Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is there a virus that causes windows vista error code 0x80096001?


  • Please log in to reply
24 replies to this topic

#1 signofzeta

signofzeta

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 24 April 2014 - 09:59 PM

Beware.  This laptop is a tough beast to crack.  I had someone in the vista section of the forums try to help me to no avail, and I once got a virus before, and tried to seek help at Techspot.  The guy couldn't help me, and I came to Bleeping computer and someone fixed the problem, so there may be a time when I will have to say that a certain step in the fix hasn't worked.

 

I really don't know what virus is infecting my laptop, but whatever it is, it is causing windows update and windows defender, and windows security essentials to fail to update.

 

 

I started a thread here, and in that thread, I made the assumption that it wasn't a virus that is causing my windows vista laptop to not update, and for Microsoft Security Essentials to not update.

 

http://www.bleepingcomputer.com/forums/t/528254/windows-could-not-search-for-new-updates-error-code-80096001/

 

I want to know if a virus is causing the problems that I am describing in that thread.

 

Another thing that I want to know is that if there is a virus that causes adobe flash to slow down and crash, or if there is a virus that causes my windows vista laptop to sometimes get a blue screen of death, albeit infrequently.

 

I also want to know if there is a virus in my computer that is causing problems with the steps, described in the thread in the link above.

 

Should I stick with microsoft security essentials, or is there a better free antivirus out there?


Edited by signofzeta, 25 April 2014 - 02:01 AM.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:26 PM

Posted 25 April 2014 - 04:48 PM

ello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us
  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.
:step2:

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.
:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 25 April 2014 - 06:12 PM

I don't see a "search" option in AdwCleaner.  Do you mean "scan"?

 

TDSKiller yielded no results.


Edited by signofzeta, 25 April 2014 - 06:14 PM.


#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:26 PM

Posted 25 April 2014 - 06:57 PM

Hi

 

Do you mean "scan"?

- Yes that's right sorry.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 25 April 2014 - 07:38 PM

I performed the AdwCleaner scan, and it says "Pending. Please uncheck elements you don't want to remove."

 

No log file automatically opened.

 

I did find a AdwCleaner[R0].txt but not a AdwCleaner[R1].txt

 

Nevermind.  I quit and restarted AdwCleaner.  Ran the scan again.  I was supposed to click on report, and now I have an AdwCleaner[R1].txt

 

I guess if I tried to run the scan a third time, I would get a AdwCleaner[R2].txt


Edited by signofzeta, 25 April 2014 - 07:43 PM.


#6 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 25 April 2014 - 07:51 PM

AdwCleaner log file

 

# AdwCleaner v3.202 - Report created 25/04/2014 at 19:39:54
# Updated 23/04/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : George - GEORGEGAMINGPC
# Running from : C:\Users\George\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\sbtdhcwb.default\.autoreg
File Found : C:\Users\George\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\searchplugins\search.xml
File Found : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\user.js
Folder Found C:\Program Files\BasicScan
Folder Found C:\Program Files\DAEMON Tools Toolbar
Folder Found C:\Users\George\AppData\Local\SanctionedMedia
Folder Found C:\Users\George\AppData\Local\Temp\AI_RecycleBin
Folder Found C:\Users\George\AppData\Roaming\DefaultTab

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\cacaoweb
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\SanctionedMedia
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\Software\DeviceVM
Key Found : HKLM\Software\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B39D87F9-292C-48B6-B9DF-477C406D5DF7}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6002.18005


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\prefs.js ]


[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\sbtdhcwb.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [4021 octets] - [25/04/2014 19:21:33]
AdwCleaner[R1].txt - [3941 octets] - [25/04/2014 19:39:54]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [4001 octets] ##########
 

 

 

 

 

 

 

 

 


FSS log file

 

Farbar Service Scanner Version: 25-02-2014
Ran by George (administrator) on 25-04-2014 at 19:45:42
Running from "C:\Users\George\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


Edited by signofzeta, 25 April 2014 - 07:54 PM.


#7 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 25 April 2014 - 07:53 PM

Minitoolbox log file

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by George (administrator) on 25-04-2014 at 19:48:15
Running from "C:\Users\George\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.http", "127.0.0.1"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Atheros AR928x Wireless Network Adapter = Wireless Network Connection (Connected)
SiS191 Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=10.0.1.6 metric=1


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : GeorgeGamingPC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain_not_set.invalid

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : domain_not_set.invalid
   Description . . . . . . . . . . . : Atheros AR928x Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-22-43-87-6B-0E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5957:3d21:a983:8ad7%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, April 24, 2014 6:26:16 PM
   Lease Expires . . . . . . . . . . : Saturday, April 26, 2014 1:30:35 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 268444227
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-6D-1D-9F-00-24-8C-8A-AA-C8
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : domain_not_set.invalid
   Description . . . . . . . . . . . : SiS191 Ethernet Controller
   Physical Address. . . . . . . . . : 00-24-8C-8A-AA-C8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.domain_not_set.invalid
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:2cfb:381b:3f57:fe98(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2cfb:381b:3f57:fe98%20(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 20:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  AirPort
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4001:c05::66
      216.123.55.91
      216.123.55.80
      216.123.55.117
      216.123.55.123
      216.123.55.84
      216.123.55.90
      216.123.55.99
      216.123.55.95
      216.123.55.110
      216.123.55.88
      216.123.55.102
      216.123.55.112
      216.123.55.113
      216.123.55.101
      216.123.55.121
      216.123.55.106



Pinging google.com [216.123.55.106] with 32 bytes of data:

Reply from 216.123.55.106: bytes=32 time=25ms TTL=59

Reply from 216.123.55.106: bytes=32 time=1196ms TTL=59



Ping statistics for 216.123.55.106:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 25ms, Maximum = 1196ms, Average = 610ms

Server:  AirPort
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
      98.139.183.24
      98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=43ms TTL=53

Reply from 98.138.253.109: bytes=32 time=222ms TTL=53



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 43ms, Maximum = 222ms, Average = 132ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 11 ...00 22 43 87 6b 0e ...... Atheros AR928x Wireless Network Adapter
 10 ...00 24 8c 8a aa c8 ...... SiS191 Ethernet Controller
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  Microsoft 6to4 Adapter #3
 23 ...00 00 00 00 00 00 00 e0  isatap.domain_not_set.invalid
 15 ...00 00 00 00 00 00 00 e0  Microsoft 6to4 Adapter #4
 17 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 16 ...00 00 00 00 00 00 00 e0  Microsoft 6to4 Adapter #5
 24 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 20 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 21 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 22 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 26 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 30 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.103     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link     192.168.1.103    301
  169.254.255.255  255.255.255.255         On-link     192.168.1.103    276
      192.168.1.0    255.255.255.0         On-link     192.168.1.103    276
    192.168.1.103  255.255.255.255         On-link     192.168.1.103    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.103    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.103    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.103    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
      169.254.0.0      255.255.0.0         10.0.1.6       1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 20     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 20     18 2001::/32                On-link
 20    266 2001:0:9d38:6abd:2cfb:381b:3f57:fe98/128
                                    On-link
 11    276 fe80::/64                On-link
 20    266 fe80::/64                On-link
 20    266 fe80::2cfb:381b:3f57:fe98/128
                                    On-link
 11    276 fe80::5957:3d21:a983:8ad7/128
                                    On-link
  1    306 ff00::/8                 On-link
 20    266 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/24/2014 05:22:53 PM) (Source: System Restore) (User: )
Description: The scheduled restore point could not be created.  Additional information: (0x8007000e).

Error: (04/24/2014 05:22:53 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Descripton = Scheduled Checkpoint; Hr = 0x8007000e).

Error: (04/24/2014 05:22:53 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine IMultiInterfaceEventControl::GetSubscriptions.  hr = 0x800700a4.


Operation:
   Abort Backup

Context:
   Execution Context: Requestor
   Current State: SnapshotSetCreated

Error: (04/24/2014 05:22:23 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Error: An error 0x8007000e was encountered while trying to initialize the Registry Writer.  This may cause
future shadow-copy creations to fail.

Error: (04/24/2014 05:22:22 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Error: An error 0x8000ffff was encountered while trying to initialize the Registry Writer.  This may cause
future shadow-copy creations to fail.

Error: (04/19/2014 02:49:05 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp45800700a4

Error: (04/19/2014 02:48:03 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp45800700a4

Error: (04/19/2014 02:43:31 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp45800700a4

Error: (04/19/2014 02:43:27 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp45800700a4

Error: (04/18/2014 03:22:40 AM) (Source: System Restore) (User: )
Description: The scheduled restore point could not be created.  Additional information: (0x8007000e).


System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-25 13:57:29.178
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 13:57:28.272
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 13:57:27.367
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 13:57:26.473
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 13:57:25.429
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 13:57:24.679
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 13:57:23.769
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 13:57:22.877
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 13:53:12.261
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-25 13:53:11.627
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system (Version: 12.0.6425.1000)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Flash Player 9 ActiveX (Version: 9)
Adobe Reader X (10.0.1) (Version: 10.0.1)
Apple Application Support (Version: 1.3.2)
Apple Software Update (Version: 2.1.1.116)
ASUS CopyProtect (Version: 1.0.0007)
ASUS Data Security Manager (Version: 1.00.0007)
ASUS FancyStart (Version: 1.0.1)
ASUS LifeFrame3 (Version: 3.0.13)
ASUS Live Update (Version: 2.5.7)
ASUS MultiFrame (Version: 1.0.0018)
ASUS Power4Gear eXtreme (Version: 1.0.19)
ASUS SmartLogon (Version: 1.0.0006)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0021)
ASUS Touch Pad Extra
ASUS Virtual Camera (Version: 1.0.11)
Asus_Camera_ScreenSaver (Version: 2.0.0008)
Atheros Client Installation Program (Version: 7.0)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.00.0034)
ATK Media (Version: 2.0.0000)
ATKOSD2 (Version: 7.0.0001)
BitComet 1.12 (Version: 1.12)
Canon Easy-PhotoPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MG5300 series MP Drivers
Canon MG5300 series On-screen Manual
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
CDBurnerXP (Version: 4.2.4.1430)
Cisco EAP-FAST Module (Version: 2.1.6)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Citrix XenApp Web Plugin (Version: 11.0.0.5357)
Company of Heroes (Version: 1.0.0.78)
CyberLink LabelPrint (Version: 2.0.2908)
CyberLink Power2Go (Version: 6.0.1924)
Dolby Control Center (Version: 1.2.0704)
Doom 3 ™ Demo
Doom 3 (Version: 1.2)
DOOM 3: BFG Edition
DOOM 3: Resurrection of Evil (Version: 1.0)
DOOM II: Hell on Earth
Explorer Suite III
Express Gate (Version: 1.0.5.10)
Game Scanner (Version: 2.0.12)
Google Desktop (Version: 5.9.1005.12335)
Google Earth Plug-in (Version: 7.1.2.2041)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.2.2427.2330)
Google Update Helper (Version: 1.3.23.9)
ImageJ 1.47v
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 14.0.8117.416)
KeePass Password Safe 2.18
LightScribe System Software  1.14.17.1 (Version: 1.14.17.1)
Logitech Gaming Software (Version: 4.30)
Magic Online (Version: 3.00.0000)
Magic The Gathering Online  (Version: 3.4.76.328)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Marvel™ - Ultimate Alliance (Version: 1.00.0000)
MATLAB R2009b (Version: 7.9)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel 2007 Help ¸üР(KB963678)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678)
Microsoft Office Excel 2007 Help Actualización (KB963678)
Microsoft Office Excel MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office IME (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000)
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office Outlook 2007 Help ¸üР(KB963677)
Microsoft Office Outlook 2007 Help Actualización (KB963677)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Outlook MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Powerpoint 2007 Help ¸üР(KB963669)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669)
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Basque) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Catalan) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Galician) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (Chinese (Simplified)) 2007 (Version: 12.0.4518.1016)
Microsoft Office Proofing (Chinese (Traditional)) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Publisher MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Publisher MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word 2007 Help ¸üР(KB963665)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665)
Microsoft Office Word 2007 Help Actualización (KB963665)
Microsoft Office Word MUI (Chinese (Simplified)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Search Enhancement Pack (Version: 3.0.127.0)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669)
Mise à jour Microsoft Office Word 2007 Help  (KB963665)
Mozilla Firefox 28.0 (x86 en-US) (Version: 28.0)
Mozilla Maintenance Service (Version: 27.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.01.0000.00)
NetWorx 5.2.7
NVIDIA Drivers (Version: 1.4)
NVIDIA Install Application (Version: 2.1002.142.992)
NVIDIA Network Service (Version: 1.0)
NVIDIA PhysX (Version: 9.09.0203)
Oblivion - Horse Armor Pack (Version: 1.00.0000)
Oblivion - Mehrunes Razor (Version: 1.00.0000)
Oblivion - Orrery (Version: 1.00.0000)
Oblivion - Spell Tomes (Version: 1.00.0000)
Oblivion - The Fighter's Stronghold (Version: 1.00.0000)
Oblivion - Thieves Den (Version: 1.00.0000)
Oblivion - Vile Lair (Version: 1.00.0000)
Oblivion - Wizard's Tower (Version: 1.00.0000)
Oblivion (Version: 1.00.0000)
OpenOffice.org 3.1 (Version: 3.1.9420)
Picasa 2 (Version: 2.0)
Pokémon Trading Card Game Online (Version: 1.0.0)
PunkBuster Services (Version: 0.988)
Python 2.5.2 (Version: 2.5.2150)
Qtracker (Version: 4.91)
Quake 4™ Demo (Version: 1.0)
Quake III Arena Demo
Quake III Arena Point Release 1.32
Quake III: Team Arena Demo
Quake Live
Quake Live Mozilla Plugin (Version: 1.0.277)
QuickTime (Version: 7.68.75.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5667)
Return to Castle Wolfenstein Multiplayer DEMO (Version: Multiplayer DEMO)
Revo Uninstaller 1.93 (Version: 1.93)
Samsung SCX-4x21 Series
Seagate Manager Installer (Version: 2.01.0600)
SecureW2 EAP Suite 1.1.3 for Windows
Skulltag (Version: 98d)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.0 (Version: 5.0.156)
Speccy (Version: 1.25)
Steam
Synaptics Pointing Device Driver (Version: 10.1.8.0)
System Requirements Lab Detection (Version: 1.0.5.0)
TextPad 4.7 (Version: 4.7.2)
Unlocker 1.9.0 (Version: 1.9.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB 2.0 1.3M UVC WebCam
Vista Codec Package (Version: 5.4.9.5)
Warcraft II BNE
Winamp (Version: 5.56 )
WinDirStat 1.1.2
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
WinFlash
WinRAR archiver
Wireless Console 2 (Version: 2.0.10)
Wolfenstein - Enemy Territory
Wolfenstein (Version: 1.0)
Wolfenstein (Version: 1.2)
Wolfenstein Demo (Version: 1.0)
Wolfenstein™ 1.1 Patch
Wolfenstein™ 1.1 Patch  (Version: 1.1)
Wolfenstein™ 1.2 Patch
Wolfenstein™ 1.2 Patch  (Version: 1.2)
Wolfenstein™ Demo (Version: 1.0)
wxPython 2.8.7.1 (ansi) for Python 2.5 (Version: 2.8.7.1-ansi)
Xfire (remove only)
YDKJ The 5th Dementia
You Don't Know Jack - Sports 1.0 (Version: 1.0)
You Don't Know Jack - Volume 2 1.0 (Version: 1.0)
You Don't Know Jack - XL 1.0 (Version: 1.0)
You Don't Know Jack 4 1.00 (Version: 1.00)
YOU DON'T KNOW JACK Louder! Faster! Funnier!
YOU DON'T KNOW JACK Offline
YOU DON'T KNOW JACK Volume 3
You Don't Know Jack® (Version: 1.00.0000)
Yu-Gi-Oh! ONLINE 3 (Version: 1.00.3000)
Zandronum (Version: 1.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 3070.33 MB
Available physical RAM: 1351.77 MB
Total Pagefile: 6372.95 MB
Available Pagefile: 4908.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.1 MB

========================= Partitions: =====================================

1 Drive c: (VistaOS) (Fixed) (Total:116.44 GB) (Free:8 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:104.73 GB) (Free:19.8 GB) NTFS

========================= Users: ========================================

User accounts for \\GEORGEGAMINGPC

Administrator            ASPNET                   George                   
Guest                    

========================= Minidump Files ==================================

C:\Windows\Minidump\Mini021211-01.dmp
C:\Windows\Minidump\Mini030511-01.dmp
C:\Windows\Minidump\Mini052610-01.dmp
========================= Restore Points ==================================

21-04-2014 01:32:11 Scheduled Checkpoint
25-04-2014 01:16:27 Scheduled Checkpoint

**** End of log ****
 



#8 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 26 April 2014 - 01:59 AM

I want to add something as well.  I asked in the xp end of support thread about how I know if there is a virus in my computer if there isn't a telltale sign such as a FBI or RCMP screen that locks you out of your computer, or popups or web page redirects.  The ones where you don't know you have a virus are keyloggers or people who have complete control over your computer.  One of the signs is to look at network traffic.

 

I went into task manager, and when my computer is idle, the wireless network usage is at 0.15%.  Is it a bad thing, or is it normal?  Should it be at 0%?



#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:26 PM

Posted 26 April 2014 - 05:57 PM

Hi

Please do the following next:

:step1:

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

:step2:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

 
Note: Be sure to restart the computer.
 
The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step3:

I'd like us to scan your machine with ESET Online Scanner:
 
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
 
Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png  
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step4:

How is the computer running now?


Edited by dev00790, 26 April 2014 - 05:58 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 26 April 2014 - 07:37 PM

I wasn't paying attention to my laptop, so I don't know if it happened during the malwarebytes scan or after the scan, but I got a blue screen of death, with error code:

 

STOP: 0x000000F4 (0x00000003, 0x88907D90, 0x88907EDC, 0x8322CA60)

 

I am re-running the full scan, after a hard reset and I will post if it blue screens again, or if I can get the logs in.



#11 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 26 April 2014 - 09:10 PM

The malwarebytes scan is in the process of running for the second time.  At around 28 minutes in, I hear some loud clicking noises coming from within the laptop somewhere.  At around 56 minutes into the scan, I hear some clicking sounds, but they aren't a loud as before, but they sort of sounded the same.

 

Malwarebytes is still scanning right now.


Edited by signofzeta, 26 April 2014 - 09:10 PM.


#12 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 26 April 2014 - 09:33 PM

I hear clicking noises within the computer at around 1 hour 42 minutes into the scan.



#13 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 26 April 2014 - 10:25 PM

I just got a blue screen of death during the malwarebytes scan again.

The message is as follows:

 

 

A problem has been detected an windows has been shut down to prevent damage to your computer.

 

A process or thread crucial to system operation has unexpectedly exited or been terminated.

 

If this is the first time you've seen this stop error screen, restart your computer.  If this screen appears again, follow these steps:

 

Check to make sure any new hardware or software is properly installed.  If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need.

 

If problems continue, disable or remove any newly installed hardware or software.  Disable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove or disable components, restart your computer, press F8 to select Advanced startup Options, and then select Safe Mode.

 

Technical Information:

 

*** STOP: 0x000000F4 (0x00000003, 0x88AB3368, 0x88AB34B4, 0x83270A60)

 

Collecting data for crash dump...

Initializing disk for crash dump...

 

 

While I was retyping what it said on the blue screen into the post, the laptop has been constantly making clicking noises.  It stopped just before I finished typing this message.

 

If I restart the computer, everything seems back to normal, but the laptop always blue screens on me when I try to do a full malwarebytes scan, not a quick one.  During the scan, it detected 3 objects, but I couldn't remove them because the computer blue screened on me before the scan was finished.



#14 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 26 April 2014 - 11:09 PM

After doing a hard reset from the blue screen of death, I ran a quick malwarebytes scan, and it detected nothing.  The full scan detected 3 things, while the quick scan detected nothing.  The full scan does not complete because the computer blue screens.

 

The same thing happens when I run a chkdsk scan too.  The computer makes clicking noises during the scan, and the computer blue screens on me as well, but it shows a different error message.

 

Should I go straight into the ESET scan, or is there anything else out there that could detect these 3 malware that malwarebytes detected but couldn't remove because my laptop blue screens on me before the scan is finished?

 

The full scan took around 2 hours and 30 to 40 minutes before the laptop blue screened.


Edited by signofzeta, 26 April 2014 - 11:14 PM.


#15 signofzeta

signofzeta
  • Topic Starter

  • Members
  • 421 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 27 April 2014 - 12:32 AM

I can't get the Malwarebytes to finish the full scan before it blue screens, and I don't want to go to the ESET step unless you can confirm I can go to that step.

 

At least I have the AdwCleaner[S0] log

 

 

# AdwCleaner v3.204 - Report created 26/04/2014 at 18:16:37
# Updated 26/04/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : George - GEORGEGAMINGPC
# Running from : C:\Users\George\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\BasicScan
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Users\George\AppData\Local\SanctionedMedia
Folder Deleted : C:\Users\George\AppData\Local\Temp\AI_RecycleBin
Folder Deleted : C:\Users\George\AppData\Roaming\DefaultTab
File Deleted : C:\Users\George\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\sbtdhcwb.default\.autoreg
File Deleted : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\searchplugins\search.xml
File Deleted : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B39D87F9-292C-48B6-B9DF-477C406D5DF7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\cacaoweb
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\SanctionedMedia
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6002.18005


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\sbtdhcwb.default\prefs.js ]


[ File : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\tkl96nqs.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [4021 octets] - [25/04/2014 19:21:33]
AdwCleaner[R1].txt - [4081 octets] - [25/04/2014 19:39:54]
AdwCleaner[R2].txt - [4151 octets] - [26/04/2014 18:15:01]
AdwCleaner[S0].txt - [4154 octets] - [26/04/2014 18:16:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4214 octets] ##########
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users