Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keep getting "This webpage is not available", "IE cannot display.."


  • Please log in to reply
9 replies to this topic

#1 korniceman3000

korniceman3000

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 28 March 2014 - 02:13 PM

Hi Everyone,

 

Hope you can help me resolve this issue.

 

I keep receiving thee following messages from Chrome/Opera/IE when I try to access my hotmail account and many sites: "This webpage is not available", "IE cannot display the webpage", "Could not locate remote server" etc.. I also can't access many webpages I normally view such as Yahoo.com. When I am able to gain access to the site and type words to search such as hotmail, I receive a message that webpage cannot be found or redirecting to Google.com, or some other reason.

 

Chrome offers the following reason:

 

The server at login.live.com can't be found, because the DNS lookup failed. DNS is the network service that translates a website's name to its Internet address. This error is most often caused by having no connection to the Internet or a misconfigured network. It can also be caused by an unresponsive DNS server or a firewall preventingGoogle Chrome from accessing the network.
Error code: DNS_PROBE_FINISHED_NXDOMAIN
 

 

Everything was working fine the day before. I checked to see if the sites were down using downrightnow.com but all pages were up and running. I just ran a quick scan using MBAM and it found 4 items. 

 

One was PUP.Optional.MyEmoticons.A  (Registry Key) and 3 were PUP.Optional.FastFreeConverter.A (Registry Values and Keys).

 

One was found in HKCU\Software\AppDataLow\Software\SearchProtection and the others were here HKLM\SOFTWARE

 

I am not sure if I am infected or not. I am a dsl user, and not using a network or router or proxy server and I am running Windows Vista Home Edition.

 

Please advise on what I can do to correct this problem as I cannot check my email or use the search engine and sometimes I get redirected.

 

PS: Would it help if I Flush the DNS? Not sure what I am doing so I wanted to check first before I performed anything.

 

Thank you for your help. It is much appreciated.

Best regards!


Edited by korniceman3000, 28 March 2014 - 02:39 PM.


BC AdBot (Login to Remove)

 


m

#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:38 AM

Posted 28 March 2014 - 07:01 PM

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 korniceman3000

korniceman3000
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 29 March 2014 - 04:14 PM

Hi Broni and thank you for your help.

It is greatly appreciated!!

 

Please find the following scan logs below for your review.

 

 

 Results of screen317's Security Check version 0.99.81  
 Windows Vista Service Pack 2 x86 (UAC is disabled!)
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
 WinPatrol 
 Out of date HijackThis  installed!
 SpywareBlaster 4.6    
 Spybot - Search & Destroy 
 SUPERAntiSpyware     
 Secunia PSI    
 Malwarebytes Anti-Malware version 1.75.0.1300  
 HijackThis 2.0.2    
 CCleaner     
 Java 7 Update 51  
 Adobe Flash Player 12.0.0.77  
 Adobe Reader 10.1.6 Adobe Reader out of Date!
 Mozilla Firefox 21.0 Firefox out of Date!
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````
 WinPatrol winpatrol.exe 
 Spybot Teatimer.exe is disabled!
 windows defender MpCmdRun.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
 BillP Studios WinPatrol WinPatrol.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
 
 
 

Farbar Service Scanner Version: 25-02-2014
Ran by Justin T Leung (administrator) on 29-03-2014 at 15:19:02
Running from "C:\Users\Justin T Leung\Downloads"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
WAN connected
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Justin T Leung (administrator) on 29-03-2014 at 15:24:14
Running from "C:\Users\Justin T Leung\Downloads"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Connected)
Atheros AR928x Wireless Network Adapter = Wireless Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : JustinTLeung-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
PPP adapter Justin's Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Justin's Connection
   Physical Address. . . . . . . . . : 
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 209.179.48.26(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . : 0.0.0.0
   DNS Servers . . . . . . . . . . . : 207.69.188.187
                                       207.69.188.186
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : solutionip.com
   Description . . . . . . . . . . . : Atheros AR928x Wireless Network Adapter
   Physical Address. . . . . . . . . : 00-22-43-32-33-7C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-24-8C-01-BC-6B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f90b:16c5:d903:f087%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.33(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, March 29, 2014 1:48:55 PM
   Lease Expires . . . . . . . . . . : Tuesday, April 01, 2014 1:48:54 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 251667284
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-E3-AA-56-00-24-8C-01-BC-6B
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Local Area Connection* 6:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{96C226FD-711C-4E10-8B6C-F705E942C9B1}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 7:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{2BE44737-DD1F-40A2-9301-A6EA3D290971}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 11:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:405:3ffc:2e4c:cfe5(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::405:3ffc:2e4c:cfe5%13(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 16:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 17:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.solutionip.com
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 18:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{2BE44737-DD1F-40A2-9301-A6EA3D290971}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 19:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 20:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{2BE44737-DD1F-40A2-9301-A6EA3D290971}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 22:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{97090ED9-EC59-49EC-9DCF-BCD8D2730BF2}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 25:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 26:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{97090ED9-EC59-49EC-9DCF-BCD8D2730BF2}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 27:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{97090ED9-EC59-49EC-9DCF-BCD8D2730BF2}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 28:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{97090ED9-EC59-49EC-9DCF-BCD8D2730BF2}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 30:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 31:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 32:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 39:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 40:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 41:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 42:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 43:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 44:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 45:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 46:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #18
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 47:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:d1b3:301a::d1b3:301a(Preferred) 
   Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
   DNS Servers . . . . . . . . . . . : 207.69.188.187
                                       207.69.188.186
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  rns3.earthlink.net
Address:  207.69.188.187
 
Name:    google.com
Addresses:  2607:f8b0:4006:808::1006
 173.194.43.35
 173.194.43.32
 173.194.43.46
 173.194.43.40
 173.194.43.34
 173.194.43.41
 173.194.43.39
 173.194.43.38
 173.194.43.33
 173.194.43.36
 173.194.43.37
 
 
 
Pinging google.com [173.194.43.35] with 32 bytes of data:
 
Reply from 173.194.43.35: bytes=32 time=928ms TTL=56
 
Reply from 173.194.43.35: bytes=32 time=775ms TTL=56
 
 
 
Ping statistics for 173.194.43.35:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 775ms, Maximum = 928ms, Average = 851ms
 
Server:  rns3.earthlink.net
Address:  207.69.188.187
 
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=870ms TTL=53
 
Reply from 206.190.36.45: bytes=32 time=982ms TTL=53
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 870ms, Maximum = 982ms, Average = 926ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 55 ........................... Justin's Connection
 12 ...00 22 43 32 33 7c ...... Atheros AR928x Wireless Network Adapter
 10 ...00 24 8c 01 bc 6b ...... Realtek RTL8101E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback Interface 1
 11 ...00 00 00 00 00 00 00 e0  isatap.{96C226FD-711C-4E10-8B6C-F705E942C9B1}
 20 ...00 00 00 00 00 00 00 e0  isatap.{2BE44737-DD1F-40A2-9301-A6EA3D290971}
 13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 15 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter #3
 18 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter #4
 17 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 19 ...00 00 00 00 00 00 00 e0  isatap.solutionip.com
 22 ...00 00 00 00 00 00 00 e0  isatap.{2BE44737-DD1F-40A2-9301-A6EA3D290971}
 21 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 23 ...00 00 00 00 00 00 00 e0  isatap.{2BE44737-DD1F-40A2-9301-A6EA3D290971}
 28 ...00 00 00 00 00 00 00 e0  isatap.{97090ED9-EC59-49EC-9DCF-BCD8D2730BF2}
 27 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 29 ...00 00 00 00 00 00 00 e0  isatap.{97090ED9-EC59-49EC-9DCF-BCD8D2730BF2}
 30 ...00 00 00 00 00 00 00 e0  isatap.{97090ED9-EC59-49EC-9DCF-BCD8D2730BF2}
 33 ...00 00 00 00 00 00 00 e0  isatap.{97090ED9-EC59-49EC-9DCF-BCD8D2730BF2}
 32 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 42 ...00 00 00 00 00 00 00 e0  isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
 34 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 41 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 43 ...00 00 00 00 00 00 00 e0  isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
 44 ...00 00 00 00 00 00 00 e0  isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
 46 ...00 00 00 00 00 00 00 e0  isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
 45 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 47 ...00 00 00 00 00 00 00 e0  isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
 48 ...00 00 00 00 00 00 00 e0  isatap.{7AA39D2D-2D8E-4515-9A83-5B150E4CEE76}
 56 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter #18
 57 ...00 00 00 00 00 00 00 e0  Microsoft 6to4 Adapter #9
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.33   4245
          0.0.0.0          0.0.0.0         On-link     209.179.48.26     21
        127.0.0.0        255.0.0.0         On-link         127.0.0.1   4531
        127.0.0.1  255.255.255.255         On-link         127.0.0.1   4531
  127.255.255.255  255.255.255.255         On-link         127.0.0.1   4531
      192.168.1.0    255.255.255.0         On-link      192.168.1.33   4501
     192.168.1.33  255.255.255.255         On-link      192.168.1.33   4501
    192.168.1.255  255.255.255.255         On-link      192.168.1.33   4501
    209.179.48.26  255.255.255.255         On-link     209.179.48.26    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1   4531
        224.0.0.0        240.0.0.0         On-link      192.168.1.33   4502
        224.0.0.0        240.0.0.0         On-link     209.179.48.26     21
  255.255.255.255  255.255.255.255         On-link         127.0.0.1   4531
  255.255.255.255  255.255.255.255         On-link      192.168.1.33   4501
  255.255.255.255  255.255.255.255         On-link     209.179.48.26    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 57    Inf ::/0                     2002:c058:6301::c058:6301
  1    306 ::1/128                  On-link
 13     18 2001::/32                On-link
 13    266 2001:0:9d38:6ab8:405:3ffc:2e4c:cfe5/128
                                    On-link
 57   1025 2002::/16                On-link
 57    281 2002:d1b3:301a::d1b3:301a/128
                                    On-link
 10    276 fe80::/64                On-link
 13    266 fe80::/64                On-link
 13    266 fe80::405:3ffc:2e4c:cfe5/128
                                    On-link
 10    276 fe80::f90b:16c5:d903:f087/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/29/2014 02:00:54 PM) (Source: MatSvc) (User: )
Description: The MATS service encountered a web service failure. hr=0x80072EFE
 
Error: (03/29/2014 01:55:50 PM) (Source: MatSvc) (User: )
Description: The MATS service encountered a web service failure. hr=0x80072EFE
 
Error: (03/29/2014 01:48:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/29/2014 01:48:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/29/2014 01:48:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/29/2014 01:48:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/29/2014 01:48:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/29/2014 01:48:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/29/2014 01:48:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/29/2014 01:48:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (03/29/2014 01:48:54 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.33 for the Network Card with network address 00248C01BC6B has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
 
Error: (03/29/2014 01:47:05 PM) (Source: Service Control Manager) (User: )
Description: Net.Tcp Listener AdapterNet.Tcp Port Sharing Service%%1058
 
Error: (03/29/2014 01:47:05 PM) (Source: Service Control Manager) (User: )
Description: Net.Pipe Listener Adapterwas
 
Error: (03/29/2014 01:47:05 PM) (Source: Service Control Manager) (User: )
Description: Net.Msmq Listener Adaptermsmq
 
Error: (03/29/2014 01:47:05 PM) (Source: Service Control Manager) (User: )
Description: 30000Empowering Technology Service
 
Error: (03/29/2014 01:47:05 PM) (Source: Service Control Manager) (User: )
Description: Apple Mobile Device%%1053
 
Error: (03/29/2014 01:47:05 PM) (Source: Service Control Manager) (User: )
Description: 30000Apple Mobile Device
 
Error: (03/29/2014 01:47:05 PM) (Source: Service Control Manager) (User: )
Description: Nsynas32%%20
 
Error: (03/29/2014 01:45:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: C:\Windows\system32\athihvs.dll126
 
Error: (03/29/2014 08:04:40 AM) (Source: Service Control Manager) (User: )
Description: Google Update Service (gupdate)%%1053
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2012-12-31 20:30:57.306
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-12-31 20:30:56.534
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.3.2.30303)
7-Zip 4.65
A.O.M. Audio Plug-ins VST 32bit 1.7.0 (Version: 1.7.0)
Abbeyroadplugins EMI Brilliance Pack VST RTAS v1.0.6
Abbeyroadplugins EMI RS 124 Compressor VST RTAS v1.0.1
Abbeyroadplugins EMI TG 12413 Limiter VST RTAS v2.0.1
Abbeyroadplugins EMI TG Mastering Pack VST RTAS v1.0.2
Absolute Audio Recorder v9.0.1
Abyssmedia AudioRetoucher v3.9.1.0
Acon Digital Verberate (32 bit) 1.0.2 (Version: 1.0.2)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
AcusticaAudio Nebula3
Addictive Drums 1.5.2
Adobe AIR (Version: 3.7.0.1530)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.6) (Version: 10.1.6)
AmazingMIDI
AmpegSVX (Version: 1.1.0)
AmpliTube 3 (Version: 3.0.1)
AmpliTube 3 version 3.7.1 (Version: 3.7.1)
AmpliTube Fender (Version: 1.0.0)
AmpliTube Jimi Hendrix (Version: 1.0.1)
AmpliTube Metal (Version: 1.0.0)
AmpliTube2 (Version: 2.1.0)
ANALOG87 CM-COMP (x32) (Version: 1.1.5)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Applied Acoustics Systems - Strum Electric GS-1 v1.0
apTrigga2 2.3.2 (Version: 2.3.2)
ARIA Engine v1.6.2.2 (Version: v1.6.2.2)
ATK Hotkey (Version: 1.00.0044)
Audacity 1.2.6
avast! Free Antivirus (Version: 8.0.1489.0)
AviSynth 2.5
BiFilter v2.2
Big Fish Audio Raging Guitars
Bonjour (Version: 3.0.0.10)
Bulb Avatar Presets (Version: 1.0.0)
bx_boom 1.2.4
bx_digital V2 2.1.5
bx_hybrid 1.0.6
bx_shredspread 1.1.3
bx_XL 1.1.2
Cakewalk Rapture 1.2.1 (Version: 1.2.1.0)
CCleaner (Version: 3.05)
ComicRack v0.9.133 (Version: v0.9.133)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ConvertXtoDVD 4.0.9.322 (Version: 4.0.9.322)
CyberLink Power2Go (Version: 5.5.4316)
DDMF ColourEQ VST v1.12
DDMF IIEQPro VST v2.1.1
DDMF LP10 VST v3.2.2
DDMF NoLimits Lookahead Limiter VST v1.0
DDMF NYCompressor VST v1.2.1
DDMF StereooeretS VST v1.1
Devine Machine Lucifer VST v2.1
Devine Machine V-Minion VST v1.0
Disketch CD Label Software
DoremiSoft RM to AVI Converter 1.0 (Version: 1.0)
Dronos Drone Machine VST v1.0
Drumtracker (Version: 1.0.2)
DYN500 version 1.0.1 (Version: 1.0.1)
ElastikStandalone (Version: 1.05.0203)
ElastikVst (Version: 1.05.0203)
Elevayta Extra Boy v4.91d VST
Elevayta Space Boy v4.90d VST
Elevayta Wider Boy v4.92d VST
Elysia Compressor Bundle v1.0
eMule
EQ500 version 1.0.1 (Version: 1.0.1)
ERUNT 1.1j
Express Burn
Express Rip
ExtractNow
EZdrummer (Version: 1.1.5)
EZkeys Player 32-bit (Version: 1.0.1)
EZmix 32-bit (Version: 2.0.9)
EZXCocktail (Version: 1.0)
EZXMetalHeads (Version: 1.0.0)
EZXMetalMachine (Version: 1.0.0)
EZXPop (Version: 1.0.0)
EZXTheClassic part1 (Version: 1.0.0)
EZXTheClassic part2 (Version: 1.0.0)
FabFilter Saturn 1.01
FC70 version 1.0.0 (Version: 1.0.0)
FileASSASSIN (Version: 1.06)
FL Studio v7.0
Focusrite Midnignt Suite VST RTAS v1.1
Freemake Video Converter version 2.3.0 (Version: 2.3.0)
Garritan ARIA Player vAppVersion=v1.504 (Version: v1.5.0.4)
Gateway Games (Version: 1.0.0.52)
Gateway Recovery Management (Version: 3.1.3003)
GEAR driver installer for x86 Win2K (Version: 5.005.3)
Gigaget
GiPo@MoveOnBoot 1.9.5 (Version: 1.9.5)
Golden Records Vinyl to CD Converter
Google Chrome (Version: 33.0.1750.154)
Google Desktop (Version: 5.7.0808.07150)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.5111.1712)
Google Update Helper (Version: 1.3.22.5)
Groove Monkee Metal
Groove Monkee Rock
Guitar Pro 6
Harrison Mixbus (Version: 2.0.4.0000)
Head Case 1.54 (Version: 1.54)
Heavyocity Evolve
HijackThis 2.0.2 (Version: 2.0.2)
HP LaserJet P1000 series
HPCarePackCore (Version: 10.0.0.1)
HPCarePackProducts (Version: 1.0.0.1)
HPSSupply (Version: 2.1.1.0000)
IK Multimedia Authorization Manager version 1.0.5 (Version: 1.0.5)
IL Download Manager
IL Juice Pack
IL Slicex
Intel® Graphics Media Accelerator Driver
Interlok driver setup x32 (Version: 5.9.5)
iPod Video Converter 3 (Version: 3.1.5.0430b)
iTunes (Version: 11.1.3.8)
iZotope Alloy (Version: 1.00)
iZotope iDrum (Version: 1.61)
iZotope iDrum Factory Content (Version: 1.50)
iZotope Iris (Version: 1.00)
iZotope Ozone 3 (Version: 3.05)
iZotope Ozone 4 (Version: 4.00)
iZotope pHATmatik PRO (Version: 1.50)
iZotope Spectron (Version: 1.05)
iZotope Stutter Edit (Version: 1.00)
Jamstix 2.2.1 Update (Version: 2.2.1)
JamVOX (Version: 3.02.0)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
JDownloader 0.9 (Version: 0.9)
Kazrog LLC Recabinet 3 VST v3.0.0
Klanghelm SDRR - The Saturation Chameleon v1.0.1 (32-Bit) version 1.0.1 (Version: 1.0.1)
K-Lite Codec Pack 6.1.0 (Full) (Version: 6.1.0)
LADSPA_plugins-win-0.4.15
LAME v3.98.2 for Audacity
LeMasqueDelay (Version: 1.1.2)
Library of the Extreme (Version: 1.0.0)
Library of the Extreme II (Version: 1.0.0)
Library of the Extreme III (Version: 1.0.0)
License Support (Version: 1.2.0.5555)
Line 6 Uninstaller (Version: )
Longcat H3D Binaural Spatializer VST v1.0.0
Magic ISO Maker v5.5 (build 0273)
Maize Sampler 2.2.2
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Maximus
MediaInfo 0.7.33 (Version: 0.7.33)
MeldaProduction MMultiBandGranular 7
Metal EZmix pack (Version: 1.0.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Automated Troubleshooting Services Shim
Microsoft Fix it Center (Version: 1.0.0080)
Microsoft Money Essentials (Version: 16)
Microsoft Money Shared Libraries (Version: 16.0.0.705)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Mildon HC38 Headphone Calibrator VST v1.0
MiPony 1.2.0 (Version: 1.2.0)
Monster MIDI Fills Pack (Version: 1.0.0)
Monster MIDI Package (Version: 1.0.0)
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MrvlUsgTracking (Version: 1.0.7)
MSRSD v4.24
Multimedia Card Reader (Version: 1.01.0000.00)
Native Instruments Abbey Road Modern Drums
Native Instruments Abbey Road Modern Drums (Version: 1.0.0.002)
Native Instruments Battery 4 (Version: 4.0.0.1981)
Native Instruments Compilation Vol. 1
Native Instruments Compilation Vol. 1 (Version: 1.0.0.001)
Native Instruments Controller Editor
Native Instruments Controller Editor (Version: 1.4.3.891)
Native Instruments Enhanced EQ
Native Instruments Enhanced EQ (Version: 1.0.0.171)
Native Instruments Guitar Rig 4
Native Instruments Guitar Rig 4 (Version: 4.0.7.960)
Native Instruments Guitar Rig 5
Native Instruments Guitar Rig 5 (Version: 5.1.0.2641)
Native Instruments Guitar Rig Mobile I/O
Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)
Native Instruments Guitar Rig Session I/O
Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)
Native Instruments Kontakt 3
Native Instruments Kontakt 4
Native Instruments Kontakt 4 (Version: 4.0.2.2813)
Native Instruments Kontakt 4 (Version: 4.2.2.4504)
Native Instruments Kontakt 4 Demo Content
Native Instruments Kontakt 4 Demo Content (Version: )
Native Instruments Kontakt 5
Native Instruments Kontakt 5 (Version: 5.1.0.6066)
Native Instruments Kore Player
Native Instruments Kore Player (Version: 2.1.0.9)
Native Instruments Massive
Native Instruments Massive (Version: 1.3.1.129)
Native Instruments Passive EQ
Native Instruments Passive EQ (Version: 1.0.0.171)
Native Instruments Rammfire
Native Instruments Rammfire (Version: 1.1.0.003)
Native Instruments Rig Kontrol 3
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)
Native Instruments Scarbee Funk Guitarist
Native Instruments Scarbee Funk Guitarist (Version: 1.0.0.001)
Native Instruments Service Center
Native Instruments Service Center (Version: 2.3.2.926)
Native Instruments Solid Bus Comp
Native Instruments Solid Bus Comp (Version: 1.0.0.003)
Native Instruments Solid Dynamics
Native Instruments Solid Dynamics (Version: 1.0.0.002)
Native Instruments Solid EQ
Native Instruments Solid EQ (Version: 1.0.0.001)
Native Instruments Solid Mix Series Mk2
Native Instruments Solid Mix Series Mk2 (Version: 1.0.0.001)
Native Instruments Transient Master FX
Native Instruments Transient Master FX (Version: 1.0.0.235)
Native Instruments Urban Arsenal
Native Instruments Urban Arsenal 2
Native Instruments Urban Arsenal 2 (Version: 1.0.0.004)
Native Instruments Vari Comp
Native Instruments Vari Comp (Version: 1.0.0.171)
Native Instruments VC 160 FX
Native Instruments VC 160 FX (Version: 1.0.0.246)
Native Instruments VC 2A FX
Native Instruments VC 2A FX (Version: 1.0.0.246)
Native Instruments VC 76 FX
Native Instruments VC 76 FX (Version: 1.0.0.246)
Nomad Factory Blue Tubes Pack v3.6 version 3.6 (Version: 3.6)
Nomad Factory Rock Amp Legends VST v1.0
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Opera 12.15 (Version: 12.15.1748)
Orbit Downloader
OverToneDSP VTE-2A Vintage EQ VST v1.0.3
PeerGuardian 2.0 (Version: 2.1.0.2)
Photo Transport (Version: 1.0.2)
Plugin Alliance Noveltech Character v1.1.1
Poise 1.1.50.43
PreSonus Studio One (Version: 1.0.0.9920)
Prism Video Converter
Process Hacker 2.14 (Version: 2.14)
Project64 1.6 (Version: 1.6)
ProjectSAM Symphobia 2
ProjectSAM Symphobia 2 (Version: 1.0.0.001)
PSP ClassicQ (Version: 1.8.0)
PSP ConsoleQ (Version: 1.8.0)
PSP McQ (Version: 1.8.0)
PSP MixPack2 2.1.0 32bit (Version: 2.1.0 32bit)
PSP NobleQ (Version: 1.7.0)
PSP preQursor (Version: 1.8.0)
PSP RetroQ (Version: 1.8.0)
PSP VintageWarmer2 32bit (Version: 2.5.2 32bit)
PSP X-Dither (Version: 1.0.0)
QuickTime (Version: 7.71.80.42)
RapidCRC 0.6.1 (Version: 0.6.1)
RealDownloader (Version: 1.3.1)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
RealStrat 1.0
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5730)
RealUpgrade 1.1 (Version: 1.1.0)
REAPER
Redwirez mixIR2 version 1.0.171 (Version: 1.0.171)
reFX Nexus 1.0.0 (Version: 1.0.0)
reFX Nexus 1.0.9
reFX Nexus 1.4.0
ReValver
ReValver Mk III
Revo Uninstaller 1.94 (Version: 1.94)
rgc:audio sfz VSTi v1.96
rgc:audio z3ta+ 1.5 (Version: 1.5)
Riffstation Trial version 1.4 (Version: 1.4)
RMVB Converter 1.8
Rock EZmix pack (Version: 1.0.0)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
SampleTank 2.5 (Version: 2.5.0)
Search Protection (Version: 7.5.0.1)
Secunia PSI
sfArk
SFPack
SHOUTcast Source DSP 1.9.1 (remove only)
Shred 1.06
Skulltag (Version: 98d)
Softube Bass Amp Room VST RTAS v1.0.2
Softube Metal Amp Room VST RTAS v1.1.5
Softube Vintage Amp Room VST RTAS v1.0.8
Songwriters Pack 3 (Version: 1.0.0)
SONiVOX DVI Les Paul
Sonnoxplugins Oxford Elite Collection Native v1.0
SoundToys Native Effects V4
SPL Analog Code Bundle v1.1
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.6 (Version: 4.6.0)
Steinberg Cubase SE
Steinberg Virtual Guitarist 2
Studio Devil AMP
Studio Instruments 1.0 (Version: 1.0)
Sugar Bytes Turnado 1.0.1 (Version: 1.0.1)
SUPERAntiSpyware (Version: 4.38.1004)
Superior Drummer 32-bit (Version: 2.3.2)
Switch Sound File Converter
Sylenth1 v2.21
Synaptics Pointing Device Driver (Version: 11.1.22.0)
Syncrosoft's License Control
Torq 2.0 (Version: 2.00.13969)
T-RackS 3 Deluxe (Version: 1.0.0)
TreeSize Free V2.4 (Version: 2.4)
Tweaking.com - Windows Repair (All in One) (Version: 1.9.12)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB 2.0 1.3M UVC WebCam
Vertigo VSC-2 1.0
Vir2 Instruments VI.ONE
Virtual DJ - Atomix Productions
VirtualCloneDrive
Visual C++ Redistributables (Version: 1.2.0.5555)
VLC media player 1.0.1 (Version: 1.0.1)
Voxengo Soniformer VST 2.6
Voxengo TransGainer version 1.5 (Version: 1.5)
Wave Arts FinalPlug DX VST RTAS v5.06
Wave Arts MasterVerb DX VST RTAS v5.07
Wave Arts MultiDynamics DX VST RTAS v5.06
WaveArts TrackPlug DX VST RTAS v5.06
WavePad Sound Editor
Waves Diamond Bundle v5.2
Waves GTR 3 (Version: 1.0)
WD SmartWare (Version: 1.4.1.1)
WIDCOMM Bluetooth Software (Version: 5.2.0.500)
Winamp (Version: 5.572 )
Winamp Detector Plug-in (Version: 1.0.0.1)
WinAVI Video Converter
Windows Live Messenger (Version: 8.1.0178.00)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPatrol (Version: 28.6.2013.0)
WinRAR archiver
WOK CLOCKWOrK Vintage Stepsequencer VST v1.0
WOK D-Arp dual MIDI Arpeggiator VST v1.0
WOK EFU-1 Echo Freeze Unit VST v1.0
WOK Flexfilterbank 2 VST v2.1
Wolfram version 1.2.1 (Version: 1.2.1)
Zandronum (Version: 1.0)
 
========================= Devices: ================================
 
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: isatap.{31B6415E-D84F-4D8A-83E4-CAA466482E8A}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 67%
Total physical RAM: 3036.41 MB
Available physical RAM: 996.18 MB
Total Pagefile: 6277.07 MB
Available Pagefile: 3155.01 MB
Total Virtual: 2047.88 MB
Available Virtual: 1951.24 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:222.88 GB) (Free:22.81 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JUSTINTLEUNG-PC
 
Administrator            ASPNET                   Guest                    
Justin T Leung           
 
 
**** End of log ****
 
 
 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.03.29.04
 
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Justin T Leung :: JUSTINTLEUNG-PC [administrator]
 
3/29/2014 3:34:21 PM
mbam-log-2014-03-29 (15-34-21).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 280766
Time elapsed: 24 minute(s), 35 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/29/2014 04:59:31 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!
 
  * HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!
 
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 03/29/2014 05:06:58 PM
Execution time: 0 hours(s), 7 minute(s), and 27 seconds(s)
 

Edited by korniceman3000, 29 March 2014 - 04:18 PM.


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:38 AM

Posted 29 March 2014 - 04:45 PM

I still need MBAR logs.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 korniceman3000

korniceman3000
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 30 March 2014 - 01:21 PM

Hi Broni,

 

Sorry about the wait. It look longer than expected and stalled the first time. Please find the logs below:

Would also like to note that I have now regained access to hotmail.com and yahoo.com after I flushed the dns.

 

 

 

SYSTEM LOG

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.162000 GHz
Memory total: 3183910912, free: 1054728192
 
Downloaded database version: v2014.03.29.06
Downloaded database version: v2014.03.27.01
=======================================
Initializing...
------------ Kernel report ------------
     03/29/2014 16:10:25
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\TPkd.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rtlh86.sys
\SystemRoot\system32\DRIVERS\athr.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\ATKACPI.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\System32\Drivers\pcouffin.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\IntcHdmi.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\NuidFltr.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\snp2uvc.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\sncduvc.SYS
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswRdr.SYS
\SystemRoot\system32\drivers\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Program Files\Sandboxie\SbieDrv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\int15.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86c09968
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff860fb028
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86c09968, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86c09588, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86c09968, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff860fe900, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff860fb028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1FB31D2B
 
Partition information:
 
    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 20971520
 
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 20973568  Numsec = 467421184
    Partition is not bootable
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 250059350016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-62-488377168-488397168)...
Done!
Scan Interrupted
Scan was aborted.
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-20973568-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.162000 GHz
Memory total: 3183910912, free: 1905483776
 
=======================================
 
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.161000 GHz
Memory total: 3183910912, free: 1733136384
 
Initializing...
=======================================
------------ Kernel report ------------
     03/29/2014 18:29:54
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\TPkd.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rtlh86.sys
\SystemRoot\system32\DRIVERS\athr.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\ATKACPI.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\System32\Drivers\pcouffin.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\IntcHdmi.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\system32\DRIVERS\NuidFltr.sys
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\snp2uvc.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\sncduvc.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswRdr.SYS
\SystemRoot\system32\drivers\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Program Files\Sandboxie\SbieDrv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\int15.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\wdcsam.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR2
Upper Device Object: 0xffffffff871e83e0
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\000000a2\
Lower Device Object: 0xffffffff85a56410
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86b39ac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff8619a028
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86b39ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86b397b0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86b39ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff8574b678, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8619a028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1FB31D2B
 
Partition information:
 
    Partition 0 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 20971520
 
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 20973568  Numsec = 467421184
    Partition is not bootable
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 250059350016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-62-488377168-488397168)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff871e83e0, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff85a56788, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff871e83e0, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff85a56410, DeviceName: \Device\000000a2\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 64002
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 3906961408
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 2000365289472 bytes
Sector size: 512 bytes
 
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-20973568-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished
 

 

 

MBAR LOG

 

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
 
Database version: v2014.03.29.06
 
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Justin T Leung :: JUSTINTLEUNG-PC [administrator]
 
3/29/2014 6:30:04 PM
mbar-log-2014-03-29 (18-30-04).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 289539
Time elapsed: 56 minute(s), 32 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:38 AM

Posted 30 March 2014 - 01:22 PM

Thanks :)

 

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Click on "Run ESET Online Scanner" button.
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 korniceman3000

korniceman3000
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 31 March 2014 - 01:34 PM

Hi Broni and thank you for your help.

 

Please find the following logs below.

 

ESET Online Scanner Log (03-30-2014)

 

C:\FRST\Quarantine\Desktop.ini Win32/Sirefef.EZ trojan
C:\FRST\Quarantine\{1ec6a51f-804c-3b4d-6c80-a239b6741082}\U\00000004.@ Win32/Conedex.D trojan
C:\FRST\Quarantine\{1ec6a51f-804c-3b4d-6c80-a239b6741082}\U\00000008.@ Win32/Sirefef.FG trojan
C:\FRST\Quarantine\{1ec6a51f-804c-3b4d-6c80-a239b6741082}\U\000000cb.@ Win32/Conedex.E trojan
C:\FRST\Quarantine\{1ec6a51f-804c-3b4d-6c80-a239b6741082}\{1ec6a51f-804c-3b4d-6c80-a239b6741082}\n Win32/Sirefef.EV trojan
C:\Qoobox\Quarantine\C\Windows\assembly\GAC\Desktop.ini.vir Win32/Sirefef.EZ trojan
C:\Qoobox\Quarantine\C\Windows\System32\Services.exe.vir Win32/Sirefef.FB.Gen trojan
 

 

 

AdwCleaner[S0] (03-30-2014)

 

# AdwCleaner v3.022 - Report created 30/03/2014 at 18:32:32
# Updated 13/03/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Justin T Leung - JUSTINTLEUNG-PC
# Running from : C:\Users\Justin T Leung\Downloads\adwcleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files\File Type Helper
Folder Deleted : C:\Program Files\orbitdownloader
Folder Deleted : C:\Program Files\WinZip Registry Optimizer
Folder Deleted : C:\Users\Justin T Leung\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\Justin T Leung\AppData\Roaming\Search Protection
File Deleted : C:\END
File Deleted : C:\Users\Justin T Leung\AppData\Roaming\Mozilla\Firefox\Profiles\i3j6vqr0.default\invalidprefs.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitdm.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Orbitdownloader\orbitnet.exe]
Key Deleted : HKCU\Software\Orbit
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Orbit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Fast Free Converter
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Orbit_is1
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16540
 
 
-\\ Mozilla Firefox v21.0 (en-US)
 
[ File : C:\Users\Justin T Leung\AppData\Roaming\Mozilla\Firefox\Profiles\i3j6vqr0.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Justin T Leung\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3419 octets] - [30/03/2014 18:28:37]
AdwCleaner[S0].txt - [3410 octets] - [30/03/2014 18:32:32]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3470 octets] ##########
 
 
 
JRT (03-30-2014)
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista ™ Home Premium x86
Ran by Justin T Leung on Sun 03/30/2014 at 18:50:16.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Justin T Leung\AppData\Roaming\mozilla\firefox\profiles\i3j6vqr0.default\minidumps [1 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/30/2014 at 18:59:11.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:38 AM

Posted 31 March 2014 - 01:44 PM

How is computer doing?

 

p22002970.gif Update Firefox to the current 28.0 version.

 

p22002970.gif Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 korniceman3000

korniceman3000
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 31 March 2014 - 02:59 PM

Hi Broni,

 

I am happy to report that all is running well and I am now able to access all sites using Chrome/IE/Firefox/Opera and there are no re-directions, blocked pages, or error reports. The removal of the temp. files also freed at least 650 mb of drive space as well.

 

I will definitely upgrade both Firefix and Adobe Reader when I get home.

 

Thank you very much for helping me resolve this issue!! Your help is greatly appreciated!

Best regards!



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:38 AM

Posted 31 March 2014 - 04:51 PM

Way to go!! p4193510.gif
Good luck and stay safe :)
 


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users