Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Mevio Google Redirect


  • Please log in to reply
11 replies to this topic

#1 HamMach1

HamMach1

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 30 March 2012 - 02:05 PM

Recently, I have noticed that while I am using Firefox a pop-up will occur but it's just a black (not blank) page and then disappears. Then, as of last night I started being redirected to this Mevio page a lot while google searching. Ran malwarebytes but it found nothing.

What's next?

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:55 AM

Posted 30 March 2012 - 02:09 PM

Can you please run the below:


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are unchecked (leave all others checked):
    • Ignore files larger then 4mb
    • Ignore non-executable files

    Now Perform the scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

SAS Portable
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

Also provide the scan log with malware bytes.

#3 HamMach1

HamMach1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 31 March 2012 - 02:56 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/31/2012 at 02:08 AM

Application Version : 5.0.1146

Core Rules Database Version : 8402
Trace Rules Database Version: 6214

Scan type : Complete Scan
Total Scan Time : 01:02:18

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 703
Memory threats detected : 0
Registry items scanned : 70807
Registry threats detected : 0
File items scanned : 59944
File threats detected : 203

Adware.Tracking Cookie
C:\Users\Remmichmm\AppData\Roaming\Microsoft\Windows\Cookies\E6150OJO.txt [ /atdmt.com ]
C:\Users\Remmichmm\AppData\Roaming\Microsoft\Windows\Cookies\JCA7FQFX.txt [ /c.atdmt.com ]
C:\USERS\REMMICHMM\AppData\Roaming\Microsoft\Windows\Cookies\Low\VLIPT4OZ.txt [ Cookie:remmichmm@atdmt.com/ ]
C:\USERS\REMMICHMM\AppData\Roaming\Microsoft\Windows\Cookies\Low\PNUXW0D8.txt [ Cookie:remmichmm@c.atdmt.com/ ]
C:\USERS\REMMICHMM\Cookies\E6150OJO.txt [ Cookie:remmichmm@atdmt.com/ ]
C:\USERS\REMMICHMM\Cookies\JCA7FQFX.txt [ Cookie:remmichmm@c.atdmt.com/ ]
ad.yieldmanager.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.everyscreenmedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
sales.liveperson.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbooth.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.oggifinogi.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\REMMICHMM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
core.insightexpressai.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
media.heavy.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
media.mtvnservices.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
media1.break.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
media4.onsugar.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
mediabrix.hs.llnwd.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
msnbcmedia.msn.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
objects.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
tag.blutonicmedia.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
tag.mediashakers.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
vitamine.networldmedia.net [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]
www.goodcholesterolcount.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NE6USPTL ]








GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-31 12:49:08
Windows 6.1.7601 Service Pack 1
Running: v6li5izm.exe


---- Files - GMER 1.0.15 ----

File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00260.log 1048576 bytes
File C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00261.log 1048576 bytes

---- EOF - GMER 1.0.15 ----










Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.30.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Remmichmm :: REMMICHMM-PC [administrator]

Protection: Disabled

3/31/2012 12:53:48 PM
mbam-log-2012-03-31 (12-53-48).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 390949
Time elapsed: 54 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)














I hope I did this correctly!

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:55 AM

Posted 31 March 2012 - 03:15 PM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#5 HamMach1

HamMach1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 01 April 2012 - 02:43 AM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Remmichmm (administrator) on 01-04-2012 at 01:38:48
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Marvell Yukon 88E8059 Family PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected)
Intel® Centrino® Advanced-N 6250 AGN = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
Intel® Centrino® WiMAX 6250 = Local Area Connection 2 (Media disconnected)
PdaNet Broadband Adapter = Local Area Connection 3 (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Remmichmm-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : plateautel.net

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : PdaNet Broadband Adapter
Physical Address. . . . . . . . . : 00-26-37-BD-39-42
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6250
Physical Address. . . . . . . . . : 64-D4-DA-1D-34-F8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-23-15-AF-04-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-23-15-AF-04-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6250 AGN
Physical Address. . . . . . . . . : 00-23-15-AF-04-C8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : plateautel.net
Description . . . . . . . . . . . : Marvell Yukon 88E8059 Family PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : E8-11-32-0F-58-BE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9491:ea8a:a19c:2ae2%10(Preferred)
IPv4 Address. . . . . . . . . . . : 67.209.196.70(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Lease Obtained. . . . . . . . . . : Saturday, March 31, 2012 12:50:09 PM
Lease Expires . . . . . . . . . . : Sunday, April 01, 2012 5:29:04 AM
Default Gateway . . . . . . . . . : 67.209.192.1
DHCP Server . . . . . . . . . . . : 74.50.130.104
DHCPv6 IAID . . . . . . . . . . . : 234890324
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-89-FD-1A-00-24-54-B3-EF-F7
DNS Servers . . . . . . . . . . . : 74.50.130.108
74.50.130.109
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{57ADFB7B-3D8B-456D-8F10-8B70E96626B2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{04210AE3-C220-417D-B969-A5FE055855B5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0B2A7C02-18DC-40A3-8D98-8C286BC46A5C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7E0AD8DA-D011-4742-80D1-2C53026CF929}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0091895D-E03F-4A9F-942B-774B46DA73BB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.plateautel.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.45.101] with 32 bytes of data:
Reply from 74.125.45.101: bytes=32 time=56ms TTL=50
Reply from 74.125.45.101: bytes=32 time=53ms TTL=50

Ping statistics for 74.125.45.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 53ms, Maximum = 56ms, Average = 54ms

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=119ms TTL=55
Reply from 209.191.122.70: bytes=32 time=35ms TTL=55

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 119ms, Average = 77ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...00 26 37 bd 39 42 ......PdaNet Broadband Adapter
14...64 d4 da 1d 34 f8 ......Intel® Centrino® WiMAX 6250
13...00 23 15 af 04 c9 ......Microsoft Virtual WiFi Miniport Adapter #2
12...00 23 15 af 04 c9 ......Microsoft Virtual WiFi Miniport Adapter
11...00 23 15 af 04 c8 ......Intel® Centrino® Advanced-N 6250 AGN
10...e8 11 32 0f 58 be ......Marvell Yukon 88E8059 Family PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 67.209.192.1 67.209.196.70 30
67.209.192.0 255.255.240.0 On-link 67.209.196.70 286
67.209.196.70 255.255.255.255 On-link 67.209.196.70 286
67.209.207.255 255.255.255.255 On-link 67.209.196.70 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 67.209.196.70 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 67.209.196.70 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 286 fe80::/64 On-link
10 286 fe80::9491:ea8a:a19c:2ae2/128
On-link
1 306 ff00::/8 On-link
10 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/31/2012 06:56:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9126

Error: (03/31/2012 06:56:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9126

Error: (03/31/2012 06:56:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/31/2012 06:56:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8127

Error: (03/31/2012 06:56:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8127

Error: (03/31/2012 06:56:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/31/2012 06:56:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7129

Error: (03/31/2012 06:56:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7129

Error: (03/31/2012 06:56:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/31/2012 06:56:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6131


System errors:
=============
Error: (04/01/2012 01:29:05 AM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (04/01/2012 01:29:05 AM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/31/2012 11:29:21 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/31/2012 09:29:00 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/31/2012 07:29:01 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/31/2012 07:29:00 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/31/2012 07:28:59 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/31/2012 06:56:56 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/31/2012 06:55:36 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (03/31/2012 04:55:11 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.


Microsoft Office Sessions:
=========================
Error: (03/31/2012 06:56:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9126

Error: (03/31/2012 06:56:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9126

Error: (03/31/2012 06:56:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/31/2012 06:56:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8127

Error: (03/31/2012 06:56:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8127

Error: (03/31/2012 06:56:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/31/2012 06:56:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7129

Error: (03/31/2012 06:56:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7129

Error: (03/31/2012 06:56:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/31/2012 06:56:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6131


=========================== Installed Programs ============================

???? ??? Windows Live (Version: 15.4.3502.0922)
???? Windows Live (Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)
???????? ?? Messenger (Version: 15.4.3502.0922)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
????????? Messenger (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
µTorrent (Version: 3.1.3)
Adobe AIR (Version: 1.5.2.8870)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.228)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.228)
Adobe Reader 9.4.3 (Version: 9.4.3)
AIM 7
„Messenger“ pagalbine priemone (Version: 15.4.3502.0922)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
„Windows Live Essentials“ (Version: 15.4.3502.0922)
„Windows Live Mail“ (Version: 15.4.3502.0922)
„Windows Live Messenger“ (Version: 15.4.3502.0922)
„Windows Live“ fotogalerija (Version: 15.4.3502.0922)
BatteryLifeExtender (Version: 1.0.10)
Best Buy pc app (Version: 3.0.0.0)
Bing Bar (Version: 6.3.2291.0)
Bing Bar Platform (Version: 6.3.2291.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
ChargeableUSB (Version: 1.0.0.0)
Complemento Messenger (Version: 15.4.3502.0922)
Complément Messenger (Version: 15.4.3502.0922)
Conduit Engine (Version: )
CyberLink DVD Suite (Version: 6.0.2806)
CyberLink LabelPrint (Version: 2.5.1916)
CyberLink Power2Go (Version: 6.0.3108a)
CyberLink PowerDirector (Version: 7.0.3213)
CyberLink PowerDVD 8 (Version: 8.0.2815b)
CyberLink PowerProducer (Version: 5.0.1.1812)
CyberLink YouCam (Version: 2.0.3911)
D3DX10 (Version: 15.4.2368.0902)
Doplnok programu Messenger (Version: 15.4.3502.0922)
Download Updater (AOL LLC)
Easy Content Share (Version: 1.0)
Easy Display Manager (Version: 3.2)
Easy Network Manager (Version: 4.4.3)
Easy SpeedUp Manager (Version: 2.1.0.15)
EasyBatteryManager (Version: 4.0.0.4)
EasyFileShare (Version: 1.0.11)
ETDWare PS/2-X64 8.0.7.1_WHQL (Version: 8.0.7.1)
Fallout 3 (Version: 1.00.0000)
Fast Start (Version: 2.2.0.0)
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 18.0.1025.142)
HP Deskjet 1050 J410 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1050 J410 series Help (Version: 140.0.66.66)
HP Photo Creations (Version: 1.0.0.3781)
Intel PROSet Wireless
Intel WiMAX Tutorial (Version: 1.5.3.1)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.04.0000)
Intel® Rapid Storage Technology (Version: 9.6.3.1001)
Intel® Turbo Boost Technology Monitor (Version: 1.0.400.4)
Intel® Wireless Display
Intel® Wireless Display (Version: 1.3.9.0)
Intel® PROSet/Wireless WiMAX Software (Version: 2.03.2000)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (64-bit) (Version: 6.0.300)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 15.4.3502.0922)
Last.fm 1.5.4.27091
LiveLink (Version: 6.5.0)
LiveLoad Ford (Version: 2.2.12.1)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Marvell Miniport Driver (Version: 11.29.1.3)
Mesh Runtime (Version: 15.4.5722.2)
Messenger-kumppani (Version: 15.4.3502.0922)
Messenger ??? ?? (Version: 15.4.3502.0922)
Messenger ???? (Version: 15.4.3502.0922)
Messenger ????? (Version: 15.4.3502.0922)
Messenger Assistent (Version: 15.4.3502.0922)
Messenger Companion (Version: 15.4.3502.0922)
Messenger kíséro (Version: 15.4.3502.0922)
Messenger Pratilac (Version: 15.4.3502.0922)
Messenger Suradnik (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MultimediaPOP (Version: 1.1)
Norton Online Backup (Version: 2.1.17869)
NVIDIA Control Panel 266.72 (Version: 266.72)
NVIDIA Graphics Driver 266.72 (Version: 266.72)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.15 (Version: 1.0.15)
NVIDIA Update Components (Version: 1.0.15)
NVIDIA Updatus (Version: 1.0.3)
PC Optimizer Pro (Version: 6.1.5.3)
PdaNet for Android 3.02
Poczta uslugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Pomocnik Messenger (Version: 15.4.3502.0922)
Pošta Windows Live (Version: 15.4.3502.0922)
QuickTime (Version: 7.69.80.9)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.6176)
RealUpgrade 1.1 (Version: 1.1.0)
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
Samsung AnyWeb Print (Version: 1.0)
Samsung AnyWeb Print (Version: 1.1.21.0)
Samsung Recovery Solution 5 (Version: 5.0.0.7)
Samsung Support Center (Version: 1.1.18)
Samsung Update Plus (Version: 3.0.0.17)
SCTDriversV1011x64 (Version: 10.11.1)
Skype™ 5.8 (Version: 5.8.156)
Spremljevalec Messenger (Version: 15.4.3502.0922)
SRS Premium Sound Control Panel (Version: 1.8.8100)
SUPERAntiSpyware (Version: 5.0.1146)
Synaptics Pointing Device Driver (Version: 15.3.22.0)
System Requirements Lab CYRI (Version: 4.4.26.0)
Trend Micro Titanium (Version: 1.0)
Trend Micro Titanium (Version: 2.20)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
User Guide (Version: 1.0)
uTorrentBar Toolbar (Version: 6.2.7.3)
VLC media player 1.1.7 (Version: 1.1.7)
Winamp (Version: 5.61 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live ?? (Version: 15.4.3502.0922)
Windows Live ?? ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Foto-galerija (Version: 15.4.3502.0922)
Windows Live fotoattelu galerija (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Pošta (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
WinRAR archiver
WModem Driver Installer (Version: 2.0.6.13)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 3882.17 MB
Available physical RAM: 2508.02 MB
Total Pagefile: 7762.53 MB
Available Pagefile: 5347.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.56 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232 GB) (Free:152.63 GB) NTFS
2 Drive d: () (Fixed) (Total:346.39 GB) (Free:315.78 GB) NTFS
3 Drive e: (Kelsey & Matt We) (CDROM) (Total:4.26 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\REMMICHMM-PC

Administrator Guest Remmichmm
UpdatusUser

========================= Minidump Files ==================================

No minidump file found

**** End of log ****












I also received this message a couple if times:

The ordinal 1108 could not be located in the dynamic link library wsock32.dll



#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:55 AM

Posted 01 April 2012 - 01:20 PM

Please follow this guide: How do I reset the hosts file?

#7 HamMach1

HamMach1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 01 April 2012 - 04:42 PM

Okay, I ran the fix it and restarted my computer.

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:55 AM

Posted 01 April 2012 - 05:25 PM

Do you get the google redirect?

#9 HamMach1

HamMach1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 01 April 2012 - 06:29 PM

Do you get the google redirect?


yes. :(

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:55 AM

Posted 01 April 2012 - 08:00 PM

Please download and run TDSS Killer and post the resulting log. PLEASE DO NOT FIX ANYTHING, if it asks you to.

#11 HamMach1

HamMach1
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:55 AM

Posted 02 April 2012 - 02:56 AM

I got:

Backdoor.Multi.ZAccess.gen
Service: tlntsvr
Malware object, high risk

#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:07:55 AM

Posted 02 April 2012 - 09:35 AM

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic. If you receive a reply from the HelpBot, then please follow the instructions outlined in the helpbot's post.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users