Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijacked Search


  • Please log in to reply
27 replies to this topic

#1 hrolsons

hrolsons

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:08:48 PM

Posted 08 October 2012 - 03:30 PM

I have Google as my default search, but after my kids were messing with the computer the search results go to "http://www.search-results.com" or "http://63.209.69.107"

Any ideas? I've tried the about:config keyword.url and it's set to Google.

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 08 October 2012 - 04:07 PM

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.bleepingcomputer.com/farbar/FSS.exe


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

#3 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:08:48 PM

Posted 09 October 2012 - 05:54 PM

Malwareytes log:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.09.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Derek :: DLO-FIRST-BUILD [administrator]

10/9/2012 3:33:43 PM
mbam-log-2012-10-09 (15-33-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227687
Time elapsed: 1 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

SuperAntiSpyware log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/09/2012 at 03:40 PM

Application Version : 5.6.1010

Core Rules Database Version : 9371
Trace Rules Database Version: 7183

Scan type : Quick Scan
Total Scan Time : 00:03:33

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 906
Memory threats detected : 0
Registry items scanned : 60513
Registry threats detected : 0
File items scanned : 13035
File threats detected : 96

Adware.Tracking Cookie
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\31UX4KKQ.txt [ /apmebf.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\VCMQ5P9Y.txt [ /tribalfusion.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\6X6EHXW7.txt [ /ad.mlnadvertising.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\YNELKLT3.txt [ /ads.undertone.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\I9CGR18I.txt [ /adxpose.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\J4QXWAWN.txt [ /bs.serving-sys.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\TJIUSTJ0.txt [ /zedo.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\VG0MV3ED.txt [ /serving-sys.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\CCKSUPW5.txt [ /nextag.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\KS8SI7AI.txt [ /burstbeacon.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\PMLF0K4M.txt [ /invitemedia.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\PUJ3JVJP.txt [ /www.burstnet.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\23MY4NF7.txt [ /ad.wsod.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\AZOZ5R3I.txt [ /intermundomedia.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\CAPLYJHK.txt [ /legolas-media.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\EIOKUTD4.txt [ /amazon-adsystem.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\VBJ96J8G.txt [ /ads.pubmatic.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\Y6YU0XQ7.txt [ /revsci.net ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\6GG1K8EX.txt [ /specificclick.net ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\UW3RDIL5.txt [ /atdmt.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\SADSD27G.txt [ /collective-media.net ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\G8MC9VFG.txt [ /doubleclick.net ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\NQRMF6TN.txt [ /accounts.google.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\IUDLRMPL.txt [ /burstnet.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\VDXR8XIQ.txt [ /ads.netrition.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\KBWPCOAC.txt [ /adinterax.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\H0HO1PJZ.txt [ /c.atdmt.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\HSCZE1SY.txt [ /2o7.net ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\XGTXZ5ZY.txt [ /yieldmanager.net ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\B5XSCL7I.txt [ /imrworldwide.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\0KJA7HQC.txt [ /adbrite.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\00LVXMWS.txt [ /clickbooth.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\5R08NJ8H.txt [ /lucidmedia.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\EPJ3K9GB.txt [ /an-imp.bid.ace.advertising.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\VNPR9E2T.txt [ /www.burstbeacon.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\JR0SD98B.txt [ /ad.yieldmanager.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\C3RNLHX9.txt [ /mediaplex.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\0KBYGTV6.txt [ /lfstmedia.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\G21JZFVJ.txt [ /questionmarket.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\VAK6A1O3.txt [ /ru4.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\MLM0XUJ0.txt [ /pointroll.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\QYCTMUBY.txt [ /interclick.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\2LBHBSRS.txt [ /casalemedia.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\08KZ9AWP.txt [ /gntbcstglobal.112.2o7.net ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\HTXL8D3M.txt [ /a1.interclick.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\ARCAO0WS.txt [ /ads.pointroll.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\38H7L3ZS.txt [ /fastclick.net ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\LTOEH3LC.txt [ /advertising.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\06GRU92N.txt [ /click.livesearchnow.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\H7TTIGD7.txt [ /media6degrees.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\D84ZFDXM.txt [ /server.cpmstar.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\W2LT9REB.txt [ /realmedia.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\U48X2ACD.txt [ /gr.burstnet.com ]
C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Cookies\G1RNJ7L5.txt [ /adserver.adtechus.com ]
C:\USERS\DEREK\AppData\Roaming\Microsoft\Windows\Cookies\Z3VPHE4M.txt [ Cookie:derek@adsonar.com/adserving ]
C:\USERS\DEREK\Cookies\31UX4KKQ.txt [ Cookie:derek@apmebf.com/ ]
C:\USERS\DEREK\Cookies\VCMQ5P9Y.txt [ Cookie:derek@tribalfusion.com/ ]
C:\USERS\DEREK\Cookies\6X6EHXW7.txt [ Cookie:derek@ad.mlnadvertising.com/ ]
C:\USERS\DEREK\Cookies\I9CGR18I.txt [ Cookie:derek@adxpose.com/ ]
C:\USERS\DEREK\Cookies\J4QXWAWN.txt [ Cookie:derek@bs.serving-sys.com/ ]
C:\USERS\DEREK\Cookies\CCKSUPW5.txt [ Cookie:derek@nextag.com/ ]
C:\USERS\DEREK\Cookies\KS8SI7AI.txt [ Cookie:derek@burstbeacon.com/ ]
C:\USERS\DEREK\Cookies\PMLF0K4M.txt [ Cookie:derek@invitemedia.com/ ]
C:\USERS\DEREK\Cookies\PUJ3JVJP.txt [ Cookie:derek@www.burstnet.com/ ]
C:\USERS\DEREK\Cookies\AZOZ5R3I.txt [ Cookie:derek@intermundomedia.com/ ]
C:\USERS\DEREK\Cookies\CAPLYJHK.txt [ Cookie:derek@legolas-media.com/ ]
C:\USERS\DEREK\Cookies\EIOKUTD4.txt [ Cookie:derek@amazon-adsystem.com/ ]
C:\USERS\DEREK\Cookies\Y6YU0XQ7.txt [ Cookie:derek@revsci.net/ ]
C:\USERS\DEREK\Cookies\6GG1K8EX.txt [ Cookie:derek@specificclick.net/ ]
C:\USERS\DEREK\Cookies\UW3RDIL5.txt [ Cookie:derek@atdmt.com/ ]
C:\USERS\DEREK\Cookies\SADSD27G.txt [ Cookie:derek@collective-media.net/ ]
C:\USERS\DEREK\Cookies\G8MC9VFG.txt [ Cookie:derek@doubleclick.net/ ]
C:\USERS\DEREK\Cookies\NQRMF6TN.txt [ Cookie:derek@accounts.google.com/ ]
C:\USERS\DEREK\Cookies\KBWPCOAC.txt [ Cookie:derek@adinterax.com/ ]
C:\USERS\DEREK\Cookies\H0HO1PJZ.txt [ Cookie:derek@c.atdmt.com/ ]
C:\USERS\DEREK\Cookies\B5XSCL7I.txt [ Cookie:derek@imrworldwide.com/cgi-bin ]
C:\USERS\DEREK\Cookies\00LVXMWS.txt [ Cookie:derek@clickbooth.com/ ]
C:\USERS\DEREK\Cookies\5R08NJ8H.txt [ Cookie:derek@lucidmedia.com/ ]
C:\USERS\DEREK\Cookies\EPJ3K9GB.txt [ Cookie:derek@an-imp.bid.ace.advertising.com/ ]
C:\USERS\DEREK\Cookies\VNPR9E2T.txt [ Cookie:derek@www.burstbeacon.com/ ]
C:\USERS\DEREK\Cookies\JR0SD98B.txt [ Cookie:derek@ad.yieldmanager.com/ ]
C:\USERS\DEREK\Cookies\C3RNLHX9.txt [ Cookie:derek@mediaplex.com/ ]
C:\USERS\DEREK\Cookies\0KBYGTV6.txt [ Cookie:derek@lfstmedia.com/ ]
C:\USERS\DEREK\Cookies\G21JZFVJ.txt [ Cookie:derek@questionmarket.com/ ]
C:\USERS\DEREK\Cookies\VAK6A1O3.txt [ Cookie:derek@ru4.com/ ]
C:\USERS\DEREK\Cookies\MLM0XUJ0.txt [ Cookie:derek@pointroll.com/ ]
C:\USERS\DEREK\Cookies\QYCTMUBY.txt [ Cookie:derek@interclick.com/ ]
C:\USERS\DEREK\Cookies\08KZ9AWP.txt [ Cookie:derek@gntbcstglobal.112.2o7.net/ ]
C:\USERS\DEREK\Cookies\ARCAO0WS.txt [ Cookie:derek@ads.pointroll.com/ ]
C:\USERS\DEREK\Cookies\LTOEH3LC.txt [ Cookie:derek@advertising.com/ ]
C:\USERS\DEREK\Cookies\06GRU92N.txt [ Cookie:derek@click.livesearchnow.com/ads-clicktrack/click/ ]
C:\USERS\DEREK\Cookies\D84ZFDXM.txt [ Cookie:derek@server.cpmstar.com/ ]
C:\USERS\DEREK\Cookies\W2LT9REB.txt [ Cookie:derek@realmedia.com/ ]
C:\USERS\DEREK\Cookies\U48X2ACD.txt [ Cookie:derek@gr.burstnet.com/ ]
C:\USERS\DEREK\Cookies\Z3VPHE4M.txt [ Cookie:derek@adsonar.com/adserving ]
C:\USERS\DEREK\Cookies\G1RNJ7L5.txt [ Cookie:derek@adserver.adtechus.com/ ]

ESET Found no threats.

Farbar log:

Farbar Service Scanner Version: 07-10-2012
Ran by Derek (administrator) on 09-10-2012 at 16:19:54
Running from "C:\Users\Derek\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Minitoolbox log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Derek (administrator) on 09-10-2012 at 16:21:58
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DLO-First-Build
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 50-E5-49-C8-13-3D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a0fc:afd0:881d:2839%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, October 08, 2012 8:04:27 PM
Lease Expires . . . . . . . . . . : Tuesday, October 09, 2012 8:04:26 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 240182601
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-D0-5A-20-50-E5-49-C8-13-3D
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{666AD3C4-928A-4D77-9702-58D5ED436EDE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:381b:2ff0:51cc:2220(Preferred)
Link-local IPv6 Address . . . . . : fe80::381b:2ff0:51cc:2220%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:400f:801::1001
74.125.225.167
74.125.225.162
74.125.225.169
74.125.225.163
74.125.225.160
74.125.225.166
74.125.225.164
74.125.225.165
74.125.225.174
74.125.225.168
74.125.225.161


Pinging google.com [74.125.225.161] with 32 bytes of data:
Reply from 74.125.225.161: bytes=32 time=12ms TTL=54
Reply from 74.125.225.161: bytes=32 time=12ms TTL=54

Ping statistics for 74.125.225.161:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 12ms, Average = 12ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=64ms TTL=49
Reply from 98.138.253.109: bytes=32 time=61ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 61ms, Maximum = 64ms, Average = 62ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...50 e5 49 c8 13 3d ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 266
192.168.1.4 255.255.255.255 On-link 192.168.1.4 266
192.168.1.255 255.255.255.255 On-link 192.168.1.4 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:381b:2ff0:51cc:2220/128
On-link
11 266 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::381b:2ff0:51cc:2220/128
On-link
11 266 fe80::a0fc:afd0:881d:2839/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/09/2012 03:39:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/08/2012 08:04:35 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (10/08/2012 08:04:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 08:03:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x4fd626ed
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x644
Faulting application start time: 0xFuel.Service.exe0
Faulting application path: Fuel.Service.exe1
Faulting module path: Fuel.Service.exe2
Report Id: Fuel.Service.exe3

Error: (10/08/2012 04:51:57 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (10/08/2012 04:51:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 04:50:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x4fd626ed
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x6f0
Faulting application start time: 0xFuel.Service.exe0
Faulting application path: Fuel.Service.exe1
Faulting module path: Fuel.Service.exe2
Report Id: Fuel.Service.exe3

Error: (10/07/2012 06:35:43 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (10/07/2012 06:35:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2012 00:17:44 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.


System errors:
=============
Error: (10/08/2012 08:04:22 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.01 service failed to start due to the following error:
%%3

Error: (10/08/2012 08:03:37 PM) (Source: Service Control Manager) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/08/2012 04:51:44 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.01 service failed to start due to the following error:
%%3

Error: (10/08/2012 04:50:51 PM) (Source: Service Control Manager) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/07/2012 07:31:43 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (10/07/2012 06:35:31 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.01 service failed to start due to the following error:
%%3

Error: (10/07/2012 06:35:29 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:33:55 PM on ?10/?7/?2012 was unexpected.

Error: (10/07/2012 00:17:31 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.01 service failed to start due to the following error:
%%3

Error: (10/07/2012 00:16:49 PM) (Source: Service Control Manager) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/03/2012 04:03:38 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.01 service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (10/09/2012 03:39:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Derek\Downloads\esetsmartinstaller_enu.exe

Error: (10/08/2012 08:04:35 PM) (Source: Report Server Windows Service (MSSQLSERVER))(User: )
Description: Report Server Windows Service (MSSQLSERVER)

Error: (10/08/2012 08:04:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 08:03:36 PM) (Source: Application Error)(User: )
Description: Fuel.Service.exe1.0.0.04fd626edDevice.dll4.1.0.04f55e10bc000000500000000000033c164401cda5a77d8fc5d8E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeE:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll88fb2627-11b5-11e2-b13b-50e549c8133d

Error: (10/08/2012 04:51:57 PM) (Source: Report Server Windows Service (MSSQLSERVER))(User: )
Description: Report Server Windows Service (MSSQLSERVER)

Error: (10/08/2012 04:51:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 04:50:50 PM) (Source: Application Error)(User: )
Description: Fuel.Service.exe1.0.0.04fd626edDevice.dll4.1.0.04f55e10bc000000500000000000033c16f001cda4ecd23bfc9bE:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeE:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll9b1a2ada-119a-11e2-b169-50e549c8133d

Error: (10/07/2012 06:35:43 PM) (Source: Report Server Windows Service (MSSQLSERVER))(User: )
Description: Report Server Windows Service (MSSQLSERVER)

Error: (10/07/2012 06:35:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2012 00:17:44 PM) (Source: Report Server Windows Service (MSSQLSERVER))(User: )
Description: Report Server Windows Service (MSSQLSERVER)


=========================== Installed Programs ============================

Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0611.1251.21046)
AMD Media Foundation Decoders (Version: 1.0.70611.1329)
AMD Steady Video Plug-In (Version: 2.04.0000)
AMD VISION Engine Control Center (Version: 2012.0611.1251.21046)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
Bing Desktop (Version: 1.0.45.0)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.1.2)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.9.0.9)
Canon MOV Decoder (Version: 1.8.0.7)
Canon MOV Encoder (Version: 1.6.0.1)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.7.0.4)
Canon Utilities Digital Photo Professional 3.10 (Version: 3.10.2.0)
Canon Utilities EOS Sample Music (Version: 1.0.0.204)
Canon Utilities EOS Utility (Version: 2.10.2.0)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (Version: 1.0.0.10)
Canon Utilities Movie Uploader for YouTube (Version: 1.2.0.7)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities Picture Style Editor (Version: 1.9.0.0)
Canon Utilities ZoomBrowser EX (Version: 6.7.0.24)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.5.0.9)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046)
Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046)
Catalyst Control Center Localization All (Version: 2012.0611.1251.21046)
ccc-utility64 (Version: 2012.0611.1251.21046)
CCC Help Chinese Standard (Version: 2012.0611.1250.21046)
CCC Help Chinese Traditional (Version: 2012.0611.1250.21046)
CCC Help Czech (Version: 2012.0611.1250.21046)
CCC Help Danish (Version: 2012.0611.1250.21046)
CCC Help Dutch (Version: 2012.0611.1250.21046)
CCC Help English (Version: 2012.0611.1250.21046)
CCC Help Finnish (Version: 2012.0611.1250.21046)
CCC Help French (Version: 2012.0611.1250.21046)
CCC Help German (Version: 2012.0611.1250.21046)
CCC Help Greek (Version: 2012.0611.1250.21046)
CCC Help Hungarian (Version: 2012.0611.1250.21046)
CCC Help Italian (Version: 2012.0611.1250.21046)
CCC Help Japanese (Version: 2012.0611.1250.21046)
CCC Help Korean (Version: 2012.0611.1250.21046)
CCC Help Norwegian (Version: 2012.0611.1250.21046)
CCC Help Polish (Version: 2012.0611.1250.21046)
CCC Help Portuguese (Version: 2012.0611.1250.21046)
CCC Help Russian (Version: 2012.0611.1250.21046)
CCC Help Spanish (Version: 2012.0611.1250.21046)
CCC Help Swedish (Version: 2012.0611.1250.21046)
CCC Help Thai (Version: 2012.0611.1250.21046)
CCC Help Turkish (Version: 2012.0611.1250.21046)
CCleaner (Version: 3.22)
D3DX10 (Version: 15.4.2368.0902)
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
Etron USB3.0 Host Controller (Version: 0.104)
Ezvid (Version: 0.8.7.4)
FlipShare (Version: 5.12.3.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Logitech Flow Scroll 4.0 (Version: 4.00.33)
Logitech SetPoint 6.32 (Version: 6.32.20)
Logitech Unifying Software 2.00 (Version: 2.00.43)
LogMeIn (Version: 4.1.2138)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Office 2003 Web Components (Version: 12.0.6213.1000)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Books Online (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Policies (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.51.2500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.51.2500.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (x64) (Version: 10.51.2500.0)
Microsoft SQL Server VSS Writer (Version: 10.51.2500.0)
Microsoft Sync Framework Runtime v1.0 (x64) (Version: 1.0.1215.0)
Microsoft Sync Services for ADO.NET v2.0 (x64) (Version: 2.0.1215.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (Version: 9.0.30729)
Microsoft Visual Studio 6.0 Professional Edition
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
Microsoft Web Publishing Wizard 1.53
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
ON_OFF Charge B11.0110.1 (Version: 1.00.0001)
Pandora (Version: 2.0.6)
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver (Version: 7.38.113.2011)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6409)
Realtek High Definition Audio Driver (Version: 6.0.1.6433)
Roblox
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (Version: 10.51.2500.0)
SQL Server 2008 R2 Reporting Services (Version: 10.50.1600.1)
SQL Server 2008 R2 SP1 Analysis Services (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 BI Development Studio (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Client Tools (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Full text search (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Integration Services (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Management Studio (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Reporting Services (Version: 10.51.2500.0)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
SUPERAntiSpyware (Version: 5.6.1010)
TurboTax 2011
TurboTax 2011 wcoiper (Version: 011.000.1697)
TurboTax 2011 WinPerFedFormset (Version: 011.000.3351)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222)
TurboTax 2011 wrapper (Version: 011.000.0121)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
ViewSonic Monitor Drivers x64
ViewSonic Windows Vista x64 Signed Files
WebDrive (Version: 10.10.2567)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
World of Warcraft (Version: 5.0.5.16057)

========================= Devices: ================================

Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 16365.24 MB
Available physical RAM: 11667.88 MB
Total Pagefile: 32728.68 MB
Available Pagefile: 27065.77 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.81 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:55.8 GB) (Free:4.28 GB) NTFS
3 Drive e: (1THDD) (Fixed) (Total:931.51 GB) (Free:743.68 GB) NTFS
4 Drive f: (SSD2) (Fixed) (Total:55.9 GB) (Free:55.78 GB) NTFS
5 Drive w: (www.blueapplehouses.com) (Network) (Total:100 GB) (Free:100 GB) WebDrive

========================= Users: ========================================

User accounts for \\DLO-FIRST-BUILD

Administrator Derek Guest
LogMeInRemoteUser


**** End of log ****


AdwareCleaner log:
# AdwCleaner v2.004 - Logfile created 10/09/2012 at 16:27:39
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Derek - DLO-FIRST-BUILD
# Boot Mode : Normal
# Running from : C:\Users\Derek\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\tnpqfj1y.default\searchplugins\Search_Results.xml
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\splashtop
Folder Found : C:\Users\Derek\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Derek\AppData\Roaming\splashtop

***** [Registry] *****

Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKU\S-1-5-21-3641706235-2163420760-3234210096-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-3641706235-2163420760-3234210096-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\tnpqfj1y.default\prefs.js

Found : user_pref("aol_toolbar.buttons.layout", "aol_mail_5496;facebook_40839;mapquest_40872;twitter_40883;w[...]
Found : user_pref("aol_toolbar.default.homepage.check", false);
Found : user_pref("aol_toolbar.default.homepage.url", "hxxp://www.aol.com/?mtmhp=hyplogusaolp00000006");
Found : user_pref("aol_toolbar.default.search.check", true);
Found : user_pref("aol_toolbar.default.search.label", "AOL Search");
Found : user_pref("aol_toolbar.default.search.url", "hxxp://search.aol.com/search/search?query={searchTerms}[...]
Found : user_pref("aol_toolbar.firsttime.showwindow", false);
Found : user_pref("aol_toolbar.guid", "{B365AC74-8E88-7C69-CA36-7634ADD4581D}");
Found : user_pref("aol_toolbar.install.distroid", "aol");
Found : user_pref("aol_toolbar.install.homepage", "hxxp://www.aol.com/?mtmhp={mtmhp}");
Found : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.8614");
Found : user_pref("aol_toolbar.install.lid", "hyplognew00000010");
Found : user_pref("aol_toolbar.install.mtmhp", "hyplogusaolp00000006");
Found : user_pref("aol_toolbar.install.ncid", "");
Found : user_pref("aol_toolbar.metrics.activestampdate", "14");
Found : user_pref("aol_toolbar.metrics.activestampmonth", "8");
Found : user_pref("aol_toolbar.metrics.activestampyear", "2012");
Found : user_pref("aol_toolbar.metrics.originalDate", "8");
Found : user_pref("aol_toolbar.metrics.originalHours", "20");
Found : user_pref("aol_toolbar.metrics.originalMinutes", "4");
Found : user_pref("aol_toolbar.metrics.originalMonth", "9");
Found : user_pref("aol_toolbar.metrics.originalSeconds", "18");
Found : user_pref("aol_toolbar.metrics.originalYear", "2012");
Found : user_pref("aol_toolbar.relatednews.enabled", false);
Found : user_pref("aol_toolbar.remote.publish.xml", "1347668282442");
Found : user_pref("aol_toolbar.rtw.active", false);
Found : user_pref("aol_toolbar.search.button", true);
Found : user_pref("aol_toolbar.search.cid", "08-09-2012");
Found : user_pref("aol_toolbar.search.instd", "201209082001420001");
Found : user_pref("aol_toolbar.search.oid", "08-09-2012");
Found : user_pref("aol_toolbar.search.placement", "right");
Found : user_pref("aol_toolbar.search.populateoncomplete", false);
Found : user_pref("aol_toolbar.search.savehistory", false);
Found : user_pref("aol_toolbar.search.searchtype", "web");
Found : user_pref("aol_toolbar.search.source", "tb50-ff-oc");
Found : user_pref("aol_toolbar.skin.custom", false);
Found : user_pref("aol_toolbar.surf.date", "33");
Found : user_pref("aol_toolbar.surf.lastDate", "14");
Found : user_pref("aol_toolbar.surf.lastMonth", "8");
Found : user_pref("aol_toolbar.surf.lastYear", "2012");
Found : user_pref("aol_toolbar.surf.month", "244");
Found : user_pref("aol_toolbar.surf.prevMonth", "0");
Found : user_pref("aol_toolbar.surf.total", "250");
Found : user_pref("aol_toolbar.surf.week", "240");
Found : user_pref("aol_toolbar.surf.year", "244");
Found : user_pref("aol_toolbar.ticker.active", false);
Found : user_pref("aol_toolbar.upgrade.showwindow", false);
Found : user_pref("aol_toolbar.weather.degc", "21");
Found : user_pref("aol_toolbar.weather.degf", "70");
Found : user_pref("aol_toolbar.weather.image", "chrome://aoltoolbar/skin/weather/33_n.png");
Found : user_pref("aol_toolbar.weather.locationid", "USNY0996");
Found : user_pref("aol_toolbar.weather.metric", true);
Found : user_pref("aol_toolbar.weather.tooltip", "New York , NY : Mostly Clear");
Found : user_pref("aol_toolbar.weather.update", "1347673028651");
Found : user_pref("browser.search.defaultenginename", "Search Results");
Found : user_pref("browser.search.order.1", "Search Results");
Found : user_pref("browser.search.selectedEngine", "Search Results");

*************************

AdwCleaner[R1].txt - [6272 octets] - [09/10/2012 16:23:26]
AdwCleaner[R2].txt - [6213 octets] - [09/10/2012 16:27:39]

########## EOF - C:\AdwCleaner[R2].txt - [6273 octets] ##########

Norman log:

Norman Malware Cleaner v2.05.06
Copyright © 1990 - 2012, Norman ASA.

Norman Scanner Engine Version: 6.08.06
nvcbin.def: Version: 6.08.00, Date: 2012/10/09 09:01:34, Variants: 18865362
nvcmacro.def: Version: 6.08.00, Date: 2011/12/19 03:20:35, Variants: 20465

Operating System: Windows 7 Service Pack 1 x64

Switches: /iagree /cleanrootkit /nosb

Scan started: 2012/10/09 16:25:44

Running pre-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Scanning running processes and process memory...

Number of objects found: 1204
Number of objects scanned: 1204
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 22s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 1s

Running full scan...
C:\ProgramData\Flip Video\FlipShareServer\FlipShareServer.lock: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\IMpServiceEDB4FA23-53B8-4AFA-8C5D-99752CCA7094.lock: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\CacheManager\MpScanCache-1.bin: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-C586F88B36389638E7930C7121005E69A9A718C2.bin.67: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-C586F88B36389638E7930C7121005E69A9A718C2.bin.7E: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-C586F88B36389638E7930C7121005E69A9A718C2.bin.80: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-C586F88B36389638E7930C7121005E69A9A718C2.bin.87: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-C586F88B36389638E7930C7121005E69A9A718C2.bin.A0: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-C586F88B36389638E7930C7121005E69A9A718C2.bin.VE0: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-C586F88B36389638E7930C7121005E69A9A718C2.bin.VE1: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-C586F88B36389638E7930C7121005E69A9A718C2.bin.VE2: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MpDiag.bin: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-C586F88B36389638E7930C7121005E69A9A718C2.bin.VF: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG1: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG2: Error opening file for read: 0x00000020
C:\Users\Derek\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\Derek\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Derek\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\Derek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-7f7e97bd: Archive infected
C:\Users\Derek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-7f7e97bd/rc.class: File infected with Exploit.DK
Delete archive object: C:\Users\Derek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-7f7e97bd\rc.class
Cleaning successful
C:\Users\Derek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-7f7e97bd/rb.class: File infected with Exploit.DJ
Delete archive object: C:\Users\Derek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-7f7e97bd\rb.class
Cleaning successful
C:\Users\Derek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-7f7e97bd/lz.class: File infected with Exploit.DH
Delete archive object: C:\Users\Derek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-7f7e97bd\lz.class
Cleaning successful
C:\Users\Derek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-7f7e97bd: Archive is empty after cleaning
Delete file: C:\Users\Derek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\c2dc25f-7f7e97bd
Cleaning successful
C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\tnpqfj1y.default\parent.lock: Error opening file for read: 0x00000020
C:\Users\Derek\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Users\Derek\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Derek\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\3f222f87586e74009c5610046945b9eb5cb6008a.HomeGroupClassifier\39e5102d72804e164f944968a692d812\grouping\db.mdb: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\3f222f87586e74009c5610046945b9eb5cb6008a.HomeGroupClassifier\39e5102d72804e164f944968a692d812\grouping\edb.log: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\PeerNetworking\3f222f87586e74009c5610046945b9eb5cb6008a.HomeGroupClassifier\39e5102d72804e164f944968a692d812\grouping\tmp.edb: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\edb.log: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\master.mdf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\mastlog.ldf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\model.mdf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\modellog.ldf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\MSDBData.mdf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\MSDBLog.ldf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\Photos.mdf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\Photos_1.ldf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\Photos_Work.mdf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\Photos_Work_1.ldf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\ReportServer.mdf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\ReportServerTempDB.mdf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\tempdb.mdf: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\ReportServer_log.LDF: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\ReportServerTempDB_log.LDF: Error opening file for read: 0x00000020
E:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\templog.ldf: Error opening file for read: 0x00000020

Number of files found: 135727
Number of archives unpacked: 3072
Number of objects found: 358398
Number of objects scanned: 358317
Number of objects not scanned: 81
Number of malicious objects found: 4
Number of malicious objects cleaned: 4
Number of malicious files found: 1
Number of malicious files cleaned: 1
Scanning time: 21m 8s

Running post-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Results:
Total number of files found: 135727
Total number of archives unpacked: 3072
Total number of objects found: 359602
Total number of objects scanned: 359521
Total number of objects not scanned: 81
Total number of malicious objects found: 4
Total number of malicious objects cleaned: 4
Total number of malicious files found: 1
Total number of malicious files cleaned: 1
Total number of objects quarantined: 1
Total scanning time: 21m 31s

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 09 October 2012 - 06:21 PM

Re-run Adware Cleaner hit the delete button this time post the log. :)


Go here and run the fix it for the hosts file,as admin.
http://support.microsoft.com/kb/972034



Manually un-tick Ipv6
http://support.microsoft.com/kb/929852

Run the fix it below as admin.

http://go.microsoft.com/?linkid=9728872


Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/

Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe


Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

http://download.sysinternals.com/files/Autoruns.zip

#5 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:08:48 PM

Posted 09 October 2012 - 08:21 PM

Thank you so much for your help. I will do what you said. I also have a laptop that is infected, should I start a new thread for it?

#6 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:08:48 PM

Posted 09 October 2012 - 08:25 PM

# AdwCleaner v2.004 - Logfile created 10/09/2012 at 19:17:41
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Derek - DLO-FIRST-BUILD
# Boot Mode : Normal
# Running from : C:\Users\Derek\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\tnpqfj1y.default\searchplugins\Search_Results.xml
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\splashtop
Folder Deleted : C:\Users\Derek\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Derek\AppData\Roaming\splashtop

***** [Registry] *****

Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\tnpqfj1y.default\prefs.js

C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\tnpqfj1y.default\user.js ... Deleted !

Deleted : user_pref("aol_toolbar.buttons.layout", "aol_mail_5496;facebook_40839;mapquest_40872;twitter_40883;w[...]
Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.homepage.url", "hxxp://www.aol.com/?mtmhp=hyplogusaolp00000006");
Deleted : user_pref("aol_toolbar.default.search.check", true);
Deleted : user_pref("aol_toolbar.default.search.label", "AOL Search");
Deleted : user_pref("aol_toolbar.default.search.url", "hxxp://search.aol.com/search/search?query={searchTerms}[...]
Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
Deleted : user_pref("aol_toolbar.guid", "{B365AC74-8E88-7C69-CA36-7634ADD4581D}");
Deleted : user_pref("aol_toolbar.install.distroid", "aol");
Deleted : user_pref("aol_toolbar.install.homepage", "hxxp://www.aol.com/?mtmhp={mtmhp}");
Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.8614");
Deleted : user_pref("aol_toolbar.install.lid", "hyplognew00000010");
Deleted : user_pref("aol_toolbar.install.mtmhp", "hyplogusaolp00000006");
Deleted : user_pref("aol_toolbar.install.ncid", "");
Deleted : user_pref("aol_toolbar.metrics.activestampdate", "14");
Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "8");
Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2012");
Deleted : user_pref("aol_toolbar.metrics.originalDate", "8");
Deleted : user_pref("aol_toolbar.metrics.originalHours", "20");
Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "4");
Deleted : user_pref("aol_toolbar.metrics.originalMonth", "9");
Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "18");
Deleted : user_pref("aol_toolbar.metrics.originalYear", "2012");
Deleted : user_pref("aol_toolbar.relatednews.enabled", false);
Deleted : user_pref("aol_toolbar.remote.publish.xml", "1347668282442");
Deleted : user_pref("aol_toolbar.rtw.active", false);
Deleted : user_pref("aol_toolbar.search.button", true);
Deleted : user_pref("aol_toolbar.search.cid", "08-09-2012");
Deleted : user_pref("aol_toolbar.search.instd", "201209082001420001");
Deleted : user_pref("aol_toolbar.search.oid", "08-09-2012");
Deleted : user_pref("aol_toolbar.search.placement", "right");
Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
Deleted : user_pref("aol_toolbar.search.savehistory", false);
Deleted : user_pref("aol_toolbar.search.searchtype", "web");
Deleted : user_pref("aol_toolbar.search.source", "tb50-ff-oc");
Deleted : user_pref("aol_toolbar.skin.custom", false);
Deleted : user_pref("aol_toolbar.surf.date", "33");
Deleted : user_pref("aol_toolbar.surf.lastDate", "14");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "8");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2012");
Deleted : user_pref("aol_toolbar.surf.month", "244");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "0");
Deleted : user_pref("aol_toolbar.surf.total", "250");
Deleted : user_pref("aol_toolbar.surf.week", "240");
Deleted : user_pref("aol_toolbar.surf.year", "244");
Deleted : user_pref("aol_toolbar.ticker.active", false);
Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
Deleted : user_pref("aol_toolbar.weather.degc", "21");
Deleted : user_pref("aol_toolbar.weather.degf", "70");
Deleted : user_pref("aol_toolbar.weather.image", "chrome://aoltoolbar/skin/weather/33_n.png");
Deleted : user_pref("aol_toolbar.weather.locationid", "USNY0996");
Deleted : user_pref("aol_toolbar.weather.metric", true);
Deleted : user_pref("aol_toolbar.weather.tooltip", "New York , NY : Mostly Clear");
Deleted : user_pref("aol_toolbar.weather.update", "1347673028651");
Deleted : user_pref("browser.search.defaultenginename", "Search Results");
Deleted : user_pref("browser.search.order.1", "Search Results");
Deleted : user_pref("browser.search.selectedEngine", "Search Results");

*************************

AdwCleaner[R1].txt - [6272 octets] - [09/10/2012 16:23:26]
AdwCleaner[R2].txt - [6332 octets] - [09/10/2012 16:27:39]
AdwCleaner[R3].txt - [6392 octets] - [09/10/2012 19:16:46]
AdwCleaner[S1].txt - [6271 octets] - [09/10/2012 19:17:41]

########## EOF - C:\AdwCleaner[S1].txt - [6331 octets] ##########


I'm not sure what to do when you said "Manually un-tick Ipv6"

#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 10 October 2012 - 06:06 AM

I'm not sure what to do when you said "Manually un-tick Ipv6"



Here are instructions.
If you have problems with this skip it and continue to the other scans.

Hit start
Control Panel
NetWork & Sharing Center
Manage Network Connections
Right Click Your Connection
Select Properties
Un-Check Ipv6
Select ok

Please continue the other instructions.

#8 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:08:48 PM

Posted 10 October 2012 - 04:04 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/10/2012 02:58:05 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/10/2012 02:58:09 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)


Junkware Removal Tool (JRT) by Thisisu
Version: 1.3.7 (10.09.2012)
OS: Windows 7 Home Premium x64
Ran by Derek on Tue 10/09/2012 at 20:54:19.15
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Tue 10/09/2012 at 21:00:58.10
End of Report

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EvtMgr6" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpointp\setpoint.exe"
+ "LogiScrollApp" "Logitech ScrollApp (UNICODE)" "Logitech, Inc." "c:\program files\logitech\flowscroll\khalscroll.exe"
+ "LogMeIn GUI" "LogMeIn Desktop Application" "LogMeIn, Inc." "e:\program files (x86)\logmein\x64\logmeinsystray.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AMD AVT" "" "" "File not found: start"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BingDesktop" "Bing Desktop application" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktop.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "e:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "e:\program files\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Microsoft Office.lnk" "Microsoft Office 2000 component" "Microsoft Corporation" "e:\program files (x86)\microsoft office\office\osa9.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "e:\program files\superantispyware\superantispyware.exe"
+ "WebDriveTray" "WebDrive" "South River Technologies, LLC" "e:\program files\webdrive\webdrive.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "video/mp4" "MIME Video Detector for IE" "Advanced Micro Devices" "c:\program files\amd\steadyvideo\videomimefilter.dll"
+ "video/x-flv" "MIME Video Detector for IE" "Advanced Micro Devices" "c:\program files\amd\steadyvideo\videomimefilter.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "e:\program files\superantispyware\sasctxmn64.dll"
+ "WebDrive" "WebDrive" "South River Technologies, LLC" "c:\windows\system32\wdshellext.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "WebDrivePage" "WebDrive" "South River Technologies, LLC" "c:\windows\system32\wdshellext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WebDrive" "WebDrive" "South River Technologies, LLC" "c:\windows\system32\wdshellext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "e:\program files\superantispyware\sasctxmn64.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "e:\program files\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WebDrive" "WebDrive" "South River Technologies, LLC" "c:\windows\system32\wdshellext.dll"
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" ""
+ "WebDrivePage" "WebDrive" "South River Technologies, LLC" "c:\windows\system32\wdshellext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "WebDrive" "WebDrive" "South River Technologies, LLC" "c:\windows\system32\wdshellext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Logitech Flow Scroll" "Logitech Flow Scroll" "Logitech, Inc." "c:\program files\logitech\flowscroll\logismooth.dll"
+ "SteadyVideoBHO Class" "This plugin allows the user to turn AMD SteadyVideo on or off when video is detected on the web." "Advanced Micro Devices" "c:\program files\amd\steadyvideo\steadyvideo.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Logitech Flow Scroll" "Logitech Flow Scroll" "Logitech, Inc." "c:\program files\logitech\flowscroll\32-bit\logismooth.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "e:\program files\ccleaner\ccleaner.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\SUPERAntiSpyware Scheduled Task 8cad8173-f3ca-47e8-a858-9ad92137967a" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "e:\program files\superantispyware\sastask.exe"
+ "\SUPERAntiSpyware Scheduled Task c493aac3-3a81-4b37-8891-843dbd6a9b40" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "e:\program files\superantispyware\sastask.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "e:\program files\superantispyware\sascore64.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AMD FUEL Service" "Provides FUEL Functionality" "Advanced Micro Devices, Inc." "e:\program files\ati technologies\ati.ace\fuel\fuel.service.exe"
+ "AppleChargerSrv" "Apple mobile devices charging service" "" "c:\windows\system32\applechargersrv.exe"
+ "BingDesktopUpdate" "Bing Desktop Update Service" "Microsoft Corp." "c:\program files (x86)\microsoft\bingdesktop\bingdesktopupdater.exe"
+ "FlipShare Service" "FlipShare Service" "" "c:\program files (x86)\flip video\flipshare\flipshareservice.exe"
+ "FlipShareServer" "Server responsible for enabling you to share Flip Media" "" "c:\program files (x86)\flip video\flipshareserver\flipshareserver.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "IntuitUpdateServiceV4" "Helps Intuit applications automatically update themselves." "Intuit Inc." "c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "LMIGuardianSvc" "Support LogMeIn processes with quality assurance feedback" "LogMeIn, Inc." "e:\program files (x86)\logmein\x64\lmiguardiansvc.exe"
+ "LMIMaint" "LogMeIn Maintenance Service" "LogMeIn, Inc." "e:\program files (x86)\logmein\x64\ramaint.exe"
+ "LogMeIn" "LogMeIn" "LogMeIn, Inc." "e:\program files (x86)\logmein\x64\logmein.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsDtsServer100" "Provides management support for SSIS package storage and execution." "Microsoft Corporation" "e:\program files\microsoft sql server\100\dts\binn\msdtssrvr.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MSSQLFDLauncher" "Service to launch full-text filter daemon process which will perform document filtering and word breaking for SQL Server full-text search. Disabling this service will make full-text search features of SQL Server unavailable." "Microsoft Corporation" "e:\program files\microsoft sql server\mssql10_50.mssqlserver\mssql\binn\fdlauncher.exe"
+ "MSSQLSERVER" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "e:\program files\microsoft sql server\mssql10_50.mssqlserver\mssql\binn\sqlservr.exe"
+ "MSSQLServerOLAPService" "Supplies online analytical processing (OLAP) and data mining functionality for business intelligence applications." "Microsoft Corporation" "e:\program files\microsoft sql server\msas10_50.mssqlserver\olap\bin\msmdsrv.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ReportServer" "Manages, executes, renders, schedules and delivers reports." "Microsoft Corporation" "e:\program files\microsoft sql server\msrs10_50.mssqlserver\reporting services\reportserver\bin\reportingservicesservice.exe"
+ "SQLSERVERAGENT" "Executes jobs, monitors SQL Server, fires alerts, and allows automation of some administrative tasks." "Microsoft Corporation" "e:\program files\microsoft sql server\mssql10_50.mssqlserver\mssql\binn\sqlagent.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "WebDriveService" "Use WebDrive to map a drive letter to an Internet server" "South River Technologies, LLC" "e:\program files\webdrive\wdservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdiox64" "AMD IO Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdiox64.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AODDriver" "" "" "File not found: C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys"
+ "AODDriver4.01" "" "" "File not found: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys"
+ "AODDriver4.1" "AMD OverDrive Service Driver" "Advanced Micro Devices" "e:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys"
+ "AppleCharger" "Apple mobile devices charging program" "" "c:\windows\system32\drivers\applecharger.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "etdrv" "GIGABYTE Tools" "Windows ® Server 2003 DDK provider" "c:\windows\etdrv.sys"
+ "EtronHub3" "Etron eXtensible Hub Driver." "Etron Technology Inc" "c:\windows\system32\drivers\etronhub3.sys"
+ "EtronXHCI" "Etron eXtensible Host Controller Driver." "Etron Technology Inc" "c:\windows\system32\drivers\etronxhci.sys"
+ "gdrv" "GIGABYTE Tools" "Windows ® Server 2003 DDK provider" "c:\windows\gdrv.sys"
+ "GVTDrv64" "" "" "c:\windows\gvtdrv64.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LEqdUsb" "Logitech Equad USB Driver." "Logitech, Inc." "c:\windows\system32\drivers\leqdusb.sys"
+ "LHidEqd" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhideqd.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMIInfo" "RemotelyAnywhere Kernel Information Provider" "LogMeIn, Inc." "e:\program files (x86)\logmein\x64\rainfo.sys"
+ "lmimirr" "LogMeIn Mirror Miniport Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\lmimirr.sys"
+ "LMIRfsDriver" "LogMeIn Rfs Drivemap Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\lmirfsdriver.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LUsbFilt" "Logitech USB Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lusbfilt.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTHDMIAzAudService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rthdmivx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "e:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "e:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WebDriveFSD" "" "" "e:\program files\webdrive\wdfsd.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.LAGS" "Lagarith" " " "c:\windows\syswow64\lagarith.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "LogMeIn Video Decoder" "LogMeIn Video Codec" "LogMeIn, Inc." "e:\program files (x86)\logmein\x64\racodec.ax"
+ "LogMeIn Video Encoder" "LogMeIn Video Codec" "LogMeIn, Inc." "e:\program files (x86)\logmein\x64\racodec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "e:\program files\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "Canon DES Resizer SaveMode" "CanonDESResizer" "Canon Inc." "c:\program files (x86)\canon\mdl30\canondesresizer.ax"
+ "Canon H.264 Decode Filter" "Canon H.264 Mov Filter" "Canon Inc." "e:\program files (x86)\canon\canon mov decoder\180\canonh264filter.ax"
+ "Canon H.264 Encoder 1.6.0" "Canon H264 Encoder Filter" "CANON INC." "c:\program files (x86)\canon\canon mov encoder\canonh264encoder.ax"
+ "Canon Image Rotation Filter" "Canon Image Rotation Filter " "Canon Inc." "c:\program files (x86)\canon\mdp\canonrotatefilter.dll"
+ "Canon MDP Motion-JPEG Decoder" "Canon MDP Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files (x86)\canon\mdp\canonmdpmjpegdecoder.ax"
+ "Canon Motion-JPEG Decoder" "Canon Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonmjpegdecoder.ax"
+ "Canon Motion-JPEG Encoder" "Motion-JPEG Encoder Filter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonmjpegencoder.ax"
+ "Canon Mov File Parser Filter" "Canon H.264 Mov Filter" "Canon Inc." "e:\program files (x86)\canon\canon mov decoder\180\canonh264filter.ax"
+ "Canon Mov File Parser Filter2" "Canon H.264 Mov Filter" "Canon Inc." "e:\program files (x86)\canon\canon mov decoder\180\canonh264filter.ax"
+ "Canon Resizer" "CanonResizer" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonresizer.ax"
+ "Canon Text Source Filter" "Canon Text Source Filter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canontextsourcefilter.ax"
+ "Canon WAV Dest" "CanonWavDest" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonwavdest.ax"
+ "Canon-Actual-Data-Length-Setter" "CanonActualDataLengthSetter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonactualdatalengthsetter.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Flip Video Decoder" "FlipDSVideoDecoder" "MyCompanyName" "c:\program files (x86)\flip video\flipshare\flipdsvideodecoder.ax"
+ "Flip Video Decoder Mpeg4" "FlipDSVideoDecoder" "MyCompanyName" "c:\program files (x86)\flip video\flipshare\flipdsmpeg4decoder.ax"
+ "LogMeIn Video Decoder" "LogMeIn Video Codec" "LogMeIn, Inc." "e:\program files (x86)\logmein\x86\racodec.ax"
+ "LogMeIn Video Encoder" "LogMeIn Video Codec" "LogMeIn, Inc." "e:\program files (x86)\logmein\x86\racodec.ax"
+ "MMACE Deinterlace" "" "" "e:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "e:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "e:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "PDFrameGrabFilter" "FrameGrabFilter" "" "c:\program files (x86)\flip video\flipshare\framegrabfilter.ax"
+ "PDT IPP AAC Encoder" "" "" "c:\program files (x86)\flip video\flipshare\ipp6_0_aacencoder.ax"
+ "PDT IPP H264 Encoder" "IPPH264Encoder" "" "c:\program files (x86)\flip video\flipshare\ipph264encoder.ax"
+ "PDT IPP MP4 Muxer" "IPPMP4Muxer" "" "c:\program files (x86)\flip video\flipshare\ippmp4muxer.ax"
+ "PDT IPP MP4 Splitter" "IPPMp4Splitter" "" "c:\program files (x86)\flip video\flipshare\ippmp4splitter.ax"
+ "PDT IPP MPEG Audio Decoder" "IPPMPEGAudioDecoder" "" "c:\program files (x86)\flip video\flipshare\ippmpegaudiodecoder.ax"
+ "PDT Resize and Letterbox Filter" "PurpleComposite" "" "c:\program files (x86)\flip video\flipshare\purplecomposite.ax"
+ "psWav Dest" "Canon Utilities Support Library" "Canon Inc." "e:\program files (x86)\canon\zoombrowser ex mcu\pswavdes.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "VisioForge Screen Capture" "Screen Capture Filter" "VisioForge" "c:\windows\syswow64\visioforge_screen_capture.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "LogMeInCredProv" "LogMeIn Remote Control Helper" "LogMeIn, Inc." "c:\windows\system32\lmiinit.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LogMeIn Printer Port Monitor" "RemotelyAnywhere Printer Port Monitor" "LogMeIn, Inc." "c:\windows\system32\lmiport.dll"
+ "PCL hpf3lw73" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3lw73.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "LMIRfsClientNP" "LogMeIn Virtual Disk Network" "LogMeIn, Inc." "c:\windows\system32\lmirfsclientnp.dll"
+ "WDNP32" "WebDrive Network" "South River Technologies, LLC" "c:\windows\system32\wdnp32.dll"

#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 10 October 2012 - 04:10 PM

How are things now everything looks good here?

#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 10 October 2012 - 04:11 PM

You missed a scan.


Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

#11 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:08:48 PM

Posted 10 October 2012 - 04:24 PM

TDS killer came up with nothing. I couldn't find the log.

Definitely still infected. I search Google and everything looks good but when I click a link it goes to crazy websites, like:

searchmany.com
looksmart.com
business-search.in

#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 10 October 2012 - 04:31 PM

Which browser?

#13 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:08:48 PM

Posted 10 October 2012 - 04:35 PM

It was happening on both but today I've only tested FireFox.

#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 10 October 2012 - 04:38 PM

Reset internet explorer to default.
http://support.microsoft.com/kb/923737

Uninstall Firefox then reboot re-install
http://kb.mozillazine.org/Backing_up_and_restoring_bookmarks_-_Firefox

Reboot and test. :)

#15 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 236 posts
  • OFFLINE
  •  
  • Local time:08:48 PM

Posted 10 October 2012 - 04:55 PM

So far so good. I'll keep an eye on it. Thank You so much!!!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users