Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Several Problems, are they connected?


  • Please log in to reply
16 replies to this topic

#1 Fanny1964

Fanny1964

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:42 PM

Posted 08 October 2012 - 04:40 AM

Hi

I have been experiencing several problems recently, and wondered if they are connected.

Firstly I have noticed that the CPU usage level seems to be high 70-75%, when I consider my laptop to be idle. Nothing open in the taskbar, just the desktop on the screen. The process pane doesn't mean anything to me, so I've left well alone.

Also I've noticed that pages on Explorer don't always finish loading,and scrolling can be jerky and slow.
I've had several issues lately on startup, with a error message telling me that Login settings could not be verified.The screen blanks for a few seconds and then goes to Desktop and seems to work ok.

Yesteday I began to hear background adverts which seemed to loop every 30 seconds or so, and today anything with audio could only just be heard, even if I turned all the volume controls up to max. However after rebooting both problem seems to have gone away.

I've run a Malware scan and found nothing.

Finally, last night I was working on the Laptop, and got called away to speak to someone on the phone, after which I forgot to shut down and went to bed. When I got up this morning, I noticed that the lights on my router were very busy, as was the little icon on the laptop that flashes whenever the disc is in operation. Is this a sign of something malicious?

Hope someone can help

Thanks

Edited by hamluis, 08 October 2012 - 06:19 AM.
Moved from XP to Am I infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 PM

Posted 08 October 2012 - 07:11 AM

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.bleepingcomputer.com/farbar/FSS.exe


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

#3 Fanny1964

Fanny1964
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:42 PM

Posted 09 October 2012 - 06:12 PM

ESET
C:\Users\steve\AppData\Local\Temp\BI_RunOnce.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined
C:\Users\steve\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe a variant of Win32/InstallCore.AC application cleaned by deleting - quarantined
C:\Users\steve\AppData\Local\Temp\ICReinstall\cnet2_musicstudio80_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

Farbar Service Scanner Version: 07-10-2012
Ran by Steve (administrator) on 09-10-2012 at 21:00:24
Running from "C:\Users\steve\Downloads"
Microsoft Windows 7 Professional (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll
[2009-07-14 00:53] - [2009-07-14 02:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-14 00:54] - [2009-07-14 02:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-14 00:23] - [2009-07-14 02:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-14 00:24] - [2009-07-14 02:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-07-14 00:30] - [2009-07-14 02:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

MiniToolBox by Farbar Version: 23-07-2012
Ran by Steve (administrator) on 09-10-2012 at 21:01:59
Microsoft Windows 7 Professional (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Media disconnected)
NCP Secure Client Virtual NDIS6 Adapter = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : W03067
Primary Dns Suffix . . . . . . . : ingrams.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ingrams.local
dlink.com

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NCP Secure Client Virtual NDIS6 Adapter
Physical Address. . . . . . . . . : 02-00-4E-43-50-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-1E-65-E9-B8-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : dlink.com
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-1E-65-E9-B8-5A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::16e:b639:7491:294d%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 09 October 2012 17:25:01
Lease Expires . . . . . . . . . . : 10 October 2012 20:43:53
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301997669
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-88-9F-79-00-26-2D-55-3A-41
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ingrams.local
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-2D-55-3A-41
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C53BACD9-1F32-44A7-AA88-F622244DDD3D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{100E00E3-2CAF-476F-90A9-EEF899879106}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.dlink.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : dlink.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:1b:137a:3f57:fefc(Preferred)
Link-local IPv6 Address . . . . . : fe80::1b:137a:3f57:fefc%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.ingrams.local:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:4009:800::1002
74.125.230.101
74.125.230.97
74.125.230.103
74.125.230.99
74.125.230.96
74.125.230.100
74.125.230.105
74.125.230.104
74.125.230.102
74.125.230.110
74.125.230.98


Pinging google.com [173.194.34.105] with 32 bytes of data:
Reply from 173.194.34.105: bytes=32 time=30ms TTL=55
Reply from 173.194.34.105: bytes=32 time=32ms TTL=55

Ping statistics for 173.194.34.105:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 32ms, Average = 31ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=648ms TTL=50
Reply from 72.30.38.140: bytes=32 time=501ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 501ms, Maximum = 648ms, Average = 574ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...02 00 4e 43 50 49 ......NCP Secure Client Virtual NDIS6 Adapter
23...00 1e 65 e9 b8 5b ......Microsoft Virtual WiFi Miniport Adapter
13...00 1e 65 e9 b8 5a ......Intel® WiFi Link 5100 AGN
11...00 26 2d 55 3a 41 ......Broadcom NetXtreme Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:5ef5:79fb:1b:137a:3f57:fefc/128
On-link
13 281 fe80::/64 On-link
19 306 fe80::/64 On-link
19 306 fe80::1b:137a:3f57:fefc/128
On-link
13 281 fe80::16e:b639:7491:294d/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 H:\Windows\system32\NLAapi.dll [File Not found] ()
Catalog5 02 H:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 03 H:\Windows\System32\winrnr.dll [File Not found] ()
Catalog5 04 H:\Windows\system32\napinsp.dll [File Not found] ()
Catalog5 05 H:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 06 H:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 07 H:\Windows\system32\wshbth.dll [File Not found] ()
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 02 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 03 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 04 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 05 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 06 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 07 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 08 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 09 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 10 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 11 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 12 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 13 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 14 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 15 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 16 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 17 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 18 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 19 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 20 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 21 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 22 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 23 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 24 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 25 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 26 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 27 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 28 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 29 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 30 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 31 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 32 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 33 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 34 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 35 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 36 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 37 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 38 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 39 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 40 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 41 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 42 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 43 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 44 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 45 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 46 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 47 H:\Windows\system32\mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/09/2012 05:24:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 72744249

Error: (10/09/2012 05:24:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 72744249

Error: (10/09/2012 05:24:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/09/2012 05:24:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 72742892

Error: (10/09/2012 05:24:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 72742892

Error: (10/09/2012 05:24:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/09/2012 05:24:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 72741847

Error: (10/09/2012 05:24:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 72741847

Error: (10/09/2012 05:24:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/09/2012 05:24:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 72740849


System errors:
=============
Error: (10/09/2012 08:55:57 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/09/2012 07:00:55 PM) (Source: Microsoft-Windows-GroupPolicy) (User: INGRAMS)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/09/2012 05:48:48 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain INGRAMS due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (10/09/2012 05:30:02 PM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (10/09/2012 05:27:27 PM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (10/08/2012 08:14:13 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/08/2012 06:48:27 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service hung on starting.

Error: (10/08/2012 06:45:29 PM) (Source: Microsoft-Windows-GroupPolicy) (User: INGRAMS)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/08/2012 06:45:24 PM) (Source: Service Control Manager) (User: )
Description: The Security Center service hung on starting.

Error: (10/08/2012 06:45:28 PM) (Source: DCOM) (User: )
Description: {204810B9-73B2-11D4-BF42-00B0D0118B56}


Microsoft Office Sessions:
=========================
Error: (08/10/2011 07:25:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 124358 seconds with 1560 seconds of active time. This session ended with a crash.

Error: (11/08/2010 08:03:28 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 219135 seconds with 2160 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

2007 Microsoft Office Suite Service Pack 2 (SP2)
7-Zip 4.65
Acer Crystal Eye Webcam (Version: 5.2.7.1)
ACID Music Studio 8.0 (Version: 8.0.178)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Photoshop CS (Version: CS)
Adobe Reader 9.3 (Version: 9.3.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
AndreaMosaic 3.33.0
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Applian FLV and Media Player 3.1.1.12 (Version: 3.1.1.12)
Audacity 1.3.13 (Unicode)
BlackBerry App World Browser Plugin (Version: 2.1.2)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit Integrated Controller (Version: 12.24.02)
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.0
Canon MP270 series MP Drivers
Canon MP270 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Card Data Recovery (Version: )
CCleaner (Version: 2.31)
DHTML Editing Component (Version: 6.02.0001)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Famtree5 - 1 (Version: 5.0.1.162)
ffdshow v1.2.4453 [2012-05-21] (Version: 1.2.4453.0)
FLV.com FLV Downloader 8.3
Freecorder 4 (Version: 4.12B)
Freecorder 5 (Version: 5)
Freecorder 5 (Version: 5.11)
Freecorder 6 (Version: 2.1.10)
Freecorder 6 Applications (6.0.0.45) (Version: 6.0.0.45)
Freecorder 6 extension for Chrome (Version: 2.1.9)
Freeraser (Version: 1.0.0.23)
Google Chrome (Version: 22.0.1229.92)
Google Update Helper (Version: 1.3.21.123)
Guitar Pro 4.0
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.55)
Identity Card (Version: 1.00.3001)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Intel® TV Wizard
Intel® Matrix Storage Manager
InterVideo WinDVD 8 (Version: 8.5.10.39)
iTunes (Version: 10.7.0.21)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 26 (Version: 6.0.260)
LAME v3.99.3 (for Windows)
Launch Manager (Version: 3.0.04)
Lexmark 4300 Series
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.92)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyTomTom 3.2.0.700 (Version: 3.2.0.700)
n-Track Studio 6 (Version: 6.0.0)
NBI Second Edition
NCP Secure Entry Client (Version: 9.20)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia PC Suite (Version: 7.1.180.94)
NTI Backup Now 5 (Version: 5.1.2.627)
NTI Backup Now Standard (Version: 5.1.2.627)
NTI Media Maker 8 (Version: 8.0.12.6619)
NTI Shadow (Version: 3.7.6.56)
O2Micro Flash Memory Card Reader Driver (Version: 3.31.02)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PC Connectivity Solution (Version: 12.0.27.0)
PC Drummer Trial Edition 5.12
PL-2303 USB-to-Serial
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek High Definition Audio Driver (Version: 6.0.1.5911)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20133)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30087)
RealUpgrade 1.1 (Version: 1.1.0)
SIM Manager (Version: 3.1.0)
SPBA 5.8 (Version: 5.8.2.5652)
Spotify (Version: 0.4.3)
Spotify (Version: 0.8.3.222.g317ab79d)
SUPERAntiSpyware (Version: 5.6.1008)
Symantec Endpoint Protection (Version: 11.0.5002.333)
Synaptics Pointing Device Driver (Version: 13.2.2.0)
TomTom HOME 2.8.3.2499 (Version: 2.8.3.2499)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TreeDraw (Version: 3.2.5)
Uninstall 1.0.0.1
Unlocker 1.9.0 (Version: 1.9.0)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB981715)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb981726)
Video Downloader Toolbar (Version: 1.0.2)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
Vodafone Mobile Connect Lite (Version: 9.3.5.11690)
WD SmartWare (Version: 1.6.2.6)
WIDCOMM Bluetooth Software (Version: 6.2.0.9700)
Windows Driver Package - Dekart (DEKART38) SmartCardReader (08/08/2011 1.1.6.1) (Version: 08/08/2011 1.1.6.1)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Small Business Server 2008 ClientAgent (Version: 6.0.5601.0)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR archiver
Wondershare Video Converter Platinum(Build 5.2.3.2)
xHamster Video Downloader 3.23

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3000.95 MB
Available physical RAM: 1398.92 MB
Total Pagefile: 6000.18 MB
Available Pagefile: 4113.28 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.57 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:165.25 GB) NTFS
3 Drive h: (Offline) (Network) (Total:286.27 GB) (Free:165.25 GB) CSC-CACHE

========================= Users: ========================================

User accounts for \\W03067

Administrator Guest User


**** End of log ****
# AdwCleaner v2.004 - Logfile created 10/09/2012 at 21:03:46
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Professional (32 bits)
# User : Steve - W03067
# Boot Mode : Normal
# Running from : C:\Users\steve\Downloads\adwcleaner (2).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v22.0.1229.92

File : C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [14253 octets] - [08/10/2012 18:03:34]
AdwCleaner[S3].txt - [707 octets] - [09/10/2012 21:03:46]

########## EOF - H:\AdwCleaner[S3].txt - [766 octets] ##########

Norman Malware Cleaner v2.05.06
Copyright © 1990 - 2012, Norman ASA.

Norman Scanner Engine Version: 6.08.06
nvcbin.def: Version: 6.08.00, Date: 2012/10/09 16:01:34, Variants: 18865362
nvcmacro.def: Version: 6.08.00, Date: 2011/12/19 10:20:35, Variants: 20465

Operating System: Windows 7

Switches: /iagree /cleanrootkit /nosb

Scan started: 2012/10/09 22:15:12

Running pre-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Scanning system for active rootkit activity...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 1s

Scanning running processes and process memory...
C:\Program Files\Download Beast\DownloadBeast.exe:5528: Process infected with W32/Suspicious_Gen4.ANOMN
Terminate process: C:\Program Files\Download Beast\DownloadBeast.exe:5528
Cleaning successful
C:\Program Files\Download Beast\DownloadBeast.exe: File infected with W32/Suspicious_Gen4.ANOMN
Delete file: C:\Program Files\Download Beast\DownloadBeast.exe
Cleaning successful
Delete registry value: HKU\S-1-5-21-1902706052-1506629101-1762452412-1158\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> download beast = "C:\Program Files\Download Beast\DownloadBeast.exe" -h
Cleaning successful

Number of objects found: 3240
Number of objects scanned: 3240
Number of objects not scanned: 0
Number of malicious memory objects found: 3
Number of malicious objects cleaned: 3
Number of malicious files found: 1
Number of malicious files cleaned: 1
Scanning time: 6m 36s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Running full scan...
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Windows Defender\IMpService925A3ACA-C353-458A-AC8D-A7E5EB378092.lock: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG1: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG2: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Cache\index: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Current Session: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Current Tabs: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Google\Chrome\User Data\lockfile: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Temp\etilqs_1g06xC02gwHw6ev: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Temp\etilqs_BAU9W0K7AdLM5iW: Error opening file for read: 0x00000020
C:\Users\steve\AppData\Local\Temp\JET9BD2.tmp: Error opening file for read: 0x00000020
C:\Users\steve\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Users\steve\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\steve\ntuser.dat.LOG2: Error opening file for read: 0x00000020

Number of files found: 89317
Number of archives unpacked: 4505
Number of objects found: 445047
Number of objects scanned: 445021
Number of objects not scanned: 26
Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 1h 41m 3s

Running post-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Results:
Total number of files found: 89317
Total number of archives unpacked: 4505
Total number of objects found: 448287
Total number of objects scanned: 448261
Total number of objects not scanned: 26
Total number of malicious objects found: 3
Total number of malicious objects cleaned: 3
Total number of malicious files found: 1
Total number of malicious files cleaned: 1
Total number of objects quarantined: 2
Total scanning time: 1h 47m 40s

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 PM

Posted 09 October 2012 - 06:25 PM

Open an elevated command prompt then copy and paste the following one at a time hitting enter after each.

cd C:\windows\system32\drivers\etc

takeown /a /f hosts

cacls hosts /p everyone:f

Reply Y Then copy and paste the text below hitting enter after.

attrib -s -h -r hosts

Close the command prompt window.

Go here and run the fix it for the hosts file,as admin.
http://support.microsoft.com/kb/972034

After the fix it runs then reboot,the hosts file should be restored to original.



Open Elevated Command Prompt Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.Now type or copy and paste the commands below one at a time hitting enter after each.




netsh int ipv4 reset reset.log


nbtstat -R

nbtstat -RR

netsh winsock reset catalog

ipconfig /flushdns

ipconfig /registerdns

ipconfig /release

ipconfig /renew

net stop "dns client"

net start "dns client"

Now reboot your machine and post a fresh minitoolbox log please.

#5 Fanny1964

Fanny1964
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:42 PM

Posted 12 October 2012 - 04:14 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Steve (administrator) on 12-10-2012 at 10:09:08
Microsoft Windows 7 Professional (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Media disconnected)
NCP Secure Client Virtual NDIS6 Adapter = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : W03067
Primary Dns Suffix . . . . . . . : ingrams.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ingrams.local
dlink.com

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NCP Secure Client Virtual NDIS6 Adapter
Physical Address. . . . . . . . . : 02-00-4E-43-50-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-1E-65-E9-B8-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : dlink.com
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-1E-65-E9-B8-5A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::16e:b639:7491:294d%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 12 October 2012 09:55:11
Lease Expires . . . . . . . . . . : 13 October 2012 09:55:11
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301997669
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-88-9F-79-00-26-2D-55-3A-41
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ingrams.local
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-2D-55-3A-41
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C53BACD9-1F32-44A7-AA88-F622244DDD3D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{100E00E3-2CAF-476F-90A9-EEF899879106}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.dlink.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : dlink.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:82c:15f6:3f57:fefc(Preferred)
Link-local IPv6 Address . . . . . : fe80::82c:15f6:3f57:fefc%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.ingrams.local:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:4009:802::1008
173.194.34.73
173.194.34.67
173.194.34.64
173.194.34.65
173.194.34.68
173.194.34.70
173.194.34.78
173.194.34.66
173.194.34.71
173.194.34.69
173.194.34.72


Pinging google.com [173.194.34.103] with 32 bytes of data:
Reply from 173.194.34.103: bytes=32 time=30ms TTL=55
Reply from 173.194.34.103: bytes=32 time=30ms TTL=55

Ping statistics for 173.194.34.103:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 30ms, Average = 30ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=210ms TTL=47
Reply from 98.138.253.109: bytes=32 time=145ms TTL=47

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 145ms, Maximum = 210ms, Average = 177ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...02 00 4e 43 50 49 ......NCP Secure Client Virtual NDIS6 Adapter
23...00 1e 65 e9 b8 5b ......Microsoft Virtual WiFi Miniport Adapter
13...00 1e 65 e9 b8 5a ......Intel® WiFi Link 5100 AGN
11...00 26 2d 55 3a 41 ......Broadcom NetXtreme Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:5ef5:79fb:82c:15f6:3f57:fefc/128
On-link
13 281 fe80::/64 On-link
19 306 fe80::/64 On-link
13 281 fe80::16e:b639:7491:294d/128
On-link
19 306 fe80::82c:15f6:3f57:fefc/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 H:\Windows\system32\NLAapi.dll [File Not found] ()
Catalog5 02 H:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 03 H:\Windows\System32\winrnr.dll [File Not found] ()
Catalog5 04 H:\Windows\system32\napinsp.dll [File Not found] ()
Catalog5 05 H:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 06 H:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 07 H:\Windows\system32\wshbth.dll [File Not found] ()
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 02 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 03 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 04 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 05 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 06 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 07 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 08 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 09 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 10 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 11 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 12 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 13 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 14 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 15 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 16 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 17 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 18 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 19 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 20 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 21 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 22 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 23 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 24 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 25 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 26 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 27 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 28 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 29 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 30 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 31 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 32 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 33 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 34 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 35 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 36 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 37 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 38 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 39 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 40 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 41 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 42 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 43 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 44 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 45 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 46 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 47 H:\Windows\system32\mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/12/2012 09:55:20 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (10/12/2012 09:21:20 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (10/11/2012 11:24:21 PM) (Source: VMCService) (User: )
Description: System.Runtime.InteropServices.COMException (0x80010002): Call was canceled by the message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))
at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at System.Management.ManagementObject.Initialize(Boolean getObject)
at System.Management.ManagementClass.GetInstances(EnumerationOptions options)
at System.Management.ManagementClass.GetInstances()
at VMC.WindowsService.Core.WMIClasses.GetProcessOwner_Orig(UInt32 processId, String processName, String& domain, String& user)
at VMC.WindowsService.Core.WindowsServiceCore.StartedWithoutGui_Orig(Message message)
at VMC.WindowsService.Core.WindowsServiceCore.IncomingMessage(Message message)
at VMC.WindowsService.Core.WindowsServiceCore.Receiving()

Error: (10/11/2012 11:18:52 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (10/11/2012 05:28:43 PM) (Source: SescLU) (User: )
Description: LiveUpdate returned a non-critical error. Available content updates may have failed to install.

Error: (10/11/2012 05:25:05 PM) (Source: Google Update) (User: INGRAMS)INGRAMS
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (10/10/2012 07:44:51 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (10/10/2012 00:24:11 AM) (Source: MsiInstaller) (User: INGRAMS)INGRAMS
Description: Product: n-Track Studio 6 -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: _65DF69C6_2A54_4006_BA77_B5C3F279AF2E, location: C:\Program Files\FASoft\n-Track Studio 6\RegisterComponents.exe, command: /Uninstall

Error: (10/09/2012 10:15:44 PM) (Source: Symantec AntiVirus) (User: INGRAMS)INGRAMS
Description: SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Event Info: Map View Memory
Action Taken: Logged
Actor Process: C:\Users\steve\Downloads\Norman_Malware_Cleaner.exe (PID 4456)
Time: 09 October 2012 22:15:44

Error: (10/09/2012 10:15:38 PM) (Source: Symantec AntiVirus) (User: INGRAMS)INGRAMS
Description: SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
Event Info: Map View Memory
Action Taken: Logged
Actor Process: C:\Users\steve\Downloads\Norman_Malware_Cleaner.exe (PID 4456)
Time: 09 October 2012 22:15:38


System errors:
=============
Error: (10/12/2012 10:02:14 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (10/12/2012 10:00:57 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (10/12/2012 10:00:09 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service hung on starting.

Error: (10/12/2012 09:57:54 AM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (10/12/2012 09:57:41 AM) (Source: Microsoft-Windows-GroupPolicy) (User: INGRAMS)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/12/2012 09:55:28 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/12/2012 09:55:08 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain INGRAMS due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (10/12/2012 09:40:47 AM) (Source: Microsoft-Windows-GroupPolicy) (User: INGRAMS)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/12/2012 09:31:01 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (10/12/2012 09:28:56 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service hung on starting.


Microsoft Office Sessions:
=========================
Error: (08/10/2011 07:25:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 124358 seconds with 1560 seconds of active time. This session ended with a crash.

Error: (11/08/2010 08:03:28 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 219135 seconds with 2160 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

2007 Microsoft Office Suite Service Pack 2 (SP2)
7-Zip 4.65
Acer Crystal Eye Webcam (Version: 5.2.7.1)
ACID Music Studio 8.0 (Version: 8.0.178)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Photoshop CS (Version: CS)
Adobe Reader 9.3 (Version: 9.3.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
AndreaMosaic 3.33.0
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Applian FLV and Media Player 3.1.1.12 (Version: 3.1.1.12)
Audacity 1.3.13 (Unicode)
BlackBerry App World Browser Plugin (Version: 2.1.2)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit Integrated Controller (Version: 12.24.02)
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.0
Canon MP270 series MP Drivers
Canon MP270 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner (Version: 2.31)
DHTML Editing Component (Version: 6.02.0001)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Famtree5 - 1 (Version: 5.0.1.162)
ffdshow v1.2.4453 [2012-05-21] (Version: 1.2.4453.0)
FLV.com FLV Downloader 8.3
Freecorder 4 (Version: 4.12B)
Freecorder 5 (Version: 5)
Freecorder 5 (Version: 5.11)
Freecorder 6 (Version: 2.1.10)
Freecorder 6 Applications (6.0.0.45) (Version: 6.0.0.45)
Freecorder 6 extension for Chrome (Version: 2.1.9)
Freeraser (Version: 1.0.0.23)
Google Chrome (Version: 22.0.1229.94)
Google Update Helper (Version: 1.3.21.123)
Guitar Pro 4.0
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.55)
Identity Card (Version: 1.00.3001)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Intel® TV Wizard
Intel® Matrix Storage Manager
InterVideo WinDVD 8 (Version: 8.5.10.39)
iTunes (Version: 10.7.0.21)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 26 (Version: 6.0.260)
LAME v3.99.3 (for Windows)
Launch Manager (Version: 3.0.04)
Lexmark 4300 Series
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.92)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyTomTom 3.2.0.700 (Version: 3.2.0.700)
n-Track Studio 6 (Version: 6.0.0)
NBI Second Edition
NCP Secure Entry Client (Version: 9.20)
NTI Backup Now 5 (Version: 5.1.2.627)
NTI Backup Now Standard (Version: 5.1.2.627)
NTI Media Maker 8 (Version: 8.0.12.6619)
NTI Shadow (Version: 3.7.6.56)
O2Micro Flash Memory Card Reader Driver (Version: 3.31.02)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PC Drummer Trial Edition 5.12
PL-2303 USB-to-Serial
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek High Definition Audio Driver (Version: 6.0.1.5911)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20133)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30087)
RealUpgrade 1.1 (Version: 1.1.0)
SPBA 5.8 (Version: 5.8.2.5652)
Spotify (Version: 0.4.3)
Spotify (Version: 0.8.3.222.g317ab79d)
SUPERAntiSpyware (Version: 5.6.1008)
Symantec Endpoint Protection (Version: 11.0.5002.333)
Synaptics Pointing Device Driver (Version: 13.2.2.0)
TomTom HOME 2.8.3.2499 (Version: 2.8.3.2499)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TreeDraw (Version: 3.2.5)
Uninstall 1.0.0.1
Unlocker 1.9.0 (Version: 1.9.0)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB981715)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb981726)
Video Downloader Toolbar (Version: 1.0.2)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
Vodafone Mobile Connect Lite (Version: 9.3.5.11690)
WD SmartWare (Version: 1.6.2.6)
WIDCOMM Bluetooth Software (Version: 6.2.0.9700)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Small Business Server 2008 ClientAgent (Version: 6.0.5601.0)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR archiver
Wondershare Video Converter Platinum(Build 5.2.3.2)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 3000.95 MB
Available physical RAM: 1572.02 MB
Total Pagefile: 6000.18 MB
Available Pagefile: 4335.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.57 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:165.28 GB) NTFS
3 Drive h: (Offline) (Network) (Total:286.27 GB) (Free:165.28 GB) CSC-CACHE

========================= Users: ========================================

User accounts for \\W03067

Administrator Guest User


**** End of log ****

#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 PM

Posted 12 October 2012 - 01:03 PM

Please uninstall Symantec Endpoint Protection (Version: 11.0.5002.333)
Run the Norton Removal tool.
http://download1us.softpedia.com/dl/e75d9cdf74ec0eaefa3657b36e55e364/50785b25/100026173/software/tweak/Norton_Removal_Tool.exe

Reboot your machine.

Reinstall the antivirus.


Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/

Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe


Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

http://download.sysinternals.com/files/Autoruns.zip

#7 Fanny1964

Fanny1964
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:42 PM

Posted 12 October 2012 - 05:00 PM

Hi
Quick question. The Endpoint protection that you asked me to uninstall, this is a business computer and I don't hold the software for it, my office renew the subscription and the software was preloaded. If I uninstall, is there any way I can reinstall without having the disc to do so?

Thanks

#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 PM

Posted 12 October 2012 - 07:41 PM

You may have to get with them on that.I think it is the cause of the winsock errors on this machine.
skip and continue.

#9 Fanny1964

Fanny1964
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:42 PM

Posted 13 October 2012 - 08:21 AM

Please uninstall Symantec Endpoint Protection (Version: 11.0.5002.333)
Run the Norton Removal tool.
http://download1us.softpedia.com/dl/e75d9cdf74ec0eaefa3657b36e55e364/50785b25/100026173/software/tweak/Norton_Removal_Tool.exe



Reboot your machine.

Reinstall the antivirus.
As discussed Skipped

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

No Threats Found


Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/13/2012 10:38:55 AM in x86 mode.
Windows Version: Windows 7 Professional

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/13/2012 10:39:05 AM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe
Blank Log Message saying it couldn't find the file path


Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

http://download.sysinternals.com/files/Autoruns.zip

"HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Startup" "" "" ""
+ "Windows SBS CSE Policy" "" "" "File not found: \\ingrams.local\SysVol\ingrams.local\ClientAgent\ClientAgent.vbs"
+ "Windows SBS CSE Policy" "" "" "File not found: \\ingrams.local\SysVol\ingrams.local\ClientAgent\ClientAgent.vbs"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "CanonMyPrinter" "Canon My Printer" "CANON INC." "c:\program files\canon\myprinter\bjmyprt.exe"
+ "CanonSolutionMenu" "CNSLMAIN" "CANON INC." "c:\program files\canon\solutionmenu\cnslmain.exe"
+ "ccApp" "Symantec User Session" "Symantec Corporation" "c:\program files\common files\symantec shared\ccapp.exe"
+ "EzPrint" "Lexmark Fast Pics Application" "Lexmark International Inc." "c:\program files\lexmark 4300 series\ezprint.exe"
+ "Freecorder FLV Service" "" "" "File not found: C:\Program Files\Freecorder\FLVSrvc.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "LManager" "Launch Manager Keyboard Application" "Dritek System Inc." "c:\program files\launch manager\lmanager.exe"
+ "LXCECATS" "Timer DLL" "" "c:\windows\system32\spool\drivers\w32x86\3\lxcetime.dll"
+ "lxcemon.exe" "Lexmark Device Monitor" "Lexmark International, Inc." "c:\program files\lexmark 4300 series\lxcemon.exe"
+ "MobileConnect" "MobileConnect" "Vodafone" "c:\program files\vodafone\vodafone mobile connect\bin\mobileconnect.exe"
+ "NcpBudgetGui" "" "" "c:\program files\ncp\secureclient\ncpbudgetgui.exe"
+ "NcpMonitor" "ncpmon.exe" "NCP engineering GmbH" "c:\program files\ncp\secureclient\ncpmon.exe"
+ "NcpPopup" "" "" "c:\program files\ncp\secureclient\ncppopup.exe"
+ "NcpRsuGui" "" "" "c:\program files\ncp\secureclient\rwsrsu.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "PLFSetI" "DefaultSettingEXE MFC Application" "" "c:\windows\plfseti.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "Realtime Audio Engine" "RealTime Audio Engine" "AlcaTech" "c:\windows\system32\mmrtkrnl.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rthdvcpl.exe"
+ "SpeetItUpFree" "" "" "File not found: C:\Program Files\SpeedItup Free\speeditupfree.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\real\realplayer\update\realsched.exe"
+ "WD Quick View" "WD Quick View" "Western Digital Technologies, Inc." "c:\program files\western digital\wd quick view\wddmstatus.exe"
+ "Wondershare Helper Compact.exe" "Wondershare Studio" "Wondershare" "c:\program files\common files\wondershare\wondershare helper compact\wshelper.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Adobe Gamma Loader.lnk" "" "" "c:\program files\common files\adobe\calibration\adobe gamma loader.exe"
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\steve\appdata\local\facebook\update\facebookupdate.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\steve\appdata\local\google\update\googleupdate.exe"
+ "MyTomTomSA.exe" "MyTomTom" "TomTom" "c:\program files\mytomtom 3\mytomtomsa.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "Spotify Web Helper" "" "" "c:\program files\spotify\data\spotifywebhelper.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
+ "TomTomHOME.exe" "System Tray application for TomTom HOME" "TomTom" "c:\program files\tomtom home 2\tomtomhomerunner.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "LDVPMenu" "Symantec AntiVirus" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\vpshell2.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "WDBackupMenuHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "WDBackupPropSheetHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "LDVPMenu" "Symantec AntiVirus" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\vpshell2.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WDBackupMenuHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" ""
+ "WDBackupPropSheetHandler" "WD ContextMenu Handler" "Western Digital" "c:\program files\western digital\wd smartware\wdcontextmenuhandler.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Canon Easy-WebPrint EX BHO" "Easy-WebPrint EX" "CANON INC." "c:\program files\canon\easy-webprint ex\ewpexbho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Canon Easy-WebPrint EX" "Easy-WebPrint EX" "CANON INC." "c:\program files\canon\easy-webprint ex\ewpexhlp.dll"
+ "Freecorder 6" "Internet Explorer Toolbar Engine" "" "c:\program files\freecorder 6\tbcore3.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158Core" "Facebook Installer" "Facebook Inc." "c:\users\steve\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158UA" "Facebook Installer" "Facebook Inc." "c:\users\steve\appdata\local\facebook\update\facebookupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158Core" "Google Installer" "Google Inc." "c:\users\steve\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158UA" "Google Installer" "Google Inc." "c:\users\steve\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-1902706052-1506629101-1762452412-1158" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-1902706052-1506629101-1762452412-1158" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "\SUPERAntiSpyware Scheduled Task 1be6a479-ca36-4d0f-95a2-272f6c095897" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "c:\program files\superantispyware\sastask.exe"
+ "\SUPERAntiSpyware Scheduled Task e84a4d50-6979-46f4-8fc4-58ebb4d9385b" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "c:\program files\superantispyware\sastask.exe"
+ "\Your File Updater" "" "" "File not found: C:\Program Files\YourFileDownloader\YourFileUpdater.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore.exe"
+ "Adobe LM Service" "Adobe LM Service" "" "c:\program files\common files\adobe systems shared\service\adobelmsvc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "ccEvtMgr" "Event propagation and logging service" "Symantec Corporation" "c:\program files\common files\symantec shared\ccsvchst.exe"
+ "ccSetMgr" "Settings storage and management service" "Symantec Corporation" "c:\program files\common files\symantec shared\ccsvchst.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "HsfXAudioService" "User-mode gate for Modem Speakerphone" "Conexant Systems, Inc." "c:\windows\system32\xaudio32.dll"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "IviRegMgr" "InterVideo Register Manager" "InterVideo" "c:\program files\common files\intervideo\regmgr\iviregmgr.exe"
+ "LiveUpdate" "LiveUpdate Core Engine" "Symantec Corporation" "c:\program files\symantec\liveupdate\lucomserver_3_3.exe"
+ "lxce_device" "Printer Communication System" " " "c:\windows\system32\lxcecoms.exe"
+ "ncpclcfg" "Provides NCP Client Configuration" "NCP engineering GmbH" "c:\program files\ncp\secureclient\ncpclcfg.exe"
+ "ncprwsnt" "Provides NCP PPP,VPN and DIALING services" "NCP Engineering GmbH" "c:\program files\ncp\secureclient\ncprwsnt.exe"
+ "NcpSec" "Provides NCP PKI Support" "" "c:\program files\ncp\secureclient\ncpsec.exe"
+ "NTIBackupSvc" "NTI Backup Now 5 Backup service for backup(restore). " "NewTech InfoSystems, Inc." "c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe"
+ "NTISchedulerSvc" "NTI Backup Now 5 Manage BackupNow backup jobs and etc..." "NewTech Infosystems, Inc." "c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe"
+ "O2FLASH" "O2 Flash Memory Service" "O2Micro International" "c:\windows\system32\drivers\o2flash.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "PSI_SVC_2" "This service provides Protexis licensing functionalty." "Protexis Inc." "c:\program files\common files\protexis\license service\psiservice_2.exe"
+ "rpcapd" "Allows to capture traffic on this machine from a remote machine." "CACE Technologies, Inc." "c:\program files\winpcap\rpcapd.exe"
+ "rwsrsu" "Provides NCP Secure Enterprise Management Updates" "" "c:\program files\ncp\secureclient\rwsrsu.exe"
+ "Smcinst" "Automatically updates Symantec client security software." "" "File not found: C:\Program Files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe"
+ "SmcService" "Provides communication with the Symantec Endpoint Protection Manager. It also provides network threat protection and application and device control for the client." "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\smc.exe"
+ "Symantec AntiVirus" "Provides virus-scanning for Symantec Endpoint Protection." "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\rtvscan.exe"
+ "TomTomHOMEService" "TomTom Home Service for ejecting devices" "TomTom" "c:\program files\tomtom home 2\tomtomhomeservice.exe"
+ "VMCService" "Detects mobile devices and manages applications that might otherwise conflict with Vodafone Mobile Connect (VMC). If this service is stopped, the VMC software will not work properly, as it will not be able to identify devices or manage conflicting applications." "Vodafone" "c:\program files\vodafone\vodafone mobile connect\bin\vmcservice.exe"
+ "WDBackup" "WD SmartWare Backup Engine" "Western Digital " "c:\program files\western digital\wd smartware\wdbackupengine.exe"
+ "WDDriveService" "Provides discovery of WD Drives" "Western Digital" "c:\program files\western digital\wd drive manager\wddriveservice.exe"
+ "WDRulesService" "WD SmartWare Rules Engine" "Western Digital " "c:\program files\western digital\wd smartware\wdrulesengine.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athr.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz132" "" "" "File not found: C:\Users\steve\AppData\Local\Temp\cpuz132\cpuz132_x32.sys"
+ "DKbFltr" "Dritek PS2 Keyboard Filter Driver" "Dritek System Inc." "c:\windows\system32\drivers\dkbfltr.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_dpv.sys"
+ "HSXHWAZL" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsxhwazl.sys"
+ "hwdatacard" "USB Modem/Serial Device Driver" "Huawei Technologies Co., Ltd." "c:\windows\system32\drivers\ewusbmdm.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Iittcoxts" "" "" "File not found: C:\Windows\System32\Drivers\Iittcoxts.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "ivusb" "Initio Default Vendor Specific Device Driver" "Initio Corporation" "c:\windows\system32\drivers\ivusb.sys"
+ "L1E" "Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)" "Atheros Communications, Inc." "c:\windows\system32\drivers\l1e62x86.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "mdmxsdk" "Diagnostic Interface x86 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\symantec\definitions\virusdefs\20121012.020\naveng.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\symantec\definitions\virusdefs\20121012.020\navex15.sys"
+ "ncpfilt" "NCP Filter" "NCP Engineering GmbH" "c:\windows\system32\drivers\ncplelhp.sys"
+ "ncplelhp" "NCP Virtual Tunnel Adapter" "NCP Engineering GmbH" "c:\windows\system32\drivers\ncplelhp.sys"
+ "NETw5s32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s32.sys"
+ "netw5v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v32.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NPF" "npf.sys (NT5/6 x86) Kernel Driver" "CACE Technologies, Inc." "c:\windows\system32\drivers\npf.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\windows\system32\drivers\ntidrvr.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "O2MDRDR" "o2media" "O2Micro " "c:\windows\system32\drivers\o2media.sys"
+ "O2SDRDR" "O2Micro SD Reader Driver" "O2Micro " "c:\windows\system32\drivers\o2sd.sys"
+ "pccsmcfd" "" "" "File not found: system32\DRIVERS\pccsmcfd.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "regi" "regi driver" "InterVideo" "c:\windows\system32\drivers\regi.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial.sys"
+ "RSUSBSTOR" "" "" "File not found: System32\Drivers\RtsUStor.sys"
+ "Rts516xIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"
+ "RtsUIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "SCREAMINGBDRIVER" "Screaming Bee Audio Driver" "Screaming Bee LLC" "c:\windows\system32\drivers\screamingbaudio.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Ser2plx86" "USB-to-Serial Cable Driver" "Prolific Technology Inc." "c:\windows\system32\drivers\ser2pl.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SPBBCDrv" "SPBBC Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\srtsp.sys"
+ "SRTSPL" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\srtspl.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\srtspx.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl3.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv3.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt3.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TcUsb" "TouchChip USB Kernel Driver" "UPEK Inc." "c:\windows\system32\drivers\tcusb.sys"
+ "TrueSight" "" "" "c:\windows\system32\drivers\truesight.sys"
+ "UBHelper" "NTI CDROM Filter Driver" "NewTech Infosystems Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "USBCCID" "" "" "File not found: system32\DRIVERS\RtsUCcid.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_cnxt.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio32.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.FFDS" "ffdshow VFW" "" "c:\windows\system32\ff_vfw.dll"
+ "VIDC.IV41" "Intel Indeo® Video Interactive 32-bit Driver" "Intel Corporation" "c:\windows\system32\ir41_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "fadxirw" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\dxirewire.dll"
+ "fadxirw" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\dxirewire.dll"
+ "n-Track AutoVol" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\autovol.dll"
+ "n-Track AutoVol" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\autovol.dll"
+ "n-Track Chorus" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\chorus.dll"
+ "n-Track Chorus" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\chorus.dll"
+ "n-Track Compressor" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\facomp10.dll"
+ "n-Track Compressor" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\facomp10.dll"
+ "n-Track Echo" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\echo.dll"
+ "n-Track Echo" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\echo.dll"
+ "n-Track Parametric EQ" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\fa4bdeq.dll"
+ "n-Track Parametric EQ" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\fa4bdeq.dll"
+ "n-Track Pitch Shift" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\ntrck_PitchShift.dll"
+ "n-Track Pitch Shift" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\ntrck_PitchShift.dll"
+ "n-Track Reverb" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\riverbero.dll"
+ "n-Track Reverb" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\riverbero.dll"
+ "Sony ExpressFX Dynamics" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Dynamics" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Graphic EQ" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Graphic EQ" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Noise Gate" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Time Stretch" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
+ "Sony ExpressFX Time Stretch" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files\sony\shared plug-ins\audio\sfxpfx3.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\windows\system32\ac3filter.ax"
+ "Bouncing Ball" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\ball.ax"
+ "Bytescout Screen Capturing Filter" "Bytescout Virtual Camera Filter acts like a video capture source." "Bytescout" "c:\program files\applian technologies\freecorder 6 applications\screen\bytescoutscreencapturingfilter.dll"
+ "Bytescout Video Mixer Filter" "Bytescout Video Mixer Filter mixes two video streams into one." "Bytescout" "c:\program files\applian technologies\freecorder 6 applications\screen\bytescoutvideomixerfilter.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Direct Show Gateway Renderer" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\amgateway.ax"
+ "Direct Show Gateway Source" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\amgateway.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"
+ "InterVideo Audio Decoder" "IVIAUDIO LOGID.86310" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Video Decoder" "IVIVIDEO LOGID.86310" " InterVideo Inc." "c:\program files\intervideo\common\bin\ivivideo.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "SlideShow" "" "" "c:\program files\newtech infosystems\nti media maker 8\photo maker\slideshow.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WS ScreenCapture" "ScreenCa Dynamic Link Library" "" "c:\program files\wondershare\video converter platinum\screencapturefilter.ax"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "Provider Object" "Windows Vista Credential Provider" "UPEK Inc." "c:\program files\common files\spba\provider.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "Provider Filter Object" "Windows Vista Credential Provider" "UPEK Inc." "c:\program files\common files\spba\provider.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "spba" "PS QL Logon Kernel" "UPEK Inc." "c:\program files\common files\spba\homefus2.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "4300 Series Port" "Printer Communication System" " " "c:\windows\system32\lxcelmpm.dll"
+ "Canon BJ Language Monitor MP270 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm9x.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "SnacNp" "Symantec SNAC Network Provider" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\snacnp.dll"
"C:\Users\steve\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-us\Gadget.xml"
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-us\Gadget.xml"
+ "CPU Meter" "See the current computer CPU and system memory (RAM)." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-us\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-us\Gadget.xml"

#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 PM

Posted 13 October 2012 - 10:10 AM

Download Hitman Pro .
http://dl.surfright.nl/HitmanPro36.exe
Start the scan Go to setings.
Un-tick Scan for tracking Cookies.
Go back to scan Tab
Select ok
Then Next
No I only want to perform a one time scan to check this computer.
Enter your email to register.
Next.
After the scan make sure to select quarantine found threats.
Then select activate free license then follow the prompts.
Reboot your machine.

#11 Fanny1964

Fanny1964
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:42 PM

Posted 13 October 2012 - 10:33 AM

Download Hitman Pro .
http://dl.surfright.nl/HitmanPro36.exe
Start the scan Go to setings.
Un-tick Scan for tracking Cookies.
Go back to scan Tab
Select ok
Then Next
No I only want to perform a one time scan to check this computer.
Enter your email to register.
Next.
After the scan make sure to select quarantine found threats.
Then select activate free license then follow the prompts.
Reboot your machine.


No Threats Found

#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 PM

Posted 13 October 2012 - 10:33 AM

Open autoruns and untick the items below.

+ "SpeetItUpFree" "" "" "File not found: C:\Program Files\SpeedItup Free\speeditupfree.exe"

+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\steve\appdata\local\facebook\update\facebookupdate.exe"

+ "Google Update" "Google Installer" "Google Inc." "c:\users\steve\appdata\local\google\update\googleupdate.exe"

+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"

+ "\FacebookUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158Core" "Facebook Installer" "Facebook Inc." "c:\users\steve\appdata\local\facebook\update\facebookupdate.exe"

+ "\FacebookUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158UA" "Facebook Installer" "Facebook Inc." "c:\users\steve\appdata\local\facebook\update\facebookupdate.exe"

+ "\GoogleUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158Core" "Google Installer" "Google Inc." "c:\users\steve\appdata\local\google\update\googleupdate.exe"

+ "\GoogleUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158UA" "Google Installer" "Google Inc." "c:\users\steve\appdata\local\google\update\googleupdate.exe"

+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"

+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"

+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"

+ "\RealUpgradeLogonTaskS-1-5-21-1902706052-1506629101-1762452412-1158" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"

+ "\RealUpgradeScheduledTaskS-1-5-21-1902706052-1506629101-1762452412-1158" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"

+ "\Your File Updater" "" "" "File not found: C:\Program Files\YourFileDownloader\YourFileUpdater.exe"

+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"

+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"

+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"


+ "Rts516xIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"

+ "RtsUIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"

+ "fadxirw" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\dxirewire.dll"
+ "fadxirw" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\dxirewire.dll"
+ "n-Track AutoVol" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\autovol.dll"
+ "n-Track AutoVol" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\autovol.dll"
+ "n-Track Chorus" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\chorus.dll"
+ "n-Track Chorus" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\chorus.dll"
+ "n-Track Compressor" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\facomp10.dll"
+ "n-Track Compressor" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\facomp10.dll"
+ "n-Track Echo" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\echo.dll"
+ "n-Track Echo" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\echo.dll"
+ "n-Track Parametric EQ" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\fa4bdeq.dll"
+ "n-Track Parametric EQ" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\fa4bdeq.dll"
+ "n-Track Pitch Shift" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\ntrck_PitchShift.dll"
+ "n-Track Pitch Shift" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\ntrck_PitchShift.dll"
+ "n-Track Reverb" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\riverbero.dll"
+ "n-Track Reverb" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\riverbero.dll"
+ "Bouncing Ball" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\ball.ax"



Reboot your machine.

Use File assasin to delete the files below.
http://downloads.malwarebytes.org/file/fileassassin

C:\Program Files\YourFileDownloader\YourFileUpdater.exe
C:\Program Files\SpeedItup Free\speeditupfree.exe


Please upload the file below to Jottis malware scanner and post the results.
http://virusscan.jotti.org/en

system32\DRIVERS\Rts516xIR.sys

c:\windows\system32\drivers\Rts516xIR.sys


Post a fresh minitoolbox log for me to review please.With only list winsock entires checked.

Edited by InadequateInfirmity, 13 October 2012 - 10:35 AM.


#13 Fanny1964

Fanny1964
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:42 PM

Posted 13 October 2012 - 11:28 AM

Open autoruns and untick the items below.

+ "SpeetItUpFree" "" "" "File not found: C:\Program Files\SpeedItup Free\speeditupfree.exe"

+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\steve\appdata\local\facebook\update\facebookupdate.exe"

+ "Google Update" "Google Installer" "Google Inc." "c:\users\steve\appdata\local\google\update\googleupdate.exe"

+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"

+ "\FacebookUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158Core" "Facebook Installer" "Facebook Inc." "c:\users\steve\appdata\local\facebook\update\facebookupdate.exe"

+ "\FacebookUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158UA" "Facebook Installer" "Facebook Inc." "c:\users\steve\appdata\local\facebook\update\facebookupdate.exe"

+ "\GoogleUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158Core" "Google Installer" "Google Inc." "c:\users\steve\appdata\local\google\update\googleupdate.exe"

+ "\GoogleUpdateTaskUserS-1-5-21-1902706052-1506629101-1762452412-1158UA" "Google Installer" "Google Inc." "c:\users\steve\appdata\local\google\update\googleupdate.exe"

+ "\Microsoft\Windows Defender\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"

+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"

+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"

+ "\RealUpgradeLogonTaskS-1-5-21-1902706052-1506629101-1762452412-1158" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"

+ "\RealUpgradeScheduledTaskS-1-5-21-1902706052-1506629101-1762452412-1158" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"

+ "\Your File Updater" "" "" "File not found: C:\Program Files\YourFileDownloader\YourFileUpdater.exe"

+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"

+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"

+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"


+ "Rts516xIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"

+ "RtsUIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"

+ "fadxirw" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\dxirewire.dll"
+ "fadxirw" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\dxirewire.dll"
+ "n-Track AutoVol" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\autovol.dll"
+ "n-Track AutoVol" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\autovol.dll"
+ "n-Track Chorus" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\chorus.dll"
+ "n-Track Chorus" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\chorus.dll"
+ "n-Track Compressor" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\facomp10.dll"
+ "n-Track Compressor" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\facomp10.dll"
+ "n-Track Echo" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\echo.dll"
+ "n-Track Echo" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\echo.dll"
+ "n-Track Parametric EQ" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\fa4bdeq.dll"
+ "n-Track Parametric EQ" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\fa4bdeq.dll"
+ "n-Track Pitch Shift" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\ntrck_PitchShift.dll"
+ "n-Track Pitch Shift" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\ntrck_PitchShift.dll"
+ "n-Track Reverb" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\riverbero.dll"
+ "n-Track Reverb" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\riverbero.dll"
+ "Bouncing Ball" "" "" "File not found: C:\Program Files\FASoft\n-Track Studio 6\ball.ax"



Reboot your machine.

Use File assasin to delete the files below.
http://downloads.malwarebytes.org/file/fileassassin

C:\Program Files\YourFileDownloader\YourFileUpdater.exe
C:\Program Files\SpeedItup Free\speeditupfree.exe
Files Not Found

Please upload the file below to Jottis malware scanner and post the results.
http://virusscan.jotti.org/en

system32\DRIVERS\Rts516xIR.sys

c:\windows\system32\drivers\Rts516xIR.sys
File Not Found

Post a fresh minitoolbox log for me to review please.With only list winsock entires checked.

MiniToolBox by Farbar Version: 23-07-2012
Ran by Steve (administrator) on 13-10-2012 at 17:24:18
Microsoft Windows 7 Professional (X86)
Boot Mode: Normal
***************************************************************************
========================= Winsock entries =====================================

Catalog5 01 H:\Windows\system32\NLAapi.dll [File Not found] ()
Catalog5 02 H:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 03 H:\Windows\System32\winrnr.dll [File Not found] ()
Catalog5 04 H:\Windows\system32\napinsp.dll [File Not found] ()
Catalog5 05 H:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 06 H:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 07 H:\Windows\system32\wshbth.dll [File Not found] ()
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 02 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 03 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 04 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 05 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 06 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 07 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 08 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 09 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 10 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 11 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 12 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 13 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 14 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 15 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 16 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 17 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 18 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 19 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 20 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 21 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 22 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 23 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 24 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 25 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 26 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 27 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 28 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 29 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 30 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 31 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 32 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 33 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 34 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 35 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 36 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 37 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 38 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 39 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 40 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 41 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 42 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 43 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 44 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 45 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 46 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 47 H:\Windows\system32\mswsock.dll [File Not found] ()

**** End of log ****

#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 PM

Posted 13 October 2012 - 11:53 AM

Update to service pack 1 reboot.
http://download.microsoft.com/download/0/A/F/0AFB5316-3062-494A-AB78-7FB0D4461357/windows6.1-KB976932-X86.exe

Download the windows all in one repair tool run it aqs admin with all boxes checked reboot and post new full minitool box log.
http://www.tweaking.com/content/page/windows_repair_all_in_one.html

Also let me know if there are any more issues.

#15 Fanny1964

Fanny1964
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:42 PM

Posted 13 October 2012 - 08:45 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Steve (administrator) on 14-10-2012 at 02:41:40
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Media disconnected)
NCP Secure Client Virtual NDIS6 Adapter = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : W03067
Primary Dns Suffix . . . . . . . : ingrams.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ingrams.local
dlink.com

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NCP Secure Client Virtual NDIS6 Adapter
Physical Address. . . . . . . . . : 02-00-4E-43-50-49
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-1E-65-E9-B8-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : dlink.com
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-1E-65-E9-B8-5A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::16e:b639:7491:294d%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 14 October 2012 00:18:37
Lease Expires . . . . . . . . . . : 15 October 2012 02:27:23
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301997669
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-88-9F-79-00-26-2D-55-3A-41
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ingrams.local
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-2D-55-3A-41
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.dlink.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : dlink.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2034:7d7:3f57:fefc(Preferred)
Link-local IPv6 Address . . . . . : fe80::2034:7d7:3f57:fefc%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2a00:1450:4009:807::100e
173.194.34.165
173.194.34.169
173.194.34.161
173.194.34.164
173.194.34.167
173.194.34.168
173.194.34.162
173.194.34.166
173.194.34.160
173.194.34.163
173.194.34.174


Pinging google.com [173.194.34.72] with 32 bytes of data:
Reply from 173.194.34.72: bytes=32 time=31ms TTL=55
Reply from 173.194.34.72: bytes=32 time=31ms TTL=55

Ping statistics for 173.194.34.72:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 31ms, Maximum = 31ms, Average = 31ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=166ms TTL=49
Reply from 98.139.183.24: bytes=32 time=227ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 166ms, Maximum = 227ms, Average = 196ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...02 00 4e 43 50 49 ......NCP Secure Client Virtual NDIS6 Adapter
22...00 1e 65 e9 b8 5b ......Microsoft Virtual WiFi Miniport Adapter
12...00 1e 65 e9 b8 5a ......Intel® WiFi Link 5100 AGN
10...00 26 2d 55 3a 41 ......Broadcom NetXtreme Gigabit Ethernet
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:5ef5:79fb:2034:7d7:3f57:fefc/128
On-link
12 281 fe80::/64 On-link
18 306 fe80::/64 On-link
12 281 fe80::16e:b639:7491:294d/128
On-link
18 306 fe80::2034:7d7:3f57:fefc/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 H:\Windows\system32\NLAapi.dll [File Not found] ()
Catalog5 02 H:\Windows\system32\napinsp.dll [File Not found] ()
Catalog5 03 H:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 04 H:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 05 H:\Windows\system32\wshbth.dll [File Not found] ()
Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 07 H:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 08 H:\Windows\System32\winrnr.dll [File Not found] ()
Catalog9 01 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 02 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 03 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 04 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 05 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 06 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 07 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 08 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 09 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 10 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 11 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 12 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 13 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 14 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 15 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 16 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 17 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 18 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 19 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 20 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 21 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 22 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 23 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 24 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 25 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 26 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 27 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 28 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 29 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 30 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 31 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 32 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 33 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 34 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 35 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 36 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 37 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 38 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 39 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 40 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 41 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 42 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 43 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 44 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 45 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 46 H:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 47 H:\Windows\system32\mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/14/2012 00:21:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: WDBackupEngine.exe, version: 1.6.1.2, time stamp: 0x4fda26d7
Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96e
Exception code: 0xc0000005
Fault offset: 0x00056018
Faulting process id: 0xd88
Faulting application start time: 0xWDBackupEngine.exe0
Faulting application path: WDBackupEngine.exe1
Faulting module path: WDBackupEngine.exe2
Report Id: WDBackupEngine.exe3

Error: (10/14/2012 00:21:30 AM) (Source: .NET Runtime) (User: )
Description: Application: WDBackupEngine.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
at System.Data.SQLite.UnsafeNativeMethods.sqlite3_prepare_interop(IntPtr, IntPtr, Int32, IntPtr ByRef, IntPtr ByRef, Int32 ByRef)
at System.Data.SQLite.SQLite3.Prepare(System.Data.SQLite.SQLiteConnection, System.String, System.Data.SQLite.SQLiteStatement, UInt32, System.String ByRef)
at System.Data.SQLite.SQLiteCommand.BuildNextCommand()
at System.Data.SQLite.SQLiteCommand.GetStatement(Int32)
at System.Data.SQLite.SQLiteDataReader.NextResult()
at System.Data.SQLite.SQLiteDataReader..ctor(System.Data.SQLite.SQLiteCommand, System.Data.CommandBehavior)
at System.Data.SQLite.SQLiteCommand.ExecuteReader(System.Data.CommandBehavior)
at System.Data.SQLite.SQLiteCommand.ExecuteNonQuery()
at WDIO.SQLiteQueue`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Create()
at WDIO.SQLiteQueue`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Open()
at WDIO.SQLiteQueue`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Add(System.__Canon)
at WDIO.SQLiteQueue`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Enqueue(System.__Canon)
at WDEngine.Engine.EnqueueSQLiteQueue(System.Object)
at WDEngine.Engine.EnqueueTask(System.Object)
at WDEngine.Controller.EnqueueTask(System.Object)
at BackupFileWatch.ProcessChangeInfo(WDEngine.ChangeInfo)
at WDEngine.FileWatch.DoQueuedTask()
at WDEngine.FileWatch.Main()
at BackupController.ThreadProc(System.Object)
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart(System.Object)

Error: (10/14/2012 00:19:52 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (10/14/2012 00:05:38 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service initialization error: the control dispatcher cannot be started [0x80070427, The service process could not connect to the service controller.
].

Error: (10/13/2012 11:35:12 PM) (Source: ESENT) (User: )
Description: WinMail (3544) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (10/13/2012 11:34:44 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot load classes registry file.
DETAIL - The process cannot access the file because it is being used by another process.

Error: (10/13/2012 11:34:44 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The process cannot access the file because it is being used by another process.
for C:\Users\steve\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/13/2012 11:34:44 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot load classes registry file.
DETAIL - The process cannot access the file because it is being used by another process.

Error: (10/13/2012 11:34:44 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The process cannot access the file because it is being used by another process.
for C:\Users\steve\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (10/13/2012 09:07:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (10/14/2012 02:39:02 AM) (Source: Microsoft-Windows-GroupPolicy) (User: INGRAMS)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/14/2012 02:05:01 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/14/2012 00:27:39 AM) (Source: Service Control Manager) (User: )
Description: The Windows Time service terminated with the following error:
%%1792

Error: (10/14/2012 00:27:39 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time service encountered an error and was forced to shut down. The error was: 0x80070700: An attempt was made to logon, but the network logon service was not started.

Error: (10/14/2012 00:23:08 AM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (10/14/2012 00:22:05 AM) (Source: Service Control Manager) (User: )
Description: The WD Backup service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (10/14/2012 00:20:06 AM) (Source: Service Control Manager) (User: )
Description: The Windows Time service terminated with the following error:
%%1792

Error: (10/14/2012 00:20:06 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time service encountered an error and was forced to shut down. The error was: 0x80070700: An attempt was made to logon, but the network logon service was not started.

Error: (10/14/2012 00:18:54 AM) (Source: Service Control Manager) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
%%1058

Error: (10/14/2012 00:18:54 AM) (Source: Service Control Manager) (User: )
Description: The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (08/10/2011 07:25:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 124358 seconds with 1560 seconds of active time. This session ended with a crash.

Error: (11/08/2010 08:03:28 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 219135 seconds with 2160 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

2007 Microsoft Office Suite Service Pack 2 (SP2)
7-Zip 4.65
Acer Crystal Eye Webcam (Version: 5.2.7.1)
ACID Music Studio 8.0 (Version: 8.0.178)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Photoshop CS (Version: CS)
Adobe Reader 9.3 (Version: 9.3.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
AndreaMosaic 3.33.0
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Applian FLV and Media Player 3.1.1.12 (Version: 3.1.1.12)
Audacity 1.3.13 (Unicode)
BlackBerry App World Browser Plugin (Version: 2.1.2)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit Integrated Controller (Version: 12.24.02)
Canon Easy-WebPrint EX
Canon MP Navigator EX 3.0
Canon MP270 series MP Drivers
Canon MP270 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner (Version: 2.31)
DHTML Editing Component (Version: 6.02.0001)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Famtree5 - 1 (Version: 5.0.1.162)
ffdshow v1.2.4453 [2012-05-21] (Version: 1.2.4453.0)
FileASSASSIN (Version: 1.06)
FLV.com FLV Downloader 8.3
Freecorder 4 (Version: 4.12B)
Freecorder 5 (Version: 5)
Freecorder 5 (Version: 5.11)
Freecorder 6 (Version: 2.1.10)
Freecorder 6 Applications (6.0.0.45) (Version: 6.0.0.45)
Freecorder 6 extension for Chrome (Version: 2.1.9)
Freeraser (Version: 1.0.0.23)
Google Chrome (Version: 22.0.1229.94)
Google Update Helper (Version: 1.3.21.123)
Guitar Pro 4.0
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.55)
Identity Card (Version: 1.00.3001)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Intel® TV Wizard
Intel® Matrix Storage Manager
InterVideo WinDVD 8 (Version: 8.5.10.39)
iTunes (Version: 10.7.0.21)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 26 (Version: 6.0.260)
LAME v3.99.3 (for Windows)
Launch Manager (Version: 3.0.04)
Lexmark 4300 Series
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.92)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyTomTom 3.2.0.700 (Version: 3.2.0.700)
n-Track Studio 6 (Version: 6.0.0)
NBI Second Edition
NCP Secure Entry Client (Version: 9.20)
NTI Backup Now 5 (Version: 5.1.2.627)
NTI Backup Now Standard (Version: 5.1.2.627)
NTI Media Maker 8 (Version: 8.0.12.6619)
NTI Shadow (Version: 3.7.6.56)
O2Micro Flash Memory Card Reader Driver (Version: 3.31.02)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PC Drummer Trial Edition 5.12
PL-2303 USB-to-Serial
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
Realtek High Definition Audio Driver (Version: 6.0.1.5911)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20133)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30087)
RealUpgrade 1.1 (Version: 1.1.0)
SPBA 5.8 (Version: 5.8.2.5652)
Spotify (Version: 0.4.3)
Spotify (Version: 0.8.3.222.g317ab79d)
SUPERAntiSpyware (Version: 5.6.1008)
Symantec Endpoint Protection (Version: 11.0.5002.333)
Synaptics Pointing Device Driver (Version: 13.2.2.0)
TomTom HOME 2.8.3.2499 (Version: 2.8.3.2499)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TreeDraw (Version: 3.2.5)
Tweaking.com - Windows Repair (All in One) (Version: 1.9.0)
Uninstall 1.0.0.1
Unlocker 1.9.0 (Version: 1.9.0)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB981715)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb981726)
Video Downloader Toolbar (Version: 1.0.2)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
Vodafone Mobile Connect Lite (Version: 9.3.5.11690)
WD SmartWare (Version: 1.6.2.6)
WIDCOMM Bluetooth Software (Version: 6.2.0.9700)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Small Business Server 2008 ClientAgent (Version: 6.0.5601.0)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR archiver
Wondershare Video Converter Platinum(Build 5.2.3.2)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 3000.95 MB
Available physical RAM: 1542.19 MB
Total Pagefile: 6000.19 MB
Available Pagefile: 4386.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1928.63 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:166.38 GB) NTFS

========================= Users: ========================================

User accounts for \\W03067

Administrator Guest User

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

13-10-2012 20:10:45 Scheduled Checkpoint

**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users