Jump to content

Have Google Redirect Virus - April 2012


Recommended Posts

Maniac,

Please see the log below:

MiniToolBox by Farbar Version: 18-01-2012

Ran by User (administrator) on 10-04-2012 at 00:06:46

Microsoft Windows 7 Home Premium Service Pack 1 (X86)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection 2 (Connected)

Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)

TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

reset

set global

popd

# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : User-PC

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : lan

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : TAP-Win32 Adapter V9

Physical Address. . . . . . . . . : 00-FF-19-D5-15-E1

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . : lan

Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN

Physical Address. . . . . . . . . : 00-1E-64-29-4E-76

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::bc1c:259c:9149:fb51%13(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.1.65(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : 06 April 2012 19:43:37

Lease Expires . . . . . . . . . . : 10 April 2012 15:29:45

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DHCPv6 IAID . . . . . . . . . . . : 335552100

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-BC-91-0E-00-26-2D-70-52-B7

DNS Servers . . . . . . . . . . . : 192.168.1.254

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)

Physical Address. . . . . . . . . : 00-26-2D-70-52-B7

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{19D515E1-851B-4B8B-B932-FED1713FC829}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1498:1d9f:a13d:9821(Preferred)

Link-local IPv6 Address . . . . . : fe80::1498:1d9f:a13d:9821%12(Preferred)

Default Gateway . . . . . . . . . : ::

NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.lan:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : lan

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1CAC04CD-6190-4548-83B7-7D9E69D64440}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Server: dsldevice.lan

Address: 192.168.1.254

Name: google.com

Addresses: 173.194.34.164

173.194.34.161

173.194.34.162

173.194.34.168

173.194.34.163

173.194.34.169

173.194.34.166

173.194.34.165

173.194.34.160

173.194.34.167

173.194.34.174

Pinging google.com [173.194.34.104] with 32 bytes of data:

Reply from 173.194.34.104: bytes=32 time=23ms TTL=57

Reply from 173.194.34.104: bytes=32 time=24ms TTL=57

Ping statistics for 173.194.34.104:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 23ms, Maximum = 24ms, Average = 23ms

Server: dsldevice.lan

Address: 192.168.1.254

Name: yahoo.com

Addresses: 98.139.183.24

209.191.122.70

72.30.38.140

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=145ms TTL=54

Reply from 209.191.122.70: bytes=32 time=145ms TTL=54

Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 145ms, Maximum = 145ms, Average = 145ms

Server: dsldevice.lan

Address: 192.168.1.254

Name: bleepingcomputer.com

Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

14...00 ff 19 d5 15 e1 ......TAP-Win32 Adapter V9

13...00 1e 64 29 4e 76 ......Intel® WiFi Link 1000 BGN

10...00 26 2d 70 52 b7 ......Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)

1...........................Software Loopback Interface 1

16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2

17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3

===========================================================================

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.65 26

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

192.168.1.0 255.255.255.0 On-link 192.168.1.65 281

192.168.1.65 255.255.255.255 On-link 192.168.1.65 281

192.168.1.255 255.255.255.255 On-link 192.168.1.65 281

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 192.168.1.65 281

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.1.65 281

===========================================================================

Persistent Routes:

None

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

12 58 ::/0 On-link

1 306 ::1/128 On-link

12 58 2001::/32 On-link

12 306 2001:0:5ef5:79fd:1498:1d9f:a13d:9821/128

On-link

13 281 fe80::/64 On-link

12 306 fe80::/64 On-link

12 306 fe80::1498:1d9f:a13d:9821/128

On-link

13 281 fe80::bc1c:259c:9149:fb51/128

On-link

1 306 ff00::/8 On-link

12 306 ff00::/8 On-link

13 281 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 07 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)

Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)

Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

Error: (04/09/2012 11:22:25 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".

Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (04/09/2012 11:22:00 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".

Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (04/09/2012 11:21:07 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.

The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (04/09/2012 11:20:18 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".

Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (04/09/2012 11:19:25 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".

Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (04/07/2012 02:20:51 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.

The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (04/07/2012 02:20:10 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".

Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (04/07/2012 02:19:38 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".

Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (04/05/2012 11:46:37 PM) (Source: Application Error) (User: )

Description: Faulting application name: Skype.exe, version: 5.8.0.158, time stamp: 0x4f4de709

Faulting module name: Skype.exe, version: 5.8.0.158, time stamp: 0x4f4de709

Exception code: 0xc0000005

Fault offset: 0x001e4f47

Faulting process id: 0xba8

Faulting application start time: 0xSkype.exe0

Faulting application path: Skype.exe1

Faulting module path: Skype.exe2

Report Id: Skype.exe3

Error: (04/05/2012 10:31:23 AM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.

The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

System errors:

=============

Error: (04/10/2012 00:06:35 AM) (Source: NetBT) (User: )

Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.65.

The computer with the IP address 192.168.1.66 did not allow the name to be claimed by

this computer.

Error: (04/10/2012 00:01:25 AM) (Source: NetBT) (User: )

Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.65.

The computer with the IP address 192.168.1.66 did not allow the name to be claimed by

this computer.

Error: (04/09/2012 11:56:15 PM) (Source: NetBT) (User: )

Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.65.

The computer with the IP address 192.168.1.66 did not allow the name to be claimed by

this computer.

Error: (04/09/2012 11:51:05 PM) (Source: NetBT) (User: )

Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.65.

The computer with the IP address 192.168.1.66 did not allow the name to be claimed by

this computer.

Error: (04/09/2012 11:45:55 PM) (Source: NetBT) (User: )

Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.65.

The computer with the IP address 192.168.1.66 did not allow the name to be claimed by

this computer.

Error: (04/09/2012 11:40:45 PM) (Source: NetBT) (User: )

Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.65.

The computer with the IP address 192.168.1.66 did not allow the name to be claimed by

this computer.

Error: (04/09/2012 11:35:35 PM) (Source: NetBT) (User: )

Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.65.

The computer with the IP address 192.168.1.66 did not allow the name to be claimed by

this computer.

Error: (04/09/2012 11:30:25 PM) (Source: NetBT) (User: )

Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.65.

The computer with the IP address 192.168.1.66 did not allow the name to be claimed by

this computer.

Error: (04/09/2012 11:25:15 PM) (Source: NetBT) (User: )

Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.65.

The computer with the IP address 192.168.1.66 did not allow the name to be claimed by

this computer.

Error: (04/09/2012 11:20:05 PM) (Source: NetBT) (User: )

Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.65.

The computer with the IP address 192.168.1.66 did not allow the name to be claimed by

this computer.

Microsoft Office Sessions:

=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)

Adobe Flash Player 11 ActiveX (Version: 11.1.102.63)

Apple Software Update (Version: 2.1.1.116)

BlackBerry Desktop Software 6.1 (Version: 6.1.0.36)

BlackBerry Device Software Updater (Version: 6.0.1.37)

Broadcom 802.11 Wireless LAN Adapter (Version: 4.10.47.0)

Broadcom Wireless Utility (Version: 4.10.47.0)

Cisco EAP-FAST Module (Version: 2.2.14)

D3DX10 (Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

DivX Setup (Version: 2.6.1.8)

Dropbox (Version: 1.3.34)

DVD43 v4.6.0

Google Chrome (Version: 18.0.1025.151)

GStreamer WinBuilds 0.10.6 (GPL) (Version: 0.10.6)

HandBrake 0.9.6 (Version: 0.9.6)

HP MediaSmart Server 3.0 Update 1 (Version: 3.0.14.33080)

HP Update (Version: 4.000.011.006)

Java Auto Updater (Version: 2.0.7.1)

Java 6 Update 31 (Version: 6.0.310)

Lightworks (Version: 10.0.35.0)

Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)

Mesh Runtime (Version: 15.4.5722.2)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Antimalware (Version: 3.0.8402.2)

Microsoft Application Error Reporting (Version: 12.0.6012.5000)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)

Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)

Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Security Client (Version: 2.1.1116.0)

Microsoft Security Essentials (Version: 2.1.1116.0)

Microsoft Silverlight (Version: 4.1.10111.0)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

MSVCRT (Version: 15.4.2862.0708)

Nitro Reader 2 (Version: 2.2.1.14)

Picasa 3 (Version: 3.8)

QuickTime (Version: 7.62.14.0)

Skype Click to Call (Version: 5.9.9216)

Skype™ 5.8 (Version: 5.8.158)

Spotify (Version: 0.8.2.610.g090a06f8)

TunnelBear 1.0.29 (Version: 1.0.29)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)

VLC media player 2.0.0 (Version: 2.0.0)

Windows Driver Package - Intel (NETwLv32) net (10/07/2010 13.4.0.139) (Version: 10/07/2010 13.4.0.139)

Windows Driver Package - Intel (NETwNs32) net (10/27/2011 14.3.0.6) (Version: 10/27/2011 14.3.0.6)

Windows Home Server Connector (Version: 6.0.3436.0)

Windows Live Communications Platform (Version: 15.4.3502.0922)

Windows Live Essentials (Version: 15.4.3502.0922)

Windows Live Essentials (Version: 15.4.3538.0513)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Installer (Version: 15.4.3502.0922)

Windows Live Mesh (Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)

Windows Live PIMT Platform (Version: 15.4.3508.1109)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (Version: 15.4.3502.0922)

Windows Live SOXE Definitions (Version: 15.4.3502.0922)

Windows Live UX Platform (Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)

========================= Devices: ================================

Name: catchme

Description: catchme

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer:

Service: catchme

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

========================= Memory info: ===================================

Percentage of memory in use: 39%

Total physical RAM: 1978.79 MB

Available physical RAM: 1198.13 MB

Total Pagefile: 4212.32 MB

Available Pagefile: 2832.63 MB

Total Virtual: 2047.88 MB

Available Virtual: 1933.21 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:385.96 GB) NTFS

2 Drive d: (MTD0EUF1 ) (CDROM) (Total:6.87 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\USER-PC

Administrator Guest Mcx1-USER-PC

User

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

Link to post
Share on other sites

Only problem is that I still can't turn on Windows Security Center and it won't let me run a scan of Microsoft Security Essentials. Should I re-install them?

Maybe we should proceed with that, but let's check another thing before.

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

Link to post
Share on other sites

Maniac,

Seems like I just have to re-enable Windows Security Center. Here is the log:

Farbar Service Scanner Version: 01-03-2012

Ran by User (administrator) on 11-04-2012 at 08:55:25

Running from "C:\Users\User\Downloads"

Microsoft Windows 7 Home Premium Service Pack 1 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall"=DWORD:0

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

wscsvc Service is not running. Checking service configuration:

The start type of wscsvc service is set to Disabled. The default start type is Auto.

The ImagePath of wscsvc service is OK.

The ServiceDll of wscsvc service is OK.

Windows Update:

============

File Check:

========

C:\Windows\system32\nsisvc.dll => MD5 is legit

C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit

C:\Windows\system32\dhcpcore.dll => MD5 is legit

C:\Windows\system32\Drivers\afd.sys => MD5 is legit

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit

C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\system32\dnsrslvr.dll => MD5 is legit

C:\Windows\system32\mpssvc.dll => MD5 is legit

C:\Windows\system32\bfe.dll => MD5 is legit

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit

C:\Windows\system32\SDRSVC.dll => MD5 is legit

C:\Windows\system32\vssvc.exe => MD5 is legit

C:\Windows\system32\wscsvc.dll => MD5 is legit

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\system32\wuaueng.dll => MD5 is legit

C:\Windows\system32\qmgr.dll => MD5 is legit

C:\Windows\system32\es.dll => MD5 is legit

C:\Windows\system32\cryptsvc.dll => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

Link to post
Share on other sites

Glad I could help, Alex! :)

Please uninstall ComboFix:

www.bleepingcomputer.com/combofix/how-to-use-combofix#uninstall

Next, manually delete DDS, aswMBR, GMER, Kaspersky AVP, MiniToolBox and Farbar Service Scanner.

Some malware prevention tips:

http://forums.malwarebytes.org/index.php?showtopic=104379&pid=515983&st=0entry515983

Safe surfing! :)

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.