Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Issue


  • Please log in to reply
5 replies to this topic

#1 jaxxmale

jaxxmale

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 22 July 2012 - 04:17 PM

Hi,

Ever so often when I click on a search result on Google I get redirected to a site like http://213.174.148.4/service/?49a23f008ca1433984a6e9a605fee074_0. My antivirus (AVG) isn't picking up any inflections and I can't find the cause of the problem. Please help me!!

Thanks in advance, Jack

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:58 AM

Posted 22 July 2012 - 04:34 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 jaxxmale

jaxxmale
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 25 July 2012 - 02:31 AM

21:45:33.0369 117664 TDSS rootkit removing tool 2.7.47.0 Jul 20 2012 20:36:30
21:45:37.0384 117664 ============================================================
21:45:37.0384 117664 Current date / time: 2012/07/24 21:45:37.0384
21:45:37.0384 117664 SystemInfo:
21:45:37.0384 117664
21:45:37.0384 117664 OS Version: 6.0.6002 ServicePack: 2.0
21:45:37.0384 117664 Product type: Workstation
21:45:37.0384 117664 ComputerName: JACK-LAPTOP
21:45:37.0384 117664 UserName: Jack
21:45:37.0384 117664 Windows directory: C:\Windows
21:45:37.0384 117664 System windows directory: C:\Windows
21:45:37.0384 117664 Processor architecture: Intel x86
21:45:37.0384 117664 Number of processors: 2
21:45:37.0384 117664 Page size: 0x1000
21:45:37.0384 117664 Boot type: Normal boot
21:45:37.0384 117664 ============================================================
21:45:40.0918 117664 Drive \Device\Harddisk1\DR1 - Size: 0x76E480000 (29.72 Gb), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
21:45:40.0948 117664 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:45:40.0958 117664 Drive \Device\Harddisk1\DR1 - Size: 0x76E480000 (29.72 Gb), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:45:40.0958 117664 Drive \Device\Harddisk2\DR16 - Size: 0xE8E0B00000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:45:45.0976 117664 Drive \Device\Harddisk3\DR17 - Size: 0x3BA300000 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:45:45.0992 117664 ============================================================
21:45:45.0992 117664 \Device\Harddisk1\DR1:
21:45:45.0992 117664 MBR partitions:
21:45:45.0992 117664 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400
21:45:45.0992 117664 \Device\Harddisk0\DR0:
21:45:46.0039 117664 MBR partitions:
21:45:46.0039 117664 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1802000, BlocksNum 0x38499800
21:45:46.0039 117664 \Device\Harddisk1\DR1:
21:45:46.0039 117664 MBR partitions:
21:45:46.0039 117664 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400
21:45:46.0039 117664 \Device\Harddisk2\DR16:
21:45:46.0039 117664 MBR partitions:
21:45:46.0039 117664 \Device\Harddisk2\DR16\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747057C1
21:45:46.0039 117664 \Device\Harddisk3\DR17:
21:45:46.0039 117664 MBR partitions:
21:45:46.0039 117664 \Device\Harddisk3\DR17\Partition0: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DD17E0
21:45:46.0039 117664 ============================================================
21:45:46.0085 117664 C: <-> \Device\Harddisk0\DR0\Partition0
21:45:46.0117 117664 F: <-> \Device\Harddisk2\DR16\Partition0
21:45:46.0117 117664 ============================================================
21:45:46.0117 117664 Initialize success
21:45:46.0117 117664 ============================================================
21:45:49.0674 115196 Deinitialize success

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-24 21:47:03
-----------------------------
21:47:03.765 OS Version: Windows 6.0.6002 Service Pack 2
21:47:03.765 Number of processors: 2 586 0x170A
21:47:03.765 ComputerName: JACK-LAPTOP UserName: Jack
21:47:08.666 Initialize success
21:50:47.629 AVAST engine defs: 12072401
21:51:11.494 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:51:11.497 Disk 0 Vendor: WDC_WD5000BEVT-22ZAT0 01.01A01 Size: 476940MB BusType: 3
21:51:11.499 Disk 1 \Device\Harddisk1\DR1 -> \Device\Scsi\JMCR1Port4Path0Target0Lun0
21:51:11.501 Disk 1 Vendor: JMCR Size: 30436MB BusType: 0
21:51:11.567 Disk 0 MBR read successfully
21:51:11.569 Disk 0 MBR scan
21:51:11.619 Disk 0 unknown MBR code
21:51:11.623 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
21:51:11.678 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 461107 MB offset 25174016
21:51:11.712 Disk 0 Partition 3 00 12 Compaq diag NTFS 3540 MB offset 969521152
21:51:11.719 Disk 0 scanning sectors +976771072
21:51:11.792 Disk 0 scanning C:\Windows\system32\drivers
21:51:41.826 Service scanning
21:52:48.692 Modules scanning
21:53:10.716 Disk 0 trace - called modules:
21:53:10.760 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
21:53:10.761 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85fa5960]
21:53:10.762 3 CLASSPNP.SYS[8aba88b3] -> nt!IofCallDriver -> [0x85d6f918]
21:53:10.762 5 acpi.sys[8069a6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85d7d8a0]
21:53:13.384 AVAST engine scan C:\Windows
21:53:24.584 AVAST engine scan C:\Windows\system32
22:01:50.217 AVAST engine scan C:\Windows\system32\drivers
22:02:36.271 AVAST engine scan C:\Users\Jack
22:12:32.134 Disk 0 MBR has been saved successfully to "C:\Users\Jack\Desktop\MBR.dat"
22:12:32.141 The log file has been saved successfully to "C:\Users\Jack\Desktop\aswMBR.txt"

C:\Users\Jack\AppData\Local\Temp\jar_cache2923942829059093134.tmp Java/Exploit.CVE-2012-1723.J trojan cleaned by deleting - quarantined
C:\Users\Jack\AppData\Local\Temp\jar_cache507344175411782146.tmp Java/Exploit.CVE-2012-1723.J trojan cleaned by deleting - quarantined
C:\Users\Jack\AppData\Local\Temp\Main.class Java/Exploit.CVE-2011-3544.BF trojan cleaned by deleting - quarantined
C:\Users\Jack\AppData\Local\{0C25513C-CE6B-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\Jack\AppData\Local\{B8D99F1B-AA20-4933-B61B-1BE43AB046E2}\chrome\content\overlay.xul probably a variant of Win32/Agent.NVQFFQI trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:58 AM

Posted 25 July 2012 - 04:46 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 jaxxmale

jaxxmale
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 26 July 2012 - 05:44 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Jack (administrator) on 26-07-2012 at 23:29:52
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jack-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cable.virginmedia.net

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-23-5A-E8-7E-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : cable.virginmedia.net
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-22-FA-09-B7-FA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c185:d322:86f:ab5%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.111(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 23 July 2012 08:49:40
Lease Expires . . . . . . . . . . : 02 August 2012 20:49:40
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 218112349
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-E8-8C-9C-00-23-5A-E8-7E-3B
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{6919E77B-522A-4E21-A7DA-27DD00711701}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.rhul.ac.uk
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:73b8:eb:2ea5:3f57:ff90(Preferred)
Link-local IPv6 Address . . . . . : fe80::eb:2ea5:3f57:ff90%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{AA095906-FA29-4EC5-BAA1-A5E4052812DC}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cable.virginmedia.net
Description . . . . . . . . . . . : isatap.cable.virginmedia.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dir-615
Address: 192.168.0.1

Name: google.com.cable.virginmedia.net
Address: 81.200.64.50



Pinging google.com [173.194.41.103] with 32 bytes of data:

Reply from 173.194.41.103: bytes=32 time=20ms TTL=56

Reply from 173.194.41.103: bytes=32 time=13ms TTL=55



Ping statistics for 173.194.41.103:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 13ms, Maximum = 20ms, Average = 16ms

Server: dir-615
Address: 192.168.0.1

Name: yahoo.com.cable.virginmedia.net
Address: 81.200.64.50



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=138ms TTL=49

Reply from 209.191.122.70: bytes=32 time=137ms TTL=49



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 137ms, Maximum = 138ms, Average = 137ms

Server: dir-615
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 23 5a e8 7e 3b ...... Broadcom NetXtreme Gigabit Ethernet
10 ...00 22 fa 09 b7 fa ...... Intel® WiFi Link 5100 AGN
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{6919E77B-522A-4E21-A7DA-27DD00711701}
21 ...00 00 00 00 00 00 00 e0 isatap.rhul.ac.uk
15 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
22 ...00 00 00 00 00 00 00 e0 isatap.{AA095906-FA29-4EC5-BAA1-A5E4052812DC}
24 ...00 00 00 00 00 00 00 e0 isatap.cable.virginmedia.net
23 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.111 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.111 281
192.168.0.111 255.255.255.255 On-link 192.168.0.111 281
192.168.0.255 255.255.255.255 On-link 192.168.0.111 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.111 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.111 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 18 ::/0 On-link
1 306 ::1/128 On-link
15 18 2001::/32 On-link
15 266 2001:0:5ef5:73b8:eb:2ea5:3f57:ff90/128
On-link
10 281 fe80::/64 On-link
15 266 fe80::/64 On-link
15 266 fe80::eb:2ea5:3f57:ff90/128
On-link
10 281 fe80::c185:d322:86f:ab5/128
On-link
1 306 ff00::/8 On-link
15 266 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/23/2012 08:50:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2012 11:46:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2012 11:05:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2012 06:11:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\8> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\7> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (07/25/2012 10:49:58 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (07/23/2012 08:12:17 PM) (Source: Service Control Manager) (User: )
Description: 30000libusbd

Error: (07/23/2012 08:04:10 PM) (Source: Service Control Manager) (User: )
Description: 30000libusbd

Error: (07/23/2012 05:49:33 PM) (Source: Service Control Manager) (User: )
Description: 30000libusbd

Error: (07/23/2012 05:48:58 PM) (Source: Service Control Manager) (User: )
Description: 30000libusbd

Error: (07/23/2012 08:49:35 AM) (Source: PlugPlayManager) (User: )
Description: The device 'Mobile Intel® 4 Series Chipset PCI Express Root Port - 2A41' (PCI\VEN_8086&DEV_2A41&SUBSYS_02001025&REV_07\3&21436425&0&08) disappeared from the system without first being prepared for removal.

Error: (07/23/2012 08:49:32 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 08:46:41 on 23/07/2012 was unexpected.

Error: (07/22/2012 11:45:37 PM) (Source: PlugPlayManager) (User: )
Description: The device 'Mobile Intel® 4 Series Chipset PCI Express Root Port - 2A41' (PCI\VEN_8086&DEV_2A41&SUBSYS_02001025&REV_07\3&21436425&0&08) disappeared from the system without first being prepared for removal.

Error: (07/22/2012 11:45:33 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 23:42:06 on 22/07/2012 was unexpected.

Error: (07/22/2012 09:01:12 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.111 for the Network Card with network address 0022FA09B7FA has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).


Microsoft Office Sessions:
=========================
Error: (07/23/2012 08:50:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2012 11:46:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2012 11:05:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/18/2012 06:11:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\9

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\9

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\8

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\8

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\7

Error: (07/16/2012 00:04:15 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\JACK\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\CLMCY1OH.DEFAULT\CACHE\7


=========================== Installed Programs ============================

abgx360 v1.0.6
Acer Backup Manager (Version: 1.0.1.58)
Acer Bio Protection (Version: 6.2.23)
Acer Crystal Eye Webcam 3.0.7.2 (Version: 3.0.7.2)
Acer eRecovery Management (Version: 4.00.3005)
Acer GridVista (Version: 2.72.317)
Acer PowerSmart Manager (Version: 4.01.3013)
Acer Product Registration (Version: 3.0.0.10)
Acer ScreenSaver (Version: 1.0.1.0305)
Acer VCM (Version: 4.00.3006)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.1)
Adobe After Effects CS4 (Version: 9)
Adobe After Effects CS4 Presets (Version: 9)
Adobe After Effects CS4 Third Party Content (Version: 9)
Adobe AIR (Version: 3.1.0.4880)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Asset Services CS4 (Version: 4)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Color Video Profiles AE CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe Contribute CS4 (Version: 5.0)
Adobe Creative Suite 4 Master Collection (Version: 4.0)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Creative Suite 6 Master Collection (Version: 6)
Adobe CS4 American English Speech Analysis Models (Version: 1)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Dreamweaver CS4 (Version: 10.0)
Adobe Drive CS4 (Version: 1)
Adobe Dynamiclink Support (Version: 1)
Adobe Encore CS4 (Version: 4)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Fireworks CS4 (Version: 10.0)
Adobe Flash CS4 (Version: 10.0)
Adobe Flash CS4 Extension - Flash Lite STI en (Version: 3.0)
Adobe Flash CS4 STI-en (Version: 10.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Fonts All (Version: 2.0)
Adobe Help Manager (Version: 4.0.244)
Adobe Illustrator CS4 (Version: 14.0)
Adobe InDesign CS4 (Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (Version: 6.0)
Adobe InDesign CS4 Common Base Files (Version: 6.0)
Adobe InDesign CS4 Icon Handler (Version: 6.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Dolby (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 1.8)
Adobe MotionPicture Color Files CS4 (Version: 2.0)
Adobe OnLocation CS4 (Version: 4)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Premiere Pro CS4 (Version: 4)
Adobe Premiere Pro CS4 Functional Content (Version: 4)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe SGM CS4 (Version: 3.0)
Adobe Shockwave Player 11.5 (Version: 11.5.1.601)
Adobe SING CS4 (Version: 2.0)
Adobe Soundbooth CS4 (Version: 2)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe Version Cue CS4 Server (Version: 4.0)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ArcGIS Desktop (Version: 9.3.1770)
Audacity 1.3.14 (Unicode)
Autodesk 3ds Max 2010 32-bit (Version: 12.0)
Autodesk 3ds Max 2010 32-bit Components (Version: 12.0)
Autodesk 3ds Max 2010 Tutorials Files (Version: 12.0)
Autodesk Backburner 2008.1 (Version: 2008.1.1)
Autodesk FBX Plugin 2009.4 - 3ds Max 2010
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
AviSynth 2.5
Backup Manager Advance (Version: 1.0.1.58)
Bamboo (Version: 5.2.4-5)
Batman: Arkham Asylum (Version: 1.0.0.0)
BitTorrent (Version: 7.6.1)
bl (Version: 1.0.0)
BlackBerry Desktop Software 5.0.1 (Version: 5.0.1.18)
bluCTRL Receiver (Version: 0.01.0001)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit Integrated Controller (Version: 11.44.05)
Call of Juarez - Bound in Blood (Version: 1.00.0000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Connect (Version: 1.0.0.1)
Corona SDK (Version: 11.0.704)
cu3ox
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Definition update for Microsoft Office 2010 (KB982726)
DiRT2 (Version: 1.00.0000)
Divine (Version: 0.5.0.474)
Dropbox (Version: 1.4.7)
EA SPORTS™ Rugby 08 (Version: 2.0.1.0)
EASEUS Partition Master 5.0.1 Home Edition
ENE CIR Receiver Driver (12/30/2008 2.7.2.0) (Version: 12/30/2008 2.7.2.0)
EPSON Scan
EPSON SX510W Series Printer Uninstall
EpsonNet Print (Version: 2.4j)
ESET Online Scanner v3
eSobi v2 (Version: 2.0.3.000223)
F1 2010 (Version: 1.0.0000.132)
Facebook Plug-In
Fences
Fences (Version: 1.0)
FIFA 10 (Version: 1.0.0.0)
FIFA 11 (Version: 1.0.0.0)
FileZilla Client 3.5.2 (Version: 3.5.2)
Fingerprint Solution (Version: 6.2.23.0)
Fliqlo Screen Saver
Football Manager 2010 (Version: 10.0.0.0)
Freewire Television (Version: 2.10.0.0)
Freez FLV to AVI/MPEG/WMV Converter (Version: 1.6)
Google Chrome (Version: 20.0.1132.57)
Google Desktop (Version: 5.9.1005.12335)
Google SketchUp Pro 8 (Version: 3.0.4811)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
GTK+ Runtime 2.14.7 rev a (remove only)
HP USB Disk Storage Format Tool
ImgBurn (Version: 2.5.2.0)
IPCam Admin v3.0
iPhoneBrowser (Version: 1.9.3)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.5.3)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 7 Update 2 (Version: 7.0.20)
Java™ SE Development Kit 7 Update 2 (Version: 1.7.0.20)
JavaFX 2.0.2 (Version: 2.0.2)
JavaFX 2.0.2 SDK (Version: 2.0.2)
JMicron Flash Media Controller Driver (Version: 1.00.25.04)
Junk Mail filter update (Version: 15.4.3502.0922)
kuler (Version: 2.0)
LAME v3.99.3 (for Windows)
Last.fm 1.5.4.27091
Launch Manager (Version: 2.0.01)
Lexmark Printer Software Uninstall
LibUSB-Win32-0.1.10.1 (Version: 0.1.10.1)
LightBox Video Web Gallery Creator 2.1.7
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Games for Windows - LIVE (Version: 3.3.24.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.2.3.0)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook Connector (Version: 14.0.6106.5001)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft XNA Framework Redistributable 2.0 (Version: 2.0.11128.1)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
mkv2vob (Version: 2.4.9)
Mozilla Firefox 14.0.1 (x86 en-GB) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Mozilla Thunderbird (3.1.7) (Version: 3.1.7 (en-GB))
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 3.1.36.0)
Need for Speed™ SHIFT (Version: 1.0.0.0)
NTI Backup Now 5 (Version: 5.1.2.616)
NTI Backup Now Standard (Version: 5.1.2.616)
NTI Media Maker 8 (Version: 8.0.2.6509)
NVIDIA Drivers (Version: 1.3)
NVIDIA PhysX (Version: 9.09.0720)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenAL
Orion (Version: 2.5.0)
Pcsx2 0.9.6 (Version: 1.0.0)
PDF Settings CS4 (Version: 9.0)
PDF Settings CS5 (Version: 10.0)
PDF Settings CS6 (Version: 11.0)
PerfectDisk 10 Professional (Version: 10.0.100)
ph (Version: 1.0.0)
Pharos
Photoshop Camera Raw (Version: 5.0)
Picasa 3 (Version: 3.8)
Pidgin (Version: 2.6.6)
Pixel Bender Toolkit (Version: 1.0)
Pixillion Image Converter
PlayerPal 4.2 (Version: 4.2.0)
PocketCloud Windows Companion (Version: 2.4.12)
Portrait Professional Studio 9.0 (Version: 9.0)
Pro Evolution Soccer 2010 (Version: 1.00.0000)
PS3Splitter version 1.1.5.1 (Version: 1.1.5.1)
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.71.80.42)
Rapture3D 2.4.4 Game
Realtek High Definition Audio Driver (Version: 6.0.1.5830)
Robot Wars Extreme Destruction (Version: 1.0.0)
Rugby Challenge 2006
Segoe UI (Version: 15.4.2271.0615)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
SmartFTP Client 4.0 Setup Files (remove only) (Version: 4.0)
Spotify (Version: 0.4.3)
Spotify (Version: 0.8.3.222.g317ab79d)
Suite Shared Configuration CS4 (Version: 1.0)
Synaptics Pointing Device Driver (Version: 12.2.2.0)
TeamViewer 7 (Version: 7.0.12313)
TightVNC 2.0.4 (Version: 2.0.4)
Toy Story 3 (Version: 1.00.0000)
UltraISO Premium V9.36
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Veetle TV 0.9.18 (Version: 0.9.18)
Videora iPod Converter 6 (Version: 6)
Viper 3.0.04 (Version: 3.0.04)
Virgin Media Service Manager 3.7.47 (Version: 3.7.47)
VLC media player 1.0.1 (Version: 1.0.1)
VueScan
WBFS Manager 3.0 (Version: 3.0)
WebTablet IE Plugin (Version: 1.1.0.7)
WebTablet Netscape Plugin (Version: 1.1.0.5)
WIDCOMM Bluetooth Software 6.0.1.6400 (Version: 6.0.1.6400)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.1 (Version: 4.1.0.1753)
WinRAR archiver
Xara3D6 (Version: 1.00.0000)
Xbox 360 controller cursor (Version: 1.0.0.1)
YouTube Downloader App 3.00 (Version: 3.00)

========================= Memory info: ===================================

Percentage of memory in use: 66%
Total physical RAM: 3000.96 MB
Available physical RAM: 1006.9 MB
Total Pagefile: 6208.94 MB
Available Pagefile: 3567.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.77 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:450.3 GB) (Free:8.97 GB) NTFS
2 Drive d: () (Removable) (Total:14.9 GB) (Free:14.84 GB) FAT32
4 Drive f: () (Fixed) (Total:931.51 GB) (Free:825.1 GB) NTFS
5 Drive i: () (Removable) (Total:29.71 GB) (Free:29.38 GB) FAT32

========================= Users: ========================================

User accounts for \\JACK-LAPTOP

Administrator Guest Jack


**** End of log ****

Farbar Service Scanner Version: 26-07-2012
Ran by Jack (administrator) on 26-07-2012 at 23:31:12
Running from "C:\Users\Jack\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Demand
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll
[2009-10-20 19:32] - [2009-04-11 07:28] - 0086528 ____A (Microsoft Corporation) 30A08728740E71947AE1E073B5CE69B4

C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-21 03:24] - [2008-01-21 03:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



nuc1ear# AdwCleaner v1.703 - Logfile created 07/26/2012 at 23:33:12
# Updated 20/07/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Jack - JACK-LAPTOP
# Running from : C:\Users\Jack\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : vToolbarUpdater11.2.0

***** [Files / Folders] *****

Folder Deleted : C:\Users\Jack\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Jack\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\Jack\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18943

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={8B60F37C-35FE-4D0E-A6DB-61972078583E}&mid=62a19e267f9a47d6891dd16a1c0c97c8-2e2a242543656a401292a159ca517be03d714cdd&lang=en&ds=AVG&pr=fr&d=2012-05-06 15:54:56&v=11.1.0.12&sap=nt --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (en-GB)

Profile name : default
File : C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\clmcy1oh.default\prefs.js

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\11.1.0.12");
Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bd871d09e-8b82-4558-8351-11d46224c60e%[...]

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",
Deleted : "path": "C:\\Program Files\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\11.0.2\\\[...]

*************************

AdwCleaner[S1].txt - [6249 octets] - [26/07/2012 23:33:12]

########## EOF - C:\AdwCleaner[S1].txt - [6377 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:58 AM

Posted 26 July 2012 - 06:29 PM

Do you still have redirects?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users