Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think my browser is being redirected


  • Please log in to reply
46 replies to this topic

#1 MitziNadine

MitziNadine

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 01:52 PM

Hi,

 

I am returning to this marvelous site.  I have received excellent help in the past, and now need help with a new problem.

 

I have Norton Suite provided from my ISP, but it is not correcting the problem which appears to be connected to search engines of the Internet Explorer. 

 

I have purchased the Malwarebytes Premium program, which also is not correcting the problem. 

 

I have seen references from Norton saying it has removed various files, but the problem remains.

 

It has been a while since I was last here, so I am not exactly sure how to proceed.  I need help though.

 

Thank you,

 

MitziNadine



BC AdBot (Login to Remove)

 


m

#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,477 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:57 PM

Posted 18 November 2014 - 07:30 PM

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.3.1.2183.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 08:09 PM

Hi Broni,

Thank you for getting to me so quickly.

Here is a copy of the Security Check document. I shall go download and follow instructions from the rest of your post. Thanks lots.
MitziNadine

Results of screen317's Security Check version 0.99.90
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Security Suite
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java version out of Date!
Adobe Reader XI
Google Chrome (38.0.2125.104)
Google Chrome (38.0.2125.111)
Google Chrome (chrome.exe..)
Google Chrome (master_preferences...)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

#4 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 08:20 PM

Farbar Service Scanner Version: 21-07-2014
Ran by Bob Schultz (administrator) on 18-11-2014 at 19:18:06
Running from "C:\Users\Bob Schultz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY5CPHFN"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
IE proxy is enabled.
ProxyServer: http=127.0.0.1:8000;https=127.0.0.1:8000

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****



#5 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 08:28 PM

MiniToolBox by Farbar Version: 21-07-2014
Ran by Bob Schultz (administrator) on 18-11-2014 at 19:25:36
Running from "C:\Users\Bob Schultz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9WVU6UOV"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is enabled.
ProxyServer: http=127.0.0.1:8000;https=127.0.0.1:8000
========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection 2 (Disconnected)
Atheros AR9485WB-EG Wireless Network Adapter = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : BobSchultz-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) #2
Physical Address. . . . . . . . . : 30-85-A9-10-B1-5A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9485WB-EG Wireless Network Adapter
Physical Address. . . . . . . . . : DC-85-DE-21-D1-E9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1440:8dc5:b6c7:f8f%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, November 18, 2014 6:55:27 PM
Lease Expires . . . . . . . . . . : Wednesday, November 19, 2014 6:55:27 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 352323786
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-EE-89-E4-C8-60-00-4B-91-E3
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4001:c08::8a
74.125.70.100
74.125.70.138
74.125.70.101
74.125.70.102
74.125.70.139
74.125.70.113


Pinging google.com [74.125.192.100] with 32 bytes of data:
Reply from 74.125.192.100: bytes=32 time=43ms TTL=47
Reply from 74.125.192.100: bytes=32 time=36ms TTL=47

Ping statistics for 74.125.192.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 43ms, Average = 39ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=85ms TTL=51
Reply from 206.190.36.45: bytes=32 time=64ms TTL=51

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 85ms, Average = 74ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...30 85 a9 10 b1 5a ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) #2
12...dc 85 de 21 d1 e9 ......Atheros AR9485WB-EG Wireless Network Adapter
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::1440:8dc5:b6c7:f8f/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/18/2014 00:23:56 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16843 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1034

Start Time: 01d0035c299f7c60

Termination Time: 40

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (11/18/2014 11:44:05 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/18/2014 11:44:05 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/18/2014 11:35:55 AM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL

Error: (11/18/2014 11:35:48 AM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

Error: (11/18/2014 10:03:32 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/18/2014 10:03:32 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/18/2014 09:55:36 AM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL

Error: (11/18/2014 09:55:32 AM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

Error: (11/18/2014 09:22:35 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered
.


Operation:
Instantiating VSS server


System errors:
=============
Error: (11/18/2014 06:55:26 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (11/18/2014 05:20:14 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (11/18/2014 00:05:01 PM) (Source: DCOM) (User: BobSchultz-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BobSchultz-PCBob SchultzS-1-5-21-762018629-1637331444-3930530811-1001LocalHost (Using LRPC)

Error: (11/18/2014 11:51:40 AM) (Source: DCOM) (User: BobSchultz-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BobSchultz-PCBob SchultzS-1-5-21-762018629-1637331444-3930530811-1001LocalHost (Using LRPC)

Error: (11/18/2014 11:44:04 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (11/18/2014 11:41:54 AM) (Source: DCOM) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/18/2014 11:41:17 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (11/18/2014 10:36:40 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (11/18/2014 10:03:31 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (11/18/2014 10:00:57 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (11/18/2014 00:23:56 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE10.0.9200.16843103401d0035c299f7c6040C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (11/18/2014 11:44:05 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/18/2014 11:44:05 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/18/2014 11:35:55 AM) (Source: WinMgmt)(User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL

Error: (11/18/2014 11:35:48 AM) (Source: WinMgmt)(User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

Error: (11/18/2014 10:03:32 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/18/2014 10:03:32 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/18/2014 09:55:36 AM) (Source: WinMgmt)(User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL

Error: (11/18/2014 09:55:32 AM) (Source: WinMgmt)(User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

Error: (11/18/2014 09:22:35 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040154, Class not registered


Operation:
Instantiating VSS server



=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.4.42.69356 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.4.42.69356 - Alcor Micro Corp.) Hidden
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.23 - ASUS)
ASUS Fan Filter Checker (HKLM-x32\...\{2B0E8920-47D0-4F4D-BE03-76397409B837}) (Version: 1.0.0001 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
AsusScr_G75 Series_ENG (HKLM-x32\...\AsusScr_G75 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0016 - ASUS)
Best Buy pc app (Version: 3.3.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.3.0.0 - Best Buy) Hidden
Bing Bar (HKLM-x32\...\{A302C3E1-A26A-4141-BC1E-2C4F90D2153F}) (Version: 7.3.126.0 - Microsoft Corporation)
Calendar Creator (HKLM-x32\...\{AB73CF18-528A-4E18-83B2-380CD0BC8EA7}) (Version: - )
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Elevated Installer (x32 Version: 3.2.18.0 - Garmin Ltd or its subsidiaries) Hidden
GameFast.exe (HKLM\...\GameFast_is1) (Version: 1.0.0.1 - ASUSTEK Computer Inc)
Garmin Express (HKLM-x32\...\{22939821-cd61-449c-8a03-cff0af03c156}) (Version: 3.2.18.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.18.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.18.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.2.0 - ASUS)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KeepMySettingsX (HKLM-x32\...\KeepMySettingsX) (Version: - InstallX, LLC)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 (HKLM-x32\...\PictureIt_POD_v9) (Version: 9.00.0000 - Microsoft Corporation)
Microsoft Digital Image Library 9 (x32 Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Digital Image Pro 9 (HKLM-x32\...\PictureIt_v9) (Version: 9.0.0.0000 - Microsoft Corporation)
Microsoft Digital Image Pro 9 (x32 Version: 9.0.0.0000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Streets and Trips 2004 (HKLM-x32\...\{8704D51E-25B7-4F23-81E7-AA4F54790210}) (Version: 11.00.18.1900 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Word 2000 (HKLM-x32\...\{00170409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{911B0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Works 2000 (HKLM-x32\...\{56364334-9530-11D2-BFFC-00C04FA329AA}) (Version: 1.0.0.0000 - Microsoft Corporation)
Microsoft Works 2003 Setup Launcher (HKLM-x32\...\Works2003Setup) (Version: - )
Microsoft Works Suite Add-in for Microsoft Word (HKLM-x32\...\{7EE9DE0D-9228-4C33-B80E-FDD1773600DF}) (Version: 2.0.0.0000 - Microsoft Corporation)
Monopoly Here & Now Edition (HKLM-x32\...\Monopoly Here & Now Edition) (Version: - )
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA 3D Vision Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Control Panel 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
Rotation Desktop for G Series.exe (HKLM\...\Rotation Desktop for G Series_is1) (Version: 1.1.2.0 - ASUSTEK Computer Inc)
Roxio AACS Certificate (x32 Version: 1.0.0 - Roxio) Hidden
Roxio CinePlayer (HKLM-x32\...\{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}) (Version: 5.8.58233.4 - Roxio)
Roxio CinePlayer (x32 Version: 5.8 - Roxio) Hidden
Sammsoft Toolbar (HKLM-x32\...\{5853442D-5637-006A-76A7-A758B70C0A06}) (Version: 12.10.6.5279 - APN, LLC)
Sheet Music Plus Digital Print (HKLM-x32\...\com.sheetmusicplus.DigitalAirPrint2) (Version: v2014.02.21 - Sheet Music Plus, LLC)
Sheet Music Plus Digital Print (x32 Version: 255.02.21 - Sheet Music Plus, LLC) Hidden
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.43.0 - Synaptics Incorporated)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
Word in Works Suite add-in (HKLM-x32\...\{0DB93918-2A77-11D3-805A-00C04FA329AA}) (Version: 1.0.0.0000 - Microsoft Corporation)
Works Suite OS Pack (x32 Version: 3.0.0.0000 - Microsoft Corporation) Hidden

========================= Devices: ================================

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 8151.91 MB
Available physical RAM: 5424.16 MB
Total Pagefile: 16301.99 MB
Available Pagefile: 13306.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3985.15 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:400 GB) (Free:334.82 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:506.51 GB) (Free:505.63 GB) NTFS
3 Drive e: (Monopoly HNE) (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS
4 Drive g: (VERBATIM) (Removable) (Total:7.38 GB) (Free:6.95 GB) FAT32

========================= Users: ========================================

User accounts for \\BOBSCHULTZ-PC

Administrator Bob Schultz Guest

========================= Restore Points ==================================

15-11-2014 20:40:47 Uniblue DriverScanner installation
16-11-2014 14:56:19 Removed ChocolateBar by We-Care.com v1.0.1.0
17-11-2014 16:59:16 Removed Java 7 Update 71
18-11-2014 14:03:34 Windows Modules Installer

**** End of log ****

#6 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 09:06 PM

Hi Broni,

 

There were no threats this time.  I will post the log anyway.  If you wish, I can copy the History log, which I ran earlier today.  It has a long list in Quarantine  Here is the moat recent one.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/18/2014
Scan Time: 7:39:18 PM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.18.09
Rootkit Database: v2014.11.18.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Bob Schultz

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 319329
Time Elapsed: 14 min, 57 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)



#7 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 09:39 PM

Hi,

I don't think the MBAR program worked or maybe I did something wrong. Those files are not in the Desktop. There is a MBAR folder, but no file with the date and *txt

There is a file inside the MBAR folder named "System log" and indicates that it is a text document, it has only this small amount of text in a notepad:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.1.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16844

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 8547893248, free: 5479407616

Downloaded database version: v2014.11.18.09
Downloaded database version: v2014.11.18.01
=======================================
Initializing...
This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue.

I will try again.
=======================================

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,477 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:57 PM

Posted 18 November 2014 - 09:45 PM

This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue.

 

Right click on MBAM systray icon and click "Exit".


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 09:52 PM

Hi,

 

When the program said to completely exit the MBAM program, there was no open application in the tray. 

 

The Cleanup box said Scan Failed.

 

The Norton Anti virus has come back on as it has been over 1 hour.  Maybe that caused the problem.  I have shut down the Norton program, and will try once more.

 

Thanks,



#10 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 09:57 PM

Hi Broni,

The same thing happened again. Could it be that the MBAM program runs all the time just like the Norton Program?

#11 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 09:59 PM

I will continue with your instructions, and get back to this one.

 

Thnaks



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,477 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:57 PM

Posted 18 November 2014 - 09:59 PM

Check Task Manager for running MBAM.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 10:03 PM

I don't know how to find the Task Manager.  At one time I could get it by pulling the curser from the tray into the screen, but that doesn't work any more.



#14 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 10:04 PM

Oh,  It did work just now.  The only think in it is Email program



#15 MitziNadine

MitziNadine
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Local time:03:57 PM

Posted 18 November 2014 - 10:06 PM

In the "Processes" tab there are a lot of things listed and MBAM is one of them.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users