Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Backdoor.win64.Generic


  • Please log in to reply
15 replies to this topic

#1 MML

MML

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 11 June 2014 - 12:57 PM

Hello (again, ugh)

 

I was on Twitter, browsing as per usual, and one of the websites I follow was hijacked (it was part of that massive Tweetdeck hacking),.  The Tweet had raw html for a table in the background and my virus protection either didn't catch it or only caught most of it.  

 

The warning that the Kaspersky Protection on my (apparently currently infected, Windows 7 running Compaq Presario) laptop is giving me is for Backdoor.win64.Generic.  My virus protection continues to swear it's quarantined it but it keeps popping up as an extant infection when I reboot.  

 

Thank you - M

 

(Edited for clarity - I promise I have a brain!)


Edited by MML, 11 June 2014 - 04:33 PM.


BC AdBot (Login to Remove)

 


m

#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:04 PM

Posted 11 June 2014 - 05:28 PM

Hello -

Just run these 2 quick scans and Copy and Paste their results back here.

 

First -

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

RKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed RKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
* If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. RKill.txt log will also be present on your desktop.

 

 

Second -

Now: Please download AdwCleaner by Xplode and save to your Desktop.
NOTE : Please close or save all work, as the computer will be Rebooted
Double-click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button. (only once)
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. 
If you see any which you do not want removed, untick the check mark next to it. 
Next:

Click on the Clean button (only once) to remove the selected items. 
You will receive a message telling you that all programs will be close so that the infections can be removed. 
Click on OK, and then OK again to confirm the reboot.
When cleaning process is complete a log (AdwCleaner[S0].txt ) of what was removed will be on your desktop. 
Please copy and the paste this log in your next post.

A copy of all logfiles are also saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

Please post back the 2 scan results and if your Antivirus (Kaspersky) still reacts in the same way -



#3 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 11 June 2014 - 05:45 PM

Am on it right now! 

 

RKill:

 

Rkill 2.6.6 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 06/11/2014 07:21:48 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
AdWare: Got a pop-up reading "C:\\Windows\SysWOW64\sqlite3.dll is either not designed to run on windows or it contains an error.  Try installing the program again using the original installation media or contact your system administrator or the software vendor for support."
 
# AdwCleaner v3.212 - Report created 11/06/2014 at 19:49:32
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : melissa - ASHANDSHEILA
# Running from : C:\Users\melissa\Desktop\AdwCleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : C:\ProgramData\Alawar Stargaze
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Google Chrome v
 
[ File : C:\Users\melissa\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1013 octets] - [11/06/2014 19:49:32]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1073 octets] ##########
 
 
And now rebooting!

Edited by MML, 11 June 2014 - 07:17 PM.


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:04 PM

Posted 11 June 2014 - 06:49 PM

This may be the infection that is blocking it ..... The reason for 2 versions.

 

Also read How To Temporarily Disable Your Anti-virus if this is causing a problem.



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:04 PM

Posted 11 June 2014 - 07:38 PM

Sorry -

Missed your post, so I posted above .....

 

Re-open AdwCleaner and Click on the Clean button (only once) to remove the above selected items. 
You will receive a message telling you that all programs will be close so that the infections can be removed. 
Click on OK, and then OK again to confirm the reboot.
When cleaning process is complete a log (AdwCleaner[S0].txt ) of what was removed will be on your desktop. 
Please copy and the paste this log in your next post.

A copy of all logfiles are also saved in the C:\AdwCleaner folder which was created when running the tool.


Edited by noknojon, 11 June 2014 - 07:48 PM.


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:04 PM

Posted 11 June 2014 - 07:53 PM

Regarding the sqlite3.dll error.
Did you install Skype on this Computer.

This is the best reference I could find.

http://community.skype.com/t5/Windows-desktop-client/Sqlite3-dll-file-showing-on-desktop/td-p/1907151
===

Lets quickly find out more about this file.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2


If your operating system is 64 bit download this tool:
SystemLook_x64.exe <<< NOTEYour Version (skip the 2 downloads above and only use this one)

  • Double-click SystemLook.exe
  • to run it.
  • Copy and paste the content of the following bold text only into the main textfield:
  • ===================
    :filefind
    sqlite3.dll

    ====================
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop entitled SystemLook.txt.


#7 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 11 June 2014 - 08:43 PM

Nope, I don't Skype at all on this one!  Actually have my cam taped over and my mic disabled on it.

The good news is, after another removal and a reboot (and updating my windows), Kaspersky is in the green! :) I can re-run AdAware with my VP disabled, if you wish though! 

 

And here's the Systemlook info!

 

SystemLook 30.07.11 by jpshortstuff
Log created at 22:18 on 11/06/2014 by melissa
Administrator - Elevation successful
 
========== filefind ==========
 
Searching for "sqlite3.dll"
C:\Program Files (x86)\CyberLink\MediaShow5\Koan\sqlite3.dll ------- 263264 bytes [06:45 31/12/2009] [06:45 31/12/2009] 4E9C0C3568B406813E025016D708F548
C:\Program Files (x86)\CyberLink\YouCam\Koan\sqlite3.dll ------- 263264 bytes [05:34 12/01/2010] [05:34 12/01/2010] 4E9C0C3568B406813E025016D708F548
C:\Windows\SysWOW64\sqlite3.dll --a---- 527360 bytes [23:59 11/06/2014] [12:34 30/08/2010] F363F004F677C5F77248E3FE7D9E1621
 
-= EOF =-

Edited by MML, 11 June 2014 - 09:50 PM.


#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:04 PM

Posted 11 June 2014 - 09:22 PM

Actually have my cam taped over and my mic disabled on it << Many people do this for infections that spy on you .......

Sounds like you are clear for now and it has gone ...........

 

I will watch for a few days to see if you have any other problems.

 

Is that OK ??



#9 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 11 June 2014 - 09:52 PM

I definitely will - also posted my Syslook Info on that file, if it needs looking into!

 

Absolutely is, and is working as normal as far as I can tell!


Edited by MML, 11 June 2014 - 09:53 PM.


#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:04 PM

Posted 11 June 2014 - 10:40 PM

sqlite3.dll << seemed to check out from the results you left, and I will not worry unless you get more errors.

 

Sorry but it takes me a bit of time to follow the links that you leave, but I am still here -

 

All of those numbers are correct as a normal M/soft .dll file from what I can find .....



#11 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 13 June 2014 - 04:58 AM

OK!

 

Past 24 hours and it seems to be running smoothly; the only thing I've experienced is a crash noted by my Soluto software of an ie exe.  I don't have internet explorer so it might have been a Microsoft component? 



#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:04 PM

Posted 13 June 2014 - 06:06 AM

Badly written and not very descriptive introductions to programs are usually a sign of a crappy program.

 

From Soluto:

 

Soluto is a ?? "Anti-Frustration Software" ?? that combines low-level technology with collective user wisdom to detect PC users' frustrations, reveal their causes, and learn which actions really eliminate them to improve user experience.

 

All this data is gathered in "Soluto's PC Genome" ??, a knowledgebase of frustrations and solutions built automatically through the usage of Soluto software, for the benefit of all PC users.

 

Sounds like an Optimizer type program that can cause more harm than good -


Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons.


Why you should not use Registry Cleaners and Optimization Tools

 

These types of junk programs are often considered Potentially Unwanted Programs (PUPs).



#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:04 PM

Posted 13 June 2014 - 06:17 AM

I will be away for a couple of days, (long weekend) but can you run these at your leisure -

 

You will have I.E. installed as you have a Microsoft Operating System. It can be Disabled, but it is there .......

Make sure Updates are ENABLED, and install them..

 

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

Next -

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
Click Go and copy / paste the result (Result.txt).



#14 MML

MML
  • Topic Starter

  • Members
  • 241 posts
  • OFFLINE
  •  
  • Local time:03:04 AM

Posted 21 June 2014 - 04:10 AM

Huh, well - I was asked to install the tool by someone with BC back when I was having overheating issues.

 

Security check is currently paused at "Performing System Health Check"

 

Results for mini toolbox:

 

MiniToolBox by Farbar  Version: 25-11-2012
Ran by melissa (administrator) on 21-06-2014 at 04:50:33
Running from "C:\Users\melissa\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/20/2014 01:17:37 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/18/2014 10:43:48 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/16/2014 10:53:53 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/15/2014 07:12:34 PM) (Source: Windows Backup) (User: )
Description: Backup did not complete successfully because a shadow copy could not be created. Free up disk space on the drive that you are backing up by deleting unnecessary files and then try again.
 
Error: (06/13/2014 07:21:45 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/13/2014 00:20:27 AM) (Source: Application Hang) (User: )
Description: The program avp.exe version 13.0.1.4359 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: f28
 
Start Time: 01cf85e0c627bc3d
 
Termination Time: 9701
 
Application Path: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
 
Report Id: 9e421ce1-f2b1-11e3-9367-c80aa996553e
 
Error: (06/11/2014 10:01:13 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/11/2014 09:22:45 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/11/2014 09:04:01 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/10/2014 03:20:16 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
 
System errors:
=============
Error: (06/20/2014 01:12:25 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.
 
Error: (06/20/2014 01:06:27 PM) (Source: Service Control Manager) (User: )
Description: The HP Quick Synchronization Service service failed to start due to the following error: 
%%2
 
Error: (06/20/2014 04:40:05 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the sftlist service.
 
Error: (06/20/2014 04:39:31 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hpqwmiex service.
 
Error: (06/19/2014 10:20:33 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (06/19/2014 00:26:42 PM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
 
Error: (06/19/2014 00:21:30 PM) (Source: DCOM) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
 
Error: (06/19/2014 11:57:44 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SolutoService service.
 
Error: (06/19/2014 11:57:14 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SolutoService service.
 
Error: (06/19/2014 11:56:25 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SolutoService service.
 
 
Microsoft Office Sessions:
=========================
Error: (06/20/2014 01:17:37 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/18/2014 10:43:48 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/16/2014 10:53:53 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/15/2014 07:12:34 PM) (Source: Windows Backup)(User: )
Description: The creation of a shadow copy has timed out. Try this operation again. (0x81000101)
 
Error: (06/13/2014 07:21:45 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/13/2014 00:20:27 AM) (Source: Application Hang)(User: )
Description: avp.exe13.0.1.4359f2801cf85e0c627bc3d9701C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe9e421ce1-f2b1-11e3-9367-c80aa996553e
 
Error: (06/11/2014 10:01:13 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/11/2014 09:22:45 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/11/2014 09:04:01 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (06/10/2014 03:20:16 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0061-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-19 11:30:44.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-19 11:30:44.726
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-19 11:30:44.710
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-19 11:30:44.554
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-19 11:30:44.554
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-19 11:30:44.554
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-11 08:19:34.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-11 08:19:34.877
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-11 08:19:34.778
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-11 08:19:34.044
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
1st Page 2000 2.00 Free
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.1.82.76)
Adobe Reader XI (11.0.07) (Version: 11.0.07)
Adobe Shockwave Player (Version: 11.5.1.601)
AIM 7
AIM for Windows
Alien Outbreak 2 (Version: 2.2.0.95)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0405.2205.37728)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
AMD USB Filter Driver (Version: 1.0.15.94)
AMD VISION Engine Control Center (Version: 2012.0405.2205.37728)
Angry Birds Space (Version: 1.0.0)
Atheros Driver Installation Program (Version: 9.2)
Bejeweled (Version: 2.2.0.95)
Bejeweled 2 Deluxe 1.1 (Version: 1.1)
Bejeweled 3 (Version: 2.2.0.95)
Bejeweled Twist
Bejeweled Twist (Version: 2.2.0.95)
Bing Bar (Version: 7.0.609.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Boulder Dash - Pirates Quest (Version: 2.2.0.95)
BurgerTime Deluxe (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2010.0310.1824.32984)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility64 (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
CinemaNow Media Manager (Version: 1.9.1.105)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Crystal Cave Classic (Version: 2.2.0.95)
CyberLink DVD Suite (Version: 7.0.2527)
CyberLink MediaShow (Version: 5.0.1307)
CyberLink YouCam (Version: 3.0.2511)
D3DX10 (Version: 15.4.2368.0902)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Google Chrome (Version: 35.0.1916.153)
Google Update Helper (Version: 1.3.24.15)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
HiJackThis (Version: 1.0.0)
HP Advisor (Version: 3.4.12850.3526)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.2.5)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP Photo Creations (Version: 1.0.0.2261)
HP Power Plan Utility (Version: 1.0.6)
HP Setup (Version: 1.2.3988.3281)
HP Software Framework (Version: 4.0.108.1)
HP Support Assistant (Version: 7.0.39.15)
HP Update (Version: 5.001.000.014)
HP User Guides 0178 (Version: 1.02.0000)
HP Wireless Assistant (Version: 4.0.4.2)
Internet TV for Windows Media Center (Version: 4.2.2.0)
Ipswitch WS_FTP Home 2007 (Version: 11.00.000)
Jasc Animation Shop 3 (Version: 3.11)
Jasc Paint Shop Pro 9 (Version: 9.00.0000)
Java 7 Update 60 (Version: 7.0.600)
Java Auto Updater (Version: 2.1.60.19)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190)
LabelPrint (Version: 2.5.2515)
LightScribe System Software (Version: 1.18.20.1)
Malwarebytes Anti-Malware version 2.0.2.1012 (Version: 2.0.2.1012)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Student 2010 - English (Version: 14.0.5123.5002)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Namco All-Stars: DIG DUG (Version: 2.2.0.95)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
Norton Online Backup (Version: 2.0.0.34)
Peggle Deluxe 1.0 (Version: 1.0)
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies
Power2Go (Version: 6.1.3715)
PowerDirector (Version: 8.0.2514)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6206)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30113)
Recovery Manager (Version: 5.5.2512)
Roxio CinemaNow 2.0 (Version: 1.0.262)
RtVOsd (Version: 1.0.6)
Soluto (Version: 1.3.1095.0)
Speccy (Version: 1.16)
Super Yum Yum: Puzzle Adventures (Version: 2.2.0.97)
SUPERAntiSpyware (Version: 5.0.1146)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
Update Installer for WildTangent Games App
WildTangent Games App (HP Games) (Version: 4.0.5.31)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Yahoo! Install Manager
Yahoo! Software Update
Yahoo! Toolbar
Zuma's Revenge!
Zuma Deluxe 1.0.0.0 (Version: 1.0.0.0)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 89%
Total physical RAM: 1786.9 MB
Available physical RAM: 195.17 MB
Total Pagefile: 5902.43 MB
Available Pagefile: 858.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3986.98 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:219.02 GB) (Free:131.9 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:13.57 GB) (Free:1.94 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\ASHANDSHEILA
 
Administrator            Guest                    melissa                  
 
 
**** End of log ****


#15 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:04 PM

Posted 21 June 2014 - 07:39 AM

I can see from the majority of errors that you must be having internet problems, but can you please add more information.

 

>> Percentage of memory in use: 89% << This is nearing (or over) maximum and your system may (will) start freezing again.
Try to not let it get over 70% in the future and the computer will run much smoother.
 
You need to reduce your installed programs / data, as your system is "not managing" with your programs.
Start with Soluto (Version: 1.3.1095.0), as I can see little use for it on your system, and it should have told you of this problem.
 
Any programs you want to keep or data you wish to store should be downloaded to CDs or USB sticks, or even transferred to an External Hard drive.
 
I try to keep my memory in use at no more than 50%, and have very few bad errors.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users