Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help - Browser Re-direct Virus


  • Please log in to reply
3 replies to this topic

#1 zeeland

zeeland

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:52 AM

Posted 19 April 2013 - 12:59 PM

I started having problems on 4/17 if I clicked on the google search item it took me to a different web site and if I entered the URL it went to the correct site

Also my Microsoft Esstentials got disabled

I've tried stuff and ran numerous scans with 0 viruses found

 

I leave to go out of the country on business late next week; currently I'm very stressed with the issue since I don't have any time to reinstall Windows 7 Pro 64

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:52 AM

Posted 19 April 2013 - 01:29 PM

Hello, I do not know what you ran so I will ask for these.
What browser is running?

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>>>
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

>>>>

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


>>>>

Now I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 zeeland

zeeland
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:52 AM

Posted 19 April 2013 - 05:08 PM

Thank you for your help so much; below are the results
 
MiniToolBox by Farbar  Version:05-03-2013
Ran by zoey Jackson (administrator) on 19-04-2013 at 11:38:56
Running from "C:\Users\zoey Jackson\Downloads"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
ProxyServer: 10.31.60.50:8080
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"network.proxy.autoconfig_url", "http://10.32.40.50:8080/accelerated_pac_base.pac"
"network.proxy.ftp", "10.32.40.50"
"network.proxy.ftp_port", 8080
"network.proxy.http", "10.32.40.50"
"network.proxy.http_port", 8080
"network.proxy.no_proxies_on", "*go2uti.com"
"network.proxy.socks", "10.32.40.50"
"network.proxy.socks_port", 8080
"network.proxy.ssl", "10.32.40.50"
"network.proxy.ssl_port", 8080
"network.proxy.type", 4
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================
Realtek PCIe FE Family Controller = Local Area Connection (Connected)
Intel® Centrino® Wireless-N 1030 = Wireless Network Connection (Connected)
Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 = Local Area Connection 2 (Hardware not present)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global
set interface interface="Bluetooth Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled mtu=1300 metric=1 nud=enabled
add address name="Wireless Network Connection 3" address=192.168.16.2 mask=255.255.255.0
popd
# End of IPv4 configuration
 
Windows IP Configuration
   Host Name . . . . . . . . . . . . : admin-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : corp.go2uti.com
Wireless LAN adapter Wireless Network Connection 3:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 4C-EB-42-3A-B1-51
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection 2:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 4C-EB-42-3A-B1-51
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
   Connection-specific DNS Suffix  . : corp.go2uti.com
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1030
   Physical Address. . . . . . . . . : 4C-EB-42-3A-B1-50
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9597:1b81:234c:e12e%17(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.10.94.77(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.254.0
   Lease Obtained. . . . . . . . . . : Friday, April 19, 2013 10:19:38 AM
   Lease Expires . . . . . . . . . . : Saturday, April 20, 2013 10:19:39 AM
   Default Gateway . . . . . . . . . : 10.10.94.10
   DHCP Server . . . . . . . . . . . : 10.10.94.10
   DHCPv6 IAID . . . . . . . . . . . : 474803010
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-17-EC-29-24-B6-FD-2E-29-F7
   DNS Servers . . . . . . . . . . . : 10.10.93.31
                                       10.10.99.31
   NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
   Connection-specific DNS Suffix  . : corp.go2uti.com
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 24-B6-FD-2E-29-F7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a557:74b1:8c81:da12%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.10.93.93(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, April 19, 2013 10:17:53 AM
   Lease Expires . . . . . . . . . . : Saturday, April 20, 2013 10:17:53 AM
   Default Gateway . . . . . . . . . : 10.10.93.10
   DHCP Server . . . . . . . . . . . : 10.10.93.10
   DHCPv6 IAID . . . . . . . . . . . : 287618813
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-17-EC-29-24-B6-FD-2E-29-F7
   DNS Servers . . . . . . . . . . . : 10.10.93.31
                                       10.10.99.31
   NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Bluetooth Network Connection:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 4C-EB-42-3A-B1-54
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 18:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{648A3C77-29A2-4AC6-986A-09D3894A8D24}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.corp.go2uti.com:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : corp.go2uti.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{AE27775D-91F2-45E1-9690-2AA95FC0A55D}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{510D28A9-0488-4F58-91A8-3ADB784AAAD6}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  10.10.93.31
Name:    google.com
Addresses:  2a00:1450:4008:c01::8a
   173.194.69.139
   173.194.69.113
   173.194.69.138
   173.194.69.102
   173.194.69.100
   173.194.69.101
Pinging google.com [173.194.69.113] with 32 bytes of data:
Reply from 173.194.69.113: bytes=32 time=168ms TTL=44
Reply from 173.194.69.113: bytes=32 time=163ms TTL=44
Ping statistics for 173.194.69.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 163ms, Maximum = 168ms, Average = 165ms
Server:  pdxmpp02.corp.go2uti.com
Address:  10.10.93.31
Name:    yahoo.com
Addresses:  98.138.253.109
   98.139.183.24
   206.190.36.45
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=532ms TTL=51
Request timed out.
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 532ms, Maximum = 532ms, Average = 532ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
 19...4c eb 42 3a b1 51 ......Microsoft Virtual WiFi Miniport Adapter #2
 18...4c eb 42 3a b1 51 ......Microsoft Virtual WiFi Miniport Adapter
 17...4c eb 42 3a b1 50 ......Intel® Centrino® Wireless-N 1030
 13...24 b6 fd 2e 29 f7 ......Realtek PCIe FE Family Controller
 12...4c eb 42 3a b1 54 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      10.10.93.10      10.10.93.93     20
          0.0.0.0          0.0.0.0      10.10.94.10      10.10.94.77     25
       10.10.93.0    255.255.255.0         On-link       10.10.93.93    276
      10.10.93.93  255.255.255.255         On-link       10.10.93.93    276
     10.10.93.255  255.255.255.255         On-link       10.10.93.93    276
       10.10.94.0    255.255.254.0         On-link       10.10.94.77    281
      10.10.94.77  255.255.255.255         On-link       10.10.94.77    281
     10.10.95.255  255.255.255.255         On-link       10.10.94.77    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       10.10.93.93    276
        224.0.0.0        240.0.0.0         On-link       10.10.94.77    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       10.10.93.93    276
  255.255.255.255  255.255.255.255         On-link       10.10.94.77    281
===========================================================================
Persistent Routes:
  None
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    276 fe80::/64                On-link
 17    281 fe80::/64                On-link
 17    281 fe80::9597:1b81:234c:e12e/128
                                    On-link
 13    276 fe80::a557:74b1:8c81:da12/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
 17    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (04/19/2013 10:18:48 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/19/2013 09:10:24 AM) (Source: Application Error) (User: )
Description: Faulting application name: avp.exe, version: 13.0.2.558, time stamp: 0x50d31770
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0004866a
Faulting process id: 0x758
Faulting application start time: 0xavp.exe0
Faulting application path: avp.exe1
Faulting module path: avp.exe2
Report Id: avp.exe3
Error: (04/18/2013 08:25:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 08:18:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 07:49:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 07:39:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 07:37:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 07:24:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 06:21:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: avp.exe, version: 12.0.2.733, time stamp: 0x503fa701
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000095
Fault offset: 0x0004860e
Faulting process id: 0x790
Faulting application start time: 0xavp.exe0
Faulting application path: avp.exe1
Faulting module path: avp.exe2
Report Id: avp.exe3
Error: (04/18/2013 03:56:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (04/19/2013 11:34:33 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (04/19/2013 11:34:03 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (04/19/2013 11:16:49 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (04/19/2013 11:16:19 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (04/19/2013 10:29:54 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (04/19/2013 10:29:24 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (04/19/2013 10:23:20 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.
Error: (04/19/2013 10:20:41 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (04/19/2013 10:20:31 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Error: (04/19/2013 10:20:01 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated with the following error:
%%126
Microsoft Office Sessions:
=========================
Error: (04/19/2013 10:18:48 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/19/2013 09:10:24 AM) (Source: Application Error)(User: )
Description: avp.exe13.0.2.55850d31770ole32.dll6.1.7601.175144ce7b96fc00000050004866a75801ce3cad8cf32449C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exeC:\Windows\syswow64\ole32.dlla3d96c33-a90b-11e2-be86-4ceb423ab154
Error: (04/18/2013 08:25:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 08:18:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 07:49:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 07:39:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 07:37:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 07:24:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2013 06:21:49 PM) (Source: Application Error)(User: )
Description: avp.exe12.0.2.733503fa701ole32.dll6.1.7601.175144ce7b96fc00000950004860e79001ce3c87e7449dcfC:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exeC:\Windows\syswow64\ole32.dll81aa6805-a88f-11e2-aa9b-4ceb423ab154
Error: (04/18/2013 03:56:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
  Date: 2013-04-19 10:06:26.369
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\zoeyFX\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  Date: 2013-04-19 10:06:26.322
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\zoeyFX\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  Date: 2013-04-19 00:55:14.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  Date: 2013-04-19 00:55:14.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  Date: 2013-04-19 00:55:14.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  Date: 2013-04-19 00:55:14.552
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  Date: 2013-04-19 00:55:14.552
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  Date: 2013-04-19 00:55:14.552
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  Date: 2013-04-19 00:55:14.520
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
  Date: 2013-04-19 00:55:14.520
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 6.2.1)
7300 (Version: 130.0.365.000)
7300_Help (Version: 82.0.242.000)
7300Trb (Version: 82.0.242.000)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.169)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader X (10.1.6) (Version: 10.1.6)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
ALM-Platform Loader 11 (Version: 11.00.7484.0)
AMD APP SDK Runtime (Version: 2.5.775.2)
AMD Catalyst Install Manager (Version: 3.0.847.0)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AT&T Connect Participant Application v9.5.23 (Version: 9.5.23)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
CA Clarity PPM Microsoft Project Interface (Version: 13.0.0)
CA Clarity PPM Schedule Connect (Version: 13.0.0)
CAClarityAddIn (Version: 1.0.0.7)
CCleaner (Version: 4.00)
Cisco AnyConnect Secure Mobility Client  (Version: 3.0.5080)
Cisco AnyConnect Secure Mobility Client (Version: 3.0.5080)
Copy (Version: 130.0.428.000)
CutePDF Writer 2.8
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell System Detect (Version: 3.3.2.1)
Dell Touchpad (Version: 7.1207.101.225)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
Fax (Version: 130.0.418.000)
GPBaseService2 (Version: 130.0.371.000)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
IDT Audio (Version: 1.0.6341.0)
Intel PROSet Wireless
Intel® Processor Graphics (Version: 9.17.10.2932)
Intel® PROSet/Wireless WiFi Software (Version: 14.2.0000)
iTunes (Version: 11.0.2.26)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 37 (Version: 6.0.370)
JavaFX 2.1.1 (Version: 2.1.1)
Kaspersky PURE 3.0 (Version: 13.0.2.558)
Logitech Unifying Software 2.00 (Version: 2.00.43)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Project MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Project Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Standard 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Project 2010 Service Pack 1 (SP1)
Microsoft Project Professional 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Professional 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Mindjet MindManager Pro 7 (Version: 7.1.388)
Mindjet MindManager Viewer 7 (Version: 7.1.394)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 17.0.2)
Mozilla Thunderbird 17.0.2 (x86 en-US) (Version: 17.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 130.0.572.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
QuickTime (Version: 7.73.80.64)
Realtek Ethernet Controller Driver (Version: 7.31.1025.2010)
Scan (Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
Skype™ 5.9 (Version: 5.9.114)
SolutionCenter (Version: 130.0.373.000)
Sophos Virus Removal Tool (Version: 2.3)
Status (Version: 130.0.469.000)
Swift To-Do List 8.002 (Version: 8.002)
TI USB 3.0 Host Controller Driver (Version: 1.12.4.0)
TI USB3 Host Driver (Version: 1.12.4.0)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
USB-Ethernet Adapter Device
VirtualCloneDrive
VSU (Version: 2.6.0)
WebReg (Version: 130.0.132.017)
Xerox WorkCentre 3210
========================= Memory info: ===================================
Percentage of memory in use: 38%
Total physical RAM: 6050.05 MB
Available physical RAM: 3692.7 MB
Total Pagefile: 12098.29 MB
Available Pagefile: 9198.71 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.04 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:465.56 GB) (Free:364.6 GB) NTFS
3 Drive e: (HP v165w) (Removable) (Total:15.09 GB) (Free:2.92 GB) FAT32
========================= Users: ========================================
User accounts for \\ADMIN-PC
admin                    Administrator            zoey Jackson        
Guest                   
**** End of log ****
 
 
# AdwCleaner v2.200 - Logfile created 04/19/2013 at 11:44:39
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : - ADMIN-PC
# Boot Mode : Normal
# Running from : E:\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry is clean.
-\\ Mozilla Firefox v20.0.1 (en-US)
File : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\9m0atf06.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [802 octets] - [18/04/2013 15:17:37]
AdwCleaner[S1].txt - [731 octets] - [19/04/2013 11:44:39]
########## EOF - C:\AdwCleaner[S1].txt - [790 octets] ##########
 
 
ESET found no threats
 
What do I do now?

Edited by boopme, 19 April 2013 - 09:06 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:52 AM

Posted 19 April 2013 - 09:11 PM

I take it you still redirect. Did you run TDSS killer?

Please uninstall these.

Java™ 6 Update 37 (Version: 6.0.370)
JavaFX 2.1.1 (Version: 2.1.1)

Reboot.
Update to Adobe Reader XI


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users