Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DNS Issues after Virus Removal


  • Please log in to reply
20 replies to this topic

#1 Belwell

Belwell

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 15 January 2016 - 06:28 PM

Hello

 

I need some help with a computer that can totally access the internet, but will not allow me to access the internet. Pings come back from Google, Yahoo, ect. just fine, but open a web browser and I get no connection, or DNS Probe Finished NX Domain. I had a previous post in the "Am I Infected" Forum, which I semi-resolved by using the Windows repair disc. (http://www.bleepingcomputer.com/forums/t/601413/dchp-and-dns-issues-after-removing-trojan/#entry3907418)

 

 

 

Thank you in advance. 

 

 

Here is my MiniToolBox:

MiniToolBox by Farbar  Version: 02-11-2015
Ran by editor (administrator) on 15-01-2016 at 15:09:00
Running from "C:\Users\editor\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=disabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.7.254 publish=Yes
add address name="Local Area Connection" address=192.168.7.123 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : editing
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F4-6D-04-93-0D-75
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:306:8b2d:8720::19(Preferred) 
   Lease Obtained. . . . . . . . . . : Friday, January 15, 2016 6:36:28 AM
   Lease Expires . . . . . . . . . . : Sunday, February 14, 2016 6:36:28 AM
   IPv6 Address. . . . . . . . . . . : 2602:306:8b2d:8720:3c17:f189:99e0:1767(Preferred) 
   Temporary IPv6 Address. . . . . . : 2602:306:8b2d:8720:848a:5af1:6b20:1c33(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3c17:f189:99e0:1767%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.7.123(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::46e1:37ff:fec6:1900%12
                                       192.168.7.254
   DHCPv6 IAID . . . . . . . . . . . : 368340228
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-2B-4A-2D-00-1A-EF-1D-A2-92
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    google.com
Addresses:  2607:f8b0:4007:809::200e
 216.58.216.14
 
 
Pinging google.com [2607:f8b0:4007:809::200e] with 32 bytes of data:
Reply from 2607:f8b0:4007:809::200e: time=6ms 
Reply from 2607:f8b0:4007:809::200e: time=5ms 
 
Ping statistics for 2607:f8b0:4007:809::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 5ms, Maximum = 6ms, Average = 5ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
Reply from 2001:4998:58:c02::a9: time=100ms 
Reply from 2001:4998:58:c02::a9: time=100ms 
 
Ping statistics for 2001:4998:58:c02::a9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 100ms, Maximum = 100ms, Average = 100ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...f4 6d 04 93 0d 75 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.7.254    192.168.7.123    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.7.0    255.255.255.0         On-link     192.168.7.123    266
    192.168.7.123  255.255.255.255         On-link     192.168.7.123    266
    192.168.7.255  255.255.255.255         On-link     192.168.7.123    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.7.123    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.7.123    266
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0    192.168.7.254  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    266 ::/0                     fe80::46e1:37ff:fec6:1900
  1    306 ::1/128                  On-link
 12     26 2602:306:8b2d:8720::/60  fe80::46e1:37ff:fec6:1900
 12     18 2602:306:8b2d:8720::/64  On-link
 12    266 2602:306:8b2d:8720::19/128
                                    On-link
 12    266 2602:306:8b2d:8720:3c17:f189:99e0:1767/128
                                    On-link
 12    266 2602:306:8b2d:8720:848a:5af1:6b20:1c33/128
                                    On-link
 12    266 fe80::/64                On-link
 12    266 fe80::3c17:f189:99e0:1767/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/11/2016 06:51:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/11/2016 05:46:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/11/2016 05:45:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: DDAssist.exe, version: 2.5.3.476, time stamp: 0x52fabaf9
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56258e62
Exception code: 0xc0000005
Fault offset: 0x00022312
Faulting process id: 0xa5c
Faulting application start time: 0xDDAssist.exe0
Faulting application path: DDAssist.exe1
Faulting module path: DDAssist.exe2
Report Id: DDAssist.exe3
 
Error: (01/11/2016 03:15:44 PM) (Source: Application Error) (User: )
Description: Faulting application name: DDAssist.exe, version: 2.5.3.476, time stamp: 0x52fabaf9
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56258e62
Exception code: 0xc0000005
Fault offset: 0x00022312
Faulting process id: 0xce8
Faulting application start time: 0xDDAssist.exe0
Faulting application path: DDAssist.exe1
Faulting module path: DDAssist.exe2
Report Id: DDAssist.exe3
 
Error: (01/11/2016 03:15:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/11/2016 11:40:56 AM) (Source: Application Error) (User: )
Description: Faulting application name: DDAssist.exe, version: 2.5.3.476, time stamp: 0x52fabaf9
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56258e62
Exception code: 0xc0000005
Fault offset: 0x00022312
Faulting process id: 0x11e0
Faulting application start time: 0xDDAssist.exe0
Faulting application path: DDAssist.exe1
Faulting module path: DDAssist.exe2
Report Id: DDAssist.exe3
 
Error: (01/11/2016 11:38:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/09/2016 11:47:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2016 07:09:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: Photoshop.exe, version: 12.0.4.0, time stamp: 0x4d9d8f8e
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace4e7
Exception code: 0x40000015
Fault offset: 0x0000000000042686
Faulting process id: 0x200c
Faulting application start time: 0xPhotoshop.exe0
Faulting application path: Photoshop.exe1
Faulting module path: Photoshop.exe2
Report Id: Photoshop.exe3
 
Error: (01/08/2016 06:23:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: Photoshop.exe, version: 12.0.4.0, time stamp: 0x4d9d8f8e
Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace4e7
Exception code: 0x40000015
Fault offset: 0x0000000000042686
Faulting process id: 0x2120
Faulting application start time: 0xPhotoshop.exe0
Faulting application path: Photoshop.exe1
Faulting module path: Photoshop.exe2
Report Id: Photoshop.exe3
 
 
System errors:
=============
Error: (01/11/2016 07:00:05 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 192.168.7.79 with the system
having network hardware address 00-16-35-AB-7D-B0. Network operations on this system may
be disrupted as a result.
 
Error: (01/11/2016 06:55:00 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 192.168.7.79 with the system
having network hardware address 00-16-35-AB-7D-B0. Network operations on this system may
be disrupted as a result.
 
Error: (01/11/2016 06:54:06 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (01/11/2016 06:54:06 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (01/11/2016 06:51:38 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
sx64ait
 
Error: (01/11/2016 06:51:14 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn service to connect.
 
Error: (01/11/2016 06:50:44 PM) (Source: Service Control Manager) (User: )
Description: The CodeMeter Runtime Server service failed to start due to the following error: 
%%2
 
Error: (01/11/2016 06:49:01 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/11/2016 06:47:23 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 192.168.7.79 with the system
having network hardware address 00-16-35-AB-7D-B0. Network operations on this system may
be disrupted as a result.
 
Error: (01/11/2016 06:43:10 PM) (Source: Service Control Manager) (User: )
Description: The CodeMeter Runtime Server service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (01/11/2016 06:51:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/11/2016 05:46:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/11/2016 05:45:35 PM) (Source: Application Error)(User: )
Description: DDAssist.exe2.5.3.47652fabaf9ntdll.dll6.1.7601.1904556258e62c000000500022312a5c01d14cdad1067271C:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exeC:\Windows\SysWOW64\ntdll.dll2bbab436-b8ce-11e5-a470-f46d04930d75
 
Error: (01/11/2016 03:15:44 PM) (Source: Application Error)(User: )
Description: DDAssist.exe2.5.3.47652fabaf9ntdll.dll6.1.7601.1904556258e62c000000500022312ce801d14cc5e9c405e4C:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exeC:\Windows\SysWOW64\ntdll.dll3cb769ca-b8b9-11e5-a153-f46d04930d75
 
Error: (01/11/2016 03:15:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/11/2016 11:40:56 AM) (Source: Application Error)(User: )
Description: DDAssist.exe2.5.3.47652fabaf9ntdll.dll6.1.7601.1904556258e62c00000050002231211e001d14ca7c36c082cC:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exeC:\Windows\SysWOW64\ntdll.dll3b31a5a2-b89b-11e5-a2de-f46d04930d75
 
Error: (01/11/2016 11:38:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/09/2016 11:47:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2016 07:09:17 PM) (Source: Application Error)(User: )
Description: Photoshop.exe12.0.4.04d9d8f8eMSVCR90.dll9.0.30729.61614dace4e7400000150000000000042686200c01d14a8b1959713bC:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exeC:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll5dce4a50-b67e-11e5-acdc-f46d04930d75
 
Error: (01/08/2016 06:23:52 PM) (Source: Application Error)(User: )
Description: Photoshop.exe12.0.4.04d9d8f8eMSVCR90.dll9.0.30729.61614dace4e7400000150000000000042686212001d14a849d6e47feC:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exeC:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll05d80ffb-b678-11e5-acdc-f46d04930d75
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-07-31 03:59:45.755
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-07-31 03:59:45.755
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-07-31 03:59:45.755
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-07-31 03:59:45.739
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-07-31 03:59:45.692
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-07-31 03:59:45.677
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-07-31 03:59:45.661
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-07-31 03:59:45.646
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-07-31 03:59:30.888
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-07-31 03:59:30.888
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
 
=========================== Installed Programs ============================
 
3ivx D4 4.5.1 Decoder (remove only) (HKLM-x32\...\3ivx D4 4.5.1 Decoder) (Version: 4.5.1 - 3ivx Technologies, Pty. Ltd.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.0.501 - ABBYY Production LLC)
Ac3Tool (remove only) (HKLM-x32\...\Ac3Tool) (Version:  - )
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.2.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Audition CS5.5 (HKLM-x32\...\{D5B1535A-FDFC-4B40-B2E2-21DA83D9CB57}) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Design Premium (HKLM-x32\...\{A1BC7068-C1BA-410F-8B9A-DB807C803DE2}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.2.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.5 64-bit (HKLM\...\{19BBD0F3-7A31-480D-8A23-19AE28035E9C}) (Version: 5.5.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.2.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Auto Screenshot Maker 3.0 (HKLM-x32\...\{6C9A0BF3-CE9C-4830-A26F-46AE774352C6}_is1) (Version:  - AutoScreenshotMaker)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AutoHotkey 1.1.09.04 (HKLM\...\AutoHotkey) (Version: 1.1.09.04 - Lexikos)
Avid Codecs LE (HKLM-x32\...\{A876EBF9-9046-4953-888D-8A60B8777027}) (Version: 2.3.7 - Avid Technology, Inc.)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Awesome Duplicate Photo Finder v. 1.1 (HKLM-x32\...\Awesome Duplicate Photo Finder_is1) (Version:  - Duplicate-Finder.com)
BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 1.1.48 - )
Blackmagic Design Desktop Video (HKLM-x32\...\{FDCB61B9-E496-47DA-9792-606A0FC778EA}) (Version: 10.2.2.0 - Blackmagic Design)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnAware Free 8.3 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canopus DV Codec (HKLM-x32\...\Canopus DV Codec) (Version:  - )
Canopus DV File Converter (HKLM-x32\...\{595B0821-BEDB-4C5C-A9A9-87B8377A70FD}) (Version:  - )
CanoScan 8800F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805) (Version:  - )
CanoScan 9000F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq9602) (Version:  - )
CDDRV_Installer (HKLM\...\{0C826C5B-B131-423A-A229-C71B3CACCD6A}) (Version: 4.60 - Logitech) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{F82C81F9-ADB5-42BD-AFE9-DD5DFDD215E3}) (Version: 1.0.135 - Citrix)
ClickOff version 1.90 (HKLM-x32\...\ClickOff_is1) (Version:  - )
CopyTrans Control Center Uninstall Only (HKCU\...\CopyTrans Suite) (Version: 3.01 - WindSolutions)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Diagnostics (HKLM-x32\...\Diagnostics 4_5) (Version: 5.11 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 8 - Illustrate)
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 14.3 - Illustrate)
D-Link SmartConsole Utility (HKLM-x32\...\{4FCE40BB-5BD6-43C9-8DAD-5B0551D8DF0C}) (Version: 3.00.10 - D-Link) Hidden
D-Link SmartConsole Utility (HKLM-x32\...\InstallShield_{4FCE40BB-5BD6-43C9-8DAD-5B0551D8DF0C}) (Version: 3.00.10 - D-Link)
Drobo Dashboard (HKLM-x32\...\{333B10B5-5DD1-44C0-891C-9738FDE14CC2}) (Version: 2.5.3 - Drobo)
Dropbox (HKCU\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
DropFolders (HKLM-x32\...\{025AFAA2-0948-9E78-FF37-9DA83B258157}) (Version: 1.1.63 - Joseph Labrecque) Hidden
DropFolders (HKLM-x32\...\edu.du.ctl.DropFolders) (Version: 1.1.63 - Joseph Labrecque)
DVD Architect Pro 5.2 (HKLM-x32\...\{C5E0CB10-C275-11DF-B3A6-0013D3D69929}) (Version: 5.2.124 - Sony)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDVob2Mpg 2.0 (HKLM-x32\...\DVDVob2Mpg_is1) (Version: 2.0 - Smart Projects)
EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
elastiquePro V2 (HKLM-x32\...\{007D8BEE-3D5F-4972-8F1D-9A95DFCDE0A3}) (Version: 2.0.0 - zplane.development)
E-MU USB Audio (HKLM-x32\...\{1C99893D-BC98-4456-AA3E-B67AB42301A6}) (Version: 1.0 - )
EPSON Artisan 50 Series Printer Uninstall (HKLM\...\EPSON Artisan 50 Series) (Version:  - SEIKO EPSON Corporation)
erLT (HKLM-x32\...\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}) (Version: 1.20.0137 - Logitech, Inc.) Hidden
ffdshow (remove only) (HKLM-x32\...\ffdshow) (Version:  - )
Find Folders That Do or Do Not Contain Certain Files or Folders Software (HKLM-x32\...\Find Folders That Do or Do Not Contain Certain F~012AA9C5_is1) (Version:  - Sobolsoft)
FLAC to MP3 Converter 6.1.7 (HKLM-x32\...\DD4F47DF-6540-4BDA-BEAD-2B19250B0C48_is1) (Version:  - Accmeware Corporation)
FolderSizes 7 (HKLM\...\{057F1AEF-2E27-441F-AF9B-A3A622DE1E5B}) (Version: 7.5.30 - Key Metric Software)
FreeFileSync 6.0 (HKLM-x32\...\FreeFileSync) (Version: 6.0 - Zenju)
Google Chrome (HKCU\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 5.4.0.1082 (HKCU\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
HB BatchEncoder (HKLM-x32\...\HB BatchEncoder) (Version: 2.3.0 - Videoscripts)
HB WatchFolder (HKLM-x32\...\HB WatchFolder) (Version: 2.2.0 - Videoscripts)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 2.02 - Creative Technology Limited)
hueyPRO 1.5.0 (HKLM-x32\...\huey_is1) (Version:  - Pantone & X-Rite)
InfraRecorder (HKLM-x32\...\InfraRecorder) (Version:  - Christian Kindahl)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Java 8 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418000FF}) (Version: 8.0.0 - Oracle Corporation)
Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
JDiskReport 1.4.0 (HKLM-x32\...\JDiskReport 1.4.0) (Version: 1.4.0 (2012-01-20 11:38:43) - JGoodies Karsten Lentzsch)
join.me (HKCU\...\JoinMe) (Version: 1.14.0.138 - LogMeIn, Inc.)
Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.3.0.2 - Karen Kenworthy)
Karen's Replicator (HKLM-x32\...\Karen's Replicator) (Version: 3.6.0.9 - Karen Kenworthy)
KhalInstallWrapper (HKLM\...\{F3F18612-7B5D-4C05-86C9-AB50F6F71727}) (Version: 2.00.0000 - Logitech) Hidden
LAN Search Pro 9.1.1 (HKLM\...\LAN Search Pro_is1) (Version:  - Softperfect Research)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
LogMeIn (HKLM-x32\...\{CB7AF84A-1B7F-4C6B-8A58-EB7CDE48C23A}) (Version: 4.1.3268 - LogMeIn, Inc.)
LogMeIn Client (HKLM-x32\...\{D2300C4F-CC9B-4D00-BC53-B4C806A6C7AB}) (Version: 1.3.1675 - LogMeIn, Inc.)
Memorex exPressit Label Design Studio (HKLM-x32\...\MVApplication1) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 en-US)) (Version: 17.0.8 - Mozilla)
Mp3tag v2.70 (HKLM-x32\...\Mp3tag) (Version: v2.70 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Neat Video v3.5.0 Demo plug-in for Sony Vegas (64-bit) (HKLM\...\Neat Video for Sony Vegas_is1) (Version:  - Neat Video team, ABSoft)
Nikon Scan (HKLM-x32\...\{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}) (Version: 4.0 - )
Noise Reduction Plug-in 2.0i (HKLM-x32\...\{DC35AABA-EA0A-41C1-8462-F60A201DFF9B}) (Version: 2.0.455 - Sony)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team)
NVIDIA Graphics Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version:  - Photodex Corporation)
Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
Python 3.4.0 (64-bit) (HKLM\...\{863162a8-ecc2-35ea-bdf7-e09ac456e164}) (Version: 3.4.150 - Python Software Foundation)
QQGetTray (HKLM-x32\...\{9A6E6C3A-A49F-4D66-A694-E77C8B50D0C0}) (Version: 2.1.0.0 - Broadex Systems Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTime Alternative 1.81 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 1.81 - )
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Remove Empty Directories version 2.2 (Admin Editon) (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 (Admin Editon) - Jonas John)
ReNamer (HKLM-x32\...\ReNamer_is1) (Version: 5.60 - Denis Kozlov)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
RNX-N180UBE 11n USB Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0142 - Rosewill Corp.)
Sony TapeTool (HKLM-x32\...\{6BEDCA4D-9907-4F5D-8E72-7BA3CCA22245}) (Version: 1.020 - Sony Electronics, Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49 (HKLM-x32\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2011.build.49 - eRightSoft)
SUPER © v2012.build.52 (July 7, 2012) version v2012.build.52 (HKLM-x32\...\{8F311E2E-C275-4CF0-8154-B63991832668}_is1) (Version: v2012.build.52 - eRightSoft)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Vegas Pro 10.0 (64-bit) (HKLM\...\{7A92C561-A1D5-11E0-92E1-0013D3D69929}) (Version: 10.0.738 - Sony)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM\...\{3814DB30-091D-11E4-BDE0-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Vegasaur 1.9.2 (HKLM\...\Vegasaur_is1) (Version:  - Vegasaur.com)
Vegasaur 2.2 (HKLM\...\Vegasaur2_is1) (Version:  - Vegasaur.com)
Veggie Toolkit 3.0h (HKLM-x32\...\Veggie Toolkit 3.0) (Version: Version 3.0h - Peach Rock Productions, LLC.)
Verint Codec Install (HKLM-x32\...\{3038191A-5316-4203-A57C-E8C144FA909F}) (Version: 1.00.0000 - Verint Video Solutions)
VisiPics V1.30 (HKLM-x32\...\VisiPics_is1) (Version:  - Ozone)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VOB2MPG v3 (HKLM-x32\...\{908B5359-244E-4E09-AA9F-DBF240679B46}) (Version: 3.2.2000 - BadgerIT)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.50 - VSO Software)
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
WaveView (HKLM-x32\...\ST5UNST #1) (Version:  - )
Window On Top version 3.8 (HKCU\...\{7F2C28D2-EE31-49A5-94F2-67285DAE372B}_is1) (Version: 3.8 - Skybn Software)
Windows Movie Maker 6.1 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2557A92C7}}_is1) (Version:  - windows-movie-maker.org)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinThruster (HKLM-x32\...\WinThruster_is1) (Version: 1.79 - solvusoft Corporation)
 
========================= Devices: ================================
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 28%
Total physical RAM: 8191.18 MB
Available physical RAM: 5876.94 MB
Total Virtual: 16380.56 MB
Available Virtual: 14224.08 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:232.79 GB) (Free:10.73 GB) NTFS
3 Drive e: (Customers) (Fixed) (Total:1397.25 GB) (Free:76.64 GB) NTFS
4 Drive f: (Renders) (Fixed) (Total:1397.25 GB) (Free:23.38 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\EDITING
 
Administrator            editor                   Guest                    
LogMeInRemoteUser        UpdatusUser              
 
========================= Minidump Files ==================================
 
C:\Windows\Minidump\010213-19640-01.dmp
C:\Windows\Minidump\011113-29406-01.dmp
C:\Windows\Minidump\012013-16255-01.dmp
C:\Windows\Minidump\012813-28423-01.dmp
C:\Windows\Minidump\020112-18782-01.dmp
C:\Windows\Minidump\040215-104411-01.dmp
C:\Windows\Minidump\041413-363482-01.dmp
C:\Windows\Minidump\050213-27019-01.dmp
C:\Windows\Minidump\050313-22198-01.dmp
C:\Windows\Minidump\050313-23680-01.dmp
C:\Windows\Minidump\050713-26769-01.dmp
C:\Windows\Minidump\062313-21294-01.dmp
C:\Windows\Minidump\062813-34647-01.dmp
C:\Windows\Minidump\070213-24320-01.dmp
C:\Windows\Minidump\070213-24429-01.dmp
C:\Windows\Minidump\070313-16863-01.dmp
C:\Windows\Minidump\070713-40638-01.dmp
C:\Windows\Minidump\070813-43836-01.dmp
C:\Windows\Minidump\080413-57002-01.dmp
C:\Windows\Minidump\082213-26910-01.dmp
C:\Windows\Minidump\091113-49670-01.dmp
C:\Windows\Minidump\092112-23134-01.dmp
C:\Windows\Minidump\092513-25069-01.dmp
C:\Windows\Minidump\092613-22838-01.dmp
C:\Windows\Minidump\100413-25864-01.dmp
C:\Windows\Minidump\100613-18891-01.dmp
C:\Windows\Minidump\101713-22386-01.dmp
C:\Windows\Minidump\102113-46659-01.dmp
C:\Windows\Minidump\110712-42993-01.dmp
C:\Windows\Minidump\110911-21106-01.dmp
C:\Windows\Minidump\110911-22245-01.dmp
C:\Windows\Minidump\111612-20280-01.dmp
C:\Windows\Minidump\112612-21403-01.dmp
C:\Windows\Minidump\121813-55411-01.dmp
========================= Restore Points ==================================
 
10-01-2016 08:00:00 Scheduled Checkpoint
11-01-2016 19:48:24 Windows Update
12-01-2016 01:41:54 Installed Microsoft Fix it 50267
12-01-2016 02:15:28 WinThruster Mon, Jan 11, 16  18:15
15-01-2016 03:07:24 Windows Update
 
**** End of log ****
 


BC AdBot (Login to Remove)

 


#2 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,712 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:54 PM

Posted 15 January 2016 - 06:36 PM

Please go through each step here :

 

Credit: quietman7 ..All possibilities for lost internet connection after running adware cleaner....or any other reason...

http://www.bleepingcomputer.com/forums/t/563709/cannot-connect-to-internet-browsers-after-using-awdcleaner/#entry3600427


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

 

 

 

 

 


#3 packetanalyzer

packetanalyzer

  • Members
  • 954 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:54 PM

Posted 15 January 2016 - 06:56 PM

Belwell,

 

Out of curiosity what kind of router do you have?

 

I see three occurrences of the below error in you MTB log.

The system detected an address conflict for IP address 192.168.7.79 with the system
having network hardware address 00-16-35-AB-7D-B0. Network operations on this system may
be disrupted as a result.

How many other computers do you have on the network?


Edited by packetanalyzer, 15 January 2016 - 06:56 PM.


#4 Belwell

Belwell
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 15 January 2016 - 07:50 PM

Thanks Condobloke, but I've been through all of those. 

 

ATT Fiber Router/Modem and about 30 other computers on the network. I'm pretty sure those IP conflicts are just me typing in a number already in use. Thanks for trying though. 



#5 packetanalyzer

packetanalyzer

  • Members
  • 954 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:54 PM

Posted 15 January 2016 - 08:03 PM

 

I'm pretty sure those IP conflicts are just me typing in a number already in use.

 

Please try the following and let us know if you are able to get to www.google.com using your web browser.

 

  1. Change your static IP to a dynamic IP OR select a static IP that is not being used by anything else on the network
  2. Right click cmd.exe and select Run as Administrator
  3. Run ipconfig /flushdns
  4. Run ipconfig /registerdns
  5. Run netsh interface ip delete arpcache

 

Please let me know if you have any questions about those instructions.

 

Thanks,

 

packetanalyzer



#6 Belwell

Belwell
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 15 January 2016 - 09:15 PM

Hey packetanalyzer, 

 

No luck.

I've spent a bit going through these forums and others, so most obvious solutions I've tried, but I am willing to try again as I'm sure something may have changed. 

 

Not sure if this has anything to do with it, but more info about Malware and removal. After about 1 week dealing with the Malware, my copy of Windows somehow was unregistered and now it pops up with the "This copy of Windows is not genuine" prompt box. I figured I would wait to fix that until after I get everything else fixed. That shouldn't effect any DNS routing right? 

 

Again thanks Y'all for the help!



#7 Belwell

Belwell
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 15 January 2016 - 09:18 PM

P.S. In my searching for a fix I found this post LINK. This seemed most like the issue I was having. I didn't want to try the fix that Nasdaq offered guessing that it was a tailored fix, rather than a fix all. Anyone know if this fix would work for me? 



#8 packetanalyzer

packetanalyzer

  • Members
  • 954 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:54 PM

Posted 15 January 2016 - 09:23 PM

Belwell,

 

I understand what Nasdaq did and I believe we can go through the same process (but not the exact same fix) and it might solve your problem. I am a student in BC's Malware Removal Training Program so generally we are discouraged from using FRST until we get to a particular level. I am going to ask for permission and if I am allowed I will see about making a fix for you.



#9 packetanalyzer

packetanalyzer

  • Members
  • 954 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:54 PM

Posted 16 January 2016 - 10:46 AM

Belwell,

 

Just to make sure we have covered all of our bases, would you please unplug your router for 30 seconds, plug it back in, and then restart your computer?



#10 Jo*

Jo*

  • Malware Response Team
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:54 AM

Posted 16 January 2016 - 11:14 AM

P.S. In my searching for a fix I found this post LINK. This seemed most like the issue I was having. I didn't want to try the fix that Nasdaq offered guessing that it was a tailored fix, rather than a fix all. Anyone know if this fix would work for me?

It cannot work for you.
The ClassIDs are machine specific and the NameServer values too; at the other topic the value was corrupted, it was a blank character " "

There are some topics about DNS around here, but each one has another reason and a diffferent solution.

Your helpers should try to find out what your problem really is.

- bad NameServer value(s)?
- patched/bad files which are related to DNS
- something else

Edited by Jo*, 16 January 2016 - 11:17 AM.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:54 PM

Posted 16 January 2016 - 11:19 AM

Have you tried connecting with browsers in Safe Mode w/ Networking? That may give us some clues if it works there but not Normal mode.


logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#12 Belwell

Belwell
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 18 January 2016 - 06:53 PM

Good call Demonslay335!

 

Safemode w/ Networking works just fine, no problems at all. 

 

Where does that put us?



#13 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:54 PM

Posted 18 January 2016 - 06:55 PM

That suggests a startup program is the culprit for sure. Check startups and look for anything suspicious. I know CCleaner has a good startups viewer that I use, but I'm sure the Malware team can suggest a better way of posting a list.


logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#14 Jo*

Jo*

  • Malware Response Team
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:54 AM

Posted 19 January 2016 - 11:39 AM

1) which virus was removed? do you have that scan log?

2) which removal tool was used, that cut your Internet access?

3) did you reset your router, which was instructed earlier?

4) which browser do you use? have all browsers the Internet Connection Problem?

---

Scan with SystemLook
  • Please download SystemLook (32-bit) by jpshortstuff and save it to your desktop
  • Please download SystemLook (64-bit) by jpshortstuff and save it to your desktop For 64-bit users
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following code box into the main textfield:
:reg 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

:regfind
Unlocker
System32\Tasks
Windows\Tasks
NameServer
DhcpNameServer

  • Click the Look button to start the scan (may take 5 ... 15 min.)
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
  • Please copy and paste the log to your reply.

Edited by Jo*, 19 January 2016 - 11:40 AM.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#15 Belwell

Belwell
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 08 February 2016 - 02:32 PM

1) Trojan:Win64/Patched.AZ.gen!dll

2) See Previous thread (http://www.bleepingcomputer.com/forums/t/601413/dchp-and-dns-issues-after-removing-trojan/#entry3907418)

3) Yes

4) Firefox, Chrome, IE all same problem. 

 

System look Log as follows:

SystemLook 30.07.11 by jpshortstuff
Log created at 11:24 on 08/02/2016 by editor
Administrator - Elevation successful
 
========== reg ==========
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=""C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey"
"Blackmagic Streaming Server"="C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\BMDStreamingServer.exe"
"Blackmagic CheckVersion PCI"="C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersionPCI.exe"
 
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AMP WinOFF"="c:\program files (x86)\amp winoff\winoff.exe -quiet"
 
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(No values found)
 
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
(No values found)
 
 
========== regfind ==========
 
Searching for "Unlocker"
No data found.
 
Searching for "System32\Tasks"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32]
@="C:\Windows\system32\taskschd.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C86F320-DEE3-4DD1-B972-A303F26B061E}\InprocServer32]
@="C:\Windows\system32\TaskSchdPS.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{e34cb9f1-c7f7-424c-be29-027dcc09363a}\1.0\0\win64]
@="C:\Windows\system32\taskschd.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{e34cb9f1-c7f7-424c-be29-027dcc09363a}\1.0\0\win64]
@="C:\Windows\system32\taskschd.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{e34cb9f1-c7f7-424c-be29-027dcc09363a}\1.0\0\win64]
@="C:\Windows\system32\taskschd.dll"
 
Searching for "Windows\Tasks"
No data found.
 
Searching for "NameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{0B0E21F8-C5F3-4905-A1F3-C9C98F17509D}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{7D79BACB-8A81-4E81-A0DA-A95210E04148}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT\Parameters\Interfaces\Tcpip_{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{0B0E21F8-C5F3-4905-A1F3-C9C98F17509D}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7D79BACB-8A81-4E81-A0DA-A95210E04148}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{0b0e21f8-c5f3-4905-a1f3-c9c98f17509d}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{1de96192-259b-4c52-ba9e-3c0618a4009d}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{7d79bacb-8a81-4e81-a0da-a95210e04148}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6\Parameters\Interfaces\{a02eb544-0167-4df0-ab55-c7dd1f3ed735}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{0B0E21F8-C5F3-4905-A1F3-C9C98F17509D}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{7D79BACB-8A81-4E81-A0DA-A95210E04148}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NetBT\Parameters\Interfaces\Tcpip_{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{0B0E21F8-C5F3-4905-A1F3-C9C98F17509D}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7D79BACB-8A81-4E81-A0DA-A95210E04148}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{0b0e21f8-c5f3-4905-a1f3-c9c98f17509d}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{1de96192-259b-4c52-ba9e-3c0618a4009d}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{7d79bacb-8a81-4e81-a0da-a95210e04148}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\TCPIP6\Parameters\Interfaces\{a02eb544-0167-4df0-ab55-c7dd1f3ed735}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{0B0E21F8-C5F3-4905-A1F3-C9C98F17509D}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{7D79BACB-8A81-4E81-A0DA-A95210E04148}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"NameServerList"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0B0E21F8-C5F3-4905-A1F3-C9C98F17509D}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7D79BACB-8A81-4E81-A0DA-A95210E04148}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{0b0e21f8-c5f3-4905-a1f3-c9c98f17509d}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{1de96192-259b-4c52-ba9e-3c0618a4009d}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{7d79bacb-8a81-4e81-a0da-a95210e04148}]
"NameServer"=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\Interfaces\{a02eb544-0167-4df0-ab55-c7dd1f3ed735}]
"NameServer"=""
 
Searching for "DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\44]
"RegLocation"="SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_?\DhcpNameServerList SYSTEM\CurrentControlSet\Services\NetBT\Adapters\?\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dhcp\Parameters\Options\6]
"RegLocation"="SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpNameServer SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"="192.168.7.254"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{A02EB544-0167-4DF0-AB55-C7DD1F3ED735}]
"DhcpNameServer"="192.168.7.254"
 
-= EOF =-





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users