Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No Task Manager, No On Screen Keyboard


  • Please log in to reply
6 replies to this topic

#1 connormather

connormather

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 04 April 2013 - 08:39 AM

Hello Folks I wonder if someone could give this novice some direction.

I had a warning from my computer several days ago in regards to serious error had just occurred. I closed the computer down, and restarted it. As it was starting in clicked into a black screen then started running through a check of some sort. This continued for some time, eventually starting the operating system(windows 7). Since then I have been unable to access or they have been removed certain programmes such as in the control Panel I cannot access: Programs and Feature; Task Manager; Action Centre. Also, I’m unable to access the on screen keyboard. Occasionally I may get a warning stating: A DYNAMIC LINK LIBRARY INTERNALISATION ROUTINE FAILED.

ANY DIRECTION WOULD BE APPRECIATED

Regards

Connormather


Edited by hamluis, 04 April 2013 - 02:35 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:33 AM

Posted 04 April 2013 - 04:09 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif NOTE. Make sure all logs are pasted not attached.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 connormather

connormather
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 09 April 2013 - 04:05 AM

Hi Brondi

I’m a friend of connormather he’s asked me to execute your instructions has he’s away on business.

Your first instruction:

 

Download Security Check from the points you give.

Unable to do so. Tried 3 times. Resulting message.

Find.exe-Bad Image C:/ Windows System 32/ulib.dll is either not design to run on Windows or it contains an error.

 

Second Direction.

Farbar Service scanner; Results

Farbar Service Scanner Version: 03-03-2013

Ran by PHOTO1 (administrator) on 06-04-2013 at 15:18:19

Running from "C:\Users\PHOTO1\Desktop"

Windows 7 Ultimate N Service Pack 1 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Attempt to access Yahoo IP returned error. Yahoo IP is offline

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

Other Services:

File Check:

========

C:\Windows\system32\nsisvc.dll => MD5 is legit

C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit

C:\Windows\system32\dhcpcore.dll => MD5 is legit

C:\Windows\system32\Drivers\afd.sys => MD5 is legit

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit

C:\Windows\system32\Drivers\tcpip.sys

[2013-02-13 18:34] - [2013-01-03 06:05] - 1293672 ____A (Microsoft Corporation) 7C0507D2391AF5933600CBCED799F277

C:\Windows\system32\dnsrslvr.dll => MD5 is legit

C:\Windows\system32\mpssvc.dll => MD5 is legit

C:\Windows\system32\bfe.dll => MD5 is legit

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit

C:\Windows\system32\SDRSVC.dll => MD5 is legit

C:\Windows\system32\vssvc.exe => MD5 is legit

C:\Windows\system32\wscsvc.dll => MD5 is legit

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\system32\wuaueng.dll => MD5 is legit

C:\Windows\system32\qmgr.dll => MD5 is legit

C:\Windows\system32\es.dll => MD5 is legit

C:\Windows\system32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

 

Mini Tool Box

MiniToolBox by Farbar  Version:05-03-2013

Ran by PHOTO1 (administrator) on 06-04-2013 at 15:32:51

Running from "C:\Users\PHOTO1\Desktop"

Windows 7 Ultimate N Service Pack 1 (X86)

Boot Mode: Normal

***************************************************************************

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

========================= Hosts content: =================================

 

 

 

========================= IP Configuration: ================================

 

Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Connected)

The following helper DLL cannot be loaded: NSHIPSEC.DLL.

The following helper DLL cannot be loaded: NETTRACE.DLL.

The following helper DLL cannot be loaded: WWANCFG.DLL.

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : PHOTO1-PC

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet

   Physical Address. . . . . . . . . : 00-24-21-85-08-A6

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::dcd6:1fd:8c15:4402%11(Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : 06 April 2013 11:50:24

   Lease Expires . . . . . . . . . . : 06 April 2013 16:20:33

   Default Gateway . . . . . . . . . : 192.168.0.1

   DHCP Server . . . . . . . . . . . : 192.168.0.1

   DHCPv6 IAID . . . . . . . . . . . : 234890273

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-2D-4A-0C-00-24-21-85-08-A6

   DNS Servers . . . . . . . . . . . : 194.168.4.100

                                       194.168.8.100

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Tunnel adapter isatap.{2546D9D6-18D0-4C7C-889D-D378E7D030B6}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2480:e5c:3f57:fffa(Preferred)

   Link-local IPv6 Address . . . . . : fe80::2480:e5c:3f57:fffa%13(Preferred)

   Default Gateway . . . . . . . . . : ::

   NetBIOS over Tcpip. . . . . . . . : Disabled

Server:  cache1.service.virginmedia.net

Address:  194.168.4.100

 

Name:    google.com

Addresses:  2a00:1450:4009:805::1003

                  173.194.34.168

                  173.194.34.164

                  173.194.34.169

                  173.194.34.167

                  173.194.34.160

                  173.194.34.163

                  173.194.34.165

                  173.194.34.162

                  173.194.34.174

                  173.194.34.166

                  173.194.34.161

 

 

Pinging google.com [173.194.41.67] with 32 bytes of data:

Reply from 173.194.41.67: bytes=32 time=19ms TTL=56

Reply from 173.194.41.67: bytes=32 time=19ms TTL=56

 

Ping statistics for 173.194.41.67:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 19ms, Maximum = 19ms, Average = 19ms

Server:  cache1.service.virginmedia.net

Address:  194.168.4.100

 

Name:    yahoo.com

Addresses:  206.190.36.45

                  98.138.253.109

                  98.139.183.24

 

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=813ms TTL=48

Request timed out.

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

    Minimum = 813ms, Maximum = 813ms, Average = 813ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=59ms TTL=128

Reply from 127.0.0.1: bytes=32 time=12ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 12ms, Maximum = 59ms, Average = 35ms

===========================================================================

Interface List

 11...00 24 21 85 08 a6 ......Broadcom NetXtreme Gigabit Ethernet

  1...........................Software Loopback Interface 1

 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.5     10

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

      192.168.0.0    255.255.255.0         On-link       192.168.0.5    266

      192.168.0.5  255.255.255.255         On-link       192.168.0.5    266

    192.168.0.255  255.255.255.255         On-link       192.168.0.5    266

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link       192.168.0.5    266

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link       192.168.0.5    266

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

 If Metric Network Destination      Gateway

 13     58 ::/0                     On-link

  1    306 ::1/128                  On-link

 13     58 2001::/32                On-link

 13    306 2001:0:4137:9e76:2480:e5c:3f57:fffa/128

                                    On-link

 11    266 fe80::/64                On-link

 13    306 fe80::/64                On-link

 13    306 fe80::2480:e5c:3f57:fffa/128

                                    On-link

 11    266 fe80::dcd6:1fd:8c15:4402/128

                                    On-link

  1    306 ff00::/8                 On-link

 13    306 ff00::/8                 On-link

 11    266 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)

Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)

Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)

Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (04/06/2013 01:27:38 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

 

Error: (04/06/2013 01:27:34 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (04/06/2013 11:50:23 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/05/2013 11:47:18 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/05/2013 04:52:37 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

 

Error: (04/05/2013 04:52:32 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (04/05/2013 01:38:56 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/05/2013 06:07:36 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/04/2013 10:55:50 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/04/2013 02:09:27 PM) (Source: CardSpace 3.0.0.0) (User: )

Description: The Windows CardSpace Control Panel Applet was not able to load the MUI Library. This indicates a problem with the installation of the Windows CardSpace. Contact your system administrator

 

 

System errors:

=============

Error: (04/06/2013 11:51:06 AM) (Source: WMPNetworkSvc) (User: )

Description: WMPNetworkSvc0x80004005

 

Error: (04/06/2013 11:50:40 AM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk2\DR2.

 

Error: (04/06/2013 11:50:40 AM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk2\DR2.

 

Error: (04/06/2013 11:50:39 AM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk2\DR2.

 

Error: (04/06/2013 11:50:39 AM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk2\DR2.

 

Error: (04/06/2013 11:50:38 AM) (Source: Disk) (User: )

Description: The driver detected a controller error on \Device\Harddisk2\DR2.

 

Error: (04/06/2013 00:38:36 AM) (Source: Service Control Manager) (User: )

Description: The ScRegSetValueExW call failed for FailureActions with the following error:

%%5

 

Error: (04/06/2013 00:38:25 AM) (Source: DCOM) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

Error: (04/05/2013 11:48:10 PM) (Source: WMPNetworkSvc) (User: )

Description: WMPNetworkSvc0x80004005

 

Error: (04/05/2013 06:41:47 PM) (Source: Service Control Manager) (User: )

Description: The ScRegSetValueExW call failed for FailureActions with the following error:

%%5

 

 

Microsoft Office Sessions:

=========================

Error: (04/06/2013 01:27:38 PM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

 

Error: (04/06/2013 01:27:34 PM) (Source: SideBySide)(User: )

Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\drivertuner\DPInst64.exe

 

Error: (04/06/2013 11:50:23 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/05/2013 11:47:18 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/05/2013 04:52:37 PM) (Source: SideBySide)(User: )

Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

 

Error: (04/05/2013 04:52:32 PM) (Source: SideBySide)(User: )

Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\drivertuner\DPInst64.exe

 

Error: (04/05/2013 01:38:56 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/05/2013 06:07:36 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/04/2013 10:55:50 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (04/04/2013 02:09:27 PM) (Source: CardSpace 3.0.0.0)(User: )

Description: The Windows CardSpace Control Panel Applet was not able to load the MUI Library. This indicates a problem with the installation of the Windows CardSpace. Contact your system administrator

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-04-06 15:21:55.164

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\oleaut32.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-04-06 15:10:50.929

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\oleaut32.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-04-06 14:46:35.631

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\oleaut32.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-04-06 14:34:42.852

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\oleaut32.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-04-06 14:18:50.404

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\oleaut32.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-04-06 14:07:05.400

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\oleaut32.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-04-06 13:00:11.143

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\oleaut32.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-04-06 12:48:29.041

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\oleaut32.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-04-06 12:30:47.586

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\oleaut32.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-04-06 12:12:54.390

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\oleaut32.dll because the set of per-page image hashes could not be found on the system.

 

 

=========================== Installed Programs ============================

 

Adobe AIR (Version: 3.4.0.2710)

Adobe Community Help (Version: 3.5.23)

Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)

Adobe Media Player (Version: 1.8)

Adobe Photoshop CS5 (Version: 12.0)

Adobe Photoshop Lightroom 3.6 (Version: 3.6.1)

Adobe Reader XI (11.0.02) (Version: 11.0.02)

Adobe Shockwave Player 12.0 (Version: 12.0.0.112)

AVG 2013 (Version: 13.0.3162)

AVG 2013 (Version: 13.0.3272)

AVG 2013 (Version: 2013.0.3272)

AVG Security Toolbar (Version: 14.2.0.1)

AVI to DVD Converter (Version: 3.0.26.0314)

Belarc Advisor 8.3 (Version: 8.3.0.0)

BrowserProtect

Canon Easy-WebPrint EX

Canon iP4700 series Printer Driver

Canon Utilities Easy-PhotoPrint EX

Canon Utilities My Printer

Canon Utilities Solution Menu

CD-LabelPrint

ConvertXtoDVD 4.1.20.0 (Version: 4.1.20.0)

CPUID CPU-Z 1.62

D3DX10 (Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

DriverNavigator 3.2.0 (Version: 3.2.0.0)

DriverTuner 3.1.0.0 (Version: 3.1.0.0)

iPhoto Plus 4

MakeMKV v1.8.0 (Version: v1.8.0)

Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)

Maxthon 3 (Version: )

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6012.5000)

Microsoft Camera Codec Pack (Version: 16.4.1620.0719)

Microsoft Mouse and Keyboard Center (Version: 2.0.162.0)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Silverlight (Version: 5.1.20125.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)

Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)

Microsoft_VC90_ATL_x86 (Version: 1.00.0000)

Microsoft_VC90_CRT_x86 (Version: 1.00.0000)

Microsoft_VC90_MFC_x86 (Version: 1.00.0000)

Movie Maker (Version: 16.4.3505.0912)

MSVCRT (Version: 15.4.2862.0708)

MSVCRT110 (Version: 16.4.1108.0727)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

Mustek 600 CP v1.21

Nero 7 Premium (Version: 7.03.1151)

neroxml (Version: 1.0.0)

PDF Settings CS5 (Version: 10.0)

Photo Gallery (Version: 16.4.3505.0912)

PIXELA ImageMixer

PriceGong 2.6.8 (Version: 2.6.8)

Rapport (Version: 3.5.1207.31)

Spybot - Search & Destroy (Version: 1.6.2)

Spyder3Elite

swMSM (Version: 12.0.0.1)

TextBridge Classic

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Vuze (Version: 4.9.0.0)

Vuze Remote Toolbar (Version: 6.9.0.16)

Windows Live Communications Platform (Version: 16.4.3505.0912)

Windows Live Essentials (Version: 16.4.3505.0912)

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)

Windows Live Installer (Version: 16.4.3505.0912)

Windows Live Photo Common (Version: 16.4.3505.0912)

Windows Live PIMT Platform (Version: 16.4.3505.0912)

Windows Live SOXE (Version: 16.4.3505.0912)

Windows Live SOXE Definitions (Version: 16.4.3505.0912)

Windows Live UX Platform (Version: 16.4.3505.0912)

Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)

WinZip 14.0 (Version: 14.0.9029)

Youtube Music Downloader V3.7.1

Youtube Video Downloader PRO 3.9.0.2

YTD Video Downloader 3.9.3

YTD Video Downloader 3.9.6 (Version: 3.9.6)

 

========================= Devices: ================================

 

Name: PS/2 Compatible Mouse

Description: PS/2 Compatible Mouse

Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears. Remove the device, and this error should be resolved.

 

Name: Standard PS/2 Keyboard

Description: Standard PS/2 Keyboard

Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard keyboards)

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears. Remove the device, and this error should be resolved.

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 44%

Total physical RAM: 3311.33 MB

Available physical RAM: 1836.28 MB

Total Pagefile: 8275.61 MB

Available Pagefile: 6768.31 MB

Total Virtual: 2047.88 MB

Available Virtual: 1932.36 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.73 GB) (Free:163.5 GB) NTFS

3 Drive f: (Expansion Drive) (Fixed) (Total:298.09 GB) (Free:94.89 GB) NTFS

4 Drive z: (Data) (Fixed) (Total:149.01 GB) (Free:117.61 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\PHOTO1-PC

Administrator            Guest                    PHOTO1               

 

 

**** End of log ****

Malaware

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

 

Database version: v2013.04.06.04

 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 8.0.7601.17514

PHOTO1 :: PHOTO1-PC [administrator]

 

Protection: Enabled

 

06/04/2013 15:42:20

mbam-log-2013-04-06 (15-42-20).txt

 

Scan type: Full scan (C:\|F:\|Z:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 363939

Time elapsed: 1 hour(s), 23 minute(s), 40 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

 

 

 

 

 

 

Malwarebytes Anti-Rootkit BETA 1.01.0.1022

www.malwarebytes.org

 

Database version: v2013.04.06.05

 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 8.0.7601.17514

PHOTO1 :: PHOTO1-PC [administrator]

 

06/04/2013 21:48:57

mbar-log-2013-04-06 (21-48-57).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 27990

Time elapsed: 9 minute(s), 22 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:33 AM

Posted 09 April 2013 - 04:55 PM

Disable your AV program and try to download and run fresh copy of Security Check.

 

I still need system-log.txt lof from MBAR.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 connormather

connormather
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 10 April 2013 - 05:44 AM

Hi Broni

Turned off all anti-viruses, and attempted to view what security setup came with windows 7. Unfortunately, in the control panel the action centre is no longer a recognised file. However, I’ve been informed that windows security is disabled if a personal av is installed. However, after disabling my av systems I was still unable to run Security Check. The resulting message appeared: C/Windows/system 32/ulib.dill is either not designed to run on windows or it contains an error.

This is the results from MBAR

Malwarebytes Anti-Rootkit BETA 1.01.0.1022

www.malwarebytes.org

Database version: v2013.04.06.05

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 8.0.7601.17514

PHOTO1 :: PHOTO1-PC [administrator]

06/04/2013 21:48:57

mbar-log-2013-04-06 (21-48-57).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 27990

Time elapsed: 9 minute(s), 22 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

 

(end)

 

Regards Colin



#6 connormather

connormather
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 10 April 2013 - 08:28 AM

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.04.10.03
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
PHOTO1 :: PHOTO1-PC [administrator]
 
Protection: Enabled
 
10/04/2013 12:18:55
mbam-log-2013-04-10 (12-18-55).txt
 
Scan type: Full scan (C:\|F:\|Z:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 364144
Time elapsed: 1 hour(s), 25 minute(s), 2 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 3
C:\Users\PHOTO1\AppData\Local\Temp\wz1a0f\MakeMKV v1.6.10 + Patch\MakeMKV v1.6.10 patch.rar (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
C:\Users\PHOTO1\AppData\Local\Temp\wz4d2f\MakeMKV v1.6.10 + Patch\MakeMKV v1.6.10 patch.rar (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
C:\Users\PHOTO1\Documents\MakeMKV v1.6.10 + Patch\MakeMKV v1.6.10 + Patch\MakeMKV v1.6.10 patch.rar (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
 
(end)


#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:33 AM

Posted 10 April 2013 - 06:27 PM

I still need system-log.txt lof from MBAR.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users