Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

lab.search. conduit.com Removal Help Needed


  • Please log in to reply
1 reply to this topic

#1 ejob

ejob

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 16 May 2014 - 10:07 AM

I found this thread and I just got done running everything! If your still around I would love for you to take a look at what it came back with:

 

This is going to be a long post:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by nico52 (administrator) on 16-05-2014 at 09:14:17
Running from "C:\Users\nico52\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : AJ
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : att.net

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 84-34-97-19-68-E6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:306:bdb8:4180:f4ac:5ac3:e9d1:73fb(Preferred)
   Temporary IPv6 Address. . . . . . : 2602:306:bdb8:4180:e56a:9a1d:3605:8cc1(Preferred)
   Link-local IPv6 Address . . . . . : fe80::f4ac:5ac3:e9d1:73fb%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.251(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, May 13, 2014 9:04:42 AM
   Lease Expires . . . . . . . . . . : Saturday, May 17, 2014 9:04:50 AM
   Default Gateway . . . . . . . . . : fe80::b277:acff:fe1b:b000%12
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 260322455
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-6F-35-90-84-34-97-19-68-E6
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.att.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:3805:384:3f57:fe04(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3805:384:3f57:fe04%14(Preferred)
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dsldevice.att.net
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4009:800::1007
      173.194.46.72
      173.194.46.65
      173.194.46.68
      173.194.46.69
      173.194.46.78
      173.194.46.73
      173.194.46.70
      173.194.46.66
      173.194.46.64
      173.194.46.67
      173.194.46.71


Pinging google.com [2607:f8b0:4009:800::1007] with 32 bytes of data:
Reply from 2607:f8b0:4009:800::1007: time=34ms
Reply from 2607:f8b0:4009:800::1007: time=34ms

Ping statistics for 2607:f8b0:4009:800::1007:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 34ms, Maximum = 34ms, Average = 34ms
Server:  dsldevice.att.net
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.139.183.24
      98.138.253.109
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=57ms TTL=44
Reply from 98.139.183.24: bytes=32 time=57ms TTL=44

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 57ms, Maximum = 57ms, Average = 57ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...84 34 97 19 68 e6 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.251     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.251    276
    192.168.1.251  255.255.255.255         On-link     192.168.1.251    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.251    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.251    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.251    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    276 ::/0                     fe80::b277:acff:fe1b:b000
  1    306 ::1/128                  On-link
 14    306 2001::/32                On-link
 14    306 2001:0:9d38:6abd:3805:384:3f57:fe04/128
                                    On-link
 12    276 2602:306:bdb8:4180::/64  On-link
 12    276 2602:306:bdb8:4180:e56a:9a1d:3605:8cc1/128
                                    On-link
 12    276 2602:306:bdb8:4180:f4ac:5ac3:e9d1:73fb/128
                                    On-link
 12    276 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::3805:384:3f57:fe04/128
                                    On-link
 12    276 fe80::f4ac:5ac3:e9d1:73fb/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/16/2014 07:59:28 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 29.0.1.5239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3668

Start Time: 01cf709ec695f85d

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: e7a6b0ae-dcf9-11e3-be84-8434971968e6

Faulting package full name:

Faulting package-relative application ID:

Error: (05/16/2014 07:44:56 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Faulting module name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Exception code: 0x40000015
Fault offset: 0x0007d28a
Faulting process id: 0x1ef4
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
Faulting package full name: mbamservice.exe4
Faulting package-relative application ID: mbamservice.exe5

Error: (05/15/2014 08:52:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x3228
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:51:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x3234
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:51:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x2e08
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:50:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x36ac
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:50:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x29e4
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:49:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x2b84
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:49:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1b3c
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:48:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x36c8
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5


System errors:
=============
Error: (05/16/2014 07:45:47 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/14/2014 00:02:28 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (05/14/2014 00:02:28 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/14/2014 00:02:27 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.


Microsoft Office Sessions:
=========================
Error: (05/16/2014 07:59:28 AM) (Source: Application Hang)(User: )
Description: firefox.exe29.0.1.5239366801cf709ec695f85d4294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exee7a6b0ae-dcf9-11e3-be84-8434971968e6

Error: (05/16/2014 07:44:56 AM) (Source: Application Error)(User: )
Description: mbamservice.exe2.1.9.0530619b7mbamservice.exe2.1.9.0530619b7400000150007d28a1ef401cf71049ff0fa64C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exee1b24899-dcf7-11e3-be84-8434971968e6

Error: (05/15/2014 08:52:00 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c000000500000000322801cf70a96699c4acC:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknownab423855-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:51:58 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c000000500000000323401cf70a965f0952eC:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknowna9fb01c3-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:51:52 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c0000005000000002e0801cf70a963f4e3bfC:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknowna614df10-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:50:59 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c00000050000000036ac01cf70a94396655fC:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknown86b050c7-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:50:46 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c00000050000000029e401cf70a93c4dbce1C:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknown7ed42a41-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:49:38 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c0000005000000002b8401cf70a913661338C:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknown564e39d2-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:49:03 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c0000005000000001b3c01cf70a8feef45f7C:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknown41d03f5a-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:48:36 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c00000050000000036c801cf70a8ef18968dC:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknown319713cb-dc9c-11e3-be84-8434971968e6


=========================== Installed Programs ============================

4 Elements II (Version: 2.2.0.98)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 13.0.0.83)
Adobe Creative Cloud (Version: 2.5.1.369)
Adobe Flash Player 13 Plugin (Version: 13.0.0.214)
Adobe Photoshop CC (Version: 14.0)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
aioscnnr (Version: 7.6.13.10)
AliG SLF (Version: 2.4.5)
Ashampoo Snap 6 v.6.0.10 (Version: 6.0.10)
Ashampoo Snap 7 v.7.0.4 (Version: 7.0.4)
Audacity 2.0.5 (Version: 2.0.5)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.86)
AVG 2014 (Version: 14.0.3950)
AVG 2014 (Version: 14.0.4570)
AVG 2014 (Version: 2014.0.4570)
AVG SafeGuard toolbar (Version: 18.1.5.512)
Bejeweled 3 (Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Build-a-lot 4 - Power Source (Version: 2.2.0.98)
Camtasia Studio 8 (Version: 8.2.1.1423)
center (Version: 7.7.2.0)
Chuzzle Deluxe (Version: 2.2.0.95)
Citrix Online Launcher (Version: 1.0.168)
Cradle Of Egypt Collector's Edition (Version: 2.2.0.98)
Cradle of Rome 2 (Version: 2.2.0.98)
CyberLink LabelPrint (Version: 2.5.1.5407)
CyberLink Media Suite 10 (Version: 10.0.1.1916)
CyberLink PhotoDirector (Version: 2.0.1.3119)
CyberLink Power2Go 8 (Version: 8.0.1.1926)
CyberLink PowerDirector 10 (Version: 10.0.1.1925)
CyberLink PowerDVD (Version: 10.0.6.4319)
CyberLink YouCam (Version: 3.5.4.5527)
D3DX10 (Version: 15.4.2368.0902)
Dropbox (Version: 2.6.2)
EasyVideoSuite (Version: 1.0.0)
Energy Star (Version: 1.0.8)
essentials (Version: 7.7.2.0)
Evernote v. 5.3.1 (Version: 5.3.1.3363)
Farm Frenzy (Version: 2.2.0.98)
FATE: The Cursed King (Version: 2.2.0.97)
FB Ad Express (Version: 1.0.0)
Final Drive Fury (Version: 2.2.0.95)
FlatOut 2 (Version: 2.2.0.98)
Google Chrome (Version: 34.0.1847.137)
Google Drive (Version: 1.15.6556.8063)
Google Talk Plugin (Version: 5.3.1.18536)
Google Update Helper (Version: 1.3.24.7)
GoToMeeting 6.2.0.1350 (Version: 6.2.0.1350)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.0.0 (Version: 1.00.0000)
Hot Lead Finder v3.9.3 (Version: 3.9.3)
Hoyle Card Games (Version: 2.2.0.95)
HP 3D DriveGuard (Version: 4.2.5.1)
HP Connected Backup (Version: 8.7.0.0)
HP Connected Music (Meridian - installer) (Version: v1.0)
HP CoolSense (Version: 2.10.3)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.0.0)
HP Games (Version: 1.0.3.0)
HP MyRoom (Version: 9.0.0.0)
HP Postscript Converter (Version: 3.1.3554)
HP Quick Launch (Version: 3.0.4)
HP Recovery Manager (Version: 7.00)
HP Registration Service (Version: 1.0.5976.4186)
HP SimplePass (Version: 6.0.100.244)
HP Software Framework (Version: 4.6.8.1)
HP Support Assistant (Version: 7.0.32.44)
HP Utility Center (Version: 1.0.7)
HP Wireless Button Driver (Version: 1.0.5.1)
HydraVid PRO (Version: 1.1.2)
IDT Audio (Version: 1.0.6417.0)
Intel® Control Center (Version: 1.2.1.1008)
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 9.17.10.2817)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 7 Update 55 (Version: 7.0.550)
Java Auto Updater (Version: 2.1.9.8)
Jewel Match 3 (Version: 2.2.0.98)
Jing (Version: 2.8.13007.1)
John Deere Drive Green (Version: 2.2.0.95)
KD Auction - 1  (Version: 1.9.0.47)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK AiO Software (Version: 7.7.6.0)
LocalAvenger (Version: 2.0.7)
Localizer Leads Tool (Version: 3.5.6)
LongTailPro - Version 2.4.23 (Version: 2.4.23)
Luxor Evolved (Version: 2.2.0.98)
Mahjongg Dimensions Deluxe: Tiles in Time (Version: 2.2.0.98)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Micro Niche Finder 5.0 (Version: 5.7.46.0)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 365 - en-us (Version: 15.0.4605.1003)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SkyDrive (Version: 17.0.2015.0811)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (Version: 11.0.61030.0)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030)
Mobile Renegade 1.55 (Version: 1.55)
Mobilizer (Version: 1.5)
Mortimer Beckett and the Crimson Thief Premium Edition (Version: 2.2.0.98)
Mozilla Firefox 29.0.1 (x86 en-US) (Version: 29.0.1)
Mozilla Maintenance Service (Version: 29.0)
MSVCRT (Version: 15.4.2862.0708)
Mystery P.I. - Curious Case of Counterfeit Cove (Version: 2.2.0.98)
NicheSensei 2.0 (Version: 2.0.0.43)
Notepad++ (Version: 6.5.5)
ocr (Version: 6.2.3.50)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4605.1003)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003)
Office 15 Click-to-Run Localization Component (Version: 15.0.4605.1003)
OpenOffice 4.0.1 (Version: 4.01.9714)
PDF Settings CC (Version: 12.0)
Peggle Nights (Version: 2.2.0.98)
Penguins! (Version: 2.2.0.98)
Pokki (Version: 0.267.1.208)
Pokki Download Helper (Version: 1.3.1.282)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
PreReq (Version: 6.2.4.0)
PrintProjects (Version: 1.0.0.9282)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (Version: 5.0.2.0)
Realtek Ethernet Controller Driver (Version: 8.3.730.2012)
Realtek PCIE Card Reader (Version: 6.2.8400.27025)
Roads of Rome 3 (Version: 2.2.0.98)
Skype™ 6.14 (Version: 6.14.104)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.10.12)
Tales of Lagoona (Version: 2.2.0.110)
TeamViewer 9 (Version: 9.0.28223)
Tixati
Update Installer for WildTangent Games App
Vacation Quest™ - Australia (Version: 2.2.0.98)
Validity WBF DDK (Version: 4.4.234.0)
Video Prospector Pro (Version: 2.2.0)
Video Vantage (Version: 0.2.7)
VideoMakerFX (Version: 1.0)
VideoMakerFX ProThemes May Addon 1.0 (Version: 1.0)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 2.1.2 (Version: 2.1.2)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Version: 4.0.9.6)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Your Software Deals 1.0.0 (Version: 1.0.0)
Zuma's Revenge (Version: 2.2.0.98)

========================= Memory info: ===================================

Percentage of memory in use: 80%
Total physical RAM: 8088.27 MB
Available physical RAM: 1616.36 MB
Total Pagefile: 9304.27 MB
Available Pagefile: 2944.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.42 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:671.53 GB) (Free:447.4 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:26.33 GB) (Free:3.11 GB) NTFS

========================= Users: ========================================

User accounts for \\AJ

Adam                     Administrator            Guest                    
nico52                   

========================= Restore Points ==================================

01-05-2014 01:43:47 Removed Microsoft Silverlight
06-05-2014 08:00:19 Windows Update
07-05-2014 20:21:25 Installed VideoMakerFX
13-05-2014 14:38:32 Installed Evernote v. 5.3.1
16-05-2014 12:41:57 Removed Traffic-Mice

**** End of log ****
 

Farbar Service Scanner Version: 14-05-2014
Ran by nico52 (administrator) on 16-05-2014 at 09:13:07
Running from "C:\Users\nico52\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2014-01-21 16:41] - [2013-09-03 22:11] - 0576512 ____A (Microsoft Corporation) 7C0E0EDF18D6CC565D7BFBB451709FA5

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2014-04-11 22:05] - [2014-01-26 22:42] - 2232664 ____A (Microsoft Corporation) B23882881EFD9404B62993906BC38709

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2014-01-25 08:41] - [2013-10-31 00:56] - 0915968 ____A (Microsoft Corporation) 9DE3341BD4E14BC5FADFCAD3019F2D0D

C:\Windows\System32\bfe.dll
[2014-01-21 16:37] - [2013-10-10 04:20] - 0723968 ____A (Microsoft Corporation) 53AA55632B94622F2DC3695E86EF9363

C:\Windows\System32\drivers\mpsdrv.sys
[2014-01-25 08:41] - [2013-10-30 22:42] - 0074752 ____A (Microsoft Corporation) 4CCBBD4944777CA100B9A6C2F149A46F

C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2014-01-25 08:42] - [2013-10-08 17:27] - 3279872 ____A (Microsoft Corporation) 311E5E1976E0BD9110A88B93158055D5

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2014-03-13 00:23] - [2013-10-24 17:34] - 1571328 ____A (Microsoft Corporation) 8077537B1600AF493E7EE1A7A5C90799

C:\Program Files\Windows Defender\MsMpEng.exe
[2014-03-13 00:23] - [2013-10-25 02:34] - 0016048 ____A (Microsoft Corporation) 0BB1CEE3514CE93A0A4E6376A9038EFF

C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by nico52 (administrator) on 16-05-2014 at 09:14:17
Running from "C:\Users\nico52\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : AJ
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : att.net

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 84-34-97-19-68-E6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:306:bdb8:4180:f4ac:5ac3:e9d1:73fb(Preferred)
   Temporary IPv6 Address. . . . . . : 2602:306:bdb8:4180:e56a:9a1d:3605:8cc1(Preferred)
   Link-local IPv6 Address . . . . . : fe80::f4ac:5ac3:e9d1:73fb%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.251(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, May 13, 2014 9:04:42 AM
   Lease Expires . . . . . . . . . . : Saturday, May 17, 2014 9:04:50 AM
   Default Gateway . . . . . . . . . : fe80::b277:acff:fe1b:b000%12
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 260322455
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-6F-35-90-84-34-97-19-68-E6
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.att.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:3805:384:3f57:fe04(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3805:384:3f57:fe04%14(Preferred)
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dsldevice.att.net
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4009:800::1007
      173.194.46.72
      173.194.46.65
      173.194.46.68
      173.194.46.69
      173.194.46.78
      173.194.46.73
      173.194.46.70
      173.194.46.66
      173.194.46.64
      173.194.46.67
      173.194.46.71


Pinging google.com [2607:f8b0:4009:800::1007] with 32 bytes of data:
Reply from 2607:f8b0:4009:800::1007: time=34ms
Reply from 2607:f8b0:4009:800::1007: time=34ms

Ping statistics for 2607:f8b0:4009:800::1007:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 34ms, Maximum = 34ms, Average = 34ms
Server:  dsldevice.att.net
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.139.183.24
      98.138.253.109
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=57ms TTL=44
Reply from 98.139.183.24: bytes=32 time=57ms TTL=44

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 57ms, Maximum = 57ms, Average = 57ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...84 34 97 19 68 e6 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.251     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.251    276
    192.168.1.251  255.255.255.255         On-link     192.168.1.251    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.251    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.251    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.251    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    276 ::/0                     fe80::b277:acff:fe1b:b000
  1    306 ::1/128                  On-link
 14    306 2001::/32                On-link
 14    306 2001:0:9d38:6abd:3805:384:3f57:fe04/128
                                    On-link
 12    276 2602:306:bdb8:4180::/64  On-link
 12    276 2602:306:bdb8:4180:e56a:9a1d:3605:8cc1/128
                                    On-link
 12    276 2602:306:bdb8:4180:f4ac:5ac3:e9d1:73fb/128
                                    On-link
 12    276 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::3805:384:3f57:fe04/128
                                    On-link
 12    276 fe80::f4ac:5ac3:e9d1:73fb/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/16/2014 07:59:28 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 29.0.1.5239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3668

Start Time: 01cf709ec695f85d

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: e7a6b0ae-dcf9-11e3-be84-8434971968e6

Faulting package full name:

Faulting package-relative application ID:

Error: (05/16/2014 07:44:56 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Faulting module name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Exception code: 0x40000015
Fault offset: 0x0007d28a
Faulting process id: 0x1ef4
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
Faulting package full name: mbamservice.exe4
Faulting package-relative application ID: mbamservice.exe5

Error: (05/15/2014 08:52:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x3228
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:51:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x3234
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:51:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x2e08
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:50:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x36ac
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:50:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x29e4
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:49:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x2b84
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:49:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1b3c
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5

Error: (05/15/2014 08:48:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: Browser.exe, version: 0.0.0.0, time stamp: 0x51f5c9a0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x36c8
Faulting application start time: 0xBrowser.exe0
Faulting application path: Browser.exe1
Faulting module path: Browser.exe2
Report Id: Browser.exe3
Faulting package full name: Browser.exe4
Faulting package-relative application ID: Browser.exe5


System errors:
=============
Error: (05/16/2014 07:45:47 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (05/14/2014 00:18:19 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/14/2014 00:02:28 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.

Error: (05/14/2014 00:02:28 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (05/14/2014 00:02:27 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 40. The Windows SChannel error state is 107.


Microsoft Office Sessions:
=========================
Error: (05/16/2014 07:59:28 AM) (Source: Application Hang)(User: )
Description: firefox.exe29.0.1.5239366801cf709ec695f85d4294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exee7a6b0ae-dcf9-11e3-be84-8434971968e6

Error: (05/16/2014 07:44:56 AM) (Source: Application Error)(User: )
Description: mbamservice.exe2.1.9.0530619b7mbamservice.exe2.1.9.0530619b7400000150007d28a1ef401cf71049ff0fa64C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exee1b24899-dcf7-11e3-be84-8434971968e6

Error: (05/15/2014 08:52:00 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c000000500000000322801cf70a96699c4acC:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknownab423855-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:51:58 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c000000500000000323401cf70a965f0952eC:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknowna9fb01c3-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:51:52 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c0000005000000002e0801cf70a963f4e3bfC:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknowna614df10-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:50:59 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c00000050000000036ac01cf70a94396655fC:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknown86b050c7-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:50:46 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c00000050000000029e401cf70a93c4dbce1C:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknown7ed42a41-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:49:38 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c0000005000000002b8401cf70a913661338C:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknown564e39d2-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:49:03 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c0000005000000001b3c01cf70a8feef45f7C:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknown41d03f5a-dc9c-11e3-be84-8434971968e6

Error: (05/15/2014 08:48:36 PM) (Source: Application Error)(User: )
Description: Browser.exe0.0.0.051f5c9a0unknown0.0.0.000000000c00000050000000036c801cf70a8ef18968dC:\Users\nico52\AppData\Roaming\UBot Studio\Browser\4.2.20\Browser.exeunknown319713cb-dc9c-11e3-be84-8434971968e6


=========================== Installed Programs ============================

4 Elements II (Version: 2.2.0.98)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 13.0.0.83)
Adobe Creative Cloud (Version: 2.5.1.369)
Adobe Flash Player 13 Plugin (Version: 13.0.0.214)
Adobe Photoshop CC (Version: 14.0)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
aioscnnr (Version: 7.6.13.10)
AliG SLF (Version: 2.4.5)
Ashampoo Snap 6 v.6.0.10 (Version: 6.0.10)
Ashampoo Snap 7 v.7.0.4 (Version: 7.0.4)
Audacity 2.0.5 (Version: 2.0.5)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.86)
AVG 2014 (Version: 14.0.3950)
AVG 2014 (Version: 14.0.4570)
AVG 2014 (Version: 2014.0.4570)
AVG SafeGuard toolbar (Version: 18.1.5.512)
Bejeweled 3 (Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Build-a-lot 4 - Power Source (Version: 2.2.0.98)
Camtasia Studio 8 (Version: 8.2.1.1423)
center (Version: 7.7.2.0)
Chuzzle Deluxe (Version: 2.2.0.95)
Citrix Online Launcher (Version: 1.0.168)
Cradle Of Egypt Collector's Edition (Version: 2.2.0.98)
Cradle of Rome 2 (Version: 2.2.0.98)
CyberLink LabelPrint (Version: 2.5.1.5407)
CyberLink Media Suite 10 (Version: 10.0.1.1916)
CyberLink PhotoDirector (Version: 2.0.1.3119)
CyberLink Power2Go 8 (Version: 8.0.1.1926)
CyberLink PowerDirector 10 (Version: 10.0.1.1925)
CyberLink PowerDVD (Version: 10.0.6.4319)
CyberLink YouCam (Version: 3.5.4.5527)
D3DX10 (Version: 15.4.2368.0902)
Dropbox (Version: 2.6.2)
EasyVideoSuite (Version: 1.0.0)
Energy Star (Version: 1.0.8)
essentials (Version: 7.7.2.0)
Evernote v. 5.3.1 (Version: 5.3.1.3363)
Farm Frenzy (Version: 2.2.0.98)
FATE: The Cursed King (Version: 2.2.0.97)
FB Ad Express (Version: 1.0.0)
Final Drive Fury (Version: 2.2.0.95)
FlatOut 2 (Version: 2.2.0.98)
Google Chrome (Version: 34.0.1847.137)
Google Drive (Version: 1.15.6556.8063)
Google Talk Plugin (Version: 5.3.1.18536)
Google Update Helper (Version: 1.3.24.7)
GoToMeeting 6.2.0.1350 (Version: 6.2.0.1350)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.0.0 (Version: 1.00.0000)
Hot Lead Finder v3.9.3 (Version: 3.9.3)
Hoyle Card Games (Version: 2.2.0.95)
HP 3D DriveGuard (Version: 4.2.5.1)
HP Connected Backup (Version: 8.7.0.0)
HP Connected Music (Meridian - installer) (Version: v1.0)
HP CoolSense (Version: 2.10.3)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.0.0)
HP Games (Version: 1.0.3.0)
HP MyRoom (Version: 9.0.0.0)
HP Postscript Converter (Version: 3.1.3554)
HP Quick Launch (Version: 3.0.4)
HP Recovery Manager (Version: 7.00)
HP Registration Service (Version: 1.0.5976.4186)
HP SimplePass (Version: 6.0.100.244)
HP Software Framework (Version: 4.6.8.1)
HP Support Assistant (Version: 7.0.32.44)
HP Utility Center (Version: 1.0.7)
HP Wireless Button Driver (Version: 1.0.5.1)
HydraVid PRO (Version: 1.1.2)
IDT Audio (Version: 1.0.6417.0)
Intel® Control Center (Version: 1.2.1.1008)
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 9.17.10.2817)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 7 Update 55 (Version: 7.0.550)
Java Auto Updater (Version: 2.1.9.8)
Jewel Match 3 (Version: 2.2.0.98)
Jing (Version: 2.8.13007.1)
John Deere Drive Green (Version: 2.2.0.95)
KD Auction - 1  (Version: 1.9.0.47)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK AiO Software (Version: 7.7.6.0)
LocalAvenger (Version: 2.0.7)
Localizer Leads Tool (Version: 3.5.6)
LongTailPro - Version 2.4.23 (Version: 2.4.23)
Luxor Evolved (Version: 2.2.0.98)
Mahjongg Dimensions Deluxe: Tiles in Time (Version: 2.2.0.98)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Micro Niche Finder 5.0 (Version: 5.7.46.0)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 365 - en-us (Version: 15.0.4605.1003)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SkyDrive (Version: 17.0.2015.0811)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (Version: 11.0.61030.0)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030)
Mobile Renegade 1.55 (Version: 1.55)
Mobilizer (Version: 1.5)
Mortimer Beckett and the Crimson Thief Premium Edition (Version: 2.2.0.98)
Mozilla Firefox 29.0.1 (x86 en-US) (Version: 29.0.1)
Mozilla Maintenance Service (Version: 29.0)
MSVCRT (Version: 15.4.2862.0708)
Mystery P.I. - Curious Case of Counterfeit Cove (Version: 2.2.0.98)
NicheSensei 2.0 (Version: 2.0.0.43)
Notepad++ (Version: 6.5.5)
ocr (Version: 6.2.3.50)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4605.1003)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003)
Office 15 Click-to-Run Localization Component (Version: 15.0.4605.1003)
OpenOffice 4.0.1 (Version: 4.01.9714)
PDF Settings CC (Version: 12.0)
Peggle Nights (Version: 2.2.0.98)
Penguins! (Version: 2.2.0.98)
Pokki (Version: 0.267.1.208)
Pokki Download Helper (Version: 1.3.1.282)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
PreReq (Version: 6.2.4.0)
PrintProjects (Version: 1.0.0.9282)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (Version: 5.0.2.0)
Realtek Ethernet Controller Driver (Version: 8.3.730.2012)
Realtek PCIE Card Reader (Version: 6.2.8400.27025)
Roads of Rome 3 (Version: 2.2.0.98)
Skype™ 6.14 (Version: 6.14.104)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.10.12)
Tales of Lagoona (Version: 2.2.0.110)
TeamViewer 9 (Version: 9.0.28223)
Tixati
Update Installer for WildTangent Games App
Vacation Quest™ - Australia (Version: 2.2.0.98)
Validity WBF DDK (Version: 4.4.234.0)
Video Prospector Pro (Version: 2.2.0)
Video Vantage (Version: 0.2.7)
VideoMakerFX (Version: 1.0)
VideoMakerFX ProThemes May Addon 1.0 (Version: 1.0)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 2.1.2 (Version: 2.1.2)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Version: 4.0.9.6)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Your Software Deals 1.0.0 (Version: 1.0.0)
Zuma's Revenge (Version: 2.2.0.98)

========================= Memory info: ===================================

Percentage of memory in use: 80%
Total physical RAM: 8088.27 MB
Available physical RAM: 1616.36 MB
Total Pagefile: 9304.27 MB
Available Pagefile: 2944.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.42 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:671.53 GB) (Free:447.4 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:26.33 GB) (Free:3.11 GB) NTFS

========================= Users: ========================================

User accounts for \\AJ

Adam                     Administrator            Guest                    
nico52                   

========================= Restore Points ==================================

01-05-2014 01:43:47 Removed Microsoft Silverlight
06-05-2014 08:00:19 Windows Update
07-05-2014 20:21:25 Installed VideoMakerFX
13-05-2014 14:38:32 Installed Evernote v. 5.3.1
16-05-2014 12:41:57 Removed Traffic-Mice

**** End of log ****
 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.05.16.08

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16897
nico52 :: AJ [administrator]

5/16/2014 9:18:25 AM
mbar-log-2014-05-16 (09-18-25).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 341386
Time elapsed: 26 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16897

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 8481169408, free: 1484062720

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16897

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 8481169408, free: 1527959552

Downloaded database version: v2014.05.16.08
Downloaded database version: v2014.03.27.01
Initializing...
======================
Done!
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 4463ED8

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 1465149167

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 337267504
    GPT Header CurrentLba = 1 BackupLba 1465149167
    GPT Header FirstUsableLba 34  LastUsableLba 1465149134
    GPT Header Guid db36cdd8-6a1-4593-82f7-fe8be9635ce3
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 337267504
    Backup GPT header CurrentLba = 1465149167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1465149134
    Backup GPT header Guid db36cdd8-6a1-4593-82f7-fe8be9635ce3
    Backup GPT header Contains 128 partition entries starting at LBA 1465149135
    Backup GPT header Partition entry size = 128

    Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 83c608d7-5bb-4d71-b0f5-4b7b568dcecc
    FirstLBA 2048  Last LBA 821247
    Attributes 1
    Partition Name                 Basic data partition

    Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID f73e7a7d-eb43-451c-ab1b-c5fefa50a61c
    FirstLBA 821248  Last LBA 1353727
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 1 is bootable
    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID ad797736-a20a-4685-88be-71d298729a6c
    FirstLBA 1353728  Last LBA 1615871
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 318bc6ab-44d7-469d-9893-cca19ba3d3a
    FirstLBA 1615872  Last LBA 1409912831
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID fc1a2b01-b20b-4d0a-8837-4db527a39c2d
    FirstLBA 1409912832  Last LBA 1465135103
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 750156374016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/16/2014 09:47:09 AM in x64 mode.
Windows Version: Windows 8

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\system32\valWBFPolicyService.exe (PID: 2836) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 05/16/2014 09:49:40 AM
Execution time: 0 hours(s), 2 minute(s), and 30 seconds(s)


 


Edited by Queen-Evie, 16 May 2014 - 08:34 PM.
split from http://www.bleepingcomputer.com/forums/t/534111/what-software-to-remove-labsearchconduitcom/ to form a new topic


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:28 AM

Posted 16 May 2014 - 09:10 PM

Hello -

 

Download Security Check by Screen317 from HERE or HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

Next -

Please download and run RKill by Grinler.
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.

Please post the small log back here

 

 

Important: Do not reboot your computer until you complete the next step.

 

 

Now: 

Download AdwCleaner by Xplode and save to your Desktop.

•Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button. (only once)
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done you'll see: Pending: Uncheck any elements you don't want removed.
• Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.

• Look over the log especially under Files/Folders for any program you want to save.
• If there's a program you want to save, just uncheck it from AdwCleaner.
• If you're not sure, post the log for review.

• If you're ready to clean it all up.....click the Clean button. (only once)
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
• To restore an item that has been deleted (if necessary):
• Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

Next -

I would like you to use the ESET OnlineScanner -
This is best done with Internet Explorer, as it uses ActineX  with the scan
How-ever alternate directions are left for thise that will not use Internet Explorer

Please read and follow How To Temporarily Disable Your Anti-virus during the scan.

1 / Hold down Control (Ctrl) key and click on This Link to open ESET OnlineScan in a new window.
2 / Click the ESETOnliner Scanner button.
3 / For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
3.1 - / Click on This Link to download theExternal ESET Smart Installer.
3.2 - / Save it to your desktop.
4 / Double click on the  icon on your desktop.
5 / Check "YES, I accept the Terms of Use."
5 / Click the Start button.
6 / Accept any security warnings from your browser.
7 / Under scan settings, check "Scan Archives" and "Remove found threats"
8 / Click Advanced settings and select the following:
* Scan potentially unwanted applications
* Scan for potentially unsafe applications
* Enable Anti-Stealth technology
9 / ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this will take some time.
10 / When the scan completes, click List Threats
11 / Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
12 / Click the Back button.
13 / Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.

 

 

Last -

Please download Temp File Cleaner by Old Timer
Usage Instructions:

  • Download TFC from the download link above and save the file on your desktop.
  • Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
  • Double-click on the TFC icon.
  • When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
  • When done, press Exit and reboot your computer and finish the cleanup.

 

After you post those logs, please tell us how your computer problem is -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users