Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search settings notification windows 7


  • Please log in to reply
29 replies to this topic

#1 reggiereg

reggiereg

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 31 August 2011 - 10:51 AM

Hi all,

Perhaps I’m paranoid, but I’ve been experiencing a few untoward things lately, and would really appreciate for someone’s help in checking that I’m not infected with any nasty’s.

Possible problem:

Each time I reboot the computer a windows alert window comes up saying that “Search settings notification - a program was blocked from changing your default search settings”.
I clicked on the notification and it took me to a “search settings” window that gave me two check boxes.

1) protect my browser default search settings and notify me of any attempts to change it (ticked) and 2) enable browser network error assistant page (ticked).

Also the computer rebooted yesterday unexpectedly, just after it had booted up

Here’s what I’ve done so far:

- Computer: Windows 7 home Premium (fully up to date), I5 processor with 6GB RAM
- Ran a chkdsk (no problems found)
- Updated java
- Updated flash player
- Ran advance system care v4.1.0 free; cleaned what it told me to
- Disabled all real time protection software
- Ran full scan SUPERAntispyware; cleaned what it told me to (all tracking cookies)
- Ran full scan Malwarebytes’ anti-malware (nothing found)
- Ran full scan on Microsoft security essentials (nothing found)
- Ran full scan on Spybot search and destroy – found tracking cookies which I let it remove
- enabled all real time protection software

I hope you can help check if I'm virus free,

thanks in advance,

Reggie.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:21 PM

Posted 31 August 2011 - 11:33 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 01 September 2011 - 02:21 AM

hi Broni,

I have done as you suggested and here are the results:

Results of screen317's Security Check version 0.99.7
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ZoneAlarm
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

MVPS Hosts File
Malwarebytes' Anti-Malware
Duplicate Cleaner 2.0.6
Java™ 6 Update 27
Out of date Java installed!
Adobe Flash Player 10.3.183.7
Adobe Reader X (10.1.0)
Mozilla Firefox (x86 en-US..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Spybot Teatimer.exe is disabled!
Microsoft Security Essentials msseces.exe
Emsisoft Anti-Malware a2service.exe
Microsoft Security Client Antimalware MsMpEng.exe
IObit IObit Malware Fighter IMFsrv.exe
Zone Labs ZoneAlarm zlclient.exe
``````````End of Log````````````


-------------------------------------------------------------------------------------------------------------


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7626

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

01/09/2011 07:44:43
mbam-log-2011-09-01 (07-44-43).txt

Scan type: Quick scan
Objects scanned: 176857
Time elapsed: 2 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
---------------------------------------------------------------------------------------------------
MiniToolBox by Farbar
Ran by Dom (administrator) on 01-09-2011 at 07:41:41
Windows 7 Home Premium (X64)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15041 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?)) subinterface=ethernet_6 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : vaio
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 78-84-3C-CF-64-83
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 4C-0F-6E-F7-AB-97
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6c82:b08c:d26c:393a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 01 September 2011 06:17:11
Lease Expires . . . . . . . . . . : 02 September 2011 06:23:55
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 184559198
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-66-8B-4F-78-84-3C-CF-64-83
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F3593B11-7940-4EF9-BF6F-C86A919D5698}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{423D4F55-13A2-4D2E-BBDA-A1774A136043}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 209.85.169.104
209.85.169.99
209.85.169.106
209.85.169.103
209.85.169.105
209.85.169.147


Pinging google.com [209.85.227.103] with 32 bytes of data:
Reply from 209.85.227.103: bytes=32 time=58ms TTL=52
Reply from 209.85.227.103: bytes=32 time=35ms TTL=52

Ping statistics for 209.85.227.103:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 58ms, Average = 46ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 67.195.160.76
69.147.125.65
72.30.2.43
98.137.149.56
209.191.122.70


Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=197ms TTL=47
Reply from 98.137.149.56: bytes=32 time=185ms TTL=47

Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 185ms, Maximum = 197ms, Average = 191ms

Pinging 127.0.0.1 with 32 bytes of data:
Request timed out.
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...78 84 3c cf 64 83 ......Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
11...4c 0f 6e f7 ab 97 ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::6c82:b08c:d26c:393a/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/01/2011 06:30:47 AM) (Source: Application Error) (User: )
Description: Faulting application name: CALMAIN.exe, version: 8.1.0.14, time stamp: 0x433d11f9
Faulting module name: msvcrt.dll, version: 7.0.7600.16385, time stamp: 0x4a5bda6f
Exception code: 0xc0000005
Fault offset: 0x00009966
Faulting process id: 0x11b4
Faulting application start time: 0xCALMAIN.exe0
Faulting application path: CALMAIN.exe1
Faulting module path: CALMAIN.exe2
Report Id: CALMAIN.exe3

Error: (08/31/2011 09:56:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: CALMAIN.exe, version: 8.1.0.14, time stamp: 0x433d11f9
Faulting module name: msvcrt.dll, version: 7.0.7600.16385, time stamp: 0x4a5bda6f
Exception code: 0xc0000005
Fault offset: 0x00009966
Faulting process id: 0x8ac
Faulting application start time: 0xCALMAIN.exe0
Faulting application path: CALMAIN.exe1
Faulting module path: CALMAIN.exe2
Report Id: CALMAIN.exe3

Error: (08/31/2011 08:48:30 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (08/31/2011 08:48:30 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (08/31/2011 08:48:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: CALMAIN.exe, version: 8.1.0.14, time stamp: 0x433d11f9
Faulting module name: msvcrt.dll, version: 7.0.7600.16385, time stamp: 0x4a5bda6f
Exception code: 0xc0000005
Fault offset: 0x00009966
Faulting process id: 0x12e4
Faulting application start time: 0xCALMAIN.exe0
Faulting application path: CALMAIN.exe1
Faulting module path: CALMAIN.exe2
Report Id: CALMAIN.exe3

Error: (08/31/2011 05:49:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/31/2011 02:52:24 PM) (Source: Application Hang) (User: )
Description: The program VAIO Gate.exe version 2.4.0.6160 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 968

Start Time: 01cc67d8a4695e79

Termination Time: 187

Application Path: C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

Report Id: 6c78f06d-d3d8-11e0-b72c-90004ef36b93

Error: (08/31/2011 02:45:17 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 6.0.1.4259 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1dd4

Start Time: 01cc67e29f8225f9

Termination Time: 14

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 6e4c1883-d3d7-11e0-b72c-90004ef36b93

Error: (08/30/2011 04:12:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: CALMAIN.exe, version: 8.1.0.14, time stamp: 0x433d11f9
Faulting module name: msvcrt.dll, version: 7.0.7600.16385, time stamp: 0x4a5bda6f
Exception code: 0xc0000005
Fault offset: 0x00009966
Faulting process id: 0xd84
Faulting application start time: 0xCALMAIN.exe0
Faulting application path: CALMAIN.exe1
Faulting module path: CALMAIN.exe2
Report Id: CALMAIN.exe3

Error: (08/28/2011 09:44:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: CALMAIN.exe, version: 8.1.0.14, time stamp: 0x433d11f9
Faulting module name: msvcrt.dll, version: 7.0.7600.16385, time stamp: 0x4a5bda6f
Exception code: 0xc0000005
Fault offset: 0x00009966
Faulting process id: 0x10b0
Faulting application start time: 0xCALMAIN.exe0
Faulting application path: CALMAIN.exe1
Faulting module path: CALMAIN.exe2
Report Id: CALMAIN.exe3


System errors:
=============
Error: (09/01/2011 06:30:47 AM) (Source: Service Control Manager) (User: )
Description: The Canon Camera Access Library 8 service terminated unexpectedly. It has done this 1 time(s).

Error: (09/01/2011 06:19:44 AM) (Source: DCOM) (User: LOCAL SERVICE)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (09/01/2011 06:17:59 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/31/2011 09:56:22 PM) (Source: Service Control Manager) (User: )
Description: The Canon Camera Access Library 8 service terminated unexpectedly. It has done this 1 time(s).

Error: (08/31/2011 09:01:54 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/31/2011 08:48:30 PM) (Source: Service Control Manager) (User: )
Description: The Canon Camera Access Library 8 service terminated unexpectedly. It has done this 1 time(s).

Error: (08/31/2011 08:17:07 PM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/31/2011 08:16:43 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/31/2011 04:59:11 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (08/31/2011 04:59:10 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.


Microsoft Office Sessions:
=========================
Error: (09/01/2011 06:30:47 AM) (Source: Application Error)(User: )
Description: CALMAIN.exe8.1.0.14433d11f9msvcrt.dll7.0.7600.163854a5bda6fc00000050000996611b401cc68667d15bca1C:\Program Files (x86)\Canon\CAL\CALMAIN.exeC:\Windows\syswow64\msvcrt.dll8b0fa248-d45b-11e0-bedc-90004ef36b93

Error: (08/31/2011 09:56:21 PM) (Source: Application Error)(User: )
Description: CALMAIN.exe8.1.0.14433d11f9msvcrt.dll7.0.7600.163854a5bda6fc0000005000099668ac01cc6818c383137fC:\Program Files (x86)\Canon\CAL\CALMAIN.exeC:\Windows\syswow64\msvcrt.dlladd963d2-d413-11e0-af81-90004ef36b93

Error: (08/31/2011 08:48:30 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (08/31/2011 08:48:30 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (08/31/2011 08:48:29 PM) (Source: Application Error)(User: )
Description: CALMAIN.exe8.1.0.14433d11f9msvcrt.dll7.0.7600.163854a5bda6fc00000050000996612e401cc68126ea4dd6bC:\Program Files (x86)\Canon\CAL\CALMAIN.exeC:\Windows\syswow64\msvcrt.dll32aa2e13-d40a-11e0-8f4e-90004ef36b93

Error: (08/31/2011 05:49:29 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/31/2011 02:52:24 PM) (Source: Application Hang)(User: )
Description: VAIO Gate.exe2.4.0.616096801cc67d8a4695e79187C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe6c78f06d-d3d8-11e0-b72c-90004ef36b93

Error: (08/31/2011 02:45:17 PM) (Source: Application Hang)(User: )
Description: firefox.exe6.0.1.42591dd401cc67e29f8225f914C:\Program Files (x86)\Mozilla Firefox\firefox.exe6e4c1883-d3d7-11e0-b72c-90004ef36b93

Error: (08/30/2011 04:12:02 PM) (Source: Application Error)(User: )
Description: CALMAIN.exe8.1.0.14433d11f9msvcrt.dll7.0.7600.163854a5bda6fc000000500009966d8401cc6723528ac3a2C:\Program Files (x86)\Canon\CAL\CALMAIN.exeC:\Windows\syswow64\msvcrt.dll696c4f28-d31a-11e0-a4e1-78843ccf6483

Error: (08/28/2011 09:44:25 PM) (Source: Application Error)(User: )
Description: CALMAIN.exe8.1.0.14433d11f9msvcrt.dll7.0.7600.163854a5bda6fc00000050000996610b001cc65be60544d0eC:\Program Files (x86)\Canon\CAL\CALMAIN.exeC:\Windows\syswow64\msvcrt.dll83db2e90-d1b6-11e0-a4af-90004ef36b93


=========================== Installed Programs ============================

(Version: 1.0.0.05280)
(Version: 1.1.0.02250)
(Version: 1.4.0.0b-ENU)
(Version: 3.0.0.05310)
(Version: 4.3.0.05310)
(Version: 5.2.0.06210)
(Version: 5.3.0.05310)
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
Adobe AIR (Version: 2.7.0.19530)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Download Assistant (Version: 1.0.2)
Adobe Download Manager (Version: 1.6.2.103)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.5)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Premiere Elements 8.0 (Version: 8.0)
Adobe Premiere Elements 8.0 (Version: 8.0.1)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Advanced SystemCare 4 (Version: 4.1.0)
Alps Pointing-device for VAIO
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.115)
ArcSoft WebCam Companion 3 (Version: 3.0.21.368)
ATI Catalyst Install Manager (Version: 3.0.769.0)
Audacity 1.3.13 (Unicode)
Auslogics Duplicate File Finder (Version: version 2.1)
BBC iPlayer Desktop (Version: 3.2.7)
Bing Bar (Version: 6.3.2322.0)
Bing Bar Platform (Version: 6.3.2322.0)
Bonjour (Version: 3.0.0.2)
Canon Camera Access Library (Version: 8.1.1.17)
Canon Camera Support Core Library (Version: 7.3.1.6)
Canon Camera Window DC_DV 5 for ZoomBrowser EX (Version: 5.4.5.17)
Canon Camera Window DC_DV 6 for ZoomBrowser EX (Version: 6.2.0.8)
Canon Camera Window MC 6 for ZoomBrowser EX (Version: 6.1.0.7)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.2.0.5)
Canon Internet Library for ZoomBrowser EX (Version: 1.4.2.6)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.4.0.7)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.5.0.5)
Canon Utilities Digital Photo Professional 2.2 (Version: 2.2.0.1)
Canon Utilities EOS Utility (Version: 1.1.0.8)
Canon Utilities PhotoStitch (Version: 3.1.18.42)
Canon Utilities ZoomBrowser EX (Version: 5.7.0.74)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full Existing (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full New (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Light (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Common (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0920.2143.37117)
Catalyst Control Center InstallProxy (Version: 2010.0209.16.306)
Catalyst Control Center InstallProxy (Version: 2010.0920.2143.37117)
Catalyst Control Center Localization All (Version: 2010.0920.2143.37117)
ccc-core-static (Version: 2010.0920.2143.37117)
ccc-utility64 (Version: 2010.0920.2143.37117)
CCC Help Chinese Standard (Version: 2010.0920.2142.37117)
CCC Help Chinese Traditional (Version: 2010.0920.2142.37117)
CCC Help Czech (Version: 2010.0920.2142.37117)
CCC Help Danish (Version: 2010.0920.2142.37117)
CCC Help Dutch (Version: 2010.0920.2142.37117)
CCC Help English (Version: 2010.0920.2142.37117)
CCC Help Finnish (Version: 2010.0920.2142.37117)
CCC Help French (Version: 2010.0920.2142.37117)
CCC Help German (Version: 2010.0920.2142.37117)
CCC Help Greek (Version: 2010.0920.2142.37117)
CCC Help Hungarian (Version: 2010.0920.2142.37117)
CCC Help Italian (Version: 2010.0920.2142.37117)
CCC Help Japanese (Version: 2010.0920.2142.37117)
CCC Help Korean (Version: 2010.0920.2142.37117)
CCC Help Norwegian (Version: 2010.0920.2142.37117)
CCC Help Polish (Version: 2010.0920.2142.37117)
CCC Help Portuguese (Version: 2010.0920.2142.37117)
CCC Help Russian (Version: 2010.0920.2142.37117)
CCC Help Spanish (Version: 2010.0920.2142.37117)
CCC Help Swedish (Version: 2010.0920.2142.37117)
CCC Help Thai (Version: 2010.0920.2142.37117)
CCC Help Turkish (Version: 2010.0920.2142.37117)
CloneSpy 2.61
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.41.3.0173)
Definition update for Microsoft Office 2010 (KB982726)
Doro 1.35
Duplicate Cleaner 2.0.6 (Version: 2.0.6)
Emsisoft Anti-Malware 5.1 (Version: 5.1)
Epson Easy Photo Print 2 (Version: 2.2.3.1)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
EPSON SX510W Series Printer Uninstall
EpsonNet Config V3 (Version: 3.5c)
EpsonNet Print (Version: 2.4j)
Evernote (Version: 3.5.4.2224)
Free RAR Extract Frog (Version: 3.20)
Full Video Converter Free 9
Game Booster (Version: 2.2.0.0)
Google Chrome (Version: 13.0.782.218)
Google Earth (Version: 6.0.3.2197)
Google Update Helper (Version: 1.3.21.65)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
Intel® Turbo Boost Technology Driver (Version: 01.02.00.1002)
Internet TV for Windows Media Center (Version: 4.2.2.0)
IObit Malware Fighter (Version: 1.0)
IObit Toolbar v4.4 (Version: 4.4)
iTunes (Version: 10.4.1.10)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 27 (64-bit) (Version: 6.0.270)
Java™ 6 Update 27 (Version: 6.0.270)
Joulemeter (Version: 1.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Macromedia Dreamweaver MX (Version: 6.0)
Macromedia Extension Manager (Version: 1.5)
Macromedia Fireworks MX (Version: 6)
Macromedia Flash MX (Version: 6)
Macromedia FreeHand 10 (Version: 10)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
Media Gallery (Version: 1.3.0)
Media Gallery (Version: 1.3.0.06230)
Memory-Map OS Edition Version 5 (Version: 5.0.2)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Device Emulator (64 bit) version 3.0 - ENU (Version: 9.0.21022)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008 (Version: 9.0.21022)
Microsoft Expression Blend 3 SDK (Version: 1.0.1343.0)
Microsoft Expression Blend 4 (Version: 4.0.20901.0)
Microsoft Expression Blend 4 Add-in for Adobe FXG Import (Version: 1.0.10901.0)
Microsoft Expression Blend SDK for .NET 4 (Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Silverlight 4 (Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Windows Phone 7 (Version: 2.0.20901.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Image Composite Editor (Version: 1.4.4)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066)
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50826.0)
Microsoft Silverlight Tools for Visual Studio 2010 (Version: 10.0.30319.400)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Compact 3.5 Design Tools ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 for Devices ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 4.0 x64 ENU (Version: 4.0.8482.1)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (Version: 2.0.1578.0)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (Version: 2.0.1578.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio 2008 Professional Edition - ENU (Version: 9.0.21022)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.21022)
Microsoft Visual Studio 2010 Express for Windows Phone - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.30319)
Microsoft Visual Studio Web Authoring Component (Version: 12.0.4518.1066)
Microsoft Windows Phone 7 Developer Resources (Version: 7.0.7003.0)
Microsoft Windows Phone Developer Tools - ENU (Version: 10.0.30319)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (Version: 3.5.21022)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (Version: 6.1.5288.17011)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (ARP entry) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Redists) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Shared Components) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Visual Studio) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 Documentation (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 Windows Phone Extensions (Version: 4.0.20823.0)
Microsoft XNA Game Studio Platform Tools (Version: 1.3.0.0)
Mozilla Firefox 6.0.1 (x86 en-US) (Version: 6.0.1)
MSDN Library for Microsoft Visual Studio 2008 Express Editions
MSDN Library for Microsoft Visual Studio 2008 Express Editions (Version: 9.0.21022)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
PDF Settings (Version: 1.0)
Picasa 3 (Version: 3.8)
PMB (Version: 5.3.00.06040)
PMB VAIO Edition Plug-in (Version: 1.5.10.05300)
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
Protected Folder
QuickTime (Version: 7.70.80.34)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6034)
Realtek High Definition Audio Driver (Version: 6.0.1.6098)
Remote Keyboard with PlayStation 3 (Version: 1.0.2.06170)
Remote Play with PlayStation 3 (Version: 1.0.2.06210)
Remote Play with PlayStation®3 (Version: 1.0.2.06210)
Skype™ 4.2 (Version: 4.2.152)
SkyPlayer for Windows Media Center (Version: 4.4.2.0)
Smart Defrag 2 (Version: 2.0.1)
SmartSound Quicktracks for Premiere Elements 8.0 (Version: 3.11.3090)
Spotify (Version: 0.5.1)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 5.0.1118)
SyncToy 2.1 (x86) (Version: 2.1.0)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) (Version: 1)
VAIO - Media Gallery (Version: 1.3.0.06230)
VAIO - PMB VAIO Edition Guide (Version: 1.5.00.03020)
VAIO - PMB VAIO Edition Plug-in (Version: 1.5.10.06150)
VAIO Care (Version: 6.3.0.09020)
VAIO Control Center (Version: 4.3.0.05310)
VAIO Data Restore Tool (Version: 1.4.0.05240)
VAIO DVD Menu Data (Version: 2.4.00.05300)
VAIO Gate (Version: 2.4.0.06210)
VAIO Gate Default (Version: 2.2.0.07020)
VAIO Hardware Diagnostics (Version: 4.0.0.06230)
VAIO Manual (Version: 1.1.0.05280)
VAIO Media plus (Version: 2.1.0)
VAIO Media plus (Version: 2.1.0.18210)
VAIO Media plus Opening Movie (Version: 2.1.0.13220)
VAIO Movie Story Template Data (Version: 2.3.00.06040)
VAIO Movie Story Template Data (Version: 2.5.00.05300)
VAIO Quick Web Access (Version: 1.3.4.2)
VAIO Sample Contents (Version: 1.3.0.06041)
VAIO screensaver (Version: 1.0.0.0)
VAIO Smart Network (Version: 3.3.0.06080)
VAIO Transfer Support (Version: 1.2.0.06230)
VAIO Update (Version: 5.4.1.04200)
VC Runtimes MSI (Version: 9.0.21022)
VirtualCloneDrive
Visual Studio .NET Prerequisites - English (Version: 9.0.21022)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022)
WIDCOMM Bluetooth Software (Version: 6.3.0.5600)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile 5.0 SDK R2 for Pocket PC (Version: 5.00.1700.5.14343.06)
Windows Mobile 5.0 SDK R2 for Smartphone (Version: 5.00.1700.5.14343.06)
Windows Mobile 6 Professional SDK (Version: 6.0.0.17740)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Phone 7 Add-in for Visual Studio 2010 - ENU (Version: 10.0.30319)
Windows Phone Emulator x64 - ENU (Version: 10.0.30319)
WinMerge 2.12.4 (Version: 2.12.4)
WordWeb (Version: 6)
WPF Toolkit February 2010 (Version 3.5.50211.1) (Version: 3.5.50211.1)
ZoneAlarm (Version: 9.2.106.000)
ZoneAlarm Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 5998.1 MB
Available physical RAM: 3928.02 MB
Total Pagefile: 11994.34 MB
Available Pagefile: 9265.17 MB
Total Virtual: 4095.88 MB
Available Virtual: 3983.28 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:452.31 GB) (Free:341.7 GB) NTFS

========================= Users: ========================================

User accounts for \\VAIO

Administrator Dom Guest


**** End of log ****
--------------------------------------------------------------------------------------------------
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-01 08:11:13
Windows 6.1.7600
Running: o9li33iq.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076a27b11
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\90004ef36b93
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38ed354f
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076a27b11 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\90004ef36b93 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38ed354f (not active ControlSet)

---- EOF - GMER 1.0.15 ----

Thanks in advance,

Reggie.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:21 PM

Posted 01 September 2011 - 07:38 PM

So far all looks clean.

“Search settings notification - a program was blocked from changing your default search settings”.

Which browser are we talking about here?

I strongly recommend you uninstall Duplicate Cleaner 2.0..
That's a dangerous play especially when Windows files are involved.
Starting with Vista you have a lot of system files backups in various locations.
If you start removing those it's asking for troubles.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 02 September 2011 - 01:15 AM

Hi Broni,

I've taken a picture of the problem, rather than trying to explain. Its not in a browser, but windows. Sorry if I didn't explain myself clearly enough. The picture can be found using the following link:

to picture

Are you saying Duplicate Cleaner should be removed due to some malaware issue or possible accidental system file delete? if its the latter, then I never use Duplicate Cleaner to clean my computers hard drive, only external ones; and I only use it to identify never delete - I'm paranoid like that!

I use firefox and sometimes IE

Thanks for your help so far

I appreciate it,

Reggie.

Edited by reggiereg, 02 September 2011 - 02:17 AM.


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:21 PM

Posted 02 September 2011 - 05:51 PM

I see...

Download FoxScan from HERE

Double click on FoxScan.exe to start the scan.
DOS-like window will pop-up.
Press 2 for English. Press Enter.
Be patient. It'll take few minutes.
When the tool is done, it'll display:

Search completed.
Press any key to coninue...


Press any key.
Notepad window titled Rapport-FS.txt will open.
Post the content in your next reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 03 September 2011 - 04:35 AM

Hi again Broni,

I run Foxscan.exe and the dos like window comes up.
I press 2 for English and the screen disappears.
I looked in the task manager and there is no sign of the program running a scan.
Do I have to run it as a previous version of windows?
Does it hide its self when running a scan?

regards,

Reggie.

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:21 PM

Posted 03 September 2011 - 10:39 AM

Right click on it, click "Run as administrator".

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 03 September 2011 - 12:57 PM

same thing happens

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:21 PM

Posted 03 September 2011 - 01:21 PM

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

64-bit users go HERE
  • Double-click SystemLook.exe to run it.
  • Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box into the main textfield:
    :folderfind
    extensions
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 03 September 2011 - 01:58 PM

I have just run SUPERantispyware and it came back with:
----------------------------------------------------------------------
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/03/2011 at 07:30 PM

Application Version : 5.0.1118

Core Rules Database Version : 7644
Trace Rules Database Version: 5456

Scan type : Complete Scan
Total Scan Time : 00:57:19

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 853
Memory threats detected : 0
Registry items scanned : 76096
Registry threats detected : 0
File items scanned : 80649
File threats detected : 102

Adware.Tracking Cookie
.qnsr.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
o1.qnsr.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
e1.cdn.qnsr.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
e1.cdn.qnsr.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
e1.cdn.qnsr.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
e1.cdn.qnsr.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.qsstats.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.qsstats.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
cn.clickable.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
stats4.clicktracks.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
stats4.clicktracks.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
stats4.clicktracks.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
stats4.clicktracks.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.findaproperty.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.findaproperty.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.findaproperty.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.findaproperty.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.findaproperty.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.findaproperty.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.findaproperty.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.findaproperty.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
snap9.advertserve.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.uk.at.atwola.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wck4skc5wgp.stats.esomniture.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wblysid5wap.stats.esomniture.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
ads.audience2media.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
ads.audience2media.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.audience2media.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
ads.audience2media.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.lg2.solution.weborama.fr [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.lg2.solution.weborama.fr [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.lg2.solution.weborama.fr [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.lg2.solution.weborama.fr [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.avastats.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.adnet-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
my.stats2.com.re.getclicky.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
tracker.roitesting.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OEVSK6NS.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-FakeAV
C:\USERS\DOM\DESKTOP\FOXSCAN.EXE
C:\Windows\Prefetch\FOXSCAN.EXE-E887C2F6.pf

-------------------------------------------------------------------

The "Trojan.agent" worries me enormously. Is this program infected?

Could this be why its not working?

I also have just run systemlook, both 64-bit and 32-bit as admin and non admin, and in both situations get a windows message box saying "systemlook error - script required".

Please advise,

Regards,

Reggie.

Edited by reggiereg, 03 September 2011 - 02:12 PM.


#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:21 PM

Posted 03 September 2011 - 03:46 PM

The "Trojan.agent" worries me enormously. Is this program infected?

Definitely false positive. I'll report this to Super people.

"systemlook error - script required".

Well, you didn't paste my script.
Please re-read my instructions.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 04 September 2011 - 01:14 AM

Hi Broni,

Out of interest, how can you tell if a file is infected or just a false positive? Nothing to do with this but, I'm wondering about a file I had a while ago that I deleted, and maybe could have run.

I thought you wanted me to paste what I found inbetween these commands from the output text - opps - sorry.


This is what you asked for:
__________________________________________________________________________________________________________________

SystemLook 30.07.11 by jpshortstuff
Log created at 06:59 on 04/09/2011 by Dom
Administrator - Elevation successful

========== folderfind ==========

Searching for "extensions"
C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Plug-Ins\Extensions d------ [10:52 20/05/2011]
C:\Program Files (x86)\Google\Chrome\Application\13.0.782.218\Extensions d------ [08:44 31/08/2011]
C:\Program Files (x86)\Google\Chrome\Application\13.0.782.220\Extensions d------ [19:44 03/09/2011]
C:\Program Files (x86)\Macromedia\Dreamweaver MX\Configuration\Extensions d------ [15:17 15/06/2011]
C:\Program Files (x86)\Macromedia\Fireworks MX\Configuration\Extensions d------ [15:14 15/06/2011]
C:\Program Files (x86)\Microsoft Expression\Blend 4\Extensions d------ [10:14 29/06/2011]
C:\Program Files (x86)\Microsoft SDKs\Expression\Extensions d------ [10:14 29/06/2011]
C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\Extensions d------ [09:59 29/06/2011]
C:\Program Files (x86)\Microsoft Visual Studio 10.0\Xml\1033\Snippets\xsd\Extensions d------ [09:59 29/06/2011]
C:\Program Files (x86)\Microsoft Visual Studio 9.0\Xml\1033\Snippets\xsd\Extensions d------ [12:52 29/06/2011]
C:\Program Files (x86)\Mozilla Firefox\extensions d------ [06:41 28/08/2011]
C:\Users\Dom\AppData\Local\Microsoft\ehome\Extensions d------ [20:02 19/05/2011]
C:\Users\Dom\AppData\Roaming\Mozilla\Extensions d------ [06:42 28/08/2011]
C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\oevsk6ns.default\extensions d------ [13:33 31/08/2011]

-= EOF =-

Regards,

Reggie.

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:21 PM

Posted 04 September 2011 - 10:50 AM

Out of interest, how can you tell if a file is infected or just a false positive?

In case of this particular file I know because this little utility comes from a trusted source and it's known to people who deal with malware removal.

Re-run SystemLook with this code:

:dir
C:\Program Files (x86)\Mozilla Firefox\extensions
C:\Users\Dom\AppData\Roaming\Mozilla\Extensions
C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\oevsk6ns.default\extensions

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 reggiereg

reggiereg
  • Topic Starter

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:21 PM

Posted 04 September 2011 - 02:12 PM

As you requested,
-------------------------------------------------------------------------------------

SystemLook 30.07.11 by jpshortstuff
Log created at 20:10 on 04/09/2011 by Dom
Administrator - Elevation successful

========== dir ==========

C:\Program Files (x86)\Mozilla Firefox\extensions - Parameters: "(none)"

---Files---
None found.

---Folders---
{972ce4c6-7e08-4474-a285-3208198ce6fd} d------ [06:41 28/08/2011]
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} d------ [13:56 31/08/2011]

C:\Users\Dom\AppData\Roaming\Mozilla\Extensions - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\oevsk6ns.default\extensions - Parameters: "(none)"

---Files---
None found.

---Folders---
{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} d------ [14:19 31/08/2011]

-= EOF =-

------------------------------------------------------------------------------------------------
Regards,

Reggie.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users