Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Momentary Pauses Task Manager No Help


  • Please log in to reply
48 replies to this topic

#1 RayS

RayS

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:57 PM

Posted 25 December 2012 - 01:23 AM

Hello,

2.4GHz ASUS P5N-D Quad Processor 3gigs of RAM WinXP Pro SP3

My 4-year-old home-built PC is usually very fast for the loads I put on it, but in the past month or so, it has been hesitating or pausing for brief periods of a few seconds to several minutes. These momentary pauses sometimes occur repeatedly over a span of ten or twenty minutes. Other times, the PC hums along at rapid speed for hours at a time between pauses. Task Manager shows no unusual memory or CPU hogs. The hard drive monitor in-use light does not remain on continuously during these pauses. It blinks irregularly about 5 times per ten seconds. I have exited most applications that could use lots of resources, but the problem continues.

I am in the process of testing three physical drives with Spinrite level 4 (read and write every byte on entire surface twice). C: drive 292GB, D: Drive 781GB, E: drive 781GB. Testing of C drive is complete. Testing of D drive is half done (it takes about 100 hours to test 718GB). I have not begun Spinrite testing of E drive yet. No faults have been detected.

I completed CHKDSK with /r (repair switch) enabled on all three drives. No problems remain.

I defrag all three disks about once a month.

I run Ccleaner about once a week and Cleanup! every two or three days.

Microsoft Security Essentials is continuously active. Update and full scan is done every morning. No malware is detected.

Comodo firewall free version 5.12 is continuously active. Defense+ sometimes reports "not running properly". Comodo diagnostic is no help.

I used WinPatrol [FREE Edition] version 18.1 to examine startup programs (including "secret locations" advanced mode), and I see nothing suspicious.

I used Autoruns v11.34 and didn't notice anything suspicious.

Spybot Search & Destroy 2 was updated and did a complete scan. No malware detected.

I updated Super AntiSpyware Free Edition and MalwareBytes v1.65.1.1000 then I re-booted into Safe Mode, and did separate complete scans (rebooting between scans). No malware was detected.

During the pauses, the Num Lock key always remains active. The mouse pointer usually remains active, and sometimes, I am able to switch active windows, and some keystrokes entered during a pause are acted upon when the pause ends. In all cases, no special action is required to recover from a pause. The pauses always end spontaneously, and normal operation resumes.

I don't know whether I am infected or am experiencing an incipient hardware failure or some stealth process is consuming all the PC's resources.

Please suggest some trouble-shooting ideas.

Thank you,

Ray S

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:57 AM

Posted 07 January 2013 - 12:26 AM

Hello Ray S -
I will try to help you with a few of your problems .........

First it may be a good idea to remove Comodo firewall and just activate the Windows Firewall.

Please tell me if any of these steps have been taken recently and what was the result -


If you do not have these installed then please install and make sure you Update the programs prior to a scan.
Download and install Malwarebytes Anti-Malware Free and SuperantiSpyware Free
Run a Quick scan with each program and post the logs back here -


Please download AdwCleaner by Xplode onto your desktop.
If you are prompted, please disable your Antivirus - Information for temp disable HERE
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.


Please download Junkware Removal Tool to your desktop
Junkware Removal Tool by thisisu
•Shut down your protection software now to avoid potential conflicts.
•Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete depending on your system's specifications.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Post the contents of JRT.txt into your next message.



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following boxes:

•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
List devices >>(Problem only)<<
•List Users, Partitions and Memory size.
•List Minidump Files

Click Go and copy / paste the result (Result.txt) in your next reply -

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Download Security Check by Screen317 from HERE or HERE, and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.



NOTE: This next scan will take quite a while so please do it when you can be without the computer for a while -

Please run a free online scan with the ESET Online Scanner
Disable your antivirus program - Information on A/V control (temp disable) HERE if needed
Tick the box next to YES, I accept the Terms of Use
Click Start
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click on List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If ESET doesn't find any threats it will NOT produce any log.


You can split these scans, and reply to 1 or 2 scans at a time as there is quite a bit for you to do
I will watch and see what program reports you post and reply as I see a problem.


Thank You -

#3 RayS

RayS
  • Topic Starter

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:57 PM

Posted 07 January 2013 - 03:48 AM

Hi Aussie Addict,

Thank you for volunteering to help me with my problem. A relatively fast PC has developed a very annoying habit of momentarily freezing at random intervals for variable durations of a few seconds to as much as several minutes at a time. In preparation for running the scans you requested, I exited all applications except one (a wireless security camera), and yet, I got several freeze-ups while preparing to run the scans.

Prior to asking for help on this forum, I did a clean re-install of WinXP Pro SP3 and did complete Windows Update. I did a quick format of the C drive before re-installing the OS. I didn't change anything on the D and E drives. The problem symptoms did not improve after re-installing the OS.


The MalwareBytes and SUPERAntiSpyware scans are included below, but let me first update you since my original post on the status of the problem PC (referred to as the "AQ24" machine (Asus MOBO, 2.4GHz Quad processor).


1. I scrapped an older PC and salvaged the 500 gig hard drive from it, and installed it into the AQ24. While doing so, I realized that I had given false info about the AQ24's drives in my original post. Instead of the three physical drives I had reported, the AQ24 had a single one-terabyte drive partitioned as C: = 400GB, D: = 800GB, and E: = 800GB. Now, in addition to that 1 TB physical drive, the AQ24 has the salvaged 500GB physical drive assigned to the letter "F".

2. I completed the level 4 Spinrite full surface scan of the C drive and the D drive. I have just begun the scan of the E drive. It takes over 150 hours to do a full scan on an 800GB partition. Luckily, I can interrupt the scanning and resume where I left off. Even so, it will take several days to complete scanning the remaining E drive and F drive.

3. I vacuumed out all the dust from the AQ24 case and installed another chassis fan. Spinrite had been reporting drive temperatures of 98° to 99° Fahrenheit. Now it reports 86° to 87° F.

4. CHKDSK /f reported no problems with the newly installed F drive. CHKDSK had reported some problems with the D drive earlier, and it did automatic repairs. To be safe, I think I ought to re-run CHKDSK on all four drives, but it takes multi hours to do each scan.

5. In Task Manager I've noticed that MsMpEng.exe consistently uses between 47MB to 53MB of memory. Its CPU usage is 0%. The following comment is from http://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/msmpengexe-using-way-too-much-memory/79af7392-97ff-458a-9120-65fbe07be79f "When MSMPENG consumes excessive CPU or memory, it typically indicates a conflict, usually with other security software, though it can be a driver or a process that should not be conflicting that causes MSMPENG to go nuts." Note: AQ24 contains 3GB of DRAM. Right now while SUPERAntiSpyware is scanning and "Real time protection" is set to OFF in Microsoft Security Essentials, MsMpEng.exe is using about 48MB of memory. Note: only the security camera is running in addition to SUPERAntiSpyware. The camera has been using 2% of CPU and 12.4MB of memory. I disabled the camera and removed its process tree from Task Manager, but MsMpEng.exe continued to use a little over 48MB of memory. I haven't updated any drivers, therefore, I conclude that MsMpEng.exe is not likely to be the cause of the freeze-ups.

I am composing this message on a separate PC (not the AQ24) while both PCs are connected via Ethernet cable to my home LAN.

The AdwCleaner.exe scan is running now. I'll post it in my next message

Here (below) are the two scans that have been completed so far.

Thanks again for your help.

RayS


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2013.01.07.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
RAS :: AQUAD24 [administrator]

1/7/2013 12:46:51 AM
mbam-log-2013-01-07 (00-46-51).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227321
Time elapsed: 2 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/16/2012 at 08:24 AM

Application Version : 4.56.1000

Core Rules Database Version : 8206
Trace Rules Database Version: 6018

Scan type : Complete Scan
Total Scan Time : 00:41:53

Memory items scanned : 216
Memory threats detected : 0
Registry items scanned : 4310
Registry threats detected : 0
File items scanned : 87608
File threats detected : 0

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#4 RayS

RayS
  • Topic Starter

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:57 PM

Posted 07 January 2013 - 03:59 AM

Hi Aussie Addict,

Here's a more complete version of the SUPERAntiSpyware scan (same scan as before with tracking cookies listed). I didn't realize more of the log would be generated after I clicked "Finish".

Regards,

RayS


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/07/2013 at 03:32 AM

Application Version : 4.56.1000

Core Rules Database Version : 8206
Trace Rules Database Version: 6018

Scan type : Quick Scan
Total Scan Time : 02:36:05

Memory items scanned : 358
Memory threats detected : 0
Registry items scanned : 1345
Registry threats detected : 0
File items scanned : 602413
File threats detected : 25

Adware.Tracking Cookie
content.oddcast.com [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
ia.media-imdb.com [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
interclick.com [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
macromedia.com [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
media.nbcphiladelphia.com [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
media.wfaa.com [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
media01.kyte.tv [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
media1.break.com [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
media10.washingtonpost.com [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
mediasuite.multicastmedia.com [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
objects.tremormedia.com [ F:\ASUSQ24 Backup\Docs&Sets RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JM67JRUH ]
dcl.wdpromedia.com [ F:\i7 Backup\Users_RAS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
media.lintvnews.com [ F:\i7 Backup\Users_RAS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
media.mtvnservices.com [ F:\i7 Backup\Users_RAS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
msnbcmedia.msn.com [ F:\i7 Backup\Users_RAS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
nfl.channelfinder.net [ F:\i7 Backup\Users_RAS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
secure-us.imrworldwide.com [ F:\i7 Backup\Users_RAS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
static.discoverymedia.com [ F:\i7 Backup\Users_RAS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
dcl.wdpromedia.com [ F:\i7 Backup\Users_RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
media.lintvnews.com [ F:\i7 Backup\Users_RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
media.mtvnservices.com [ F:\i7 Backup\Users_RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
msnbcmedia.msn.com [ F:\i7 Backup\Users_RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
nfl.channelfinder.net [ F:\i7 Backup\Users_RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
secure-us.imrworldwide.com [ F:\i7 Backup\Users_RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]
static.discoverymedia.com [ F:\i7 Backup\Users_RAS\Application Data\Macromedia\Flash Player\#SharedObjects\JPBUH6RY ]

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#5 RayS

RayS
  • Topic Starter

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:57 PM

Posted 07 January 2013 - 04:25 AM

Hi Aussie Addict,

Here's the AdwCleaner log below. This tool reports deleting "user.js". My son's initials are "JS" I'm assuming the file extension is just coincidental and has nothing to do with my son who has used this PC occasionally. Is that right?

I need some coffee. Then I'll download and run the Junkware Removal Tool.

Regards,

RayS

# AdwCleaner v2.104 - Logfile created 01/07/2013 at 04:08:54
# Updated 29/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : RAS - AQUAD24
# Boot Mode : Normal
# Running from : C:\Documents and Settings\RAS\desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
Folder Deleted : C:\Documents and Settings\RAS\Application Data\Mozilla\Firefox\Profiles\7xs0zlz3.default\extensions\wecarereminder@bryan

***** [Registry] *****

Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Default Tab

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Documents and Settings\RAS\Application Data\Mozilla\Firefox\Profiles\7xs0zlz3.default\prefs.js

C:\Documents and Settings\RAS\Application Data\Mozilla\Firefox\Profiles\7xs0zlz3.default\user.js ... Deleted !

Deleted : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sa[...]

File : C:\Documents and Settings\Incompatability Mode\Application Data\Mozilla\Firefox\Profiles\i078us60.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1721 octets] - [07/01/2013 04:08:54]

########## EOF - C:\AdwCleaner[S1].txt - [1781 octets] ##########

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:57 AM

Posted 07 January 2013 - 04:45 AM

Hi RayS -
Please use this method to uninstall and reinstall your version of Malwarebytes Anti-Malware 1.65.1.1000
There has been a major program update and the new version is now 1.70.0.1100

•Download and run this utility. mbam-clean.exe
•It will ask to restart your computer (please allow it to).
•After the computer restarts, Temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from Malwarebytes Anti-Malware Free

Always use Normal Mode when you scan with Malwarebytes Anti-Malware or SUPERAntiSpyware - This is due to the fact that all malware is not going to be exposed in Safe mode. Safe mode will always produce a log, but it will often find parts of major infections only.

Thank You -

#7 RayS

RayS
  • Topic Starter

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:57 PM

Posted 07 January 2013 - 04:51 AM

Hi Aussie Addict

Here's the JRT log

RayS


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.1 (01.06.2013:2)
OS: Microsoft Windows XP x86
Ran by RAS on Mon 01/07/2013 at 4:37:21.48
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\RAS\Application Data\mozilla\firefox\profiles\7xs0zlz3.default\prefs.js

user_pref("extensions.defaulttab.yw3i", "W3i_IA,206,0_0,Search,20121249,18175,0,0,0");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/07/2013 at 4:42:11.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:57 AM

Posted 07 January 2013 - 05:07 AM

Hi RayS -
Re your question on 'js' deletion, AdWare and JRT both decided that it should be removed, if you read their logs -

Thank You -

EDIT -
My SUPERAntiSpyware version also seems much more updated than yours ??
Mine =
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated
01/07/2013 at 12:15 PM
Application Version : 5.6.1014
Core Rules Database Version : 9831
Trace Rules Database Version: 7643

Yours =
Generated 01/07/2013 at 03:32 AM
Application Version : 4.56.1000
Core Rules Database Version : 8206
Trace Rules Database Version: 6018

Edited by noknojon, 07 January 2013 - 05:21 AM.


#9 RayS

RayS
  • Topic Starter

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:57 PM

Posted 07 January 2013 - 03:57 PM

Hi Aussie Addict


•Download and run this utility. mbam-clean.exe
•It will ask to restart your computer (please allow it to).
•After the computer restarts, Temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from Malwarebytes Anti-Malware Free


I used the quoted method to uninstall MalwareBytes and installed the updated version from the link you provided. Then I set Real-Time Protection in Microsoft Security Essentials to OFF. I allowed MBAM to check for updates to its definitions DB and then did a quick scan with the updated MBAM.

MBAM log is included below.

Thank you for your help.

RayS
---


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.07.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
RAS :: AQUAD24 [administrator]

1/7/2013 3:31:21 PM
mbam-log-2013-01-07 (15-31-21).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227994
Time elapsed: 1 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:57 AM

Posted 07 January 2013 - 04:11 PM

Hi -
That log looks more updated - MBAM should have updated to that version if you just did normal updates from the program ??
Please make sure MSE is activated again now.

Always check for any updates with MBAM and SUPERAntiSpyware prior to running any scan, as they update data bases daily -

Can you please complete the other parts of my first post when you have time -

Thanks -

#11 RayS

RayS
  • Topic Starter

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:57 PM

Posted 07 January 2013 - 04:57 PM

Hi Aussie Addict

My SUPERAntiSpyware version also seems much more updated than yours ??
Mine =
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 01/07/2013 at 12:15 PM
Application Version : 5.6.1014
Core Rules Database Version : 9831
Trace Rules Database Version: 7643


I downloaded a fresh copy of SUPERAntiSpyware and allowed it to update its definitions DB. I deleted lots of old back-up files from the F disk and I ran Cleanup!

The SAS "quick" scan is running now. Last time, before trimming the files from the F disk, it took over 2 hours to do the "quick" scan. I'll send you the SAS log as soon as it completes. After that, I'll download and run the MiniToolBox.

BTW, the freeze-ups seem to be getting worse. After the mbam-clean.exe utility did its reboot, the computer allowed me to run Firefox and open several folders using Windows Explorer normally, but then it hung for about five minutes. During that time, only the Num Lock key and the mouse pointer were active. Pressing the Windows key or Ctrl+Alt+Del or Esc had no effect. I was considering turning off the power when the machine spontaneously came alive and opened Task Manager and some folders in Windows Explorer. IOW, it responded to some of the keys I had depressed while it was hung. Then it ran at its normal quick pace, and has been running normally for over an hour. Note that during these diagnostic and repair operations, I have exited all other applications including the Comodo firewall, Win Patrol, and the security camera.

Regards,

RayS

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#12 RayS

RayS
  • Topic Starter

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:57 PM

Posted 07 January 2013 - 05:16 PM

Hi Aussie Addict,

The scan from the updated version of SUPERAntiSpyware is included below. This time it took only two minutes versus over two hours the last time. I wasn't watching the scan either time. Maybe the PC was hanging during the previous scan. Maybe the deletion of the old backup files from the F drive accounts for the shortened scan time.

I'll send the results of the MiniToolBox scan shortly.

Regards,

RayS
--


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/07/2013 at 04:31 PM

Application Version : 5.6.1014

Core Rules Database Version : 9835
Trace Rules Database Version: 7647

Scan type : Quick Scan
Total Scan Time : 00:02:00

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 350
Memory threats detected : 0
Registry items scanned : 31242
Registry threats detected : 0
File items scanned : 6110
File threats detected : 35

Adware.Tracking Cookie
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.estat.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.c1.atdmt.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\RAS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7XS0ZLZ3.DEFAULT\COOKIES.SQLITE ]

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:57 AM

Posted 07 January 2013 - 05:22 PM

Hi -
SAS scan looks OK - Just remove those Tracking Cookies and that is all in there -

A normal Quick Scan with either MBAM or SAS usually should take under 5 minutes unless there are infections / problems -
Both my XP and Win7 run the scans at about 3 to 5 minutes on average

#14 RayS

RayS
  • Topic Starter

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:57 PM

Posted 07 January 2013 - 05:47 PM

Hi Aussie Addict

SAS scan looks OK - Just remove those Tracking Cookies and that is all in there -


Tracking cookies are removed.

Here below is the MTB result.

I'll download and run the Security Check by Screen317 and will send the results shortly.

RayS
---


MiniToolBox by Farbar Version: 25-11-2012
Ran by RAS (administrator) on 07-01-2013 at 17:21:02
Running from "C:\Documents and Settings\RAS\desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100/1000 Mbps Ethernet = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : AQUAD24
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : 20-CF-30-70-5E-96
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.199
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1
Lease Obtained. . . . . . . . . . : Monday, January 07, 2013 3:15:13 PM
Lease Expires . . . . . . . . . . : Tuesday, January 08, 2013 3:15:13 PM
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.228.70, 74.125.228.68, 74.125.228.71, 74.125.228.72
74.125.228.65, 74.125.228.73, 74.125.228.78, 74.125.228.69, 74.125.228.64
74.125.228.67, 74.125.228.66


Pinging google.com [74.125.228.72] with 32 bytes of data:

Reply from 74.125.228.72: bytes=32 time=16ms TTL=53
Reply from 74.125.228.72: bytes=32 time=17ms TTL=53

Ping statistics for 74.125.228.72:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 17ms, Average = 16ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=246ms TTL=50
Reply from 72.30.38.140: bytes=32 time=133ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 133ms, Maximum = 246ms, Average = 189ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...20 cf 30 70 5e 96 ...... NVIDIA nForce Ethernet - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.199 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.199 192.168.1.199 20
192.168.1.199 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.199 192.168.1.199 20
224.0.0.0 240.0.0.0 192.168.1.199 192.168.1.199 20
255.255.255.255 255.255.255.255 192.168.1.199 192.168.1.199 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/07/2013 04:07:17 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/07/2013 03:25:50 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (01/07/2013 02:20:03 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (12/28/2012 11:35:31 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 4.1.522.0, P3 timeout, P4 1.1.9002.0, P5 fixed, P6 4 _ 2049+, P7 5 _ not boot, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (12/12/2012 06:29:24 AM) (Source: Application Hang) (User: )
Description: Hanging application GOM.EXE, version 2.1.43.5119, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/12/2012 06:29:03 AM) (Source: Application Hang) (User: )
Description: Hanging application GOM.EXE, version 2.1.43.5119, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/11/2012 05:52:14 AM) (Source: Application Hang) (User: )
Description: Hanging application Xnews.exe, version 5.4.25.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/08/2012 07:05:46 AM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.62.0.140, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/08/2012 06:44:13 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile, P4 4.1.522.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (12/08/2012 02:09:20 AM) (Source: Application Error) (User: )
Description: Faulting application gom.exe, version 2.1.43.5119, faulting module gsfu.ax, version 0.0.0.0, fault address 0x00028406.
Processing media-specific event for [gom.exe!ws!]


System errors:
=============
Error: (01/07/2013 03:15:36 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (01/07/2013 03:15:36 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (01/07/2013 05:01:07 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (01/07/2013 05:01:07 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (01/07/2013 04:11:30 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (01/07/2013 04:11:30 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (01/06/2013 07:41:46 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (01/06/2013 07:41:46 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (01/06/2013 02:11:25 AM) (Source: 0) (User: )
Description: \Device\Harddisk1\D

Error: (01/05/2013 04:35:43 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (01/07/2013 04:07:17 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.1.522.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (01/07/2013 03:25:50 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.1.522.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (01/07/2013 02:20:03 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.1.522.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (12/28/2012 11:35:31 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetrymicrosoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)4.1.522.0timeout1.1.9002.0fixed4 _ 2049+5 _ not bootNILNILNIL

Error: (12/12/2012 06:29:24 AM) (Source: Application Hang)(User: )
Description: GOM.EXE2.1.43.5119hungapp0.0.0.000000000

Error: (12/12/2012 06:29:03 AM) (Source: Application Hang)(User: )
Description: GOM.EXE2.1.43.5119hungapp0.0.0.000000000

Error: (12/11/2012 05:52:14 AM) (Source: Application Hang)(User: )
Description: Xnews.exe5.4.25.0hungapp0.0.0.000000000

Error: (12/08/2012 07:05:46 AM) (Source: Application Hang)(User: )
Description: mbam.exe1.62.0.140hungapp0.0.0.000000000

Error: (12/08/2012 06:44:13 AM) (Source: MPSampleSubmission)(User: )
Description: mptelemetry2152759308unspecifiedscanfile4.1.522.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)unspecifiedunspecifiedNILNILNIL

Error: (12/08/2012 02:09:20 AM) (Source: Application Error)(User: )
Description: gom.exe2.1.43.5119gsfu.ax0.0.0.000028406


=========================== Installed Programs ============================

Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 11 Plugin (Version: 11.5.502.135)
CCleaner (Version: 3.25)
CleanUp!
Comodo Dragon (Version: 23.4.0.0)
COMODO Internet Security (Version: 5.12.59641.2599)
ERUNT 1.1j
Everything 1.2.1.371
GeekBuddy (Version: 4.2.39)
Glary Utilities 2.51.0.1666 (Version: 2.51.0.1666)
GOM Player (Version: 2.1.47.5133)
K-Lite Codec Pack 8.8.0 (Full) (Version: 8.8.0)
Karen's Replicator (Version: 3.6.0.4)
Karen's Time Sync (Version: 2.0.0.1)
Linksys Surveillance Utility (Version: 1.00)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Mozilla Firefox 17.0.1 (x86 en-US) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
NoteTab Pro 6 (Remove only) (Version: 6.2)
NVIDIA Control Panel 306.81 (Version: 306.81)
NVIDIA Drivers (Version: 1.10.57.35)
NVIDIA Graphics Driver 306.81 (Version: 306.81)
NVIDIA Install Application (Version: 2.1002.85.551)
QuickPar 0.9 (Version: 0.9)
Realtek High Definition Audio Driver (Version: 5.10.0.6662)
Revo Uninstaller 1.94 (Version: 1.94)
Send To Toys v2.6
SourceGear DiffMerge 3.3.2.1139 (x86) (Version: 3.3.2.1139)
Spybot - Search & Destroy (Version: 2.0.12)
SUPERAntiSpyware (Version: 5.6.1014)
TrueCrypt (Version: 7.1a)
Unlocker 1.9.1 (Version: 1.9.1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VLC media player 2.0.4 (Version: 2.0.4)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
WinPatrol (Version: 18.1.2010.0)
WinRAR 4.01 (32-bit) (Version: 4.01.0)

========================= Devices: ================================

Name: Mass Storage Controller
Description: Mass Storage Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimedia Audio Controller
Description: Multimedia Audio Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 3070.48 MB
Available physical RAM: 2228.89 MB
Total Pagefile: 4956.25 MB
Available Pagefile: 4569.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1966.84 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:292.97 GB) (Free:270.81 GB) NTFS
3 Drive d: (Local 800GB) (Fixed) (Total:781.25 GB) (Free:180.96 GB) NTFS
4 Drive e: (Local 800GB) (Fixed) (Total:788.78 GB) (Free:188.57 GB) NTFS
5 Drive f: (Local 465GB) (Fixed) (Total:465.76 GB) (Free:401.06 GB) NTFS

========================= Users: ========================================

User accounts for \\AQUAD24

Administrator Guest HelpAssistant
Incompatability Mode RAS SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#15 RayS

RayS
  • Topic Starter

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:57 PM

Posted 07 January 2013 - 06:33 PM

Hi Aussie Addict,

Results of screen317's Security Check are included below.

I'm currently doing a defrag of the C drive. WinPatrol is intentionally disabled while we are doing these diagnostics.

In Control Panel > Add/Remove Programs, I see Adobe Flash Player 10 ActiveX and Adobe Flash Player 11. Would you recommend deleting Adobe Flash Player 10 ActiveX rather than trying to update it?

Thanks for your advice.

RayS
--



Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Please wait while WMIC is being installed.d
i
s
p
l
a
y
N
a
m
e
ECHO is off.
M
i
c
r
o
s
o
f
t
ECHO is off.
S
e
c
u
r
i
t
y
ECHO is off.
E
s
e
n
t
i
a
l
s
ECHO is off.
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
WinPatrol
Spybot - Search & Destroy
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.70.0.1100
CCleaner
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.5.502.135
Mozilla Firefox (17.0.1)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
WinPatrol winpatrol.exe is disabled!
Comodo Firewall cmdagent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users