Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Annoying Google Search Redirect


  • Please log in to reply
11 replies to this topic

#1 gj101

gj101

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 02 April 2012 - 11:27 AM

Hello Gents -

Like a few other posts I've seen when I do a Google search I'm being redirected to some other random search site. It doesn't necessarily happen everytime, but usually if I click the first result quickly it'll redirect.

My PC (running Windows 7 64b) performance seems stable (for my video editing) and my internet connection does not seem to have suffered. I run avast! Antivirus and it's great but I think something slipped through the cracks.

I haven't run anything to fix the problem...I'm leaving it up to you experts to kindly guide me through. :)

Thanks!
G

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:42 PM

Posted 02 April 2012 - 11:33 AM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 gj101

gj101
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 02 April 2012 - 12:31 PM

Thanks Broni - I will post results here soon!

G

#4 gj101

gj101
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 02 April 2012 - 12:46 PM

Ok - here we go!


Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
avast! Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 29
Adobe Reader X (10.1.2)
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

MediaMall MediaMallServer.exe
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
``````````End of Log````````````



Farbar Service Scanner Version: 01-03-2012
Ran by Gerard (administrator) on 02-04-2012 at 12:34:44
Running from "C:\Users\Gerard\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Attempt to access Yahoo IP returend error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Defender:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


MiniToolBox by Farbar Version: 18-01-2012
Ran by Gerard (administrator) on 02-04-2012 at 12:36:18
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



::1 localhost0.0.0.0 localhost
0.0.0.0 localhost
0.0.0.0 localhost

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com

There are 37 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCI GBE Family Controller = VideoBoxx (Connected)
Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = Local Area Connection 2 (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.7 metric=1 publish=Yes
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled metric=1 nud=enabled
add address name="Local Area Connection 2" address=192.168.16.84 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Workhorse
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : telerik.com
telerik.com
sitefinity.com
imaginets.net
imaginets.com
gateway.2wire.net

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : telerik.com
Description . . . . . . . . . . . : Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Physical Address. . . . . . . . . : 00-05-9A-3C-7A-00
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c871:cc6d:e490:ef05%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.16.84(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 419431834
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-E8-3D-6B-BC-AE-C5-33-5C-6F
DNS Servers . . . . . . . . . . . : 192.168.4.10
192.168.0.171
Primary WINS Server . . . . . . . : 192.168.4.10
Secondary WINS Server . . . . . . : 192.168.0.171
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VideoBoxx:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCI GBE Family Controller
Physical Address. . . . . . . . . : BC-AE-C5-33-5C-6F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fc35:e95:9307:199%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.68(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, March 31, 2012 3:26:43 PM
Lease Expires . . . . . . . . . . : Tuesday, April 03, 2012 3:26:46 AM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 247246533
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-E8-3D-6B-BC-AE-C5-33-5C-6F
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:c53:2720:93a0:6bdb(Preferred)
Link-local IPv6 Address . . . . . : fe80::c53:2720:93a0:6bdb%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.telerik.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : telerik.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dc4.telerik.com
Address: 192.168.4.10


Pinging google.com [74.125.227.68] with 32 bytes of data:
Reply from 74.125.227.68: bytes=32 time=28ms TTL=52
Reply from 74.125.227.68: bytes=32 time=27ms TTL=52

Ping statistics for 74.125.227.68:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 27ms, Maximum = 28ms, Average = 27ms
Server: dc4.telerik.com
Address: 192.168.4.10


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=60ms TTL=44
Reply from 209.191.122.70: bytes=32 time=60ms TTL=44

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 60ms, Maximum = 60ms, Average = 60ms
Server: dc4.telerik.com
Address: 192.168.4.10


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...00 05 9a 3c 7a 00 ......Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
10...bc ae c5 33 5c 6f ......Realtek PCI GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.68 20
10.1.1.0 255.255.255.0 On-link 192.168.16.84 2
10.1.1.255 255.255.255.255 On-link 192.168.16.84 257
10.5.1.0 255.255.255.0 On-link 192.168.16.84 2
10.5.1.255 255.255.255.255 On-link 192.168.16.84 257
10.10.10.240 255.255.255.240 On-link 192.168.16.84 2
10.10.10.255 255.255.255.255 On-link 192.168.16.84 257
10.10.11.0 255.255.255.240 On-link 192.168.16.84 2
10.10.11.15 255.255.255.255 On-link 192.168.16.84 257
64.197.98.131 255.255.255.255 192.168.1.254 192.168.1.68 21
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 192.168.1.7 192.168.1.68 21
172.16.10.0 255.255.255.0 On-link 192.168.16.84 2
172.16.10.255 255.255.255.255 On-link 192.168.16.84 257
172.16.20.0 255.255.255.0 On-link 192.168.16.84 2
172.16.20.255 255.255.255.255 On-link 192.168.16.84 257
192.168.0.0 255.255.255.0 On-link 192.168.16.84 2
192.168.0.255 255.255.255.255 On-link 192.168.16.84 257
192.168.1.0 255.255.255.0 On-link 192.168.16.84 2
192.168.1.68 255.255.255.255 On-link 192.168.1.68 276
192.168.1.254 255.255.255.255 On-link 192.168.1.68 21
192.168.1.255 255.255.255.255 On-link 192.168.16.84 257
192.168.3.0 255.255.255.0 On-link 192.168.16.84 2
192.168.3.255 255.255.255.255 On-link 192.168.16.84 257
192.168.4.0 255.255.255.0 On-link 192.168.16.84 2
192.168.4.255 255.255.255.255 On-link 192.168.16.84 257
192.168.5.0 255.255.255.0 On-link 192.168.16.84 2
192.168.5.255 255.255.255.255 On-link 192.168.16.84 257
192.168.6.0 255.255.255.0 On-link 192.168.16.84 2
192.168.6.255 255.255.255.255 On-link 192.168.16.84 257
192.168.7.0 255.255.255.0 On-link 192.168.16.84 2
192.168.7.255 255.255.255.255 On-link 192.168.16.84 257
192.168.9.0 255.255.255.0 On-link 192.168.16.84 2
192.168.9.255 255.255.255.255 On-link 192.168.16.84 257
192.168.10.100 255.255.255.255 On-link 192.168.16.84 2
192.168.10.101 255.255.255.255 On-link 192.168.16.84 2
192.168.10.102 255.255.255.255 On-link 192.168.16.84 2
192.168.12.0 255.255.255.0 On-link 192.168.16.84 2
192.168.12.255 255.255.255.255 On-link 192.168.16.84 257
192.168.13.0 255.255.255.0 On-link 192.168.16.84 2
192.168.13.255 255.255.255.255 On-link 192.168.16.84 257
192.168.15.2 255.255.255.255 On-link 192.168.16.84 2
192.168.16.0 255.255.255.0 On-link 192.168.16.84 257
192.168.16.84 255.255.255.255 On-link 192.168.16.84 257
192.168.16.255 255.255.255.255 On-link 192.168.16.84 257
192.168.48.0 255.255.240.0 On-link 192.168.16.84 2
192.168.63.255 255.255.255.255 On-link 192.168.16.84 257
192.168.104.0 255.255.254.0 On-link 192.168.16.84 2
192.168.105.255 255.255.255.255 On-link 192.168.16.84 257
192.168.110.0 255.255.255.0 On-link 192.168.16.84 2
192.168.110.255 255.255.255.255 On-link 192.168.16.84 257
192.168.113.0 255.255.255.0 On-link 192.168.16.84 2
192.168.113.255 255.255.255.255 On-link 192.168.16.84 257
192.168.114.0 255.255.255.0 On-link 192.168.16.84 2
192.168.114.255 255.255.255.255 On-link 192.168.16.84 257
192.168.116.0 255.255.255.0 On-link 192.168.16.84 2
192.168.116.255 255.255.255.255 On-link 192.168.16.84 257
192.168.254.0 255.255.255.252 On-link 192.168.16.84 2
192.168.254.3 255.255.255.255 On-link 192.168.16.84 257
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.68 276
224.0.0.0 240.0.0.0 On-link 192.168.16.84 257
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.68 276
255.255.255.255 255.255.255.255 On-link 192.168.16.84 257
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.1.7 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:79fd:c53:2720:93a0:6bdb/128
On-link
12 306 fe80::/64 On-link
12 306 fe80::c53:2720:93a0:6bdb/128
On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/02/2012 00:30:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (04/02/2012 00:09:53 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {aed2a811-0c4e-416a-866a-feb92dc672b5}

Error: (04/02/2012 00:04:29 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {aed2a811-0c4e-416a-866a-feb92dc672b5}

Error: (04/02/2012 00:04:27 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {aed2a811-0c4e-416a-866a-feb92dc672b5}

Error: (04/02/2012 00:04:25 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {aed2a811-0c4e-416a-866a-feb92dc672b5}

Error: (04/02/2012 00:00:28 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {aed2a811-0c4e-416a-866a-feb92dc672b5}

Error: (04/02/2012 00:00:20 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {aed2a811-0c4e-416a-866a-feb92dc672b5}

Error: (04/01/2012 00:10:46 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {312a2900-fa61-4d15-84f9-c2d459156b96}

Error: (04/01/2012 00:04:49 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {312a2900-fa61-4d15-84f9-c2d459156b96}

Error: (04/01/2012 00:04:47 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(.DEFAULT). hr = 0x80070539, The security ID structure is invalid.
.


Operation:
OnIdentify event
Gathering Writer Data

Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {312a2900-fa61-4d15-84f9-c2d459156b96}


System errors:
=============
Error: (04/02/2012 10:48:34 AM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/02/2012 09:51:04 AM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/02/2012 05:54:26 AM) (Source: DCOM) (User: )
Description: {79A9A94F-4BA0-4D6C-B512-842F96ED1682}

Error: (04/02/2012 00:04:25 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (04/01/2012 00:04:45 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (03/31/2012 03:26:48 PM) (Source: Service Control Manager) (User: )
Description: The NEWDRIVER service failed to start due to the following error:
%%2

Error: (03/31/2012 00:04:47 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (03/30/2012 08:38:19 AM) (Source: DCOM) (User: )
Description: {79A9A94F-4BA0-4D6C-B512-842F96ED1682}

Error: (03/30/2012 00:05:43 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (03/29/2012 03:25:29 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was generated: 10. The internal error state is 10.


Microsoft Office Sessions:
=========================
Error: (03/30/2011 06:03:51 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 50100 seconds with 120 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 2.2.1)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Audition CS5.5 (Version: 4.0)
Adobe Community Help (Version: 3.5.23)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.228)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.228)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adv. Zip Repair v1.53
AMD Drag and Drop Transcoding (Version: 2.00.0000)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ASUS Ai Charger (Version: 1.00.06)
AT&T Troubleshoot & Resolve Tool
ATI Catalyst Install Manager (Version: 3.0.808.0)
ATI Catalyst Registration (Version: 3.00.0000)
ATI Stream SDK v2 Developer (Version: 2.3.0.0)
att.net Internet Mail
Audacity 1.3.13 (Unicode)
avast! Free Antivirus (Version: 7.0.1426.0)
Bonjour (Version: 3.0.0.10)
Boris Continuum Complete 7 Adobe CS5 (Version: 7.0.6)
Boris Continuum Complete 8 Adobe CS5 (Version: 8.0.1)
Boxee
BOXXView
BurnAware Free 3.1.3
CameraHelperMsi (Version: 13.25.1010.0)
CameraTracker 1.0v1 (64 bit) for AE
Camtasia Studio 7 (Version: 7.1.1)
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 2.0
Canon MP620 series MP Drivers
Canon Utilities Solution Menu
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0104.2155.39304)
Catalyst Control Center InstallProxy (Version: 2011.0104.2155.39304)
ccc-core-static (Version: 2011.0104.2155.39304)
ccc-utility64 (Version: 2011.0104.2155.39304)
CCC Help English (Version: 2011.0104.2154.39304)
CINEMA 4D 12.048 (Version: 12.048)
CINEMA 4D 13.051 (Version: 13.051)
Cisco AnyConnect VPN Client (Version: 2.5.0217)
Contour Storyteller (Version: 3.2.4)
ConvertHelper 2.2
dBpoweramp Aiff Codec (Version: Release 7)
dBpoweramp DSP Effects (Version: Release 3)
dBpoweramp FLAC Codec (Version: Release 12 (FLAC 1.2.1))
dBpoweramp m4a Codec (Version: Release 8)
dBpoweramp Monkeys Audio Codec
dBpoweramp Music Converter (Version: Release 13.1)
deskPDF 2.5 Professional Edition
Docudesk GPL Ghostscript 8.15
Dropbox (Version: 1.3.27)
EnFuzion3D-10.2.6-Windows-32bit
erLT (Version: 1.20.138.34)
Extensis Suitcase Fusion 2 (Version: 13.0.0)
Facebook Messenger 2.0.4447.0 (Version: 2.0.4447.0)
ffdshow [rev 2033] [2008-07-05] (Version: 1.0)
FileZilla Client 3.5.1 (Version: 3.5.1)
FlipShare (Version: 5.12.3.0)
GenArts Sapphire Plug-ins 5.01 for After Effects and Compatible
GenArts Sapphire RLM Server 8.0.5.1
GoodSync (Version: 8.3.2.2)
Google Chrome (Version: 15.0.874.106)
Google Earth Pro 4.2
Google Gmail Notifier
Google Talk Plugin (Version: 2.2.2.0)
GoToMeeting 4.8.0.723 (Version: 4.8.0.723)
iCloud (Version: 1.1.0.40)
Intel® Matrix Storage Manager
iTunes (Version: 10.6.0.40)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 26 (64-bit) (Version: 6.0.260)
Java™ 6 Update 29 (Version: 6.0.290)
JMicron JMB36X Driver (Version: 1.17.56.2)
Knoll 3D Flares (Version: 1.1.0)
Knoll Light Factory (Version: 2.7.0)
Logitech Webcam Software (Version: 2.0)
LogMeIn (Version: 4.1.1578)
LWS Facebook (Version: 13.20.1166.0)
LWS Gallery (Version: 13.20.1166.0)
LWS Help_main (Version: 13.25.1016.0)
LWS Launcher (Version: 13.10.1224.0)
LWS Motion Detection (Version: 13.20.1176.0)
LWS Pictures And Video (Version: 13.25.1010.0)
LWS Twitter (Version: 13.20.1166.0)
LWS Video Mask Maker (Version: 13.10.1216.0)
LWS VideoEffects (Version: 13.00.1774.0)
LWS Webcam Software (Version: 13.20.1168.0)
LWS WLM Plugin (Version: 1.20.1166.0)
LWS YouTube Plugin (Version: 13.20.1166.0)
Magic Bullet Colorista (Version: 1.1.0)
Magic Bullet Colorista II 64 Bit (Version: 1.0)
Magic Bullet Looks (Version: 1.4.0)
Magic Bullet LooksBuilder
Magic Bullet Mojo (Version: 1.2.0)
Magic Bullet Quick LooksBuilder
Magic Bullet QuickLooks (Version: 1.3.0)
Magic Bullet Suite 2.0
Magic Bullet Suite 2.1
marvell 91xx driver (Version: 1.0.0.1034)
MediaMonkey 4.0 (Version: 4.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Lync 2010 (Version: 4.0.7577.4061)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 10.0.1 (x86 en-US) (Version: 10.0.1)
MsiDropper (Version: 1.0.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Manager
NET Render Server 12.016 (Version: 12.016)
O3D Extras (Version: 0.1.1.0)
O3D Plugin (Version: 0.1.42.3)
Octoshape add-in for Adobe Flash Player
OpenAL
PDF Settings CS5 (Version: 10.0)
PDFCreator (Version: 1.2.0)
pdfforge Toolbar v4.6 (Version: 4.6)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
Picasa 3 (Version: 3.8)
Picasa Uploader (Version: 0.3)
PlayOn (Version: 3.4.27)
Poser Pro 2012 (Version: 9.0.0)
PoserContent2012 (Version: 9.0.0)
PoserFusion 2012 for Cinema 4D
Primatte Keyer (Version: 4.1.0)
PTGui Pro 7.0
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6037)
Red Giant PlaneSpace 64 bit (Version: 1.4.0)
Red Giant Text Anarchy (Version: 2.4)
Red Giant ToonIt
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0)
Revo Uninstaller Pro 2.5.7 (Version: 2.5.7)
Scan to PDF (Version: 2.50)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
Sorenson Squeeze 7.0 (Version: 7.0.0)
Spotify (Version: 0.5.2)
Spotify (Version: 0.8.2.610.g090a06f8)
ToonIt (Version: 2.1)
Trapcode 3D Stroke (Version: 2.6.0)
Trapcode EchoSpace (Version: 1.1.0)
Trapcode Form (Version: 1.1.0)
Trapcode Horizon (Version: 1.1.0)
Trapcode Lux (Version: 1.1.0)
Trapcode Particular (Version: 2.1.0)
Trapcode Shine (Version: 1.6.0)
Trapcode SoundKeys (Version: 1.2.0)
Trapcode Starglow (Version: 1.6.0)
TreeSize Free V2.5 (Version: 2.5)
Uninstall A Ruler for Windows (Version: 2.4)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VirtualCloneDrive
VLC media player 1.1.11 (Version: 1.1.11)
Vue 9.5 Infinite RenderCow 64bit (Version: 9.5)
Vue 9.5 xStream 64bit (Version: 9.5)
Wacom Tablet (Version: 6.1.6-7)
WebTablet IE Plugin (Version: 1.1.0.7)
WebTablet Netscape Plugin (Version: 1.1.0.5)
WMV9/VC-1 Video Playback (Version: 1.00.0000)
YTD YouTube Downloader & Converter 3.6

========================= Devices: ================================

Name: Canon MP620 ser Network
Description: Canon MP620 ser Network
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 12279.11 MB
Available physical RAM: 7560.9 MB
Total Pagefile: 24556.42 MB
Available Pagefile: 18666.87 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.63 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:119.24 GB) (Free:10.27 GB) NTFS
2 Drive d: (TERABYTE) (Fixed) (Total:931.51 GB) (Free:139.14 GB) NTFS
7 Drive j: (Mr Orange) (Fixed) (Total:298.09 GB) (Free:30.27 GB) NTFS
8 Drive l: (gSATA) (Fixed) (Total:1863.01 GB) (Free:956.78 GB) NTFS

========================= Users: ========================================

User accounts for \\WORKHORSE

Administrator Gerard Guest
render


**** End of log ****

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.02.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Gerard :: WORKHORSE [administrator]

Protection: Enabled

4/2/2012 12:39:25 PM
mbam-log-2012-04-02 (12-39-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224103
Time elapsed: 2 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Urekofafahinal (Trojan.Agent.U) -> Data: rundll32.exe "C:\Users\Gerard\AppData\Local\lsMSP2.dll",Startup -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Gerard\AppData\Local\Temp\arg137425.exe (Exploit.Drop) -> Quarantined and deleted successfully.

(end)


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-02 12:43:41
-----------------------------
12:43:41.435 OS Version: Windows x64 6.1.7601 Service Pack 1
12:43:41.435 Number of processors: 8 586 0x1A05
12:43:41.436 ComputerName: WORKHORSE UserName: Gerard
12:43:41.838 Initialize success
12:43:44.759 AVAST engine defs: 12040200
12:44:09.352 Disk 0 \Device\Harddisk0\DR0 -> \Device\Scsi\JRAID1Port0Path0Target0Lun0
12:44:09.355 Disk 0 Vendor: ST2000DL CC23 Size: 1907729MB BusType: 8
12:44:09.359 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
12:44:09.361 Disk 1 Vendor: ST31000528AS CC34 Size: 953869MB BusType: 3
12:44:09.366 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-3
12:44:09.369 Disk 2 Vendor: ST31000528AS CC34 Size: 953869MB BusType: 3
12:44:09.373 Disk 3 (boot) \Device\Harddisk3\DR3 -> \Device\Scsi\mv91xx1Port5Path0Target0Lun0
12:44:09.377 Disk 3 Vendor: C300-CTF 0006 Size: 122104MB BusType: 11
12:44:09.382 Disk 3 MBR read successfully
12:44:09.386 Disk 3 MBR scan
12:44:09.391 Disk 3 Windows 7 default MBR code
12:44:09.395 Disk 3 Partition 1 80 (A) 07 HPFS/NTFS NTFS 122102 MB offset 2048
12:44:09.400 Disk 3 scanning C:\Windows\system32\drivers
12:44:10.690 Service scanning
12:44:14.429 Modules scanning
12:44:14.436 Disk 3 trace - called modules:
12:44:14.444 ntoskrnl.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll mv91xx.sys
12:44:14.450 1 nt!IofCallDriver -> \Device\Harddisk3\DR3[0xfffffa800ad0c060]
12:44:14.456 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\Scsi\mv91xx1Port5Path0Target0Lun0[0xfffffa800a3c7050]
12:44:14.716 AVAST engine scan C:\Windows
12:44:15.014 AVAST engine scan C:\Windows\system32
12:44:48.123 AVAST engine scan C:\Windows\system32\drivers
12:44:50.963 AVAST engine scan C:\Users\Gerard
12:45:18.939 Disk 3 MBR has been saved successfully to "C:\Users\Gerard\Desktop\MBR.dat"
12:45:18.944 The log file has been saved successfully to "C:\Users\Gerard\Desktop\aswMBR.txt"

#5 gj101

gj101
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 06 April 2012 - 04:57 PM

Hi Broni - just touching base...any suggestions on how to fix?

Thanks!
G

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:42 PM

Posted 06 April 2012 - 05:01 PM

I'm sorry. It looks like an email notification missed me :)

Which browser is getting redirected?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 gj101

gj101
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 06 April 2012 - 05:01 PM

No worries...it's Chrome...

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:42 PM

Posted 06 April 2012 - 05:07 PM

Can you check if Internet Explorer is affected as well?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 gj101

gj101
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 06 April 2012 - 05:15 PM

IE/FF seem to be ok...

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:42 PM

Posted 06 April 2012 - 05:20 PM

Since I don't see anything malicious in your logs I suggest you reinstall Chrome.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 gj101

gj101
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 06 April 2012 - 05:38 PM

So far so good Broni...however I'm leaving town for the weekend but on Monday I'll give it a good test. Thanks again...have a great weekend! :)

G

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:42 PM

Posted 06 April 2012 - 05:55 PM

Same to you :)

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users