Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect virus of some sort


  • Please log in to reply
31 replies to this topic

#1 luke003

luke003

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 24 September 2011 - 02:23 PM

Hi, I have been lurking info and assistance from here for a while. Finally I have encountered an issue that I can't resolve with out help. I'm using the latest version of firefox, but the problem effects any browser I use. Clicking a link, will frequently open a random ad page. I have run Malwarebytes, Tdsskiller, superantispyware, and rkill, all of which found nothing. One other weird thing I keep noticing; I keep checking my hosts file, only to find it missing half of the time.

I used to work a desktop support job, so I'm fairly knowledgable. But, I left that job a couple years ago and have not kept up with any of this beyond trying to keep my personal computer clean. Help would be much appreciated. Just let me know what to run, and what to post.

Edited by Orange Blossom, 24 September 2011 - 02:41 PM.
Moved from Windows 7 to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:11:19 AM

Posted 24 September 2011 - 03:37 PM

Hi luke003,

:welcome: to Bleeping Computer.

My name is Jason and I'll be helping you with your computer problems. You can call me by my screename jntkwx or Jason is fine.

Some things to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please do not attach logs or put logs in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can also help.
  • Do not run anything while running a fix.
  • If you don't understand a step, please ask for clarification before continuing with any future steps.

Click on the Watch Topic button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Note to others: The instructions here are intended for the person who began this topic. If you need help, please create your own topic in the appropriate forum.

 

:step1: Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer Log Errors
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go . Please put code boxes around just this entire log, like this, but without the letter x: [xcode] MiniToolBox log [/xcode]

:step2: Rerun Malwarebytes
Open Malwarebytes, click on the Update tab, and click the check for Updates button (the latest update as of this post is 7792)
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

If you have trouble updating, troubleshoot Malwarebytes' Anti-Malware

:step3: Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from http://www.superantispyware.com/downloads/SASDEFINITIONS.EXE (copy and paste that website address) and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others checked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Home" button to leave the control center screen.
  • Back on the main screen, under "Select Scan Type" click Complete Scan.
  • On the left, make sure you check C:\.
  • Click Start Complete Scan > Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a USB drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

:step4: Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.


In your next reply, please include:
  • MiniToolBox log
  • Malwarebytes log
  • SuperAntiSpyware log
  • GMER log
  • How's your computer running now? Please provid a detailed description of any remaining problems, detailed word-for-word error mesages that you are receiving, and/or screenshots of strange behavior.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#3 luke003

luke003
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 24 September 2011 - 07:30 PM

Hi Jason, thanks for helping.

A few things I should mention, might be unrelated.
1.)There is a process called PING.exe, that is using close to 90% of my cpu.
2.)upon opening minitoolbox my taskbar switched to an old window98 style look with the windows7 features.
3.)upon running minitoolbox I received an error; "the ordinal 1108 could not be located in the dynamic link library WSOCK32.dll" (twice)





MiniToolBox by Farbar 
Ran by Luke (administrator) on 24-09-2011 at 16:28:19
Windows 7 Ultimate  (X64)

***************************************************************************

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ============================== 

Hosts file not detected in the default directory
========================= IP Configuration: ================================The following helper DLL 

cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.1.230 publish=Yes
add address name="Local Area Connection" address=192.168.1.66


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Luke-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : myhome.westell.com

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : myhome.westell.com
   Description . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN
   Physical Address. . . . . . . . . : 00-21-5D-0E-5B-E8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::293a:6918:ac33:b570%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.10.10.108(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, September 24, 2011 4:21:42 PM
   Lease Expires . . . . . . . . . . : Sunday, September 25, 2011 4:21:42 PM
   Default Gateway . . . . . . . . . : 10.10.10.1
   DHCP Server . . . . . . . . . . . : 10.10.10.1
   DHCPv6 IAID . . . . . . . . . . . : 285221213
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-67-C7-80-00-23-54-1A-F1-E6
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet 

NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-23-54-1A-F1-E6
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c67:3968:f5f5:f593(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::c67:3968:f5f5:f593%12(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 8:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #8
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #13
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #10
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #11
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #12
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #15
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #14
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 26:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #18
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #16
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #17
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 28:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #20
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 27:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #19
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 37:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #29
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 29:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #21
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 30:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #22
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 31:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #23
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 35:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #27
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 32:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #24
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 33:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #25
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 34:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #26
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 36:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #28
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 40:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #32
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 38:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #30
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 39:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #31
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #36
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 41:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #33
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 42:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #34
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 43:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #35
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 44:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #37
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 45:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #38
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 48:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #40
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 47:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #39
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 50:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #42
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 52:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #44
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 49:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #41
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 51:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #43
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 55:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #47
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 53:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #45
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 59:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #51
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 54:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #46
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 56:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #48
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 57:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #49
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 58:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #50
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 61:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #53
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 60:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #52
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 67:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #59
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 63:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #55
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 62:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #54
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 65:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #57
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 64:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #56
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 66:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #58
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 83:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #75
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 68:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #60
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 69:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #61
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 70:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #62
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 71:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #63
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 72:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #64
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 73:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #65
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 74:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #66
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 75:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #67
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 76:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #68
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 77:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #69
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 78:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #70
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 79:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #71
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 80:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #72
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 82:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #74
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 81:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #73
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 92:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #84
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 84:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #76
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 86:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #78
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 85:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #77
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 87:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #79
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 88:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #80
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 89:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #81
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 90:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #82
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.myhome.westell.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : myhome.westell.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 91:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #83
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 93:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #85
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 96:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #88
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 94:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #86
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 95:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #87
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 97:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #89
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 98:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #90
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 99:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #91
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 100:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #92
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 101:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #93
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 102:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #94
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 104:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #96
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 103:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #95
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 105:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #97
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 106:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #98
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 107:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #99
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 108:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #100
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 109:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #101
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 110:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #102
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 111:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #103
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 112:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #104
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 113:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #105
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 114:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #106
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 115:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #107
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 116:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #108
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 117:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #109
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.225.81] with 32 bytes of data:
Reply from 74.125.225.81: bytes=32 time=17ms TTL=55
Reply from 74.125.225.81: bytes=32 time=16ms TTL=55

Ping statistics for 74.125.225.81:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 16ms, Maximum = 17ms, Average = 16ms

Pinging yahoo.com [69.147.125.65] with 32 bytes of data:
Reply from 69.147.125.65: bytes=32 time=32ms TTL=53
Reply from 69.147.125.65: bytes=32 time=37ms TTL=53

Ping statistics for 69.147.125.65:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 32ms, Maximum = 37ms, Average = 34ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...00 21 5d 0e 5b e8 ......Intel(R) WiFi Link 5100 AGN
 10...00 23 54 1a f1 e6 ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 

6.0)
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
 17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
 20...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #7
 18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #5
 19...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #6
 22...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #9
 21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #8
 26...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #13
 23...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #10
 24...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #11
 25...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #12
 28...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #15
 27...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #14
 31...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #18
 29...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #16
 30...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #17
 33...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #20
 32...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #19
 42...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #29
 34...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #21
 35...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #22
 36...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #23
 40...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #27
 37...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #24
 38...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #25
 39...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #26
 41...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #28
 45...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #32
 43...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #30
 44...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #31
 49...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #36
 46...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #33
 47...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #34
 48...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #35
 50...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #37
 51...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #38
 54...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #40
 53...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #39
 56...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #42
 58...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #44
 55...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #41
 57...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #43
 61...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #47
 59...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #45
 65...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #51
 60...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #46
 62...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #48
 63...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #49
 64...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #50
 67...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #53
 66...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #52
 73...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #59
 69...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #55
 68...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #54
 71...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #57
 70...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #56
 72...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #58
 89...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #75
 74...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #60
 75...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #61
 76...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #62
 77...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #63
 78...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #64
 79...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #65
 80...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #66
 81...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #67
 82...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #68
 83...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #69
 84...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #70
 85...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #71
 86...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #72
 88...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #74
 87...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #73
 98...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #84
 90...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #76
 92...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #78
 91...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #77
 93...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #79
 94...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #80
 95...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #81
 96...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #82
124...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 97...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #83
 99...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #85
102...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #88
100...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #86
101...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #87
103...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #89
104...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #90
105...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #91
106...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #92
107...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #93
108...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #94
110...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #96
109...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #95
111...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #97
112...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #98
113...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #99
114...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #100
115...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #101
116...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #102
117...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #103
118...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #104
119...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #105
120...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #106
121...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #107
122...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #108
123...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #109
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       10.10.10.1     10.10.10.108     25
       10.10.10.0    255.255.255.0         On-link      10.10.10.108    281
     10.10.10.108  255.255.255.255         On-link      10.10.10.108    281
     10.10.10.255  255.255.255.255         On-link      10.10.10.108    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      10.10.10.108    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      10.10.10.108    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0    192.168.1.230  Default 
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:4137:9e76:c67:3968:f5f5:f593/128
                                    On-link
 11    281 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::c67:3968:f5f5:f593/128
                                    On-link
 11    281 fe80::293a:6918:ac33:b570/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/24/2011 04:26:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance 

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2011 04:24:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000019710f3
Faulting process id: 0x3a4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/24/2011 04:23:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance 

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2011 04:21:46 PM) (Source: RaySat_3dsmax2009_64 Server) (User: )
Description: (1632) getservbyname: The requested name is valid, but no data of the requested type 

was found. (0x2afc)

Error: (09/24/2011 09:39:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance 

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2011 09:37:50 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000001d410f3
Faulting process id: 0x3b8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/24/2011 09:36:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance 

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2011 09:35:06 AM) (Source: RaySat_3dsmax2009_64 Server) (User: )
Description: (1632) getservbyname: The requested name is valid, but no data of the requested type 

was found. (0x2afc)

Error: (09/24/2011 00:23:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance 

ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2011 00:21:20 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000001cb10f3
Faulting process id: 0xf0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (09/24/2011 04:26:33 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (09/24/2011 04:26:33 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (09/24/2011 04:26:29 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) 

after the unexpected termination of the Windows Management Instrumentation service, but this action 

failed with the following error: 
%%1056

Error: (09/24/2011 04:26:29 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) 

after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action 

failed with the following error: 
%%1056

Error: (09/24/2011 04:26:29 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) 

after the unexpected termination of the Computer Browser service, but this action failed with the 

following error: 
%%1056

Error: (09/24/2011 04:25:29 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) 

after the unexpected termination of the Server service, but this action failed with the following 

error: 
%%1056

Error: (09/24/2011 04:24:29 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (09/24/2011 04:24:29 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The 

following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (09/24/2011 04:24:29 PM) (Source: Service Control Manager) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly.  It has done 

this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the 

service.

Error: (09/24/2011 04:24:29 PM) (Source: Service Control Manager) (User: )
Description: The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following 

corrective action will be taken in 60000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (01/25/2011 04:00:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, 

Microsoft Office Version: 12.0.4518.1066. This session lasted 6082 seconds with 2580 seconds of 

active time.  This session ended with a crash.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
3dsmax ancillary install (Version: 1)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe After Effects CS5 (Version: 10)
Adobe After Effects CS5 Third Party Content (Version: 10)
Adobe After Effects CS5 Third Party Royalty Content (Version: 10)
Adobe AIR (Version: 1.5.3.9120)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge CS4 (Version: 3)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe CSI CS4 (Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Device Central CS4 (Version: 2)
Adobe Director 11.5 (Version: 11.5)
Adobe Drive CS4 (Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 10 ActiveX (Version: 10.1.52.14)
Adobe Flash Player 10 Plugin (Version: 10.3.183.5)
Adobe Flash Professional CS5 (Version: 11.0)
Adobe Fonts All (Version: 2.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS4 (Version: 14.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Premiere Pro CS3 (Version: 3)
Adobe Premiere Pro CS3 Functional Content (Version: 8)
Adobe Premiere Pro CS3 Third Party Content (Version: 3)
Adobe Reader 8.1.2 (Version: 8.1.2)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP DVA Panels CS3 (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
AIM 7
Amnesia - The Dark Descent  (Version: 1.0.0)
Apple Application Support (Version: 2.0.1)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ASUS CopyProtect (Version: 1.0.0007)
ASUS Data Security Manager (Version: 1.00.0006)
ASUS LifeFrame3 (Version: 3.0.9)
ASUS Live Update (Version: 2.5.6)
ASUS Power4Gear eXtreme (Version: 1.0.19)
ASUS SmartLogon (Version: 1.0.0005)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0021)
ASUS Virtual Camera (Version: 1.0.11)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0053)
ATK Media (Version: 2.0.0006)
ATKOSD2 (Version: 7.0.0006)
Autodesk 3ds Max 2009 64-bit (Version: 11.0)
Autodesk Backburner 2008.1 (Version: 2008.1)
Autodesk DWF Viewer 7 (Version: 7.0.0)
Bandisoft MPEG-1 Decoder
BattlEye Uninstall
Blender (remove only)
Bonjour (Version: 3.0.0.2)
CCleaner (remove only)
Comical 0.8
Connect (Version: 1.0.0.1)
Crazybump (remove only)
Crystal Reports Basic for Visual Studio 2008 (Version: 10.5.0.0)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (Version: 10.5.0.0)
CyberLink LabelPrint (Version: 2.0.2908)
CyberLink Power2Go (Version: 6.0.1924)
DDS Thumbnail Viewer (Version: 1.00.000)
Direct Console 2.0 (Version: 2.0.4)
Direct Console 2.0 (Version: 2.0.5)
Dolby Control Center (Version: 1.1.0601)
Download Updater (AOL LLC)
Equation Game (Version: 1.00.0000)
Evrsoft First Page 2006
Express Gate (Version: 0.8.3.0)
FBX Plugin 2006.08 for Max 9.0
FBX Plugin 2009.0 for Max 2009 64
FL Studio 7
Flash Decompiler Trillix (Version: 3.0)
Fraps (remove only)
Futuremark SystemInfo (Version: 3.16.2.1)
HiJackThis (Version: 1.0.0)
IL Download Manager
IrfanView (remove only)
ITECIR (Version: 1.00.0000)
iTunes (Version: 10.4.1.10)
Java(TM) 7 Update 2 (64-bit) (Version: 7.0.20)
Java(TM) SE Development Kit 7 Update 2 (64-bit) (Version: 1.7.0.20)
K-Lite Mega Codec Pack 4.8.5 (Version: 4.8.5)
kuler (Version: 2.0)
LCDHype Version 0.6
LEGO Digital Designer
LightScribe System Software  1.14.17.1 (Version: 1.14.17.1)
LimeWire 5.4.8 (Version: 5.4.8)
Magic ISO Maker v5.4 (build 0239)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
Maximus
Melody (Version: 0.95)
Microsoft .NET Compact Framework 2.0 SP2 (Version: 2.0.7045)
Microsoft .NET Compact Framework 3.5 (Version: 3.5.7283)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Device Emulator (64 bit) version 3.0 - ENU (Version: 9.0.21022)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008 (Version: 9.0.21022)
Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.687.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066)
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.4518.1066)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Compact 3.5 Design Tools ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 for Devices ENU (Version: 3.5.5386.0)
Microsoft SQL Server Database Publishing Wizard 1.2 (Version: 1.2.0.0)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio 2008 Professional Edition - ENU (Version: 9.0.21022)
Microsoft Visual Studio 2008 Remote Debugger - ENU
Microsoft Visual Studio 2008 Remote Debugger - ENU (Version: 9.0.21022)
Microsoft Visual Studio Web Authoring Component (Version: 12.0.4518.1066)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (Version: 3.5.21022)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (Version: 

6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 Tools (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (Version: 6.1.5288.17011)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Game Studio 3.1 (ARP entry) (Version: 3.1.10527.0)
Microsoft XNA Game Studio 3.1 (devenv) (Version: 3.1.10527.0)
Microsoft XNA Game Studio 3.1 (Platformer) (Version: 3.1.10527.0)
Microsoft XNA Game Studio 3.1 (Redists) (Version: 3.1.10527.0)
Microsoft XNA Game Studio 3.1 (Shared Components) (Version: 3.1.10527.0)
Microsoft XNA Game Studio 3.1 (Version: 3.1.10527.0)
Microsoft XNA Game Studio 3.1 (XnaLiveProxy) (Version: 3.1.10527.0)
Microsoft XNA Game Studio 3.1 Documentation (Version: 3.1.10527.0)
Microsoft XNA Game Studio Platform Tools (Version: 1.1.0.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Miroslav Philharmonik (Version: 1.0.0)
Morphyre
Mozilla Firefox 6.0.2 (x86 en-US) (Version: 6.0.2)
MS Access to MySQL 3.0.0.66
MySQL Connector/ODBC 3.51 (Version: 3.51.24)
Native Instruments Massive (Version: 1.1.5.1967)
NB Probe
Nexon Game Manager
NVIDIA 3D Vision Controller Driver (Version: 270.61)
NVIDIA 3D Vision Controller Driver 270.61 (Version: 270.61)
NVIDIA 3D Vision Driver 270.61 (Version: 270.61)
NVIDIA Control Panel 270.61 (Version: 270.61)
NVIDIA Graphics Driver 270.61 (Version: 270.61)
NVIDIA HD Audio Driver 1.2.22.1 (Version: 1.2.22.1)
NVIDIA Install Application (Version: 2.270.54.0)
NVIDIA Photoshop Plug-ins (Version: 1.00.000)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX Plug-in for Autodesk 3ds Max 64 bit (Version: 2.01.1222.0945)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.7061)
NVIDIA Update 1.1.34 (Version: 1.1.34)
NVIDIA Update Components (Version: 1.1.34)
Oxelon Media Converter 1.1
PDF Settings CS4 (Version: 9.0)
PDF Settings CS5 (Version: 10.0)
Pen Tablet
Pepakura Designer2
Pepakura Viewer 3
Pepakura Viewer2
Photoshop Camera Raw (Version: 5.0)
PHStat2 2.8.1 (Version: 2.8.1)
PowerISO
QuickTime (Version: 7.70.80.34)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Red Faction
Revo Uninstaller Pro 2.2.3 (Version: 2.2.3)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 (Version: 3.55.01)
Sculptris Alpha 6 (Version: 0.6)
Skype Toolbars (Version: 5.0.4137)
Skype™ 5.0 (Version: 5.0.156)
SpeedFan (remove only)
StarCraft II (Version: 1.3.6.19269)
Steam (Version: 1.0.0.0)
Studio Instruments 1.0 (Version: 1.0)
Suite Shared Configuration CS4 (Version: 1.0)
SUPERAntiSpyware (Version: 5.0.1108)
Synaptics Pointing Device Driver (Version: 10.1.8.0)
System Requirements Lab
System Requirements Lab CYRI (Version: 4.3.1.0)
Tango
Tascam GigaStudio v3.02.0.1584
Team Fortress 2
Trapcode Particular v2
Unfold3D Magic Edition (Version: 4.0.0)
Unity (Version: )
Unreal Development Kit: 2009-11
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) (Version: 1)
Update for Outlook 2007 Junk Email Filter (KB2553110)
USB 2.0 1.3M UVC WebCam
V-Ray for 3dsmax 2009 for x64 (Version: 1.50.SP2)
VC Runtimes MSI (Version: 9.0.21022)
Ventrilo Client for Windows x64 (Version: 3.0.5.0)
Visual C++ 2008 Runtime (x64) (Version: 1.0.1)
Visual Studio .NET Prerequisites - English (Version: 9.0.21022)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022)
VLC media player 0.9.8a (Version: 0.9.8a)
Vue 9.5 xStream 64bit (Version: 9.5)
Vue 9.5 xStream plugins 64bit (Version: 9.5)
Winamp (Version: 5.61 )
Windows Mobile 5.0 SDK R2 for Pocket PC (Version: 5.00.1700.5.14343.06)
Windows Mobile 5.0 SDK R2 for Smartphone (Version: 5.00.1700.5.14343.06)
WinFlash
WinRAR archiver
Wireless Console 2 (Version: 2.0.10)
World of Warcraft (Version: 4.2.2.14545)
x264vfw - H.264/MPEG-4 AVC codec (remove only)
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only)
xNormal 3.17.5
Xvid Video Codec (Version: 1.3.1)
ZBrush3 (Version: 3.01.0001)

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 4095.11 MB
Available physical RAM: 2593.41 MB
Total Pagefile: 8188.37 MB
Available Pagefile: 6549.18 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.48 MB

========================= Partitions: =====================================

1 Drive c: (Vista64) (Fixed) (Total:149.04 GB) (Free:1.18 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:138.31 GB) (Free:100.15 GB) NTFS

========================= Users: ========================================

User accounts for \\LUKE-PC

Administrator            Guest                    Luke                     
UpdatusUser              


**** End of log ****

***********************************************
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7792

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/24/2011 04:50:00 PM
mbam-log-2011-09-24 (11-29-00).txt

Scan type: Full scan (C:\|)
Objects scanned: 635902
Time elapsed: 1 hour(s), 41 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

*****************************************

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/24/2011 at 06:31 PM

Application Version : 5.0.1108

Core Rules Database Version : 7725
Trace Rules Database Version: 5537

Scan type : Complete Scan
Total Scan Time : 01:32:35

Operating System Information
Windows 7 Ultimate 64-bit (Build 6.01.7600)
UAC Off - Administrator

Memory items scanned : 623
Memory threats detected : 0
Registry items scanned : 79680
Registry threats detected : 0
File items scanned : 115783
File threats detected : 36

Adware.Tracking Cookie
.apmebf.com [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YMM5ITIP.DEFAULT

\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\LUKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES

\YMM5ITIP.DEFAULT\COOKIES.SQLITE ]
ad.insightexpressai.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING

\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\REH34CRP ]
cdn.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA

\FLASH PLAYER\#SHAREDOBJECTS\REH34CRP ]
convoad.technoratimedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING

\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\REH34CRP ]
convoad.technoratimedia.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING

\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\REH34CRP ]
crackle.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH

PLAYER\#SHAREDOBJECTS\REH34CRP ]
media.kyte.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH

PLAYER\#SHAREDOBJECTS\REH34CRP ]
media.mtvnservices.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING

\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\REH34CRP ]
media.scanscout.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA

\FLASH PLAYER\#SHAREDOBJECTS\REH34CRP ]
msnbcmedia.msn.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA

\FLASH PLAYER\#SHAREDOBJECTS\REH34CRP ]
objects.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING

\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\REH34CRP ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING

\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\REH34CRP ]
sftrack.searchforce.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING

\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\REH34CRP ]

****************************************

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-24 19:25:08
Windows 6.1.7600
Running: 8jupp5mh.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\BTHPORT
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\HidBth
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind

???v?????q?q?????q?q?????q??? ???????q?????q???????~??H?????????$???????????????????????? ???????

q???????????q?~????????????$????????????????????????????????????????????q?????????????????????????

q????? ???????q???????????q?~????????????

$????????????????????????????????????????????????????????????????q?q?????q?q?????q??? ???????q?????

q???????~??H?????????$???????????????????????????????????????????? ???????q???????????q?

~????????????$???????????????????????????????????????????????????????????????? ???????q???????????

q?~????????????$????????????????????????????????????????????????????????????????q?q?????q?q?????q???

???????q???????????q?~????????????

$??????????????????????????????????????????????????????????????????q???q???q????????? ???????

q???????????q?~????????????$????????????????????????????????????????????????????????????????

???????q?????q???????~??H?????????$???????????????????????hid_device??????????????????p???? ???????

q???????????q?~????????????$????????????????????????????????????????????q?q36???q?
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route

?????????????e???????x??????????Microsoft 6to4 Adapter

Driver????????????}??????????????????????????????????-1??????@%SystemRoot%

\System32\DreamScene.dll,-13,Specify what your computer does when Windows DreamScene is on, and

power status changes.?5A1??? ???????????????????b????????????????1UNN??@%SystemRoot%

\System32\DreamScene.dll,-16,Power Saver???@%SystemRoot%\System32\DreamScene.dll,-17,Windows

DreamScene will pause to conserve power.?00C???????????\??????tB??? ????????????????????????

H?????????????????????????????0???1?????_{72???????????-???????F???????????D???????m???

?????????????????????0????????????????????? ?????????????????????0????????????????????????????

storage\volume?60-??? ?????????????????????

0?????????????????????????????????????????????????????????????d`?us??? ?????????????????????

0????????????????????????????????????? ?????????????????????0?????????????????????

?????????????????????0?????????????????????????????????????????????e??US???????????????

e?????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export

?????x??Local Area Connection* 11????????w??????????????? ???????w???????????5??????????

???????????????Network Address?nn??text????? ???????w???????????x?????????? ????????p?????x???x?

B???? ??x????????c??????????????????t???x?x?x???????x??????????int??x???????x???????e??tunnel?

000????<??x???F??????Microsoft 6to4 Adapter Driver????x?x? ??? ???????w???????????x??????????"???

??????????????x???w????? ???x???o?????SAT??tunnel??????11???x???????x???1??????????? "??x???

x??????????ndis5_ip6_tunnel?????????x???x???????????x???x???h??????????*6to4mp?ac??? ???????

3???????????w?,??????????????????????s??????x??????Microsoft???? ????????????????????4??x???????????

??Microsoft 6to4 Adapter #3????????????????????????????????x???????????w???x??nettun.inf?P\0???

???????3?????|???????0??L????????? ??????00#???????????x??? ???????x?????????????0????????????

&????????????????????4??? ???????x?????x???????0????????????????????? ???????x???????????x?

0???????????????????????x?????????????[???y???o?????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind

???~????Sonix???? h??~?????????????????????0?:??????????????????????????????????????????????

??????????? ??????????????????????????????????????????????????? ??????????? ??????????? ???????????

??????? ???????????????????{72717927-169A-43FB-A6F3-ABFC0807CDBF}???????????????

B??????????????????????? ???????~???????????????????????????????????????1????s63.??

ndis5_ip6_tunnel???????????????????????????v???????.4??~6??.7???W????????????????

?????????????????????}???}?????????~?????????????????????????????e????????? ???????????????

~??????????? ???????~?????????????????e?????????~???X???????????e??i????????????~?-?-?-?~?~?

~?????????????????~?~??? ???????????????~??????????????????ls?????~?~?~?

~???????????:???)????????????????????????????1??????

2???????????????????????????????????????)???????????????????????????????????

(???????????????????????????????)???????t????????????????????1??????

(???????????????????????????????&???~???x???????????????????????~??EventLog-System??????????

~???????????d???????~???????????d?????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route

????????6to4mp.ndi?}"???USB to ATA/ATAPI Bridge??i??????????????21??STORAGE

\Volume??????????????????????????????????????????????????????6.1.7600.16385??n???{00000000-0000-

0000-0000-000000000000}???????????y??????????{00000000-0000-0000-0000-000000000000}????????

N???????????D?????Volume??????????4m???????????????;??????????? ???????`?????????????,????????$???

<????????????????????????????????-????4?????????5E??? ???????4??????xB????6??????5??????vi??

Microsoft 6to4 Adapter #26?712???????????D???????7??????????????????????????????7C??????#????

???????????????????b?0????????????????????? ???????????????????????????????????????D??????????\\?

\Root#*6TO4MP#0037#{cac88484-7515-4c03-82e6-71a87abac361}?9???????x???,??????????????????????????

#?????N?????????????????? ?????????????????????0????????????&????????????????????????

?????????????????????0????????????????????? ???????????????????_?0????????~????????????

???????????????????s?0????????~????????????????????-???????m??C-??? ?????????????????????

0????????????&??????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export

????????????????????????????s????????????c???????b??????????????

t????????????????????????????????.???????????????????????B???b?b?b?b?b?b?b???????

a????????????????????????<??b????????h??????????????????????????????????????B??????????Microsoft

6to4 Adapter #7????????b??????p????{?{?????b??????????????*6to4mp??b??@%systemroot%

\system32\DRIVERS\RDPCDD.sys,-100??????system32\drivers\rdpencdd.sys???system32\drivers

\rdprefmp.sys????????C??????????? ???b????????????????X??????T??????????????????????????????Video

Save???????????b??????p???????????system32\DRIVERS\rixdpx64.sys???????????tunnel???????

f???????????????????????????????????????0?????????????6????????????.NT??????????b???????h??

System32\drivers\rdyboost.sys????????????????????????????????????c?????????????????g????

tunnel??????6.1.7600.16385???????????????????????????????????????????????????????????????

a????????????????????????????>????????g?8????N??????????????????????????????e??6-21-2006???

Microsoft???????????????t???PnP Filter?????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\BTHPORT (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\HidBth (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Bind

???^?????x?]?x???y?^?y??s????r?r?e???^?????????????????????????????s?????c?c????{00000000-0000-0000

-ffff-ffffffffffff}???5??Network?????????????? ???????8???????`??????s????????????????????????????

_??????p????????????????????z?z?^??????????????????? ???^??????????????????????????????????PCI

\VEN_8086&DEV_2944&REV_03?PCI\VEN_8086&DEV_2944?PCI\VEN_8086&CC_060400?PCI\VEN_8086&CC_0604?PCI

\VEN_8086?PCI\CC_060400&DT_4?PCI\CC_060400?PCI\CC_0604&DT_4?PCI\CC_0604???????{4d36e97d-e325-11ce-

bfc1-08002be10318}?rag??RIMMPTSK\Disk?RIMMPTSK\RAW??????tunnel???????????^???????

??????????????????? |??a???c??????Se??LegacyDriver????????????????1,??? 8??^??????????s????e?

eS???????????*6to4mp??????????????????6???????????????6????X??^????????????N??a?????????????n?????

^???^??@oem33.inf,%pci\ven_8086&dev_2a40.devicedesc%;Mobile Intel® 45 Express Chipset Series

Processor to DRAM Controller - 2A40?????@system32\DRIVERS\pci.sys,#65536;PCI bus %1, device %2,

function %3;(0,0,0)?????PCI\VEN_8086&DEV_2A40&SUBSYS_19A71043&REV_07?PCI\VE
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Route

???`????????????????????Microsoft??????????????????s?????}???????????????????????????????????

_???????????????????????????`??%i??HID_Inst????File system?????10.10.10.108???????????????

g?????????`???????????c?x?`??????????????s????????????????????1???1???`?}?^???????

`???????????.?????????????????????????s?????????@???????????????a???????^???3?????????

`?????????????????????????@???s???e???????????????????????????`????X??`???????????`?`?`?

`?????????????????I???x?????????????????s????????????????????Volume??????WinUsb??di???

`???????????????????????????????????x???t???????`??????????????????????????????os??????????USBSTOR?

iv?????????????????s?7???????r???????????}???e??sy???`?`???z????sE???`?`?`????2??a????????h???????

N??a????????D?????Type?????????????????????}?}?`???`???????????????????????????????????????D??????

\i???????????s?????s?!???????????????????[?]?b?b?b???????`???????1???`?x?

`???????????????????????????????z?}?3???? ??A???.???e???????a??????p????????`??????????umb

\umbus????????????D???E???`?`?1?????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export

???`?????????????????????????@???s???e???????????????????????????`????X??`???????????`?`?`?

`?????????????????I???x?????????????????s????????????????????Volume??????WinUsb??di???

`???????????????????????????????????x???t???????`??????????????????????????????os??????????USBSTOR?

iv?????????????????s?7???????r???????????}???e??sy???`?`???z????sE???`?`?`????2??a????????h???????

N??a????????D?????Type?????????????????????}?}?`???`???????????????????????????????????????D??????

\i???????????s?????s?!???????????????????[?]?b?b?b???????`???????1???`?x?

`???????????????????????????????z?}?3???? ??A???.???e???????a??????p????????`??????????umb

\umbus????????????D???E???`?`?1??????????????c????????????????????????`?`?`???`?`?`?`????sE???

\????????????6?????`??int???????N??`????????D?????WpdBusEnumRoot?ge\??????????

Microsoft????????????????????????????`??????s???????????????Microsoft????????????E?????sPo??

LegacyDriver?8???????????????????????????????5?????sA7????N??`???-????D852??? X??????8?????-C0??

ms_agilevpnminiport????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Bind

???b????.NT??????????b???d??p8??Cryptography????Keyboard Filter?????System32\Drivers

\ksecpkg.sys?????????????????????9?????????t?:???b?q?????????????????b??????

p????????????????????????F?g0}???b?b????????????????????Keyboard Port???????????PNP

Filter????????????????????????????????????????????????V??a?????????

e?????????????????????????????????????b?r????????????????????????????0????????????????p????

0????????????????????????? ????????????????????????????????????????????b?????????n?????r?r?????????

b?????????????g????Kernel Streaming Thunks????????b?????????????-????????????????0??b?????????e?????

???????????????????????????o???????????????b???0?????????a???????????????g????? ???????:?????:?:??

NTDS????????????????????????t????a?a?a?a?b?a?a??????????????????@%systemroot%\system32\wkssvc.dll,-

1004???????2??a????????h??????b?c????Microsoft????b?r????????????????t????b?bos??t???11??

t?????????????4??b????????h??????????b??????p?????N??????d???????????????b???b?b????

Revoflt?????????t???system32\DRIVERS\hidir.sys?S\hi
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Route

???b?????????????-????????????????0??b?????????e????? ???????????????????????????o???????????????

b???0?????????a???????????????g????? ???????:?????:?:??NTDS????????????????????????t????a?a?a?a?b?

a?a??????????????????@%systemroot%\system32\wkssvc.dll,-1004???????2??a????????h??????b?c????

Microsoft????b?r????????????????t????b?bos??t???11??t?????????????4??b????????h??????????b??????

p?????N??????d???????????????b???b?b????Revoflt?????????t???system32\DRIVERS\hidir.sys?S

\hidir.sys??????system32\DRIVERS\itecir.sys?????????????????????????????????????????

????????????????e?????????nab???????????????????????????????????????????????????????????

a??????????????????????t??????????????g?????????????????????????????????????????e???????b??????

p???????????????t????????????l???????????????????????????????????????????????b?b????System Bus

Extender????????????????g????????????????????????????????????????text?????????????????y??????Pointer

Port?????_?`?`?`?`?a?`????Z??b?????????e????*6to4mp??????b?bos??t????????a??system32\DR
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export

???a???????????????g????? ???????:?????:?:??NTDS????????????????????????t????a?a?a?a?b?a?

a??????????????????@%systemroot%\system32\wkssvc.dll,-1004???????2??a????????h??????b?c????

Microsoft????b?r????????????????t????b?bos??t???11??t?????????????4??b????????h??????????b??????

p?????N??????d???????????????b???b?b????Revoflt?????????t???system32\DRIVERS\hidir.sys?S

\hidir.sys??????system32\DRIVERS\itecir.sys?????????????????????????????????????????

????????????????e?????????nab???????????????????????????????????????????????????????????

a??????????????????????t??????????????g?????????????????????????????????????????e???????b??????

p???????????????t????????????l???????????????????????????????????????????????b?b????System Bus

Extender????????????????g????????????????????????????????????????text?????????????????y??????Pointer

Port?????_?`?`?`?`?a?`????Z??b?????????e????*6to4mp??????b?bos??t????????a??system32\DRIVERS

\kbdclass.sys?bdclass.sys????^?a?a?a?a?b?b???????????????????????????????e??????????@%systemroot%

\syste

---- Files - GMER 1.0.15 ----

File C:\$WINDOWS.~Q\DATA\Program Files\ASUS\ASUS Data Security Manager\driver\x64

0 bytes
File C:\$WINDOWS.~Q\DATA\Program Files\ASUS\ASUS Data Security Manager\driver\x64\AsDsm.sys

34872 bytes executable
File C:\$WINDOWS.~Q\DATA\Program Files\ASUS\ASUS Data Security Manager\driver\x64\_avt

512 bytes
File C:\ADSM_PData_0150

0 bytes
File C:\ADSM_PData_0150\DB

0 bytes
File C:\ADSM_PData_0150\DB\SI.db

624 bytes
File C:\ADSM_PData_0150\DB\UL.db

16 bytes
File C:\ADSM_PData_0150\DB\VL.db

16 bytes
File C:\ADSM_PData_0150\DB\_avt

512 bytes
File C:\ADSM_PData_0150\DragWait.exe

253952 bytes executable
File C:\ADSM_PData_0150\_avt

512 bytes

---- EOF - GMER 1.0.15 ----

*********************************

Issue still present.

#4 luke003

luke003
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 24 September 2011 - 07:37 PM

Sorry for the lack of detail, those scans took an overwhelming amount of time. Any way here is a screen cap of the taskbar issue.

Posted Image

And as far as everything else goes, the browser still redirects pretty much all the time. And the PING.exe is making the computer run pretty hard constantly.

*edit* The taskbar glitch corrected itself with another reboot.

Edited by luke003, 24 September 2011 - 09:18 PM.


#5 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:11:19 AM

Posted 24 September 2011 - 09:45 PM

Hi luke003,

:step1: Your list of installed programs doesn't appear to contain an antivirus program. Do you have an antivirus program installed?
  • If you do not have an antivirus program, please download and install an antivirus program, and make sure that you keep it updated.
    New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.

    There are several recommended, free antivirus software available. Only download and install one antivirus program (see note below).

    Microsoft Security Essentials

    Avast Free

    Avira Free

    AVG Free

    Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

:step2: Let's reset your router....

Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista and Windows 7, while holding CTRL, and SHIFT, press Enter).

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"


Turn the computer off.

On your router, you'll find a pinhole marked "Reset".
Keep pushing the hole, using a pencil, or a paperclip until all lights briefly come off and on.
NOTE. Simple router disconnecting from a power source will NOT do.
Restart computer and check for redirections.

NOTE. You may need to re-check your router security settings, as described HERE

:step3: If you open the Task Manager, right click on the ping.exe processes and click on Open File Location, what is the location of the file? (such as C:\Windows)
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#6 luke003

luke003
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 25 September 2011 - 04:39 AM

At about 3:00 this morning, my computer started playing a recording of a radio show (woke me up). I say recording because, after a minute of playing, it started a second copy of the sound clip. Immediately I opened task manager to shut it down, but there was nothing running in applications and processes seemed normal. Then I decided to open the sound mixer to see where the sound was coming from exactly. The sound was coming from "TCP/IP Ping process."

I then opened up the processes window to shut it down. The PING.exe process, as I was referring to earlier, only shows up when I open up the resource manager in the performance tab of the task manager. There, there is no option to open file location so I have no clue as to its origin.

Now, after completing your task list and getting my router back up, I have run the browser for several minutes on that computer with no redirects. It does make since to add though, that I installed Avira first, and it found two instances of malware. "TR/DNSChanger.VJ.2 (Trojan)" and "TR/Agent.fqlc (Trojan)"

***edit*** I forgot to mention that the Ping.exe is not running and cpu usage appears normal.

Edited by luke003, 25 September 2011 - 04:50 AM.


#7 luke003

luke003
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 25 September 2011 - 09:42 AM

The host file continues to disappear. So far, I haven't noticed any errors or problems related to that. But tat could be stemming from the fact that I'm not exactly sure what the function of the file is anyway.

#8 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:11:19 AM

Posted 25 September 2011 - 10:12 AM

Hi luke003,

It sounds like resetting your router and running Avira fixed the redirecting. :thumbup2:

Do you remember if Avira listed the names of the files for the two infections it found?

When you say the hosts file continues to disappear, what exactly are you seeing? Does the file exist, and then it doesn't exist after some time?

How long ago did you first start to notice that the hosts file was disappearing?
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#9 luke003

luke003
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 25 September 2011 - 03:22 PM

The "TR/Agent.fqlc Trojan" was c:\windows\syswow64\d3dxx11_42.dll
The "TR/DNSChanger.VJ.2 Trojan" was c:\windows\assembly\tmp\u\80000032.@

later in the day it found "TR\Crypt.ULPM.Gen Trojan" at c:\windows\assembly\tmp\kwrd.dll

Also, I might add, Avira seems to find many .exe's as W32/parite. Now I'm not sure if these are actual infections or not, but Avira seems to think so. Some of them are flash executables I have written and other .exes that I have either made or are part of another program. The inconvenient thing is, it has rendered these .exe's useless.

I get a message saying, "blahblahblah.exe The Parameter is incorrect." And then it doesn't work anymore.

The hosts file simply disappears from the folder it is in. windows/system32/drivers/etc, and I've checked it twice in the last 10 hours and it was gone both times. I first noticed it when I first started having the redirecting problem because I went to see if something had modified it, but it wasn't there. So I copied one from a ghost I have of my machine, and copied that file again and named it hosts_copy. Now in the folder is only the hosts_copy as long as the lmhosts.sam, networks, protocol, and services files.

#10 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:11:19 AM

Posted 25 September 2011 - 03:57 PM

Hi luke003,

Also, I might add, Avira seems to find many .exe's as W32/parite. Now I'm not sure if these are actual infections or not, but Avira seems to think so. Some of them are flash executables I have written and other .exes that I have either made or are part of another program. The inconvenient thing is, it has rendered these .exe's useless.

I get a message saying, "blahblahblah.exe The Parameter is incorrect." And then it doesn't work anymore.


Avira tends to detect many false positives, and so detects these legitimate files as infected files. I would suggest you try to restore these files from Avira's quarantine, and if possible, add them to Avira's ignore list (if you keep all of these files in the same folder, you might be able to just add the folder to the ignore list.)

The other option is to uninstall Avira and install one of the other free antivirus programs that I mentioned in a previous post.

The hosts file simply disappears from the folder it is in. windows/system32/drivers/etc, and I've checked it twice in the last 10 hours and it was gone both times. I first noticed it when I first started having the redirecting problem because I went to see if something had modified it, but it wasn't there. So I copied one from a ghost I have of my machine, and copied that file again and named it hosts_copy. Now in the folder is only the hosts_copy as long as the lmhosts.sam, networks, protocol, and services files.


The problem here is that Windows is only able to detect a valid hosts file if it is named HOSTS without any other characters or file extensions in its name. Windows is not able to repopulate this file, so copying the file from a ghost image was the correct thing to do, just rename the file HOSTS, and if you open the file in Notepad, it should look similar to:
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
#       127.0.0.1       localhost
#       ::1             localhost

:step1: Please download SystemLook from here and save it to your Desktop.
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :dir
    c:\windows\syswow64\ /n*.dll /t14 /md5
    c:\windows\syswow64\ /n*.exe /t14 /md5
    c:\windows\assembly\tmp\ /s /n*.dll /t14 /md5
    c:\windows\assembly\tmp\ /s /n*.exe /t14 /md5
    
    :filefind
    ping.exe
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#11 luke003

luke003
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 25 September 2011 - 04:40 PM

Systemlook log

SystemLook 30.07.11 by jpshortstuff
Log created at 16:26 on 25/09/2011 by Luke
Administrator - Elevation successful

========== dir ==========

c:\windows\syswow64 - Parameters: "/n*.dll /t14 /md5"

---Files---
None found.

---Folders---
0409 d------ [05:37 14/07/2009]
040C d------ [05:27 31/03/2011]
1033 d------ [05:29 20/08/2010]
3064 d------ [18:27 21/08/2011]
Adobe d------ [21:26 30/01/2010]
AdvancedInstallers d------ [03:20 14/07/2009]
ar d------ [05:27 31/03/2011]
ar-SA d------ [03:20 14/07/2009]
bg-BG d------ [03:20 14/07/2009]
Branding d------ [15:16 02/11/2006]
ca-ES d------ [05:59 14/09/2010]
catroot d------ [03:20 14/07/2009]
catroot2 d------ [03:20 14/07/2009]
com d------ [03:20 14/07/2009]
config d------ [03:20 14/07/2009]
cs-CZ d------ [03:20 14/07/2009]
css d------ [05:53 20/08/2010]
da-DK d------ [03:20 14/07/2009]
de-DE d------ [03:20 14/07/2009]
directx d------ [21:58 07/12/2010]
Dism d------ [03:20 14/07/2009]
drivers d------ [03:20 14/07/2009]
DriverStore d------ [03:20 14/07/2009]
el-GR d------ [03:20 14/07/2009]
en d------ [05:37 14/07/2009]
en-US d------ [03:20 14/07/2009]
es-ES d------ [03:20 14/07/2009]
et-EE d------ [03:20 14/07/2009]
eu-ES d------ [05:59 14/09/2010]
fi d------ [04:23 31/03/2011]
fi-FI d------ [03:20 14/07/2009]
fr d------ [05:27 31/03/2011]
fr-FR d------ [03:20 14/07/2009]
Futuremark d------ [03:19 14/02/2009]
FxsTmp d------ [05:32 14/07/2009]
GroupPolicy d------ [03:20 14/07/2009]
GroupPolicyUsers d------ [03:20 14/07/2009]
he-IL d------ [03:20 14/07/2009]
hr-HR d------ [03:20 14/07/2009]
html d------ [05:53 20/08/2010]
hu d------ [05:26 31/03/2011]
hu-HU d------ [03:20 14/07/2009]
ias d------ [13:34 02/11/2006]
icsxml d------ [03:20 14/07/2009]
images d------ [05:53 20/08/2010]
IME d------ [03:20 14/07/2009]
inetsrv d------ [03:20 14/07/2009]
InstallShield d------ [03:20 14/07/2009]
it-IT d------ [03:20 14/07/2009]
ja-JP d------ [03:20 14/07/2009]
js d------ [05:53 20/08/2010]
ko-KR d------ [03:20 14/07/2009]
LogFiles d------ [05:32 14/07/2009]
lt-LT d------ [03:20 14/07/2009]
lv-LV d------ [03:20 14/07/2009]
Macromed d------ [18:42 31/01/2009]
manifeststore d------ [03:20 14/07/2009]
migration d------ [03:20 14/07/2009]
migwiz d------ [03:20 14/07/2009]
Msdtc d------ [03:20 14/07/2009]
MUI d------ [03:20 14/07/2009]
nb-NO d------ [03:20 14/07/2009]
NDF d------ [03:20 14/07/2009]
NetworkList d------ [03:20 14/07/2009]
nl-NL d------ [03:20 14/07/2009]
oobe d------ [03:20 14/07/2009]
pl-PL d------ [03:20 14/07/2009]
Printing_Admin_Scripts d------ [05:37 14/07/2009]
pt-BR d------ [03:20 14/07/2009]
pt-PT d------ [03:20 14/07/2009]
ras d------ [03:20 14/07/2009]
Recovery d------ [03:20 14/07/2009]
restore d------ [05:32 14/07/2009]
ro-RO d------ [03:20 14/07/2009]
RTCOM d------ [22:46 11/10/2010]
ru-RU d------ [03:20 14/07/2009]
Setup d------ [03:20 14/07/2009]
sk-SK d------ [03:20 14/07/2009]
sl-SI d------ [03:20 14/07/2009]
slmgr d------ [05:37 14/07/2009]
SLUI d------ [13:34 02/11/2006]
Speech d------ [03:20 14/07/2009]
spool d------ [18:42 31/01/2009]
spp d------ [03:20 14/07/2009]
sppui d------ [03:20 14/07/2009]
sr-Latn-CS d------ [03:20 14/07/2009]
sv-SE d------ [03:20 14/07/2009]
sysprep d------ [05:37 14/07/2009]
Tasks d------ [03:20 14/07/2009]
th-TH d------ [03:20 14/07/2009]
tr-TR d------ [03:20 14/07/2009]
uk-UA d------ [03:20 14/07/2009]
vi-VN d------ [05:59 14/09/2010]
Wat d------ [02:58 17/10/2010]
wbem d------ [03:20 14/07/2009]
WCN d------ [05:37 14/07/2009]
wdi d------ [03:20 14/07/2009]
WindowsPowerShell d------ [05:32 14/07/2009]
winrm d------ [05:37 14/07/2009]
xlive d------ [11:41 20/08/2010]
XPSViewer d------ [15:07 02/11/2006]
zh-CN d------ [03:20 14/07/2009]
zh-HK d------ [03:20 14/07/2009]
zh-TW d------ [03:20 14/07/2009]

c:\windows\syswow64 - Parameters: "/n*.exe /t14 /md5"

---Files---
None found.

---Folders---
0409 d------ [05:37 14/07/2009]
040C d------ [05:27 31/03/2011]
1033 d------ [05:29 20/08/2010]
3064 d------ [18:27 21/08/2011]
Adobe d------ [21:26 30/01/2010]
AdvancedInstallers d------ [03:20 14/07/2009]
ar d------ [05:27 31/03/2011]
ar-SA d------ [03:20 14/07/2009]
bg-BG d------ [03:20 14/07/2009]
Branding d------ [15:16 02/11/2006]
ca-ES d------ [05:59 14/09/2010]
catroot d------ [03:20 14/07/2009]
catroot2 d------ [03:20 14/07/2009]
com d------ [03:20 14/07/2009]
config d------ [03:20 14/07/2009]
cs-CZ d------ [03:20 14/07/2009]
css d------ [05:53 20/08/2010]
da-DK d------ [03:20 14/07/2009]
de-DE d------ [03:20 14/07/2009]
directx d------ [21:58 07/12/2010]
Dism d------ [03:20 14/07/2009]
drivers d------ [03:20 14/07/2009]
DriverStore d------ [03:20 14/07/2009]
el-GR d------ [03:20 14/07/2009]
en d------ [05:37 14/07/2009]
en-US d------ [03:20 14/07/2009]
es-ES d------ [03:20 14/07/2009]
et-EE d------ [03:20 14/07/2009]
eu-ES d------ [05:59 14/09/2010]
fi d------ [04:23 31/03/2011]
fi-FI d------ [03:20 14/07/2009]
fr d------ [05:27 31/03/2011]
fr-FR d------ [03:20 14/07/2009]
Futuremark d------ [03:19 14/02/2009]
FxsTmp d------ [05:32 14/07/2009]
GroupPolicy d------ [03:20 14/07/2009]
GroupPolicyUsers d------ [03:20 14/07/2009]
he-IL d------ [03:20 14/07/2009]
hr-HR d------ [03:20 14/07/2009]
html d------ [05:53 20/08/2010]
hu d------ [05:26 31/03/2011]
hu-HU d------ [03:20 14/07/2009]
ias d------ [13:34 02/11/2006]
icsxml d------ [03:20 14/07/2009]
images d------ [05:53 20/08/2010]
IME d------ [03:20 14/07/2009]
inetsrv d------ [03:20 14/07/2009]
InstallShield d------ [03:20 14/07/2009]
it-IT d------ [03:20 14/07/2009]
ja-JP d------ [03:20 14/07/2009]
js d------ [05:53 20/08/2010]
ko-KR d------ [03:20 14/07/2009]
LogFiles d------ [05:32 14/07/2009]
lt-LT d------ [03:20 14/07/2009]
lv-LV d------ [03:20 14/07/2009]
Macromed d------ [18:42 31/01/2009]
manifeststore d------ [03:20 14/07/2009]
migration d------ [03:20 14/07/2009]
migwiz d------ [03:20 14/07/2009]
Msdtc d------ [03:20 14/07/2009]
MUI d------ [03:20 14/07/2009]
nb-NO d------ [03:20 14/07/2009]
NDF d------ [03:20 14/07/2009]
NetworkList d------ [03:20 14/07/2009]
nl-NL d------ [03:20 14/07/2009]
oobe d------ [03:20 14/07/2009]
pl-PL d------ [03:20 14/07/2009]
Printing_Admin_Scripts d------ [05:37 14/07/2009]
pt-BR d------ [03:20 14/07/2009]
pt-PT d------ [03:20 14/07/2009]
ras d------ [03:20 14/07/2009]
Recovery d------ [03:20 14/07/2009]
restore d------ [05:32 14/07/2009]
ro-RO d------ [03:20 14/07/2009]
RTCOM d------ [22:46 11/10/2010]
ru-RU d------ [03:20 14/07/2009]
Setup d------ [03:20 14/07/2009]
sk-SK d------ [03:20 14/07/2009]
sl-SI d------ [03:20 14/07/2009]
slmgr d------ [05:37 14/07/2009]
SLUI d------ [13:34 02/11/2006]
Speech d------ [03:20 14/07/2009]
spool d------ [18:42 31/01/2009]
spp d------ [03:20 14/07/2009]
sppui d------ [03:20 14/07/2009]
sr-Latn-CS d------ [03:20 14/07/2009]
sv-SE d------ [03:20 14/07/2009]
sysprep d------ [05:37 14/07/2009]
Tasks d------ [03:20 14/07/2009]
th-TH d------ [03:20 14/07/2009]
tr-TR d------ [03:20 14/07/2009]
uk-UA d------ [03:20 14/07/2009]
vi-VN d------ [05:59 14/09/2010]
Wat d------ [02:58 17/10/2010]
wbem d------ [03:20 14/07/2009]
WCN d------ [05:37 14/07/2009]
wdi d------ [03:20 14/07/2009]
WindowsPowerShell d------ [05:32 14/07/2009]
winrm d------ [05:37 14/07/2009]
xlive d------ [11:41 20/08/2010]
XPSViewer d------ [15:07 02/11/2006]
zh-CN d------ [03:20 14/07/2009]
zh-HK d------ [03:20 14/07/2009]
zh-TW d------ [03:20 14/07/2009]

c:\windows\assembly\tmp - Parameters: "/s /n*.dll /t14 /md5"

---Files---
None found.

c:\windows\assembly\tmp\U d--hs-- [02:24 22/09/2011]

c:\windows\assembly\tmp - Parameters: "/s /n*.exe /t14 /md5"

---Files---
None found.

c:\windows\assembly\tmp\U d--hs-- [02:24 22/09/2011]

========== filefind ==========

Searching for "ping.exe"
C:\Windows\System32\PING.EXE --a---- 16896 bytes [00:10 14/07/2009] [01:39 14/07/2009] 5FB30FE90736C7FC77DE637021B1CE7C
C:\Windows\system64\PING.EXE --a---- 16896 bytes [00:10 14/07/2009] [01:39 14/07/2009] 5FB30FE90736C7FC77DE637021B1CE7C
C:\Windows\SysWOW64\PING.EXE --a---- 15360 bytes [23:55 13/07/2009] [01:14 14/07/2009] 6242E3D67787CCBF4E06AD2982853144
C:\Windows\winsxs\amd64_microsoft-windows-ping-utilities_31bf3856ad364e35_6.1.7600.16385_none_052696aea98bcefc\PING.EXE --a---- 16896 bytes [00:10 14/07/2009] [01:39 14/07/2009] 5FB30FE90736C7FC77DE637021B1CE7C
C:\Windows\winsxs\x86_microsoft-windows-ping-utilities_31bf3856ad364e35_6.1.7600.16385_none_a907fb2af12e5dc6\PING.EXE --a---- 15360 bytes [23:55 13/07/2009] [01:14 14/07/2009] 6242E3D67787CCBF4E06AD2982853144

-= EOF =-

***************************************

I was probably unclear earlier. I copied two copies of the host file into the directory. One named hosts, and one named hosts_copy. The latter was in case the file went missing again, I would not have to dig up my ghost again. Now originally, I named it "hosts" and not "HOSTS". Perhaps that was the issue. I have put
another fresh copy in there named HOSTS.

As far as the Avira false positives go, I accidentally let it delete the files completely. I'll have to figure out how to replace them, but thanks for the information regarding the ignore list.

#12 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:11:19 AM

Posted 25 September 2011 - 04:45 PM

Hi luke003,

How's your computer running now?

:step1: I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#13 luke003

luke003
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 26 September 2011 - 12:47 AM

The computer is running fine, as far as I can tell. No redirects, no ping.exe hogging the cpu. Aside from Avira warning me every 20 seconds about something. Hosts file is missing again too.

*************************************
After a 5 hour scan, it's finally done..

C:\$WINDOWS.~Q\DATA\Users\Luke\AppData\Roaming\5EF140AD5EB27BCF47E72A934DBCAF5D\local.ini Win32/Adware.AntimalwareDoctor.AE.Gen application cleaned by deleting - quarantined
C:\$WINDOWS.~Q\DATA\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYH5IRT9\upgrade[1].cab multiple threats deleted - quarantined
C:\Program Files (x86)\Evrsoft First Page 2006\Iscripts\Games\games-scripts.izs JS/BadJoke.KillFiles.A application cleaned by deleting - quarantined
C:\Users\Luke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\56d916ec-46c2ed3c multiple threats deleted - quarantined
C:\Users\Luke\Downloads\August Dump\fp2006-final-3.00-setup.zip JS/BadJoke.KillFiles.A application deleted - quarantined
C:\Users\Luke\Downloads\August Dump\winamp561_full_emusic-7plus_en-us.exe Win32/OpenCandy application deleted - quarantined
C:\Windows\System32\hlp.dat Win32/Bamital.DT trojan cleaned by deleting - quarantined

#14 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:11:19 AM

Posted 26 September 2011 - 09:39 AM

Hi luke003,

Looking good. :thumbup2:

Let's try running Malwarebytes now:


Rerun Malwarebytes
Open Malwarebytes, click on the Update tab, and click the check for Updates button.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

If you have trouble updating, troubleshoot Malwarebytes' Anti-Malware
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#15 luke003

luke003
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 27 September 2011 - 10:36 AM

Ok. Scan is finally done, lol

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7808

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/27/2011 10:34:11 AM
mbam-log-2011-09-27 (10-34-11).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 646159
Time elapsed: 2 hour(s), 2 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users