Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I keep receiving Consumer Survey when I use the internet


  • Please log in to reply
8 replies to this topic

#1 samoyed

samoyed

  • Members
  • 195 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 27 April 2013 - 09:22 PM

Hi,

 

I have been receiving request to perform surveys when I use the internet.

 

A new tab wil opened up with the survey - see attached.

 

I never used to received these survey requests.

 

Please help. I suspect I have some virus or malware on my laptop.

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:53 AM

Posted 27 April 2013 - 10:49 PM

Hello Samoyed
It does look like spy/adware. I moved you to Am I Infected from Vista.
 
Lets take a look.
 
Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.



Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).


Lastly: SAS
Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.
  • )
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
    • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
    • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
    • Click the Scan your computer... button.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
    • Click the View Scan Logs button at the bottom.
    • This will open the Scanner Logs Window.
    • Click on the log to highlight it and then click on View Selected Log to open it.
    • Copy and paste the scan log results in your next reply.
    -- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 samoyed

samoyed
  • Topic Starter

  • Members
  • 195 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 28 April 2013 - 01:42 AM

Hi

 

Please see below. Thank You.

 

AdwCleaner

 

# AdwCleaner v2.202 - Logfile created 04/28/2013 at 14:47:47
# Updated 23/04/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : User - USER-PC
# Boot Mode : Normal
# Running from : C:\Users\User\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Tarma Installer

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [5850 octets] - [28/04/2013 14:47:48]

########## EOF - C:\AdwCleaner[S1].txt - [5910 octets] ##########
 

 

Malwarebytes

 

 Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.27.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
User :: USER-PC [administrator]

28/4/2013 2:55:02 PM
mbam-log-2013-04-28 (14-55-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214637
Time elapsed: 8 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

SuperAntispyware

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/28/2013 at 04:05 PM

Application Version : 5.6.1014

Core Rules Database Version : 10325
Trace Rules Database Version: 8137

Scan type       : Complete Scan
Total Scan Time : 00:55:18

Operating System Information
Windows Vista Home Basic 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned      : 685
Memory threats detected   : 0
Registry items scanned    : 39005
Registry threats detected : 0
File items scanned        : 53142
File threats detected     : 12

Adware.Tracking Cookie
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@at.atwola[2].txt [ /at.atwola ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@backcountry[1].txt [ /backcountry ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@clickfuse[1].txt [ /clickfuse ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@media2.legacy[1].txt [ /media2.legacy ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@revsci[2].txt [ /revsci ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@tacoda.at.atwola[1].txt [ /tacoda.at.atwola ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@www.backcountry[2].txt [ /www.backcountry ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@www.googleadservices[1].txt [ /www.googleadservices ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@www.googleadservices[2].txt [ /www.googleadservices ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@xiti[1].txt [ /xiti ]
    C:\USERS\USER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\USER@ADS.CNN[2].TXT [ /ADS.CNN ]

Trojan.Agent/Gen-Faldesc
    C:\DOWNLOADS\AVSVIDEOEDITOR\AVS.VIDEO.EDITOR.V6.1.2.211.MULTILINGUAL.MUNDOMANUALES.COM\AVS4YOU.ALL.PRODUCTS.ACTIVATOR.2011.(V1.1)-MPT\AVS4YOU.ALL.PRODUCTS.ACTIVATOR.2011.(V1.1)-MPT.EXE
 

 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:53 AM

Posted 28 April 2013 - 07:29 PM

How is it now?

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 samoyed

samoyed
  • Topic Starter

  • Members
  • 195 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 02 May 2013 - 05:14 AM

Hi,

 

The surveys do not pop up now.

 

 

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by User (administrator) on 02-05-2013 at 20:10:00
Running from "C:\Users\User\Desktop"
Windows Vista ™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : User-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-15-AF-8B-F4-8A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::2142:47d1:e63d:c15a%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, 2 May, 2013 7:57:41 PM
   Lease Expires . . . . . . . . . . : Thursday, 9 May, 2013 7:57:41 PM
   Default Gateway . . . . . . . . . : 10.0.0.138
   DHCP Server . . . . . . . . . . . : 10.0.0.138
   DHCPv6 IAID . . . . . . . . . . . : 268441007
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-62-D4-ED-00-1F-C6-2F-B3-CF
   DNS Servers . . . . . . . . . . . : 10.0.0.138
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 00-1E-8C-59-72-8E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 00-1F-C6-2F-B3-CF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{364A6452-0BDC-4A51-9243-55E28DF4A4F5}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : isatap.gateway.2wire.net
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:4ee:1c:f5ff:fffc(Preferred)
   Link-local IPv6 Address . . . . . : fe80::4ee:1c:f5ff:fffc%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  home
Address:  10.0.0.138

Name:    google.com
Addresses:  2404:6800:4006:803::1004
      74.125.237.110
      74.125.237.103
      74.125.237.101
      74.125.237.100
      74.125.237.96
      74.125.237.104
      74.125.237.97
      74.125.237.105
      74.125.237.102
      74.125.237.99
      74.125.237.98



Pinging google.com [74.125.237.103] with 32 bytes of data:

Reply from 74.125.237.103: bytes=32 time=30ms TTL=52

Reply from 74.125.237.103: bytes=32 time=31ms TTL=52



Ping statistics for 74.125.237.103:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 30ms, Maximum = 31ms, Average = 30ms

Server:  home
Address:  10.0.0.138

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=312ms TTL=42

Reply from 98.139.183.24: bytes=32 time=442ms TTL=42



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 312ms, Maximum = 442ms, Average = 377ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 12 ...00 15 af 8b f4 8a ...... Atheros AR5007EG Wireless Network Adapter
 10 ...00 1e 8c 59 72 8e ...... Bluetooth Device (Personal Area Network)
  8 ...00 1f c6 2f b3 cf ...... Realtek PCIe GBE Family Controller
  1 ........................... Software Loopback Interface 1
 11 ...00 00 00 00 00 00 00 e0  isatap.{364A6452-0BDC-4A51-9243-55E28DF4A4F5}
 16 ...00 00 00 00 00 00 00 e0  isatap.gateway.2wire.net
 13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       10.0.0.138         10.0.0.3     25
         10.0.0.0    255.255.255.0         On-link          10.0.0.3    281
         10.0.0.3  255.255.255.255         On-link          10.0.0.3    281
       10.0.0.255  255.255.255.255         On-link          10.0.0.3    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.3    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     18 2001::/32                On-link
 13    266 2001:0:5ef5:79fd:4ee:1c:f5ff:fffc/128
                                    On-link
 12    281 fe80::/64                On-link
 13    266 fe80::/64                On-link
 13    266 fe80::4ee:1c:f5ff:fffc/128
                                    On-link
 12    281 fe80::2142:47d1:e63d:c15a/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/02/2013 07:18:36 AM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (05/02/2013 07:18:35 AM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (05/02/2013 07:00:29 AM) (Source: Application Hang) (User: )
Description: The program PaintDotNet.exe version 3.510.4297.28970 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: b68
Start Time: 01ce46ae947b3780
Termination Time: 35

Error: (04/28/2013 05:26:58 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (04/28/2013 05:26:57 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (04/28/2013 02:39:02 PM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 20.0.1.4847, time stamp 0x51650aee, faulting module xul.dll, version 20.0.1.4847, time stamp 0x51650a09, exception code 0xc0000005, fault offset 0x000b10e8,
process id 0xc64, application start time 0xfirefox.exe0.

Error: (04/28/2013 02:09:01 PM) (Source: Application Error) (User: )
Description: Faulting application Setup.exe_Tarma® Installer, version 2011.3.11.1355, time stamp 0x4d799381, faulting module kernel32.dll, version 6.0.6002.18005, time stamp 0x49e037dd, exception code 0xe06d7363, fault offset 0x0003fbae,
process id 0x1324, application start time 0xSetup.exe_Tarma® Installer0.

Error: (04/28/2013 02:08:22 PM) (Source: Application Error) (User: )
Description: Faulting application Setup.exe_Tarma® Installer, version 2011.3.11.1355, time stamp 0x4d799381, faulting module kernel32.dll, version 6.0.6002.18005, time stamp 0x49e037dd, exception code 0xe06d7363, fault offset 0x0003fbae,
process id 0x1728, application start time 0xSetup.exe_Tarma® Installer0.

Error: (04/28/2013 01:54:06 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {8c82befe-1331-472c-a121-d9dca9ed45d8}

Error: (04/22/2013 11:18:47 PM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 19.0.2.4814, time stamp 0x5138a1d3, faulting module xul.dll, version 19.0.2.4814, time stamp 0x5138a0ed, exception code 0xc0000005, fault offset 0x00172818,
process id 0x6e8, application start time 0xfirefox.exe0.


System errors:
=============
Error: (05/02/2013 07:58:56 PM) (Source: Service Control Manager) (User: )
Description: vToolbarUpdater14.2.0%%2

Error: (05/02/2013 07:58:56 PM) (Source: Service Control Manager) (User: )
Description: lxeaCATSCustConnectService%%1053

Error: (05/02/2013 07:58:56 PM) (Source: Service Control Manager) (User: )
Description: 30000lxeaCATSCustConnectService

Error: (05/02/2013 07:28:38 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (05/02/2013 05:00:31 AM) (Source: Service Control Manager) (User: )
Description: vToolbarUpdater14.2.0%%2

Error: (05/02/2013 05:00:31 AM) (Source: Service Control Manager) (User: )
Description: lxeaCATSCustConnectService%%1053

Error: (05/02/2013 05:00:31 AM) (Source: Service Control Manager) (User: )
Description: 30000lxeaCATSCustConnectService

Error: (04/28/2013 07:12:55 PM) (Source: WPDMTPDriver) (User: )
Description: MTP WPD Driver0x80070005

Error: (04/28/2013 04:35:01 PM) (Source: Service Control Manager) (User: )
Description: vToolbarUpdater14.2.0%%2

Error: (04/28/2013 04:35:01 PM) (Source: Service Control Manager) (User: )
Description: Cyberlink RichVideo Service(CRVS)%%1053


Microsoft Office Sessions:
=========================
Error: (02/23/2013 11:14:16 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5084 seconds with 120 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-04-28 15:10:10.403
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 15:10:08.621
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 15:10:08.118
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 15:10:07.472
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 15:10:05.618
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 15:10:05.230
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 15:10:04.619
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 15:10:03.864
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 15:01:02.471
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-28 15:01:02.188
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 2.2.0)
2007 Microsoft Office system (Version: 12.0.6612.1000)
ABBYY FineReader 6.0 Sprint (Version: 6.00.2146.41621)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.5.4)
Adobe Acrobat 9.5.4 - CPSID_83708
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoStudio 2000
ASUS Data Security Manager (Version: 1.00.0006)
ASUS InstantFun (Version: 1.0.0014)
ASUS Live Update (Version: 2.5.9)
ASUS Splendid Video Enhancement Technology (Version: 1.02.17)
Asus_Camera_ScreenSaver (Version: 2.0.0005)
ASUSDVD (Version: 7.0.2802.0)
Atheros Driver Installation Program (Version: 7.1)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.00.0012)
ATK Media
ATKOSD2 (Version: 6.64.1.4)
Audacity 2.0.2 (Version: 2.0.2)
AUSkey software 1.4.3 (Version: 1.4.3)
AVG 2012 (Version: 12.0.3162)
AVG 2012 (Version: 12.1.2241)
AVG 2012 (Version: 2012.1.2241)
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Converter 8
AVS Video Editor 6
AVS Video Recorder 2.5
AVS Video ReMaker 4.1.1.144
AVS4YOU Software Navigator 1.4
Bonjour (Version: 3.0.0.10)
ffdshow v1.2.4489 [2012-10-25] (Version: 1.2.4489.0)
Free Video Flip and Rotate version 2.1.4.1031 (Version: 2.1.4.1031)
FUJIFILM FinePixViewer S Ver.2.1 (Version: 2.1.0.3)
Google Talk Plugin (Version: 3.18.3.12840)
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer (Version: 4.0.0.002)
Google Update Helper (Version: 1.3.21.135)
iCloud (Version: 2.1.2.8)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 11.0.2.26)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 6 Update 6 (Version: 1.6.0.60)
Java™ 6 Update 7 (Version: 1.6.0.70)
LAME v3.99.3 (for Windows)
Lexmark S300-S400 Series
Lexmark Toolbar (Version: 4.3.37.0)
Lexmark Tools for Office (Version: 1.29.0.0)
LifeFrame2 (Version: 2.0.15)
LightScribe  1.8.13.1 (Version: 1.8.13.1)
Machete 3.8 (Version: 3.8.44)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MediaInfo 0.7.61 (Version: 0.7.61)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel 2007 Help ¸üР(KB963678)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678)
Microsoft Office Excel MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office IME (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook 2007 Help ¸üР(KB963677)
Microsoft Office Outlook MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint 2007 §ó·sµ{¦¡ (KB963669)
Microsoft Office Powerpoint 2007 Help ¸üР(KB963669)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669)
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Chinese (Simplified)) 2007 (Version: 12.0.4518.1016)
Microsoft Office Proofing (Chinese (Traditional)) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Chinese (Traditional)) 2007 (Version: 12.0.4518.1016)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 §ó·sµ{¦¡ (KB963665)
Microsoft Office Word 2007 Help ¸üР(KB963665)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665)
Microsoft Office Word MUI (Chinese (Simplified)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.1.8.0)
Motorola SM56 Speakerphone Modem (Version: 6.12.25.06)
Mozilla Firefox 20.0.1 (x86 en-GB) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 7 Essentials (Version: 7.03.0188)
neroxml (Version: 1.0.0)
OmniPage Pro 9.0
P4P (Version: 1.0.0.15)
Paint.NET v3.5.10 (Version: 3.60.0)
PaperPort (Version: 9.02.0814)
PC Connectivity Solution (Version: 10.50.2.0)
PMB (Version: 5.2.00.03250)
Power4Gear eXtreme (Version: 1.00.0014)
QuickTime (Version: 7.73.80.64)
Realtek High Definition Audio Driver (Version: 6.0.1.5406)
Safari (Version: 5.34.57.2)
Scan Manager 5.2 (Version: 5.2)
SpywareBlaster 5.0 (Version: 5.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
Synaptics Pointing Device Driver (Version: 9.1.19.0)
t@b ZS4 Video Editor v0.958-686
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB 2.0 VGA UVC WebCam
VistaFeaturePack (Version: 1.03.0000)
VLC media player 2.0.4 (Version: 2.0.4)
WinFlash
WinRAR archiver
Wireless Console 2 (Version: 2.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 2038.48 MB
Available physical RAM: 1110.59 MB
Total Pagefile: 4318.25 MB
Available Pagefile: 3120.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.24 MB

========================= Partitions: =====================================

1 Drive c: (VistaOS) (Fixed) (Total:74.52 GB) (Free:5.74 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:66.71 GB) (Free:66.61 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-PC

Administrator            Guest                    User                     


**** End of log ****
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:53 AM

Posted 02 May 2013 - 10:20 AM

Ok, looks good for malware.

Your AVG is outdated. Using torrents makes that even riskier.

 

Remove these thru Control Panel/Remove

Java™ 6 Update 26 (Version: 6.0.260)
Java™ 6 Update 6 (Version: 1.6.0.60)
Java™ 6 Update 7 (Version: 1.6.0.70)

Reboot

Install.. Version 7 Update 21

 

 

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:

  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:


? Avoid gaming sites, pirated software, cracking tools, [url="http://wiki.answers.com/Q/What_is_a_keygen"]keygens[/url], and peer-to-peer[/b] (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

? Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 samoyed

samoyed
  • Topic Starter

  • Members
  • 195 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 05 May 2013 - 03:21 AM

Thank You!



#8 rdavis7

rdavis7

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 31 August 2013 - 07:47 AM

i have the same issue. I already have malwarebytes pro on my computer though, and it says it's important to rename it. how do i handle that?



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:53 AM

Posted 31 August 2013 - 07:05 PM

That is only for a new install,if the malware prevents the install.

 

 Please update and run yours and the others above and post the logs.

How is it after that.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users