security Essentials; PC Status: Potentially unprotected


  • Please log in to reply
17 replies to this topic

#1 Souschefie

Souschefie

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 12 September 2012 - 08:51 AM

Dear Blipping Computer Staff Member,

I have the following computer:

Dell, Inspiron 1440, Windows Vista Home Premium 2007 (service pack 2), Pentium Dual Core CPU T4200 @2.00 GHz 2.00GHz, 3.00 GB (RAM), 64-bit Oper. System Type.

I seem to have the following problem:

I start the computer.

Then, when it seems it's ready to go, everything takes a bit longer than usual to actually start, whether it is running a program like Word or loging online (I mean starting Explorer.)

Everything seems to recover some speed when the Microsoft Security Essentials finally has opened or run, whatever it is that it does. But it used to always come or open up rather quickly and it always opened up as a green icon, not it always opens very slowly and as an orange icon.

So I have ran a full scan with Microsoft Security Essentials, also with Malwarebytes Anti-Malware and with Smart Defrag and still, after a day or two, it comes back to being orange and running very slow.

Everytime I have ran a scan I have gotten rid of all of the viruses it recognizes.

Can you please offer some advise as to what I shall do?

Thank you in advance.

Moderator Edit: Moved topic from Windows Vista to the more appropriate forum.
Roger

Edited by rotor123, 12 September 2012 - 09:28 AM.


BC AdBot (Login to Remove)

 


#2 Souschefie

Souschefie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 12 September 2012 - 01:29 PM

Moderator Edit: Moved topic from Windows Vista to the more appropriate forum.
Roger


Dear Moderator,

Can you please let me know which forum was my inquiry moved to?

Thanks.

S.

#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:13 AM

Posted 12 September 2012 - 04:52 PM

Topic is moved to Am I Infected -

Please check your MSE Settings -

As a quick idea I will only post my settings for MSE that I use on both of my computers -

Are you sure that you have MSE set to update and scan every day ??
My MSE will show Orange to light Red if the program has not been Run / Updated for 2 days as a warning to check Updates and to Scan.

Open your MSE program and click Scheduled Scans, then tick Run a Scheduled Scan on my computer >
Next - Scan Type : > Select Quick Scan
Next - When : (I have selected Daily)
Next - Around (I have selected 1.00 PM as I am usually online at that time) You may want to select 6.00 or 8.00 PM
Next I have selected the last 3 boxes to Update etc and selected 50% limit during scans -

Click > Realtime Protection and make sure the box is ticked -

Edited by noknojon, 12 September 2012 - 04:56 PM.


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:13 AM

Posted 12 September 2012 - 09:12 PM

So I have ran a full scan with Microsoft Security Essentials, also with Malwarebytes Anti-Malware and with Smart Defrag and still, after a day or two, it comes back to being orange and running very slow.
Everytime I have ran a scan I have gotten rid of all of the viruses it recognizes.

Hi again -
You may be having a problem with your Chinese IObit programs clashing with your Antivirus and also with Malwarebytes Anti-Malware program.
Please tell us how often you pick up these Infections / viruses and have you noted the names of any of them -

Please download MiniToolBox, Save it to your desktop and run it.

Checkmark the following boxes:

•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files


Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Thank You -



#5 Souschefie

Souschefie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 13 September 2012 - 12:56 PM

Thank you very much for your assistance.

1) I set my settings exactly as you instructed. I did not have them as you said, and actually my settings were turned off. Right now, it is still orange, even though I scanned it yesterday. There was an infection and after running a full scan I deleted the infection. Today, it is showing an infection with the name: HackTool:Win32/Wpakill.B, and I don't know if it is the same name as yesterday. I will wait for further instruction from you on what to do next.

2) Here is the log from MiniToolBox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Mario (administrator) on 13-09-2012 at 13:54:45
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1515 Wireless-N Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Mario-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.md.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : Dell Wireless 1515 Wireless-N Adapter
Physical Address. . . . . . . . . : 00-22-5F-F1-13-C1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::119e:fc18:ecf7:78c2%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, September 13, 2012 11:19:07 AM
Lease Expires . . . . . . . . . . : Friday, September 14, 2012 11:19:06 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 201335391
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-01-4B-47-00-25-64-56-2C-C8
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-25-64-56-2C-C8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{472B833A-9011-4490-A5CE-44245E1898DD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3059:dee:bbcf:61b0(Preferred)
Link-local IPv6 Address . . . . . : fe80::3059:dee:bbcf:61b0%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : isatap.hsd1.md.comcast.net.
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4004:801::1000
74.125.228.78
74.125.228.69
74.125.228.67
74.125.228.72
74.125.228.65
74.125.228.68
74.125.228.70
74.125.228.66
74.125.228.64
74.125.228.71
74.125.228.73



Pinging google.com [74.125.228.37] with 32 bytes of data:

Reply from 74.125.228.37: bytes=32 time=19ms TTL=54

Reply from 74.125.228.37: bytes=32 time=63ms TTL=54



Ping statistics for 74.125.228.37:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 19ms, Maximum = 63ms, Average = 41ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=55ms TTL=50

Reply from 98.138.253.109: bytes=32 time=61ms TTL=50



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 55ms, Maximum = 61ms, Average = 58ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 22 5f f1 13 c1 ...... Dell Wireless 1515 Wireless-N Adapter
11 ...00 25 64 56 2c c8 ...... Realtek PCIe FE Family Controller
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.{472B833A-9011-4490-A5CE-44245E1898DD}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 isatap.hsd1.md.comcast.net.
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 281
192.168.1.100 255.255.255.255 On-link 192.168.1.100 281
192.168.1.255 255.255.255.255 On-link 192.168.1.100 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:4137:9e76:3059:dee:bbcf:61b0/128
On-link
12 281 fe80::/64 On-link
10 266 fe80::/64 On-link
12 281 fe80::119e:fc18:ecf7:78c2/128
On-link
10 266 fe80::3059:dee:bbcf:61b0/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/13/2012 11:19:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2012 07:20:44 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16448, time stamp 0x4feba22b, faulting module Flash32_11_4_402_265.ocx, version 11.4.402.265, time stamp 0x502bf2f6, exception code 0xc0000005, fault offset 0x004a7349,
process id 0xd9c, application start time 0xiexplore.exe0.

Error: (09/13/2012 07:16:00 AM) (Source: Perflib) (User: )
Description: Network Inspection Systemc:\Program Files\Microsoft Security Client\NisPerformanceProvider.dll4

Error: (09/13/2012 06:18:17 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2012 10:33:46 PM) (Source: Perflib) (User: )
Description: PolicyAgent4

Error: (09/12/2012 10:33:46 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (09/12/2012 10:33:46 PM) (Source: Perflib) (User: )
Description: EmdCache4

Error: (09/12/2012 06:45:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/12/2012 06:20:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2012 03:16:54 PM) (Source: Perflib) (User: )
Description: Network Inspection Systemc:\Program Files\Microsoft Security Client\NisPerformanceProvider.dll4


System errors:
=============
Error: (09/13/2012 06:21:42 AM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X64

Error: (09/12/2012 06:50:55 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (09/12/2012 10:16:00 AM) (Source: Microsoft Antimalware) (User: )
Description: %HackTool:Win32/Wpakill.B60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%HackTool:Win32/Wpakill.B603

Name: HackTool:Win32/Wpakill.B

ID: 2147634461

Severity: %HackTool:Win32/Wpakill.B600

Category: %HackTool:Win32/Wpakill.B602

Path: 4.0.1526.02

Detection Origin: 4.0.1526.04

Detection Type: 4.0.1526.08

Detection Source: %HackTool:Win32/Wpakill.B608

User: {D3044AB9-0DB2-445D-BA44-DB5308D479B9}9

Process Name: %HackTool:Win32/Wpakill.B609

Action: {D3044AB9-0DB2-445D-BA44-DB5308D479B9}1

Action Status: {D3044AB9-0DB2-445D-BA44-DB5308D479B9}8

Error Code: {D3044AB9-0DB2-445D-BA44-DB5308D479B9}3

Error description: {D3044AB9-0DB2-445D-BA44-DB5308D479B9}4

Signature Version: 2012-09-12T10:27:52.896Z1

Engine Version: 2012-09-12T10:27:52.896Z2

Error: (09/12/2012 06:22:50 AM) (Source: Service Control Manager) (User: )
Description: Windows Font Cache Service%%1053

Error: (09/12/2012 06:22:50 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Font Cache Service

Error: (09/12/2012 06:22:50 AM) (Source: Service Control Manager) (User: )
Description: Windows Font Cache Service%%1053

Error: (09/12/2012 06:22:50 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Font Cache Service

Error: (09/11/2012 07:05:06 PM) (Source: DCOM) (User: Mario-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Mario-PCMarioS-1-5-21-2513106130-1961098394-2218795706-1000LocalHost (Using LRPC)

Error: (09/11/2012 03:06:30 PM) (Source: Service Control Manager) (User: )
Description: Adobe Flash Player Update Service%%1053

Error: (09/11/2012 03:06:30 PM) (Source: Service Control Manager) (User: )
Description: 30000Adobe Flash Player Update Service


Microsoft Office Sessions:
=========================
Error: (09/21/2011 00:53:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/31/2011 10:19:01 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/31/2011 09:31:09 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/17/2011 09:19:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/08/2011 08:04:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/05/2011 00:15:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/13/2011 11:15:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/13/2011 11:14:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/04/2011 08:21:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
Apple Mobile Device Support (Version: 4.0.0.97)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.13)
Dell Edoc Viewer (Version: 1.0.0)
Dell Touchpad (Version: 7.104.101.102)
Google Chrome (Version: 21.0.1180.89)
HP Deskjet F4400 Printer Driver 14.0 Rel. 5 (Version: 14.0)
Integrated Webcam Driver (1.00.04.0310) (Version: 1.00.04.0310)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.5.1.42)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Octoshape add-in for Adobe Flash Player
Quickset (Version: 9.4.6)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 3033.57 MB
Available physical RAM: 1315.64 MB
Total Pagefile: 6277.39 MB
Available Pagefile: 4111.78 MB
Total Virtual: 4095.88 MB
Available Virtual: 3992.43 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:217.82 GB) (Free:116.27 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:1.18 GB) NTFS

========================= Users: ========================================

User accounts for \\MARIO-PC

Administrator Guest Mario

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:13 AM

Posted 13 September 2012 - 03:22 PM

I noted the infection you mentioned in the generated logs - Description: %HackTool:Win32/Wpakill.B60 was still stored in your MSE quarantine area -
Lets try to remove it -

Download ESET online scanner

Install it - You may be told to disable MSE, just uncheck Realtime Protection during the scan -
Click on START,it should download the virus definitions
This section may take a while to download and install the first time you use the program.
When scan gets completed,click on LIST of found threats
Export the list to desktop,copy the contents of the text file in your reply

Download, install and update both Malwarebytes Anti-Malware Free / MBAM and SuperantiSpyware Free / SAS.
Run a Quick scan with both programs and post the logs generated
They are both saved by default in the program. MBAM has Logs at the top of the Face panel, and SAS has View Scan Logs at the bottom.

Although you said you scanned with MBAM, the program is not listed in Installed Programs. Did you delete it ??
Did you alter any other items in the logs, or do you run almost no other programs ??

Meanwhile ensure MSE is Updated and Scans every day, or most days -

Finally : Download Security Check by Screen317 from HERE or HERE, and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

Thank You -

#7 Souschefie

Souschefie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 13 September 2012 - 09:35 PM

Hi again.

I tried removing the virus from MSE and it said it encountered an error, which I post here:
_____________________________________________________________________________________________________________________________________________
Security Essentials encountered the following error: Error code 0x800700df. The file size exceeds the limit allowed and cannot be saved.
Category: Tool
Description: This program has potentially unwanted behavior.
Recommended action: Permit this detected item only if you trust the program or the software publisher.
Items:
containerfile:C:\Users\Mario\Documents\Windows7.iso
file:C:\Users\Mario\Documents\Windows7.iso->REMOVEWAT.EXE
______________________________________________________________________________________________________________________________________________

Here is the from ESET online scanner:

C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Default\aagddcdhddgfggdegedjgbdcdedidadh\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Default\aagddcdhddgfggdegedjgbdcdedidadh\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GR5TL2UU\v-447842[1].htm JS/TrojanDownloader.Iframe.NKE trojan cleaned by deleting - quarantined

Actually, right after I clicked to close the ESET report, there came a window telling that the program may have not installed correctly. The name of the window was: Program Compatability Assistant, and it said that IF the program had not installed correctly I had two option to click next: one, to reinstall using recommended settings or, two, click that the program had installed correctly. I checked in the programs installed in my computer and did see that ESET had installed, so I clicked the latter.
_______________________________________________________________________________________________________________________________________________________

Malwarebytes Anti-Malware scan log:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.13.10

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Mario :: MARIO-PC [administrator]

9/13/2012 9:54:14 PM
mbam-log-2012-09-13 (21-54-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203687
Time elapsed: 5 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
___________________________________________________________________________________________________________________________________________________

Superanti Spyware log:

It actually asked me at the end of the scan to quarantine and remove the infections, which I decided to do and hopefully it was okay! Here is the log before I removed the infections:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/13/2012 at 10:14 PM

Application Version : 5.5.1016

Core Rules Database Version : 9226
Trace Rules Database Version: 7038

Scan type : Quick Scan
Total Scan Time : 00:09:39

Operating System Information
Windows Vista Home Premium 64-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User

Memory items scanned : 503
Memory threats detected : 0
Registry items scanned : 53752
Registry threats detected : 2
File items scanned : 10290
File threats detected : 235

Malware.Trace
(x86) HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run#Adobe [ rundll32.exe "C:\Users\Mario\AppData\Local\Apple\Adobe\ackpmvx.dll",CreateInstance ]
(x86) HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run#Adobe [ rundll32.exe "C:\Users\Mario\AppData\Local\Apple\Adobe\ackpmvx.dll",CreateInstance ]

Adware.Tracking Cookie
.divx.112.2o7.net [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\EHNR4U74.txt [ /tacoda.at.atwola.com ]
.revsci.net [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\FNEKFAWF.txt [ /www.baltimorecountymd.gov ]
.doubleclick.net [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\3LWAXJ7T.txt [ /statcounter.com ]
.histats.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\QL6N7CSY.txt [ /collective-media.net ]
.histats.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\0P34B345.txt [ /ads.adk2.com ]
.invitemedia.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\XO974COO.txt [ /ar.atwola.com ]
.zedo.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\2P2F9SR3.txt [ /ads.undertone.com ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\YNNPJYE6.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\3USI372U.txt [ /media6degrees.com ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\K7FAH092.txt [ /lucidmedia.com ]
.zedo.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\ZOF77YMY.txt [ /at.atwola.com ]
.zedo.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\DSX2WJ8C.txt [ /adfarm1.adition.com ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\W9SC2TID.txt [ /7.rotator.wigetmedia.com ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\B99GIWZH.txt [ /adnetwork.net ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\SFASU3CY.txt [ /atwola.com ]
ad.yieldmanager.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\GST1ARVO.txt [ /ad.yieldmanager.com ]
.invitemedia.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\NQ7B0MWU.txt [ /microsoftwllivemkt.112.2o7.net ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\GISVD6ZW.txt [ /p2338.superclick.com ]
.atdmt.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\J66FBJOG.txt [ /yadro.ru ]
.prisacom.112.2o7.net [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\OHFOUDRE.txt [ /invitemedia.com ]
.c.atdmt.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\JMIKIGGA.txt [ /ads.pubmatic.com ]
.invitemedia.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\MARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\N7FQFAAH.txt [ Cookie:mario@tacoda.at.atwola.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\0J8G0JBK.txt [ Cookie:mario@weborama.fr/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2PJEPE6E.txt [ Cookie:mario@adxpose.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\A44JB4E1.txt [ Cookie:mario@prisacom.112.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\7TCGUSMT.txt [ Cookie:mario@collective-media.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ZSSDBU8.txt [ Cookie:mario@interclick.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\UNJ749OH.txt [ Cookie:mario@omn.crackle.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\5DHALZTS.txt [ Cookie:mario@bisexualplayground.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\K1EIGW1E.txt [ Cookie:mario@histats.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\TBIKTECK.txt [ Cookie:mario@media6degrees.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\GXTEG2KX.txt [ Cookie:mario@in.getclicky.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\37J2E4U2.txt [ Cookie:mario@lucidmedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\IPMZMR1F.txt [ Cookie:mario@at.atwola.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\0XT7BL3V.txt [ Cookie:mario@accounts.google.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\XZZVUQCF.txt [ Cookie:mario@pg.solution.weborama.fr/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\BJF7PR4F.txt [ Cookie:mario@hearstmagazines.112.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\4FOEA7DA.txt [ Cookie:mario@adfarm1.adition.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZJMTUUOC.txt [ Cookie:mario@crackle.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\4L64NHXE.txt [ Cookie:mario@harrenmedianetwork.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\VTT0KM9E.txt [ Cookie:mario@7.rotator.wigetmedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\E19VA0TP.txt [ Cookie:mario@adnetwork.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LBFNZ7QP.txt [ Cookie:mario@atwola.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZTFWD7N4.txt [ Cookie:mario@andomedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\KF9AVMJL.txt [ Cookie:mario@azjmp.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\HZI3QDBW.txt [ Cookie:mario@premiumtv.122.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\47VJEL2J.txt [ Cookie:mario@rotator.adjuggler.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\CTR9Z1NH.txt [ Cookie:mario@adsonar.com/adserving ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\19HMNXAH.txt [ Cookie:mario@a1.interclick.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\SI67CLRJ.txt [ Cookie:mario@amazon-adsystem.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\KBHMN2XL.txt [ Cookie:mario@click.get-answers-fast.com/ads-clicktrack/click/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\YSNHBC9Q.txt [ Cookie:mario@invitemedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\07PH3D7Y.txt [ Cookie:mario@ads.mediakeywords.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\MY8ECB6A.txt [ Cookie:mario@mediaservices-d.openxenterprise.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\CML15JFS.txt [ Cookie:mario@ads.saymedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\3PCAA5LP.txt [ Cookie:mario@myroitracking.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\5WUH3ABJ.txt [ Cookie:mario@tracking.affiliaxe.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\GYC4X92L.txt [ Cookie:mario@liveperson.net/hc/77614517 ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\QVGUSB62.txt [ Cookie:mario@eas.apm.emediate.eu/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\KEVSUMUG.txt [ Cookie:mario@mediatakeout.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\H8ST86JN.txt [ Cookie:mario@c.gigcount.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ABHI7GZ3.txt [ Cookie:mario@lfstmedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\PBLMITK4.txt [ Cookie:mario@accounts.mypressplus.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\1JAF0AK6.txt [ Cookie:mario@dc.tremormedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\5HZZNGNK.txt [ Cookie:mario@fr.sitestat.com/aef/iphone-en/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\RXBN7F6F.txt [ Cookie:mario@112.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2WRVHV1X.txt [ Cookie:mario@adultfriendfinder.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\WG1RIGH5.txt [ Cookie:mario@burstnet.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\QQXIN3FM.txt [ Cookie:mario@ingdirectspain.122.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\MGUVWF3N.txt [ Cookie:mario@youporngay.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\HXOMDO0T.txt [ Cookie:mario@gq.com/ads/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\CYN4TW58.txt [ Cookie:mario@123count.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\89PS49VM.txt [ Cookie:mario@hhm.rotator.hadj7.adjuggler.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z8K3WXNB.txt [ Cookie:mario@sexyshemalephonesex.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LY2WHA8W.txt [ Cookie:mario@kanoodle.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2YOPDOBV.txt [ Cookie:mario@legolas-media.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q2D4TAPH.txt [ Cookie:mario@toyotaes2.solution.weborama.fr/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZF6M650C.txt [ Cookie:mario@realmedia.com.br/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\333MJIXI.txt [ Cookie:mario@stat.youku.com/player/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\CG286UAU.txt [ Cookie:mario@pulse-analytics-beacon.reutersmedia.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\9SLDC9IP.txt [ Cookie:mario@www.fetishstraponsex.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\O4IYLU80.txt [ Cookie:mario@stats.complex.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\VH7N6YH3.txt [ Cookie:mario@fr.sitestat.com/aef/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\5BHVS7U9.txt [ Cookie:mario@yieldmanager.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\S2AFM2KH.txt [ Cookie:mario@www.youporn.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\L2J3EIHS.txt [ Cookie:mario@adknowledge.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\8Z637WRW.txt [ Cookie:mario@liveperson.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ED1Y3TD.txt [ Cookie:mario@findlocal.baltimoresun.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\0F810B9F.txt [ Cookie:mario@adserving.prolixtraffic.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\I1KDZD5S.txt [ Cookie:mario@bizrate.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\K1N26RWA.txt [ Cookie:mario@saymedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\6T97JEZZ.txt [ Cookie:mario@eyeviewads.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\7SLZ4SGQ.txt [ Cookie:mario@onthemedia.org/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\3O290TN4.txt [ Cookie:mario@rtst.122.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\H0DTOOIG.txt [ Cookie:mario@www.media970.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\NY0RPI32.txt [ Cookie:mario@mm.chitika.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\X0FD7AQA.txt [ Cookie:mario@media2.legacy.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\27IBKCAN.txt [ Cookie:mario@solvemedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\XHHQFZ2F.txt [ Cookie:mario@xiti.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\5NETP52I.txt [ Cookie:mario@banners.andomedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\BQZ13XS9.txt [ Cookie:mario@mediaforceltd.go2jump.org/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\WGU2CCXZ.txt [ Cookie:mario@barilliance.solution.weborama.fr/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2V1V6CXX.txt [ Cookie:mario@ads.gamersmedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\SAI2AU33.txt [ Cookie:mario@msnbc.112.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\EG40P6UI.txt [ Cookie:mario@cdn.mediatakeout.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\OH3GWTSA.txt [ Cookie:mario@www.cracked.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\E5TDGBVB.txt [ Cookie:mario@jazztelespaa.solution.weborama.fr/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2KTHI0D0.txt [ Cookie:mario@allbritton.122.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\3W0WGYC4.txt [ Cookie:mario@www.onthemedia.org/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\KWSM781B.txt [ Cookie:mario@traveladvertising.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\FU1OEB9B.txt [ Cookie:mario@www.adtrackserv.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\XQRTXHB3.txt [ Cookie:mario@ads.crakmedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\UAO42HON.txt [ Cookie:mario@clickbooth.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\YO712PYN.txt [ Cookie:mario@mtvn.112.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\HCEA7NXM.txt [ Cookie:mario@baltimorecountymd.gov/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\PHBZN4FE.txt [ Cookie:mario@www5.addfreestats.com/cgi-bin ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\P2OMGWBS.txt [ Cookie:mario@microsoftsto.112.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\FHJ2WGLD.txt [ Cookie:mario@nextag.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\7WQ6V7FV.txt [ Cookie:mario@warnerbros.112.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\PATJ5H9C.txt [ Cookie:mario@a.intentmedia.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\GQ28MD4R.txt [ Cookie:mario@journalregistercompany.122.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\VBZ93QGT.txt [ Cookie:mario@influenciasjazztel.solution.weborama.fr/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\QOEG3PH2.txt [ Cookie:mario@spacefoot.solution.weborama.fr/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\9L0TMYSM.txt [ Cookie:mario@fourseasonshotels.112.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\36TMVK8S.txt [ Cookie:mario@rotator.hadj7.adjuggler.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\0PFQMN09.txt [ Cookie:mario@www.adserving.pixfuture.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\PA466C2N.txt [ Cookie:mario@tracking.performancerevenues.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2RY34YV3.txt [ Cookie:mario@click.601am.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\NKOYPQJ2.txt [ Cookie:mario@google.com/accounts/recovery/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q61KZF7L.txt [ Cookie:mario@www.google.com/accounts ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ILENK2CX.txt [ Cookie:mario@p2338.superclick.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\P1887CZ7.txt [ Cookie:mario@farecastcom.122.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\JPR81X3Z.txt [ Cookie:mario@rotator.hadj1.adjuggler.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\78TM3QR4.txt [ Cookie:mario@stats.townnews.com/nhregister.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\10ICX2A2.txt [ Cookie:mario@usatoday1.112.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z990R664.txt [ Cookie:mario@afftracker.info/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\HE21USXG.txt [ Cookie:mario@martiniadnetwork.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\7OMXKNTA.txt [ Cookie:mario@care2.112.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\DH8RSLLT.txt [ Cookie:mario@www.baltimorecountymd.gov/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\O2MRYBHK.txt [ Cookie:mario@www.googleadservices.com/pagead/conversion/1069645942/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\MYG6SUL5.txt [ Cookie:mario@ads.mediatwo.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZH9709DI.txt [ Cookie:mario@tracking.godatafeed.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\8V6G5YI3.txt [ Cookie:mario@tracking1.aleadpay.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\YVBNH9W9.txt [ Cookie:mario@articleclick.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\JM0LGY8I.txt [ Cookie:mario@www.roadandtrack.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\HZW9HNIS.txt [ Cookie:mario@www.citysex.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\JXUUE14P.txt [ Cookie:mario@liveperson.net/hc/1338460 ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q9BJD4GK.txt [ Cookie:mario@www.googleadservices.com/pagead/conversion/994819728/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\4X9SGJPD.txt [ Cookie:mario@bubblestat.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\SUZB63WF.txt [ Cookie:mario@network.realmedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\OA2BERAK.txt [ Cookie:mario@liveperson.net/hc/56294818 ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LL9OENJS.txt [ Cookie:mario@amazonwebstore.122.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\WJXG6L4S.txt [ Cookie:mario@liveperson.net/hc/53396402 ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\VSQJDXYW.txt [ Cookie:mario@www.vistazomedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\H2HI7SKT.txt [ Cookie:mario@gq.com/nocount/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2ZO861VR.txt [ Cookie:mario@tracking.bucksense.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\MXKIZBA3.txt [ Cookie:mario@tripod.lycos.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\15EYLGJ8.txt [ Cookie:mario@server.iad.liveperson.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\LOJVKODH.txt [ Cookie:mario@radioclickdigital.com.ar/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\R2624G12.txt [ Cookie:mario@content.yieldmanager.com/ak/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\YSZ115CZ.txt [ Cookie:mario@www.googleadservices.com/pagead/conversion/1072563630/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y3O4DQ4L.txt [ Cookie:mario@stat.dealtime.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ITWSOHE1.txt [ Cookie:mario@www.googleadservices.com/pagead/conversion/1022056985/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\1N9HR1S6.txt [ Cookie:mario@www.googleadservices.com/pagead/conversion/1056829862/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\QENSY8CR.txt [ Cookie:mario@weil.rotator.hadj1.adjuggler.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\33XVMKS7.txt [ Cookie:mario@adperfpublisher.solution.weborama.fr/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\F0XDX1TN.txt [ Cookie:mario@adserving.megatraf.org/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\OYJ08X3H.txt [ Cookie:mario@movieticketscom.122.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\43HDZE8I.txt [ Cookie:mario@media.adfrontiers.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\81PKGAHV.txt [ Cookie:mario@epicurious.com/js/cn-fe-stats/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\HL0DF96Z.txt [ Cookie:mario@mshanken.122.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\YA2XX3YE.txt [ Cookie:mario@adform.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\5FEYI7HR.txt [ Cookie:mario@lorealespaa.solution.weborama.fr/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\V57Y37MM.txt [ Cookie:mario@www.werevenueu.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\AHE5DKWW.txt [ Cookie:mario@bonniercorp.122.2o7.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\F7HXNNHP.txt [ Cookie:mario@epicurious.com/ads/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\V0TGA6U7.txt [ Cookie:mario@ox-d.gravityadnetwork.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\4R64YKM1.txt [ Cookie:mario@mediaalam.info/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\NPS605FC.txt [ Cookie:mario@traffic.prod.cobaltgroup.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\4N4UH2UY.txt [ Cookie:mario@shinystat.com/cgi-bin/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2CPKXOOY.txt [ Cookie:mario@adserver.zenoviaexchange.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\NRCPTTTB.txt [ Cookie:mario@tracktrk.net/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\8T4KWCB6.txt [ Cookie:mario@adjuggler.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\OF1GW6GU.txt [ Cookie:mario@clickfuse.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\BIC616GK.txt [ Cookie:mario@www.googleadservices.com/pagead/conversion/1007387137/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\R6PV9AO2.txt [ Cookie:mario@intermundomedia.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZKP831WR.txt [ Cookie:mario@realmediadigital.com/ ]
C:\USERS\MARIO\AppData\Roaming\Microsoft\Windows\Cookies\Low\2CF0FBKC.txt [ Cookie:mario@micklemedia.com/ ]
C:\USERS\MARIO\Cookies\EHNR4U74.txt [ Cookie:mario@tacoda.at.atwola.com/ ]
C:\USERS\MARIO\Cookies\FNEKFAWF.txt [ Cookie:mario@www.baltimorecountymd.gov/ ]
C:\USERS\MARIO\Cookies\QL6N7CSY.txt [ Cookie:mario@collective-media.net/ ]
C:\USERS\MARIO\Cookies\3USI372U.txt [ Cookie:mario@media6degrees.com/ ]
C:\USERS\MARIO\Cookies\K7FAH092.txt [ Cookie:mario@lucidmedia.com/ ]
C:\USERS\MARIO\Cookies\ZOF77YMY.txt [ Cookie:mario@at.atwola.com/ ]
C:\USERS\MARIO\Cookies\DSX2WJ8C.txt [ Cookie:mario@adfarm1.adition.com/ ]
C:\USERS\MARIO\Cookies\W9SC2TID.txt [ Cookie:mario@7.rotator.wigetmedia.com/ ]
C:\USERS\MARIO\Cookies\B99GIWZH.txt [ Cookie:mario@adnetwork.net/ ]
C:\USERS\MARIO\Cookies\SFASU3CY.txt [ Cookie:mario@atwola.com/ ]
C:\USERS\MARIO\Cookies\NQ7B0MWU.txt [ Cookie:mario@microsoftwllivemkt.112.2o7.net/ ]
C:\USERS\MARIO\Cookies\GISVD6ZW.txt [ Cookie:mario@p2338.superclick.com/ ]
C:\USERS\MARIO\Cookies\OHFOUDRE.txt [ Cookie:mario@invitemedia.com/ ]
_________________________________________________________________________________________________________________________________________________________

Although you said you scanned with MBAM, the program is not listed in Installed Programs. Did you delete it ??
Did you alter any other items in the logs, or do you run almost no other programs ??


I thought the program was installed, but I guess it is now. I have ran it in the last few weeks though, and I have not deleted it, so I am just not sure. I have not altered any items and I only run MBAM and CCleaner and Microsoft Security Essentials
________________________________________________________________________________________________________________________________________________________

Meanwhile ensure MSE is Updated and Scans every day, or most days -

I have readjusted the setting to a daily quick scan and will frequently update!
_________________________________________________________________________________________________________________________________________________________

Finally : Download Security Check by Screen317 from HERE or HERE, and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.


And here are the results:

Results of screen317's Security Check version 0.99.50
Windows Vista Service Pack 2 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.0.1400
JavaFX 2.1.1
Java™ 6 Update 30
Java 7 Update 7
Adobe Reader 9 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
IObit IObit Malware Fighter IMFsrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````
_____________________________________________________________________________________________________________________________________________________

Gosh, I hope it was ok for me to have removed the 237 items after running Superanti. The thing is that it requested it and it looked bad and so I just went ahead and clicked on "remove" at the end. I hope it was ok because the whole thing took almost four hours to finish.

Please let me know.

And again, thank you kindly for your time and patience.

Souschefie.

#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:13 AM

Posted 14 September 2012 - 01:35 AM

Gosh, I hope it was ok for me to have removed the 237 items after running Superanti.

Yes, you did the right thing by removing all those items. I should have said to remove whatever is found in both programs.
Keep both programs (MBAM and SAS) and Update and Quick scan with them each week

With MSE, please open the program and under Settings, Click on Default Actions. Make sure the 4 boxes show Recommended action in them (drop down arrows) and the box at the bottom Apply recommended actions is ticked -
Click Save changes at the bottom of the panel if it is available -

Go Start > Control Panel >Programs and Features, and Delete all older versions of Java (Java™ 6 Update 30) leave 7 Update7 installed
Delete All of IObit - IObit Malware Fighter as this is causing you most of these problems, and not showing in Installed Programs
After you delete it use this tool to clean it out > Remove IObit > Info >Tool

Update Adobe Reader 9 to 10.1.4 from Here but untick Google Chrome if offered at the start

There is only one more program to run now that I think we have got the main problems >
Download Adware Cleaner run it as admin Click the SEARCH button allow it to run and post the log it creates.
I think you ran this with narenxp one other time - AdWare Cleaner

There may be 1 or 2 minor items left, but I think we finally got most of it -

After you finish all this, please run MiniToolBox again and tick all boxes and repost a log to see what is remaining -

Thank You -
No need to thank me, just stay a little bit longer to be sure we help you as much as we can -

thank you kindly for your time and patience.



#9 Souschefie

Souschefie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 14 September 2012 - 08:14 AM

Hi again,

You know, I must say that my MSE icon is back to orange, although I set it up for 9am and it has not run today yet. But it shows it still has the same infection, which I am going to wait til 9am and see if it scans on its own as adjusted and I will get rid of it then. The infection is: HackTool:Win32/Wpakbil.B

I will keep MBAM and SAS and will run and update weekly.
____________________________________________________________________________________________________________________________________________________

With MSE, please open the program and under Settings, Click on Default Actions. Make sure the 4 boxes show Recommended action in them (drop down arrows) and the box at the bottom Apply recommended actions is ticked -
Click Save changes at the bottom of the panel if it is available -


Done!
_____________________________________________________________________________________________________________________________________________________

Go Start > Control Panel >Programs and Features, and Delete all older versions of Java (Java™ 6 Update 30) leave 7 Update7 installed
Delete All of IObit - IObit Malware Fighter as this is causing you most of these problems, and not showing in Installed Programs


I also deleted JavaTM 6 Update 20 (64-bit) But there is something called JavaFX 2.1.1. and I did not delete this because I don't know if I had to or not, and I left Update 7 on it.

You mentioned to delete all of IObit, right? I went ahead and deleted IObit Malware Fighter which is published by IObit. After clicking 'yes' to deleting it, it asked me if I wanted to delete all of its components, is this what you meant by 'delete All of IObit'? I am asking because there is something called Defrag 2 and it is also published by IObit, shall I delete this too?

After you delete it use this tool to clean it out > Remove IObit > Info >Tool

I could not run this because it said I did not have administration permission and asked to click on run as administrator and I could not figure how to do this. Sorry mate.
________________________________________________________________________________________________________________________________________________________

I was not sure if I was supposed to continue on since I wasn't able to clean/run the IObit, but I went ahead with everything else anyways. If I have to re-do all of this stuff I will, no problem.

Update Adobe Reader 9 to 10.1.4 from Here but untick Google Chrome if offered at the start

Oh man, something really weird happened. I tried downloading the update and it kept saying it was prepering for the download and it would take a while and then did nothing. So I went to this site to download it: http://www.adobe.com/support/downloads/product.jsp?platform=windows&product=10

And I tried both versions (the multilingual MUI and the All Languages) and they both prepared to download and then this Windows Installer came up and read: "The upgrade patch cannot be installed by the Windows Installer service bacuse the program to be updgraded may be missing, or the upgrade patch may update a different version of the program. Verify tha the program to be upgraded exists on your somputer and that you have the correct upgrade patch."

And obviously I had not a clue what to do next, so I am going to wait for further instructions.
____________________________________________________________________________________________________________________________________________________________

There is only one more program to run now that I think we have got the main problems >
Download Adware Cleaner run it as admin Click the SEARCH button allow it to run and post the log it creates.
I think you ran this with narenxp one other time - AdWare Cleaner


And here is the log:

# AdwCleaner v2.001 - Logfile created 09/14/2012 at 08:57:04
# Updated 09/09/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Mario - MARIO-PC
# Boot Mode : Normal
# Running from : C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORP3IZ7Q\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Mario\AppData\Local\Conduit
Folder Found : C:\Users\Mario\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Mario\AppData\Roaming\OpenCandy

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [912 octets] - [14/09/2012 08:57:04]

########## EOF - C:\AdwCleaner[R1].txt - [971 octets] ##########
________________________________________________________________________________________________________________________________________________________

After you finish all this, please run MiniToolBox again and tick all boxes and repost a log to see what is remaining -

Here is the log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Mario (administrator) on 14-09-2012 at 09:01:43
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1515 Wireless-N Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Mario-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.md.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : Dell Wireless 1515 Wireless-N Adapter
Physical Address. . . . . . . . . : 00-22-5F-F1-13-C1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::119e:fc18:ecf7:78c2%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, September 14, 2012 5:44:53 AM
Lease Expires . . . . . . . . . . : Saturday, September 15, 2012 5:44:51 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 201335391
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-01-4B-47-00-25-64-56-2C-C8
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-25-64-56-2C-C8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{472B833A-9011-4490-A5CE-44245E1898DD}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3059:dee:bbcf:61b0(Preferred)
Link-local IPv6 Address . . . . . : fe80::3059:dee:bbcf:61b0%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.md.comcast.net.
Description . . . . . . . . . . . : isatap.hsd1.md.comcast.net.
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4004:800::1002
74.125.228.14
74.125.228.6
74.125.228.4
74.125.228.5
74.125.228.7
74.125.228.8
74.125.228.2
74.125.228.9
74.125.228.0
74.125.228.3
74.125.228.1



Pinging google.com [74.125.228.6] with 32 bytes of data:

Reply from 74.125.228.6: bytes=32 time=20ms TTL=54

Reply from 74.125.228.6: bytes=32 time=18ms TTL=54



Ping statistics for 74.125.228.6:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 18ms, Maximum = 20ms, Average = 19ms

Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=93ms TTL=50

Reply from 98.138.253.109: bytes=32 time=133ms TTL=50



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 93ms, Maximum = 133ms, Average = 113ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 22 5f f1 13 c1 ...... Dell Wireless 1515 Wireless-N Adapter
11 ...00 25 64 56 2c c8 ...... Realtek PCIe FE Family Controller
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.{472B833A-9011-4490-A5CE-44245E1898DD}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
14 ...00 00 00 00 00 00 00 e0 isatap.hsd1.md.comcast.net.
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 281
192.168.1.100 255.255.255.255 On-link 192.168.1.100 281
192.168.1.255 255.255.255.255 On-link 192.168.1.100 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:4137:9e76:3059:dee:bbcf:61b0/128
On-link
12 281 fe80::/64 On-link
10 266 fe80::/64 On-link
12 281 fe80::119e:fc18:ecf7:78c2/128
On-link
10 266 fe80::3059:dee:bbcf:61b0/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/14/2012 06:28:51 AM) (Source: Perflib) (User: )
Description: PolicyAgent4

Error: (09/14/2012 06:28:51 AM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (09/14/2012 06:28:49 AM) (Source: Perflib) (User: )
Description: EmdCache4

Error: (09/14/2012 05:46:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2012 07:30:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (09/13/2012 07:30:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (09/13/2012 11:19:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2012 07:20:44 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16448, time stamp 0x4feba22b, faulting module Flash32_11_4_402_265.ocx, version 11.4.402.265, time stamp 0x502bf2f6, exception code 0xc0000005, fault offset 0x004a7349,
process id 0xd9c, application start time 0xiexplore.exe0.

Error: (09/13/2012 07:16:00 AM) (Source: Perflib) (User: )
Description: Network Inspection Systemc:\Program Files\Microsoft Security Client\NisPerformanceProvider.dll4

Error: (09/13/2012 06:18:17 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/14/2012 06:02:16 AM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (09/13/2012 07:22:43 PM) (Source: Microsoft Antimalware) (User: )
Description: %HackTool:Win32/Wpakill.B60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%HackTool:Win32/Wpakill.B603

Name: HackTool:Win32/Wpakill.B

ID: 2147634461

Severity: %HackTool:Win32/Wpakill.B600

Category: %HackTool:Win32/Wpakill.B602

Path: 4.0.1526.02

Detection Origin: 4.0.1526.04

Detection Type: 4.0.1526.08

Detection Source: %HackTool:Win32/Wpakill.B608

User: {CD8392F1-B673-4BA6-A6F4-A9B0CC00ED31}9

Process Name: %HackTool:Win32/Wpakill.B609

Action: {CD8392F1-B673-4BA6-A6F4-A9B0CC00ED31}1

Action Status: {CD8392F1-B673-4BA6-A6F4-A9B0CC00ED31}8

Error Code: {CD8392F1-B673-4BA6-A6F4-A9B0CC00ED31}3

Error description: {CD8392F1-B673-4BA6-A6F4-A9B0CC00ED31}4

Signature Version: 2012-09-13T15:26:33.519Z1

Engine Version: 2012-09-13T15:26:33.519Z2

Error: (09/13/2012 06:21:42 AM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X64

Error: (09/12/2012 06:50:55 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (09/12/2012 10:16:00 AM) (Source: Microsoft Antimalware) (User: )
Description: %HackTool:Win32/Wpakill.B60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%HackTool:Win32/Wpakill.B603

Name: HackTool:Win32/Wpakill.B

ID: 2147634461

Severity: %HackTool:Win32/Wpakill.B600

Category: %HackTool:Win32/Wpakill.B602

Path: 4.0.1526.02

Detection Origin: 4.0.1526.04

Detection Type: 4.0.1526.08

Detection Source: %HackTool:Win32/Wpakill.B608

User: {D3044AB9-0DB2-445D-BA44-DB5308D479B9}9

Process Name: %HackTool:Win32/Wpakill.B609

Action: {D3044AB9-0DB2-445D-BA44-DB5308D479B9}1

Action Status: {D3044AB9-0DB2-445D-BA44-DB5308D479B9}8

Error Code: {D3044AB9-0DB2-445D-BA44-DB5308D479B9}3

Error description: {D3044AB9-0DB2-445D-BA44-DB5308D479B9}4

Signature Version: 2012-09-12T10:27:52.896Z1

Engine Version: 2012-09-12T10:27:52.896Z2

Error: (09/12/2012 06:22:50 AM) (Source: Service Control Manager) (User: )
Description: Windows Font Cache Service%%1053

Error: (09/12/2012 06:22:50 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Font Cache Service

Error: (09/12/2012 06:22:50 AM) (Source: Service Control Manager) (User: )
Description: Windows Font Cache Service%%1053

Error: (09/12/2012 06:22:50 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Font Cache Service

Error: (09/11/2012 07:05:06 PM) (Source: DCOM) (User: Mario-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Mario-PCMarioS-1-5-21-2513106130-1961098394-2218795706-1000LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (09/21/2011 00:53:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/31/2011 10:19:01 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/31/2011 09:31:09 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/17/2011 09:19:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/08/2011 08:04:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/05/2011 00:15:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/13/2011 11:15:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/13/2011 11:14:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/04/2011 08:21:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
Apple Mobile Device Support (Version: 4.0.0.97)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.13)
Dell Edoc Viewer (Version: 1.0.0)
Dell Touchpad (Version: 7.104.101.102)
Google Chrome (Version: 21.0.1180.89)
HP Deskjet F4400 Printer Driver 14.0 Rel. 5 (Version: 14.0)
Integrated Webcam Driver (1.00.04.0310) (Version: 1.00.04.0310)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.5.1.42)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Octoshape add-in for Adobe Flash Player
Quickset (Version: 9.4.6)
SUPERAntiSpyware (Version: 5.5.1016)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)

========================= Devices: ================================

Name: isatap.{472B833A-9011-4490-A5CE-44245E1898DD}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: isatap.hsd1.md.comcast.net.
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp

Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Mobile Intel® 45 Express Chipset Series Processor to DRAM Controller - 2A40
Description: Mobile Intel® 45 Express Chipset Series Processor to DRAM Controller - 2A40
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Integrated Webcam
Description: Integrated Webcam
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: OA013Vid

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: IDT High Definition Audio CODEC
Description: IDT High Definition Audio CODEC
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: IDT
Service: STHDA

Name: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Description: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Dell Wireless 1515 Wireless-N Adapter
Description: Dell Wireless 1515 Wireless-N Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr

Name: Intel® ICH9 Family PCI Express Root Port 3 - 2944
Description: Intel® ICH9 Family PCI Express Root Port 3 - 2944
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8169

Name: Intel® ICH9 Family PCI Express Root Port 5 - 2948
Description: Intel® ICH9 Family PCI Express Root Port 5 - 2948
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Intel® ICH9M LPC Interface Controller - 2919
Description: Intel® ICH9M LPC Interface Controller - 2919
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Dell Touchpad
Description: Dell Touchpad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Alps Electric
Service: i8042prt

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System speaker
Description: System speaker
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: High Precision Event Timer
Description: High Precision Event Timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Intel® ICH9M-E/M SATA AHCI Controller
Description: Intel® ICH9M-E/M SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: iaStor

Name: WDC WD2500BEVT-75A23T0
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: PLDS DVD+-RW DS-8A3S
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: Pentium® Dual-Core CPU T4200 @ 2.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: Pentium® Dual-Core CPU T4200 @ 2.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Compbatt

Name: Microsoft iSCSI Initiator
Description: Microsoft iSCSI Initiator
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: iScsiPrt

Name: Ancilliary Function Driver for Winsock
Description: Ancilliary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: Crcdisk Filter Driver
Description: Crcdisk Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: crcdisk

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MountMgr

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: ISA/EISA Class Driver
Description: ISA/EISA Class Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: netbt

Name: NSI proxy service
Description: NSI proxy service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PSched

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASKUTIL

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: SmartDefragDriver
Description: SmartDefragDriver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SmartDefragDriver

Name: Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
Description: Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Smb

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:


========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3033.57 MB
Available physical RAM: 1399.08 MB
Total Pagefile: 6277.39 MB
Available Pagefile: 3497.12 MB
Total Virtual: 4095.88 MB
Available Virtual: 3992.4 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:217.82 GB) (Free:114.36 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:1.09 GB) NTFS

========================= Users: ========================================

User accounts for \\MARIO-PC

Administrator Guest Mario

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

23-08-2012 14:12:44 Scheduled Checkpoint
24-08-2012 12:00:59 Windows Update
27-08-2012 16:20:45 Scheduled Checkpoint
28-08-2012 16:23:38 Windows Update
29-08-2012 16:27:45 Scheduled Checkpoint
30-08-2012 23:31:11 Scheduled Checkpoint
31-08-2012 15:50:06 Scheduled Checkpoint
01-09-2012 18:09:54 Installed Java 7 Update 7
01-09-2012 18:27:06 Windows Update
02-09-2012 01:06:37 Windows Backup
02-09-2012 22:10:24 Scheduled Checkpoint
03-09-2012 23:48:13 Scheduled Checkpoint
05-09-2012 23:45:19 Windows Update
06-09-2012 14:48:54 Scheduled Checkpoint
11-09-2012 19:17:54 Windows Update
11-09-2012 23:38:12 Windows Update
12-09-2012 14:58:19 Scheduled Checkpoint
14-09-2012 12:20:20 Removed Java™ 6 Update 30
14-09-2012 12:22:44 Removed Java™ 6 Update 20 (64-bit)

**** End of log ****
________________________________________________________________________________________________________________________________________________________

Obviously, as you can tell, I wasn't able to do everything you required.

1) I did not know if I had to delete JavaFX 2.1.1.
2) I did not know if I had to delete Defrag 2 which is published by IObit
3) I could not run 'Remove IObit' because it asked me to do it as admininistrator and did not know how to do this.
4) I could not update Adobe Reader 9 to 10.1.4
________________________________________________________________________________________________________________________________________________________

Again, thanks a lot for your time and patience. I know I give you more to work on than you need, but I truly appreciate your assistance.

Please let me know what's next.

Thanks.

#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:13 AM

Posted 14 September 2012 - 05:15 PM

Hi -
Sorry I am always late with my answers, but being in Australia I get the responses at odd times. This arrived at 1.00 AM my local time.

First : Re-run AdWare Cleaner and click the DELETE tab to remove these minor problems
Folder Found : C:\Users\Mario\AppData\Local\Conduit
Folder Found : C:\Users\Mario\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Mario\AppData\Roaming\OpenCandy

1) I did not know if I had to delete JavaFX 2.1.1.
Quoted from their site and also from Windows sites >>
Vista - Java FX 2.1.1 - Java FX is used in developing rich internet applications (RIA). If you're not a developer, then you don't need it -
What you need to do is to go to 'Add or Remove Programs' / 'Programs and Features' (depending on your OS) and uninstall JavaFX 2.1.1 just as you would with anything else; this shouldn't affect your normal Java in anyway. I've got rid of it on our XP desktop and both of our Windows 7 laptops and no problems have arisen becaue of this. In the very unlikely event that you do experience any difficulties, you can always reinstall it.

2) I did not know if I had to delete Defrag 2 which is published by IObit
Yes - Please remove this program also as it is still part of IObit family of programs, and needs removal. Your built in Microsoft Defrag tool will work as good as this program - Also look down your Programs list to see if there is an Uninstaller listed beside the program -

3) I could not run 'Remove IObit' because it asked me to do it as admininistrator and did not know how to do this.
To "Run as Administrator", Right click on the program and this option should be offered to you - IObit is often a very hard program to remove, almost like an infection -

4) I could not update Adobe Reader 9 to 10.1.4
Very odd, but "not important" - Adobe usually updates easily from their site. Here is another link to the update. Try it, but do not worry if there is a problem >>
Question - Which Adobe Reader should I down load for Vista 64 bit ?
http://get.adobe.com/reader/ << Direct from Adobe forum for Vista x64 (Uncheck Google Chrome offered at the start) -

Visit Microsoft Update Site - Microsoft Windows Update to make sure you have all current updates.
If offered any updates do not select "Custom" updates as they are not required -

With your MSE, open it and click on Update then Quick Scan only, and see if this helps -

One last item - Go, Start > Programs > Accessories and find Command Prompt, but do not open yet. Right click on it and you should be offered the option to "Run As Administrator"
Now type in sfc /scannow and click Enter ( Note the space between c and / ) - This will run for about 10 to 15 minutes and just check installed files -

Unless you have any issues, apart from any MSE update items, please wait 1 day to post back, and we can see how MSE performs -
If there are other issues please tell me so I can help you to fix them :)

Regards -

#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:13 AM

Posted 16 September 2012 - 05:55 PM

If you are still having problems with your MSE, there may be one other reason - You installed the 32bit version and not the 64bit version -

First step would be to remove your old copy of MSE by following the link and any didections given below >>
http://go.microsoft.com/?linkid=9748340 MSE Uninstaller - Always Reboot your computer after an Uninstall like this

The next step would be to reinstall MSE 64bit version from below and still use the settings I listed above >>
MSE 64bit installer
http://go.microsoft.com/fwlink/?LinkID=231274 Once installed Reboot and then apply the settings -

This should also clean out any quarantined items, and start fresh with using the same settings listed -

If we still have problems I can list a few other Antivirus programs, but I still prefer MSE (use it on 3 computers at home) -

Regards -



#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:13 AM

Posted 17 September 2012 - 01:45 AM

A quick extra for the problem you had with Adobe Reader updates -

For Adobe Reader Update Problem << This solution has been recommended -

Regards -


#13 Souschefie

Souschefie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 19 September 2012 - 08:27 PM

Hi there again.

So sorry I have not been able to get back on track. Please do know that I do appreciate your time and assistance and do not take these for granted. So, I hope we can continue to fix my computer, yea?

Ok, I am going back to three posts above and am picking up from there:

First : Re-run AdWare Cleaner and click the DELETE tab to remove these minor problems
Folder Found : C:\Users\Mario\AppData\Local\Conduit
Folder Found : C:\Users\Mario\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Mario\AppData\Roaming\OpenCandy


Done, although I do not know if the items were removed, but did as you said and my computer restarted, so I ran AdWare Cleaner again and this is the latest log from that search:

# AdwCleaner v2.002 - Logfile created 09/19/2012 at 20:07:54
# Updated 16/09/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Mario - MARIO-PC
# Boot Mode : Normal
# Running from : C:\Users\Mario\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1039 octets] - [14/09/2012 08:57:04]
AdwCleaner[R2].txt - [1100 octets] - [19/09/2012 19:51:59]
AdwCleaner[S1].txt - [1607 octets] - [19/09/2012 19:52:28]
AdwCleaner[R3].txt - [845 octets] - [19/09/2012 20:07:54]

########## EOF - C:\AdwCleaner[R3].txt - [904 octets] ##########
_______________________________________________________________________________________________________________________________
Uninstall JavaFX 2.1.1

Done
_______________________________________________________________________________________________________________________________
Delete Defrag 2 which is published by IObit. Also look down your Programs list to see if there is an Uninstaller listed beside the program.

Done deleting Defrag. But as far as Uninstallers, I only say a 'Revo Uninstaller 1.93' but nothing from Defrag or IObit.
_______________________________________________________________________________________________________________________________
Delete All of IObit - IObit Malware Fighter as an Administrator:

Done, though it said it had deleted 0 files and 1 registry entry.
_______________________________________________________________________________________________________________________________
Here is another link to update Adobe Reader 9 to 10.1.4 http://get.adobe.com/reader/

Downloaded successfully.
_______________________________________________________________________________________________________________________________
With your MSE, open it and click on Update then Quick Scan only, and see if this helps

Done. It said it read 8000 sime files and found 0 threats, though my MSE is still orange.
_______________________________________________________________________________________________________________________________
One last item - Go, Start > Programs > Accessories and find Command Prompt, but do not open yet. Right click on it and you should be offered the option to "Run As Administrator" Now type in sfc /scannow and click Enter ( Note the space between c and / ) - This will run for about 10 to 15 minutes and just check installed files -

Done. It read the following (I am transcribing coz I could not copy/paste it): "Verification 100% complete. Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example c:\Windows\Logs\CBS\CBS.log"

I do not know what this means, especially since I don't know how to read more of the log, do you want me to get it, is this even necessary and/or possible?
_______________________________________________________________________________________________________________________________
Unless you have any issues, apart from any MSE update items, please wait 1 day to post back, and we can see how MSE performs. If there are other issues please tell me so I can help you to fix them

Okay, so I will wait a day and check it. Right now, after having ran that quick scan, the icon is still orange. so I don't know what is going on.

And so now as to your tow newer or more recent posts:
_______________________________________________________________________________________________________________________________
If you are still having problems with your MSE, there may be one other reason - You installed the 32bit version and not the 64bit version

Shall I still go ahead and do this?
_______________________________________________________________________________________________________________________________
A quick extra for the problem you had with Adobe Reader updates. For Adobe Reader Update Problem << This solution has been recommended

I actually was able to download from your instruction #4 above:

4) I could not update Adobe Reader 9 to 10.1.4
Very odd, but "not important" - Adobe usually updates easily from their site. Here is another link to the update. Try it, but do not worry if there is a problem >>
Question - Which Adobe Reader should I down load for Vista 64 bit ?
http://get.adobe.com/reader/ << Direct from Adobe forum for Vista x64 (Uncheck Google Chrome offered at the start


But is this different than what I already downloaded, which is Adobe Reader X (10.1.4)

And again, thank you so, so much. I know this is taking quite a bit of time, and I really appreaciate your time and assistance.

Thanks a lot.

Souschefie.

Edited by Souschefie, 19 September 2012 - 08:50 PM.


#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:13 AM

Posted 19 September 2012 - 10:34 PM

From AdWare DELETE scan, you have now removed several minor items - Result as per below >>
[OK] File is clean.

Uninstall JavaFX 2.1.1
It was not required for most basic computer users and I removed it from mine a long time ago -

IObit removal
it said it had deleted 0 files and 1 registry entry. << Should be enough for now -

I only say a 'Revo Uninstaller 1.93 << If you wish detailed directions on Revo please ask as I have them -

MSE 64bit Vs 32bit - You installed the 32bit version and not the 64bit version < I noted this from your logs
Shall I still go ahead and do this? < I would uninstall your version (see above) and reinstall the 64bit version then check updates and quick scan only

I already downloaded, which is Adobe Reader X (10.1.4) << What we were looking to do in the first place, as yours was an older version -

Re sfc /scannow - Done. It read the following (I am transcribing coz I could not copy/paste it):
"Verification 100% complete. Windows Resource Protection found corrupt files but was unable to fix some of them.

I would prefer you to re-run this program, but I would like you to run Check Disk first by using this method >>

Run a Disk Check on your C: drive in Windows:
•Click Start and open Computer
•Right-click on C: and select Properties
•Click on the Tools tab
•Under Error-checking click the Check Now... button
•Check mark the 2 boxes next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
•Click on the Start button
•When the message box pops up, click the Schedule disk check button and Restart your computer
•Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so

This will run for about 1 hour (on average), so please let it complete all 5 stages, then it will reboot back to a normal screen
This may find and repair the items that sfc /scannow (system file checker) did not fix -

Take your time as most problems seem to be OK now and this is just cleaning up any last minor items for you -

Once MSE is reinstalled please tell me if you still have any problems, and we can install another Free Antivirus for you -

Thank You -

#15 Souschefie

Souschefie
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 20 September 2012 - 10:30 AM

Hi again.

Here is my latest report.

I only see a 'Revo Uninstaller 1.93 << If you wish detailed directions on Revo please ask as I have them -

I'm sorry, when I wrote and said that I only saw the 'Revo Uninstaller 1.93' I meant that after having uninstalled the Defrag 2 program by IObit, I went to my programs to find any Unistaller beside Defrag 2 as you suggested but I only found the Revo one. So I just don't know if this is something I use and/or need and therefore I don't know if I should keep or get rid of it.
________________________________________________________________________________________________________________________________________________________
Reinstall the 64bit version then check updates and quick scan only

So, I uninstalled the 32bit version and then I got this message from Microsoft Security Client: "An error has occurred in the program during initialization. If this problem continues, please contact your system administrator. Error code: 0x80070002"

I then tried to install the 64bit version from the link you gave me (http://go.microsoft.com/fwlink/?LinkID=231274) and this message from Microsoft Security Essentials came on: "You’re trying to run a 32-bit version of Security Essentials on a computer has a 64-bit microprocessor (CPU). Please download the correct version and try again."

So, I downloaded the 64bit version from this link: http://download.cnet.com/Microsoft-Security-Essentials-64-bit/3000-2239_4-12530959.html Was this ok?
__________________________________________________________________________________________________________________________________________________________
I would prefer you to re-run this program (sfc /scannow), but I would like you to run Check Disk first by using this method: Run a Disk Check on your C: drive in Windows

Done. I ran a check disk on C and then re-ran sfc /scannow and yet the same message came up as it did last time: "Verification 100% complete. Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example c:\Windows\Logs\CBS\CBS.log"

But my MSE icon is now green and my computer seems to be running somewhat faster, which is great!

Lastly, I would still like to ask you a couple questions: I do watch films from solarmovies.eu from time to time, but I mostly watch the Spanish Soccer League on these few sites: http://www.sportlemon.tv/ or on http://www.football-streams.tv/ or on http://www.thefirstrow.eu/ Is this where I am getting infected, because all the other sites I frequent are legitimate and official channels.

And is there still a need to install a new antivirus if my MSE seems to be working now?

And finally, how often should I run Malwarebytes Antymalware and SuperAntiSpyware?

Thank you so, so much for all of your time.

Souschefie

Hi again.

Here is my latest report.

I only see a 'Revo Uninstaller 1.93 << If you wish detailed directions on Revo please ask as I have them -

I'm sorry, when I wrote and said that I only saw the 'Revo Uninstaller 1.93' I meant that after having uninstalled the Defrag 2 program by IObit, I went to my programs to find any Unistaller beside Defrag 2 as you suggested but I only found the Revo one. So I just don't know if this is something I use and/or need and therefore I don't know if I should keep or get rid of it.
________________________________________________________________________________________________________________________________________________________
Reinstall the 64bit version then check updates and quick scan only

So, I uninstalled the 32bit version and then I got this message from Microsoft Security Client: "An error has occurred in the program during initialization. If this problem continues, please contact your system administrator. Error code: 0x80070002"

I then tried to install the 64bit version from the link you gave me (http://go.microsoft.com/fwlink/?LinkID=231274) and this message from Microsoft Security Essentials came on: "You’re trying to run a 32-bit version of Security Essentials on a computer has a 64-bit microprocessor (CPU). Please download the correct version and try again."

So, I downloaded the 64bit version from this link: http://download.cnet.com/Microsoft-Security-Essentials-64-bit/3000-2239_4-12530959.html Was this ok?
__________________________________________________________________________________________________________________________________________________________
I would prefer you to re-run this program (sfc /scannow), but I would like you to run Check Disk first by using this method: Run a Disk Check on your C: drive in Windows

Done. I ran a check disk on C and then re-ran sfc /scannow and yet the same message came up as it did last time: "Verification 100% complete. Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example c:\Windows\Logs\CBS\CBS.log"

But my MSE icon is now green and my computer seems to be running somewhat faster, which is great!

Lastly, I would still like to ask you a couple questions: I do watch films from solarmovies.eu from time to time, but I mostly watch the Spanish Soccer League on these few sites: http://www.sportlemon.tv/ or on http://www.football-streams.tv/ or on http://www.thefirstrow.eu/ Is this where I am getting infected, because all the other sites I frequent are legitimate and official channels.

And is there still a need to install a new antivirus if my MSE seems to be working now?

And finally, how often should I run Malwarebytes Antymalware and SuperAntiSpyware?

Thank you so, so much for all of your time.

Souschefie




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users