Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Very high DPCs - usbport.sys


  • Please log in to reply
6 replies to this topic

#1 Bencla

Bencla

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 02 August 2013 - 07:37 PM

Hey everyone,

 

I am helping out my father in law with his computer so here goes:

 

On startup of his XP SP3 old desktop computer his computer is extremely slow for over 30 minutes. So I check what is running and I notice that Hardware interrupts and DPCs are hogging almost all of the CPU's resources, like 80-90%.

So I run RATT to check exactly what is causing the problem. On it it shows that usbport.sys has approx 130 millions ISR's and 300k+ of DPC. So I unabled the three usb devices that use usbport.sys in device manager and after a reboot, the problem has disappeared. When running DPC Latency checker the difference between having usbport.sys enabled and disabled is night and day so I know for a fact the problem lies with the driver. So I download a new one and replace the old one with it - no luck.

 

 

I'm kind of stuck at this point and I'm wondering what else I could do? Could it be a hardware issue? There has been a problem with his Power Supply and he has been running it knowing it was failing for probably around a year and I know that could damage computer components. I have put a new one in last week though.

 

Thanks for reading this and any help given!


Edited by hamluis, 11 August 2013 - 02:45 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Bencla

Bencla
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 04 August 2013 - 11:05 AM

Bump. 58 views... but no suggestions?



#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,407 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:50 PM

Posted 04 August 2013 - 11:21 AM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
 
• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List IP configuration
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
 
 Click on Go to start the scan.  Once it is finished highlight the text, copy it and paste it in your next post.

 

 

Please download and install Speccy in order to provide us with information about your computer.
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps3c082bf1.png
 
Click on File, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on [b]Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click in the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.

 

Please post the make and model of this computer.


Edited by dc3, 04 August 2013 - 11:22 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 Bencla

Bencla
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 04 August 2013 - 07:12 PM

On restart on this particular occasion, I still had extremely high CPU usage but only for approx. 10 minutes which is a huge improvement. I have not changed anything though, so I don't understand why it did in the first place.

 

Here is Minitoolbox when running normally:

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Owner (administrator) on 04-08-2013 at 18:38:11
Running from "C:\Documents and Settings\Owner\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
 
There are 15448 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : YOUR-4A83611303
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Broadcast
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : netgear.com
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Connection-specific DNS Suffix  . : netgear.com
 
        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
 
        Physical Address. . . . . . . . . : 00-13-D3-52-D8-36
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.254.24
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.254.254
 
        DHCP Server . . . . . . . . . . . : 192.168.254.254
 
        DNS Servers . . . . . . . . . . . : 192.168.254.254
 
        Lease Obtained. . . . . . . . . . : 04 August 2013 13:46:46
 
        Lease Expires . . . . . . . . . . : 05 August 2013 13:46:46
 
Server:  dslrouter.netgear.com
Address:  192.168.254.254
 
Name:    google.com
Addresses:  173.194.37.40, 173.194.37.41, 173.194.37.37, 173.194.37.34
 173.194.37.46, 173.194.37.33, 173.194.37.36, 173.194.37.39, 173.194.37.35
 173.194.37.38, 173.194.37.32
 
 
 
Pinging google.com [173.194.37.32] with 32 bytes of data:
 
 
 
Reply from 173.194.37.32: bytes=32 time=50ms TTL=53
 
Reply from 173.194.37.32: bytes=32 time=51ms TTL=53
 
 
 
Ping statistics for 173.194.37.32:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 50ms, Maximum = 51ms, Average = 50ms
 
Server:  dslrouter.netgear.com
Address:  192.168.254.254
 
Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109
 
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
 
 
Reply from 98.138.253.109: bytes=32 time=133ms TTL=46
 
Reply from 98.138.253.109: bytes=32 time=136ms TTL=46
 
 
 
Ping statistics for 98.138.253.109:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 133ms, Maximum = 136ms, Average = 134ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 d3 52 d8 36 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254  192.168.254.24  20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
    192.168.254.0    255.255.255.0   192.168.254.24  192.168.254.24  20
   192.168.254.24  255.255.255.255        127.0.0.1       127.0.0.1  20
  192.168.254.255  255.255.255.255   192.168.254.24  192.168.254.24  20
        224.0.0.0        240.0.0.0   192.168.254.24  192.168.254.24  20
  255.255.255.255  255.255.255.255   192.168.254.24  192.168.254.24  1
Default Gateway:   192.168.254.254
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/04/2013 06:38:41 PM) (Source: CSWA) (User: )
Description: SELFCHECK FAILURE
cswa\main.cpp#434
 
Error: (08/02/2013 04:14:09 PM) (Source: Application Hang) (User: )
Description: Hanging application mmc.exe, version 5.2.3790.4136, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (07/30/2013 07:53:06 PM) (Source: Application Hang) (User: )
Description: Hanging application cleanmgr.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (07/30/2013 05:37:34 PM) (Source: Brother BrLog) (User: )
Description: STMON BrtSTMON: [2013/07/30 17:37:34.390]: [00000120]:   Loading WtsapiDll is Failed  !!!!!
 
Error: (07/30/2013 04:34:46 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:34:22 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:57 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:37 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:02 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:32:44 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
 
System errors:
=============
Error: (08/04/2013 05:07:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/04/2013 00:07:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/04/2013 07:07:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/04/2013 02:07:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/03/2013 09:07:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/03/2013 04:07:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/03/2013 03:01:59 PM) (Source: DCOM) (User: YOUR-4A83611303)
Description: DCOM got error "%%1058" attempting to start the service iPod Service with arguments ""
in order to run the server:
{063D34A4-BF84-4B8D-B699-E8CA06504DDE}
 
Error: (08/03/2013 11:07:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/03/2013 06:07:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/03/2013 01:07:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
 
Microsoft Office Sessions:
=========================
Error: (08/04/2013 06:38:41 PM) (Source: CSWA)(User: )
Description: SELFCHECK FAILURE
cswa\main.cpp#434
 
Error: (08/02/2013 04:14:09 PM) (Source: Application Hang)(User: )
Description: mmc.exe5.2.3790.4136hungapp0.0.0.000000000
 
Error: (07/30/2013 07:53:06 PM) (Source: Application Hang)(User: )
Description: cleanmgr.exe6.0.2900.5512hungapp0.0.0.000000000
 
Error: (07/30/2013 05:37:34 PM) (Source: Brother BrLog)(User: )
Description: STMONBrtSTMON: [2013/07/30 17:37:34.390]: [00000120]:   Loading WtsapiDll is Failed  !!!!!
 
Error: (07/30/2013 04:34:46 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:34:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:57 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:37 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:02 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:32:44 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
 
=========================== Installed Programs ============================
 
3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
AT&T Self Support Tool
ATSG CD 2005
Auslogics BoostSpeed 5.5 (Version: 5.5)
Brother MFL-Pro Suite MFC-495CW (Version: 1.0.0.0)
CCleaner (Version: 4.04)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Defraggler (Version: 2.15)
Digital Media Reader (Version: 1.10)
Google Chrome (Version: 28.0.1500.95)
Google Earth (Version: 7.1.1.1888)
Google Gmail Notifier
Google SketchUp (Version: 5.0.295)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
Highlight Viewer (Windows Live Toolbar) (Version: 03.01.0146)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JavaFX 2.1.1 (Version: 2.1.1)
Kensington MouseWorks (Version: 6.11.4.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Map Button (Windows Live Toolbar) (Version: 03.01.0146)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Corporation RATTV3
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money 2005 (Version: 14)
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.04.0623)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.6.0)
Move Networks Player for Firefox
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
muvee Plugin 1.0 (Version: 1.01.100)
Nero BurnRights
Nero OEM
Notepad++ (Version: 6.4.3)
NVIDIA Control Panel 314.22 (Version: 314.22)
NVIDIA Graphics Driver 314.22 (Version: 314.22)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
oggcodecs 0.71.0946 (Version: 0.71.0946)
PaperPort Image Printer (Version: 1.00.0000)
PowerDVD
Print Factory
QuickTime (Version: 7.74.80.86)
Realtek AC'97 Audio
Recovery Software Suite eMachines (Version: 1.00.0000)
Rhapsody Player Engine (Version: 1.0.690)
SAMSUNG Intelli-studio
ScanSoft PaperPort 11 (Version: 11.2.0000)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)
Soft Data Fax Modem with SmartCP
Speccy (Version: 1.22)
Spybot - Search & Destroy (Version: 1.6.2)
SweetIM For Internet Explorer 3.0b (Version: 3.00.0022)
swMSM (Version: 12.0.0.1)
The Game Of Life
The Sims 2 Pets
The Sims 2 University
The Sims™ 3 (Version: 1.12.70)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ Life Stories
The Weather Channel Desktop 6
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Backup Utility (Version: 5.1)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Installer 3.1 (KB893803)
Windows Live Favorites for Windows Live Toolbar (Version: 03.01.0146)
Windows Live Toolbar (Version: 03.01.0146)
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 34%
Total physical RAM: 1534.48 MB
Available physical RAM: 1003.31 MB
Total Pagefile: 1964.76 MB
Available Pagefile: 1521.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.11 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:181.85 GB) (Free:118.64 GB) NTFS
2 Drive d: () (Fixed) (Total:4.44 GB) (Free:2.71 GB) FAT32
3 Drive e: (Sims2EP4_1) (CDROM) (Total:0.47 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\YOUR-4A83611303
 
Administrator            ASPNET                   girls of the house       
Guest                    HelpAssistant            Kacy                     
Owner                    SUPPORT_388945a0         UpdatusUser              
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 
 
And for good measure, when just booted up:
 
MiniToolBox by Farbar  Version: 13-07-2013
Ran by Owner (administrator) on 04-08-2013 at 18:52:45
Running from "C:\Documents and Settings\Owner\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
 
There are 15448 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : YOUR-4A83611303
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Broadcast
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : netgear.com
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Connection-specific DNS Suffix  . : netgear.com
 
        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
 
        Physical Address. . . . . . . . . : 00-13-D3-52-D8-36
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.254.24
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.254.254
 
        DHCP Server . . . . . . . . . . . : 192.168.254.254
 
        DNS Servers . . . . . . . . . . . : 192.168.254.254
 
        Lease Obtained. . . . . . . . . . : 04 August 2013 18:45:49
 
        Lease Expires . . . . . . . . . . : 05 August 2013 18:45:49
 
Server:  dslrouter.netgear.com
Address:  192.168.254.254
 
Name:    google.com
Addresses:  173.194.37.34, 173.194.37.37, 173.194.37.40, 173.194.37.46
 173.194.37.41, 173.194.37.39, 173.194.37.32, 173.194.37.35, 173.194.37.36
 173.194.37.38, 173.194.37.33
 
 
 
Pinging google.com [173.194.37.33] with 32 bytes of data:
 
 
 
Reply from 173.194.37.33: bytes=32 time=51ms TTL=53
 
Reply from 173.194.37.33: bytes=32 time=127ms TTL=53
 
 
 
Ping statistics for 173.194.37.33:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 51ms, Maximum = 127ms, Average = 89ms
 
Server:  dslrouter.netgear.com
Address:  192.168.254.254
 
Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109
 
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
 
 
Reply from 98.138.253.109: bytes=32 time=132ms TTL=46
 
Reply from 98.138.253.109: bytes=32 time=168ms TTL=46
 
 
 
Ping statistics for 98.138.253.109:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 132ms, Maximum = 168ms, Average = 150ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 d3 52 d8 36 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254  192.168.254.24  20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
    192.168.254.0    255.255.255.0   192.168.254.24  192.168.254.24  20
   192.168.254.24  255.255.255.255        127.0.0.1       127.0.0.1  20
  192.168.254.255  255.255.255.255   192.168.254.24  192.168.254.24  20
        224.0.0.0        240.0.0.0   192.168.254.24  192.168.254.24  20
  255.255.255.255  255.255.255.255   192.168.254.24  192.168.254.24  1
Default Gateway:   192.168.254.254
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/04/2013 06:38:41 PM) (Source: CSWA) (User: )
Description: SELFCHECK FAILURE
cswa\main.cpp#434
 
Error: (08/02/2013 04:14:09 PM) (Source: Application Hang) (User: )
Description: Hanging application mmc.exe, version 5.2.3790.4136, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (07/30/2013 07:53:06 PM) (Source: Application Hang) (User: )
Description: Hanging application cleanmgr.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (07/30/2013 05:37:34 PM) (Source: Brother BrLog) (User: )
Description: STMON BrtSTMON: [2013/07/30 17:37:34.390]: [00000120]:   Loading WtsapiDll is Failed  !!!!!
 
Error: (07/30/2013 04:34:46 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:34:22 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:57 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:37 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:02 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:32:44 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.
 
 
System errors:
=============
Error: (08/04/2013 06:48:18 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
 
Error: (08/04/2013 06:48:15 PM) (Source: Print) (User: NT AUTHORITY)
Description: Printer Lexmark Z700-P700 Series,0 failed to initialize because a suitable Lexmark Z700-P700 Series driver could not be found.
 
Error: (08/04/2013 05:07:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/04/2013 00:07:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/04/2013 07:07:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/04/2013 02:07:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/03/2013 09:07:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/03/2013 04:07:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (08/03/2013 03:01:59 PM) (Source: DCOM) (User: YOUR-4A83611303)
Description: DCOM got error "%%1058" attempting to start the service iPod Service with arguments ""
in order to run the server:
{063D34A4-BF84-4B8D-B699-E8CA06504DDE}
 
Error: (08/03/2013 11:07:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
 
Microsoft Office Sessions:
=========================
Error: (08/04/2013 06:38:41 PM) (Source: CSWA)(User: )
Description: SELFCHECK FAILURE
cswa\main.cpp#434
 
Error: (08/02/2013 04:14:09 PM) (Source: Application Hang)(User: )
Description: mmc.exe5.2.3790.4136hungapp0.0.0.000000000
 
Error: (07/30/2013 07:53:06 PM) (Source: Application Hang)(User: )
Description: cleanmgr.exe6.0.2900.5512hungapp0.0.0.000000000
 
Error: (07/30/2013 05:37:34 PM) (Source: Brother BrLog)(User: )
Description: STMONBrtSTMON: [2013/07/30 17:37:34.390]: [00000120]:   Loading WtsapiDll is Failed  !!!!!
 
Error: (07/30/2013 04:34:46 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:34:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:57 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:37 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:33:02 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
Error: (07/30/2013 04:32:44 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe specified server cannot perform the requested operation.
 
 
=========================== Installed Programs ============================
 
3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
AT&T Self Support Tool
ATSG CD 2005
Auslogics BoostSpeed 5.5 (Version: 5.5)
Brother MFL-Pro Suite MFC-495CW (Version: 1.0.0.0)
CCleaner (Version: 4.04)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Defraggler (Version: 2.15)
Digital Media Reader (Version: 1.10)
Google Chrome (Version: 28.0.1500.95)
Google Earth (Version: 7.1.1.1888)
Google Gmail Notifier
Google SketchUp (Version: 5.0.295)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
Highlight Viewer (Windows Live Toolbar) (Version: 03.01.0146)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JavaFX 2.1.1 (Version: 2.1.1)
Kensington MouseWorks (Version: 6.11.4.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Map Button (Windows Live Toolbar) (Version: 03.01.0146)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Corporation RATTV3
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Money 2005 (Version: 14)
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.04.0623)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.6.0)
Move Networks Player for Firefox
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
muvee Plugin 1.0 (Version: 1.01.100)
Nero BurnRights
Nero OEM
Notepad++ (Version: 6.4.3)
NVIDIA Control Panel 314.22 (Version: 314.22)
NVIDIA Graphics Driver 314.22 (Version: 314.22)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
oggcodecs 0.71.0946 (Version: 0.71.0946)
PaperPort Image Printer (Version: 1.00.0000)
PowerDVD
Print Factory
QuickTime (Version: 7.74.80.86)
Realtek AC'97 Audio
Recovery Software Suite eMachines (Version: 1.00.0000)
Rhapsody Player Engine (Version: 1.0.690)
SAMSUNG Intelli-studio
ScanSoft PaperPort 11 (Version: 11.2.0000)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146)
Soft Data Fax Modem with SmartCP
Speccy (Version: 1.22)
Spybot - Search & Destroy (Version: 1.6.2)
SweetIM For Internet Explorer 3.0b (Version: 3.00.0022)
swMSM (Version: 12.0.0.1)
The Game Of Life
The Sims 2 Pets
The Sims 2 University
The Sims™ 3 (Version: 1.12.70)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ Life Stories
The Weather Channel Desktop 6
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Backup Utility (Version: 5.1)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Installer 3.1 (KB893803)
Windows Live Favorites for Windows Live Toolbar (Version: 03.01.0146)
Windows Live Toolbar (Version: 03.01.0146)
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 29%
Total physical RAM: 1534.48 MB
Available physical RAM: 1078.04 MB
Total Pagefile: 1959.76 MB
Available Pagefile: 1701.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.11 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:181.85 GB) (Free:118.65 GB) NTFS
2 Drive d: () (Fixed) (Total:4.44 GB) (Free:2.71 GB) FAT32
3 Drive e: (Sims2EP4_1) (CDROM) (Total:0.47 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\YOUR-4A83611303
 
Administrator            ASPNET                   girls of the house       
Guest                    HelpAssistant            Kacy                     
Owner                    SUPPORT_388945a0         UpdatusUser              
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 

And Speccy:

http://speccy.piriform.com/results/pfzlMKMNdgoHdQC64pqVIG7

 

Thanks for taking this time!

 



#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,407 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:50 PM

Posted 05 August 2013 - 01:35 PM

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
  • Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Reagardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

    Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

     

     

     

     


    #6 Bencla

    Bencla
    • Topic Starter

    • Members
    • 4 posts
    • OFFLINE
    •  
    • Local time:05:50 PM

    Posted 11 August 2013 - 01:47 PM

    Thank you,

     

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org
     
    Database version: v2013.08.11.05
     
    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 7.0.5730.13
    Owner :: YOUR-4A83611303 [administrator]
     
    11/08/2013 13:33:06
    mbam-log-2013-08-11 (13-33-06).txt
     
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 355603
    Time elapsed: 14 minute(s), 49 second(s)
     
    Memory Processes Detected: 0
    (No malicious items detected)
     
    Memory Modules Detected: 0
    (No malicious items detected)
     
    Registry Keys Detected: 0
    (No malicious items detected)
     
    Registry Values Detected: 0
    (No malicious items detected)
     
    Registry Data Items Detected: 0
    (No malicious items detected)
     
    Folders Detected: 0
    (No malicious items detected)
     
    Files Detected: 3
    C:\Documents and Settings\Owner\Local Settings\Temp\is80612742\1380174_Setup.EXE (PUP.Optional.AddLyrics) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Owner\Local Settings\Temp\is80612742\DeltaTB.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Owner\Local Settings\Temp\is80612742\wajam_validate.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
     
    (end)


    #7 dc3

    dc3

      Bleeping Treehugger


    • Members
    • 30,407 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Sierra Foothills of Northern Ca.
    • Local time:03:50 PM

    Posted 12 August 2013 - 10:09 AM

    What is the make and model of this computer?

     

    Do you have the installation disc for this computer?

     

    Please run chkdsk /r, this will repair errors, locate bad sectors, and recover readable information.
     
    Click on Start, click on Run and type cmd in the box and press Enter.  
     
    You will see an image similar to the one below.
     
    Screenshot2.jpg
     
    Type in or copy and paste chkdsk /r
     
    You will get the following message:
     
    Chkdsk cannot run because the volume is in use by another process.  Would you like to shcedule this volume to be checked the next time the system restarts?  (Y/N)
     
    Press the Y key, then press Enter
     
    Restart your computer to run the scan.  This has five sections and will take some time.  Please don't try to use your computer while this scan is running.
     
    Please run sfc /scannow.
     
     
    The sfc /scannow command scans all protected system files and replaces corrupted and incorrect versions with correct Microsoft versions.
     
    During this scan you may be prompted to insert your installation disc in the DVD/CD drive, if you have this disc you will want to have it available before you start the scan.  If you don't have this disc and are prompted for it you will need to follow the *instructions below for locating the i386 file. 
     
    To initiate this scan go to Start> Run and type in sfc /scannow then press enter.
     
    If files are found during this scan which need to be replaced you may be prompted to insert your installation disc, do so at that time.   If it doesn't ask you for the disc this means that it wasn't necessary to replace any files.   In the event the the system asks you for the disc, you must visit Windows Update immediately after the scan is completed (Please note that there won't be any confirmation dialog - the program will just exit without telling you anything).
     
    ***Warning, the steps below involve entering the Registry.  If a mistake is made there this can render your computer inoperable.  For this reason I suggest that you first back up the rigistry.***
     
    Backup Your Registry with ERUNT
  • Please use the following link and scroll down to ERUNT and download it.
  • For version with the Installer:
  • Use the setup program to install ERUNT on your computer
  • For the zipped version:
  • Unzip all the files into a folder of your choice.
    Click Erunt.exe to backup your registry to the folder of your choice.
     
    Note: to restore your registry, go to the folder and start ERUNT.exe
     
    *If you do not have this disc you will need to locate a directory on your system which is named i386. You will need to search for this in the registry, to do this type in regedit in the Search programs and files box and then press Enter, you will see a screen similar to the one below.
     
     
    To find this you will need to navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup 
     
    You will see the list of HKEY options, please notice the arrow to the left of the option, when you click on this arrow the menu will expand and you will be able to find the next step “SOFTWARE”, expand the menu on this option and proceed till you reach “Setup”.  Under “Setup” you will need to find “SourcePath”.  The SourcePath probably has an entry pointing to your CD-ROM drive, and that is why it is asking for the XP CD. This needs to be changed it to C:\, to do this double click on SourcePath, a box will open where you will make this change by typing in C:\.
     
    Restart your computer now and try running the scan again.

    Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

     

     

     

     





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users