Jump to content

Montano5

Honorary Members
  • Posts

    61
  • Joined

  • Last visited

Reputation

0 Neutral
  1. that did not work I tried to recover it with and with out the discs but it keeps saying : Windows has failed to start. A recent hardware or software change might be the cause. To fix the problem: 1. Insert your windows installation disc and restart your computer. 2. Choose language settings, and then click "next" 3.Click "repair your computer" If you do not have the disc, contact your system administrator or computer manufacturer for assistance. Status:0xc000000f Info: the boot selection failed because a required device is inaccessible. enter to continue or esc to exit when I hit enter it gives me another black page Choose an operating system to start, or press TAB to select a tool: (Use the arrow keys to highlight your choice, then press ENTER.) WINDOWS setup [EMS Enabled] > - this option is highlighted automatically To specify an advanced option for this choice, press F8. ( This is only visable when the Windows setup ^ thingy is highlighted) Tools: WINDOWS Memory Diagnostic ENTER= CHOOSE TAB=MENU ESC= CANCEL I have pressed enter, f8 and tab all it does is keeps going back and forth between this two pages I have also tried using esc to start system recovery without discs it stills goes back to the first black page my computer can still start up normally and nothing has changed as far as my connection goes so I was wondering if you have any suggestions as what I should do now I obviously dont have time to order the discs from hp.
  2. I really need to have my Internet working I am leaving for Mexico in a few days and I wanted to be able to use Skype to talk to my kids everyday I would even be willing to wipe my computer if u think this will work its just I Dnt have the disc that came with my computer so if you know how to do this can you help me with that? I really appreciate everything you have done so far and thank you
  3. No it still says problem with driver for wireless adapter and little to no connectivety. Farbar Service Scanner Version: 09-06-2012 Ran by MONTANO (administrator) on 01-07-2012 at 02:12:26 Running from "C:\Users\MONTANO\Desktop\COMPUTER SCANNERS" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. There is no connection to network. Google IP is accessible. Attempt to access Google.com returned error: Other errors Yahoo IP is accessible. Attempt to access Yahoo.com returned error: Other errors Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is OK. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is OK. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv service is OK. Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
  4. ComboFix 12-06-28.03 - MONTANO 06/29/2012 19:02:28.5.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1790.924 [GMT -5:00] Running from: F:\ComboFix.exe AV: Defender Pro Antivirus *Disabled/Outdated* {50909708-FF80-02AF-F814-B28405891E92} FW: Defender Pro Firewall *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9} SP: Defender Pro Antispyware *Disabled/Outdated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\MONTANO\BITDCA8.tmp c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini c:\windows\system32\dds_trash_log.cmd c:\windows\system32\drivers\etc\hosts.ics . . ((((((((((((((((((((((((( Files Created from 2012-05-28 to 2012-06-30 ))))))))))))))))))))))))))))))) . . 2012-06-30 00:24 . 2012-06-30 00:24 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-06-30 00:24 . 2012-06-30 00:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-06 21:15 . 2012-06-06 21:15 -------- d-----w- c:\users\MONTANO\AppData\Roaming\Defender Pro 2012-06-06 21:15 . 2012-06-06 21:15 -------- d-----w- c:\programdata\Defender Pro 2012-06-06 21:13 . 2011-07-23 01:20 288600 ----a-w- c:\windows\system32\drivers\trufos.sys 2012-06-06 21:13 . 2011-03-24 20:36 431176 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys 2012-06-06 19:52 . 2012-06-06 19:52 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-06-06 19:39 . 2012-06-06 19:39 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-06-06 19:39 . 2012-06-06 19:39 -------- d-----w- c:\program files (x86)\Oracle 2012-06-06 19:38 . 2012-04-04 23:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-06-05 21:00 . 2012-05-15 06:41 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4CF6E558-B65F-4676-B1A0-D23688A4283D}\mpengine.dll 2012-06-01 17:56 . 2012-06-01 17:56 -------- d-----w- c:\program files (x86)\ESET 2012-06-01 03:06 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-01 03:06 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-06-01 03:06 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-06-01 03:06 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-24 15:54 . 2012-04-05 04:24 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-24 15:54 . 2011-05-18 01:42 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-24 15:53 . 2012-05-14 00:51 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-19 01:56 . 2012-04-19 01:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2012-04-19 01:56 . 2012-04-19 01:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts 2012-04-04 23:47 . 2010-10-12 10:51 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-06-19_23.50.46 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-03 14:23 . 2012-06-28 19:38 81914 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-06-29 23:42 50060 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2012-06-19 23:20 50060 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-12-27 10:54 . 2012-06-29 23:42 29052 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-930483190-3313529808-3006562705-1000_UserData.bin + 2009-07-22 23:24 . 2009-07-22 23:24 97792 c:\windows\system32\RTNUninst64.dll + 2009-07-14 05:30 . 2012-06-26 11:31 86016 c:\windows\system32\DriverStore\infpub.dat - 2009-07-14 05:30 . 2012-06-10 02:28 86016 c:\windows\system32\DriverStore\infpub.dat + 2009-07-22 23:24 . 2009-07-22 23:24 97792 c:\windows\system32\DriverStore\FileRepository\netrtx64.inf_amd64_neutral_f9e57a11458a56da\RTNUninst64.dll + 2009-03-05 19:54 . 2009-03-05 19:54 67584 c:\windows\system32\DriverStore\FileRepository\netrtx64.inf_amd64_neutral_f9e57a11458a56da\RtNicProp64.dll + 2009-12-26 21:31 . 2012-06-26 12:44 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-26 21:31 . 2012-06-12 22:51 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-12-26 21:31 . 2012-06-12 22:51 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-12-26 21:31 . 2012-06-26 12:44 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-06-12 22:51 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-06-26 12:44 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:46 . 2012-06-27 21:17 91888 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2012-06-26 13:32 . 2012-06-26 13:32 14534 c:\windows\Installer\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}\SystemFoldermsiexec.exe + 2012-06-20 06:40 . 2012-06-20 06:40 98304 c:\windows\Installer\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\HPSF.exe2_2EBA634C3DB04BEC8765F065A06AB6AA.exe + 2012-06-20 06:40 . 2012-06-20 06:40 98304 c:\windows\Installer\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\HPSF.exe1_5321553C1DE9413FB5EC5DBF79DC538E.exe + 2012-06-20 06:40 . 2012-06-20 06:40 98304 c:\windows\Installer\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\HPSF.exe_01B09B243E324170B7925EAE4C76365E.exe + 2012-06-20 06:40 . 2012-06-20 06:40 98304 c:\windows\Installer\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\ARPPRODUCTICON.exe + 2012-06-20 06:44 . 2009-11-04 19:56 10752 c:\windows\Help\OEM\Scripts\SolExternalHDD.exe - 2011-08-22 01:45 . 2009-11-04 19:56 10752 c:\windows\Help\OEM\Scripts\SolExternalHDD.exe + 2012-06-20 06:44 . 2010-11-20 00:03 34164 c:\windows\Help\OEM\Scripts\scriptLibrary.dat - 2011-08-22 01:45 . 2010-11-20 00:03 34164 c:\windows\Help\OEM\Scripts\scriptLibrary.dat + 2012-06-20 06:44 . 2010-07-16 19:51 14904 c:\windows\Help\OEM\Scripts\LaunchHPForums.exe - 2011-08-22 01:44 . 2010-07-16 19:51 14904 c:\windows\Help\OEM\Scripts\LaunchHPForums.exe + 2012-06-20 06:44 . 2009-11-04 15:49 49152 c:\windows\Help\OEM\Scripts\Interop.TaskScheduler.dll - 2011-08-22 01:44 . 2009-11-04 15:49 49152 c:\windows\Help\OEM\Scripts\Interop.TaskScheduler.dll - 2011-08-22 01:44 . 2009-11-04 19:24 55560 c:\windows\Help\OEM\Scripts\HPSAUpdaterObj.exe + 2012-06-20 06:44 . 2009-11-04 19:24 55560 c:\windows\Help\OEM\Scripts\HPSAUpdaterObj.exe + 2012-06-20 06:44 . 2009-10-12 19:45 23816 c:\windows\Help\OEM\Scripts\HPSAScript.exe - 2011-08-22 01:44 . 2009-10-12 19:45 23816 c:\windows\Help\OEM\Scripts\HPSAScript.exe - 2011-08-22 01:44 . 2010-10-27 18:28 11320 c:\windows\Help\OEM\Scripts\HPSARedirectorLauncher.exe + 2012-06-20 06:44 . 2010-10-27 18:28 11320 c:\windows\Help\OEM\Scripts\HPSARedirectorLauncher.exe + 2012-06-20 06:44 . 2009-01-16 14:32 20232 c:\windows\Help\OEM\Scripts\HC_checkMUI.dll - 2011-08-22 01:44 . 2009-01-16 14:32 20232 c:\windows\Help\OEM\Scripts\HC_checkMUI.dll - 2011-08-22 01:44 . 2011-04-27 15:36 21048 c:\windows\Help\OEM\Scripts\checkMui.dll + 2012-06-20 06:44 . 2011-04-27 15:36 21048 c:\windows\Help\OEM\Scripts\checkMui.dll - 2011-08-22 01:38 . 2011-08-22 01:38 92728 c:\windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll + 2012-06-20 06:40 . 2012-06-20 06:40 92728 c:\windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll - 2011-08-22 01:38 . 2011-08-22 01:38 98872 c:\windows\assembly\GAC_MSIL\HP.SupportFramework.Logging\1.0.0.0__a5a013d267b3a679\HP.SupportFramework.Logging.dll + 2012-06-20 06:40 . 2012-06-20 06:40 98872 c:\windows\assembly\GAC_MSIL\HP.SupportFramework.Logging\1.0.0.0__a5a013d267b3a679\HP.SupportFramework.Logging.dll + 2012-06-20 06:40 . 2012-06-20 06:40 22584 c:\windows\assembly\GAC_MSIL\HP.SupportFramework.Communicator\1.0.0.0__370cd15173f7ac8f\HP.SupportFramework.Communicator.dll - 2011-08-22 01:38 . 2011-08-22 01:38 22584 c:\windows\assembly\GAC_MSIL\HP.SupportFramework.Communicator\1.0.0.0__370cd15173f7ac8f\HP.SupportFramework.Communicator.dll - 2011-08-22 01:38 . 2011-08-22 01:38 13368 c:\windows\assembly\GAC_MSIL\HP.SupportAssistant\6.0.1.1__ff8a51a3dda870ab\HP.SupportAssistant.dll + 2012-06-20 06:40 . 2012-06-20 06:40 13368 c:\windows\assembly\GAC_MSIL\HP.SupportAssistant\6.0.1.1__ff8a51a3dda870ab\HP.SupportAssistant.dll - 2011-08-22 01:38 . 2011-08-22 01:38 25144 c:\windows\assembly\GAC_MSIL\HP.SupportAssistant.ServiceManager\6.0.1.1__afd7346f05a57c11\HP.SupportAssistant.ServiceManager.dll + 2012-06-20 06:40 . 2012-06-20 06:40 25144 c:\windows\assembly\GAC_MSIL\HP.SupportAssistant.ServiceManager\6.0.1.1__afd7346f05a57c11\HP.SupportAssistant.ServiceManager.dll + 2012-06-20 06:40 . 2012-06-20 06:40 74296 c:\windows\assembly\GAC_MSIL\HP.SupportAssistant.Common\6.0.1.1__41bdec5abf54f6dc\HP.SupportAssistant.Common.dll + 2012-06-20 06:40 . 2012-06-20 06:40 36920 c:\windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll - 2011-08-22 01:38 . 2011-08-22 01:38 36920 c:\windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll - 2011-08-22 01:38 . 2011-08-22 01:38 77368 c:\windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll + 2012-06-20 06:40 . 2012-06-20 06:40 77368 c:\windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll - 2012-06-19 23:18 . 2012-06-19 23:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-06-28 19:36 . 2012-06-29 23:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-06-28 19:36 . 2012-06-29 23:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-06-19 23:18 . 2012-06-19 23:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-06-20 06:44 . 2009-11-03 19:53 6144 c:\windows\Help\OEM\Scripts\scriptLibrary.dll - 2011-08-22 01:45 . 2009-11-03 19:53 6144 c:\windows\Help\OEM\Scripts\scriptLibrary.dll + 2012-06-20 06:44 . 2006-09-29 19:28 4096 c:\windows\Help\OEM\Scripts\Interop.HelpPane.dll - 2011-08-22 01:44 . 2006-09-29 19:28 4096 c:\windows\Help\OEM\Scripts\Interop.HelpPane.dll + 2012-06-20 06:44 . 2008-12-03 15:24 7168 c:\windows\Help\OEM\Scripts\HPHS_Launcher.exe - 2011-08-22 01:44 . 2008-12-03 15:24 7168 c:\windows\Help\OEM\Scripts\HPHS_Launcher.exe + 2009-12-26 23:38 . 2012-06-29 23:34 192214 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin - 2009-07-14 02:36 . 2012-06-19 23:25 640686 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-06-30 00:00 640686 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-06-30 00:00 112668 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-06-19 23:25 112668 c:\windows\system32\perfc009.dat + 2009-07-14 05:30 . 2012-06-26 11:31 239616 c:\windows\system32\DriverStore\infstrng.dat - 2009-07-14 05:30 . 2012-06-10 02:28 239616 c:\windows\system32\DriverStore\infstrng.dat + 2009-07-14 05:30 . 2012-06-26 11:31 143360 c:\windows\system32\DriverStore\infstor.dat - 2009-07-14 05:30 . 2012-06-06 21:16 143360 c:\windows\system32\DriverStore\infstor.dat + 2009-08-21 05:05 . 2009-08-21 05:05 239616 c:\windows\system32\DriverStore\FileRepository\netrtx64.inf_amd64_neutral_f9e57a11458a56da\Rt64win7.sys + 2009-08-21 05:05 . 2009-08-21 05:05 239616 c:\windows\system32\drivers\Rt64win7.sys - 2009-07-14 05:01 . 2012-06-19 19:51 297012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-06-28 02:56 297012 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-11-16 18:13 . 2012-06-26 11:48 367184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-930483190-3313529808-3006562705-1000-12288.dat - 2011-11-16 18:13 . 2012-06-11 08:20 367184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-930483190-3313529808-3006562705-1000-12288.dat + 2012-06-26 13:32 . 2012-06-26 13:32 292878 c:\windows\Installer\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}\xirruswifiinspectorguide.exe + 2012-06-26 13:32 . 2012-06-26 13:32 101104 c:\windows\Installer\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}\Xirrus_v1.exe - 2011-08-22 01:44 . 2009-11-06 14:59 382216 c:\windows\Help\OEM\Scripts\HPSAUpgrade.exe + 2012-06-20 06:44 . 2009-11-06 14:59 382216 c:\windows\Help\OEM\Scripts\HPSAUpgrade.exe + 2012-06-20 06:40 . 2012-06-20 06:40 877624 c:\windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll - 2011-08-22 01:38 . 2011-08-22 01:38 150584 c:\windows\assembly\GAC_MSIL\HP.SupportAssistant.Engine\6.0.1.1__e1eab6ede003577a\HP.SupportAssistant.Engine.dll + 2012-06-20 06:40 . 2012-06-20 06:40 150584 c:\windows\assembly\GAC_MSIL\HP.SupportAssistant.Engine\6.0.1.1__e1eab6ede003577a\HP.SupportAssistant.Engine.dll + 2012-03-09 15:45 . 2012-03-09 15:45 3580928 c:\windows\system32\DriverStore\FileRepository\netathrx.inf_amd64_neutral_46a74827a0218550\athrx.sys + 2012-03-09 15:45 . 2012-03-09 15:45 3580928 c:\windows\system32\drivers\athrx.sys - 2009-07-14 04:45 . 2012-06-04 04:53 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2009-07-14 04:45 . 2012-06-26 13:56 7113171 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2009-12-27 04:04 . 2012-06-28 02:56 3272824 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2009-12-27 04:04 . 2012-06-28 02:51 3183112 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-930483190-3313529808-3006562705-1000-8192.dat + 2012-06-20 06:40 . 2012-06-20 06:40 2430008 c:\windows\assembly\GAC_MSIL\HP.SupportAssistant.Localization\6.0.1.1__a2352a4c73e11587\HP.SupportAssistant.Localization.dll - 2011-08-22 01:38 . 2011-08-22 01:38 2430008 c:\windows\assembly\GAC_MSIL\HP.SupportAssistant.Localization\6.0.1.1__a2352a4c73e11587\HP.SupportAssistant.Localization.dll + 2012-06-20 06:38 . 2012-06-20 06:38 47848756 c:\windows\Installer\99544.msi + 2012-06-26 13:30 . 2012-06-26 13:30 10356224 c:\windows\Installer\54aa08.msi . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-30 1689144] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-27 39408] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640] "AgentMonitor"="c:\program files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" [2011-12-13 357800] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2010-07-18 1774080] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "HideSCAHealth"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" . R1 bdfndisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [x] R1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Defender Pro\Defender Pro Firewall\bdfwfpf.sys [2011-03-01 102992] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 135664] R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe [2009-08-24 126392] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 257696] R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [2011-06-18 79952] R3 cpuz134;cpuz134;c:\users\MONTANO\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 135664] R3 htcusbnet;HTC USB-NDIS miniport;c:\windows\system32\DRIVERS\htcusbnet.sys [2010-12-15 153600] R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x] R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x] R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys [x] R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [2007-12-26 340992] R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [2009-08-22 56880] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Defender Pro\Defender Pro Arrakis Server\bin\arrakis3.exe [2011-08-02 466736] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-31 1255736] S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2011-07-15 674904] S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2010-01-20 103944] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [2009-03-31 92160] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-29 203264] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-01-13 103440] S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\SymcPCCULaunchSvc.exe [2011-10-08 123320] S2 SafeBox;SafeBox;c:\program files\Defender Pro\Defender Pro SafeBox\safeboxservice.exe [2011-08-02 74336] S2 UPDATESRV;Defender Pro Desktop Update Service;c:\program files\Defender Pro\Defender Pro\updatesrv.exe [2011-08-02 62512] S2 X5XS64Ex;X5XS64Ex;c:\program files (x86)\Free Ride Games\X5XS64Ex.Sys [2009-08-19 51744] S2 X5XSEx;X5XSEx;c:\program files (x86)\Free Ride Games\X5XSEx.Sys [2010-03-11 55328] S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2011-07-15 258224] S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2011-07-15 550208] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-06-15 139616] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . Contents of the 'Scheduled Tasks' folder . 2012-06-29 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:54] . 2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 01:50] . 2012-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 01:50] . 2012-06-04 c:\windows\Tasks\HPCeeScheduleForMONTANO.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 10:22] . 2012-05-31 c:\windows\Tasks\PCDRScheduledMaintenance.job - c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1] @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}] 2011-07-22 22:24 262320 ----a-w- c:\program files\Defender Pro\Defender Pro Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2] @="{342DAA0B-D796-460D-8566-901E08A1CCAD}" [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}] 2011-07-22 22:24 262320 ----a-w- c:\program files\Defender Pro\Defender Pro Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3] @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}] 2011-07-22 22:24 262320 ----a-w- c:\program files\Defender Pro\Defender Pro Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4] @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}" [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}] 2011-07-22 22:24 262320 ----a-w- c:\program files\Defender Pro\Defender Pro Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BDAgent"="c:\program files\Defender Pro\Defender Pro\bdagent.exe" [2011-08-02 924080] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uLocal Page = c:\windows\system32\blank.htm mStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.7.254 FF - ProfilePath - c:\users\MONTANO\AppData\Roaming\Mozilla\Firefox\Profiles\n53618fo.default\ FF - prefs.js: browser.startup.homepage - hxxp://forums.malwarebytes.org/index.php?showtopic=110463&st=40 FF - prefs.js: network.proxy.type - 0 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS REMOVED - - - - . Toolbar-{f92a9fe4-2850-4198-b9d5-279880e49b16} - (no file) Toolbar-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) Toolbar-10 - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet002\services\PCCUJobMgr] "ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-06-29 19:29:04 ComboFix-quarantined-files.txt 2012-06-30 00:29 ComboFix2.txt 2012-06-19 23:55 ComboFix3.txt 2012-06-05 06:35 . Pre-Run: 182,730,211,328 bytes free Post-Run: 182,690,177,024 bytes free . - - End Of File - - BFC2FAF476B5C3808040700205E1E348
  5. Farbar Service Scanner Version: 09-06-2012 Ran by MONTANO (administrator) on 29-06-2012 at 19:31:48 Running from "C:\Users\MONTANO\Desktop\COMPUTER SCANNERS" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. There is no connection to network. Google IP is accessible. Attempt to access Google.com returned error: Other errors Yahoo IP is accessible. Attempt to access Yahoo.com returned error: Other errors Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is OK. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
  6. well it didnt work am I suppose to delete the driver first?
  7. I am not sure if this helps but I went under my "device manager" to see if my drivers were up to date and when I go under the "network adapters" tab it gives me (1) "atheros AR5007EG Wireless adapter" (2) "Microsoft Virtual WiFi Mini Adapter" (3) "Realtek RTL8102E/RTL8103 FAMILY PCI-E FAST Ethernet NIC (NDIS 6.20)" so when I click on 1& 3 and get into their properties window and click up date it does it succesfully however when I try to do this same thing to 2 it says "Windows can't verify the publisher of this driver software" and then it gives me the options (1)Don't install this driver software- you should check your manufacturer's website for updated driver software for your device. and option (2) Install this driver software anyway - Only install driver software obtained from your manufacturer's website or disc. Unsigned software from other sources may harm your computer and steal information. then it says The driver software you are attempting to install does not have a valid digital signature that verifies who published it and could potentially be malicious spyware. You should only install driver software from publishers you trust. - so does this mean I should delete then reinstall this driver?
  8. Farbar Service Scanner Version: 09-06-2012 Ran by MONTANO (administrator) on 21-06-2012 at 15:16:32 Running from "C:\Users\MONTANO\Desktop\COMPUTER SCANNERS" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. There is no connection to network. Google IP is accessible. Attempt to access Google.com returned error: Other errors Yahoo IP is accessible. Attempt to access Yahoo.com returned error: Other errors Windows Firewall: ============= Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=DWORD:0 System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is OK. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is OK. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll". Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Disabled. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** no I still cant connect says wireless adapter is having problems
  9. No still unable to connect says I have limited access
  10. and just so you know I am not getting on the internet on that computer I am using my laptop to download and then transferring applications with a sd card to my desktop
  11. ComboFix 12-06-19.03 - MONTANO 06/19/2012 18:28:47.4.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1790.827 [GMT -5:00] Running from: c:\users\MONTANO\Desktop\ComboFix.exe AV: Defender Pro Antivirus *Disabled/Outdated* {50909708-FF80-02AF-F814-B28405891E92} FW: Defender Pro Firewall *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9} SP: Defender Pro Antispyware *Disabled/Outdated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\1339017216.bdinstall.bin c:\users\MONTANO\BITEFCA.tmp . . ((((((((((((((((((((((((( Files Created from 2012-05-19 to 2012-06-19 ))))))))))))))))))))))))))))))) . . 2012-06-19 23:50 . 2012-06-19 23:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-06 21:15 . 2012-06-06 21:15 -------- d-----w- c:\users\MONTANO\AppData\Roaming\Defender Pro 2012-06-06 21:15 . 2012-06-06 21:15 -------- d-----w- c:\programdata\Defender Pro 2012-06-06 21:13 . 2011-07-23 01:20 288600 ----a-w- c:\windows\system32\drivers\trufos.sys 2012-06-06 21:13 . 2011-03-24 20:36 431176 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys 2012-06-06 19:52 . 2012-06-06 19:52 -------- d-----w- c:\program files (x86)\Common Files\Adobe 2012-06-06 19:39 . 2012-06-06 19:39 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-06-06 19:39 . 2012-06-06 19:39 -------- d-----w- c:\program files (x86)\Oracle 2012-06-06 19:38 . 2012-04-04 23:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-06-05 21:00 . 2012-05-15 06:41 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4CF6E558-B65F-4676-B1A0-D23688A4283D}\mpengine.dll 2012-06-01 17:56 . 2012-06-01 17:56 -------- d-----w- c:\program files (x86)\ESET 2012-06-01 03:06 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-01 03:06 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-06-01 03:06 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-06-01 03:06 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-29 05:10 . 2012-05-31 02:20 -------- d-----w- C:\TDSSKiller_Quarantine 2012-05-24 17:43 . 2012-05-24 17:43 -------- d-----w- c:\program files\iPod 2012-05-24 17:43 . 2012-05-28 07:31 -------- d-----w- c:\program files\iTunes 2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll 2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll 2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2012-05-24 17:34 . 2012-05-24 17:34 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2012-05-24 17:34 . 2012-05-28 07:32 -------- d-----w- c:\program files (x86)\QuickTime 2012-05-24 17:05 . 2012-05-24 17:05 -------- d-----w- C:\found.001 2012-05-24 16:41 . 2012-03-30 11:35 1918320 ---ha-w- c:\windows\system32\drivers\tcpip.sys 2012-05-24 16:41 . 2012-03-03 06:35 1544704 ---ha-w- c:\windows\system32\DWrite.dll 2012-05-24 16:41 . 2012-03-03 05:31 1077248 ---ha-w- c:\windows\SysWow64\DWrite.dll 2012-05-24 16:41 . 2012-03-31 05:42 1732096 ---ha-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-24 16:41 . 2012-03-31 05:40 1367552 ---ha-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-24 16:41 . 2012-03-31 04:29 936960 ---ha-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-24 16:41 . 2012-03-31 05:40 1402880 ---ha-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-24 16:41 . 2012-03-31 05:40 1393664 ---ha-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-24 16:30 . 2012-03-17 07:58 75120 ---ha-w- c:\windows\system32\drivers\partmgr.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-24 15:54 . 2012-04-05 04:24 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-24 15:54 . 2011-05-18 01:42 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-24 15:53 . 2012-05-14 00:51 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-04-19 01:56 . 2012-04-19 01:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2012-04-19 01:56 . 2012-04-19 01:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts 2012-04-04 23:47 . 2010-10-12 10:51 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-30 1689144] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-27 39408] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640] "AgentMonitor"="c:\program files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" [2011-12-13 357800] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Exetender"="c:\program files (x86)\Free Ride Games\GPlayer.exe" [2010-07-18 1774080] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "HideSCAHealth"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" . R1 bdfndisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [x] R1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Defender Pro\Defender Pro Firewall\bdfwfpf.sys [2011-03-01 102992] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 135664] R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe [2009-08-24 126392] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-24 257696] R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x] R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [x] R3 cpuz134;cpuz134;c:\users\MONTANO\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 135664] R3 htcusbnet;HTC USB-NDIS miniport;c:\windows\system32\DRIVERS\htcusbnet.sys [x] R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x] R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x] R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys [x] R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [x] R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Defender Pro\Defender Pro Arrakis Server\bin\arrakis3.exe [2011-08-02 466736] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x] S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [2009-03-31 92160] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-01-13 103440] S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\SymcPCCULaunchSvc.exe [2011-10-08 123320] S2 SafeBox;SafeBox;c:\program files\Defender Pro\Defender Pro SafeBox\safeboxservice.exe [2011-08-02 74336] S2 UPDATESRV;Defender Pro Desktop Update Service;c:\program files\Defender Pro\Defender Pro\updatesrv.exe [2011-08-02 62512] S2 X5XS64Ex;X5XS64Ex;c:\program files (x86)\Free Ride Games\X5XS64Ex.Sys [2009-08-19 51744] S2 X5XSEx;X5XSEx;c:\program files (x86)\Free Ride Games\X5XSEx.Sys [2010-03-11 55328] S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 15:54] . 2012-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 01:50] . 2012-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-27 01:50] . 2012-06-04 c:\windows\Tasks\HPCeeScheduleForMONTANO.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 10:22] . 2012-05-31 c:\windows\Tasks\PCDRScheduledMaintenance.job - c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1] @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}] 2011-07-22 22:24 262320 ----a-w- c:\program files\Defender Pro\Defender Pro Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2] @="{342DAA0B-D796-460D-8566-901E08A1CCAD}" [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}] 2011-07-22 22:24 262320 ----a-w- c:\program files\Defender Pro\Defender Pro Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3] @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}] 2011-07-22 22:24 262320 ----a-w- c:\program files\Defender Pro\Defender Pro Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4] @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}" [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}] 2011-07-22 22:24 262320 ----a-w- c:\program files\Defender Pro\Defender Pro Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BDAgent"="c:\program files\Defender Pro\Defender Pro\bdagent.exe" [2011-08-02 924080] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uLocal Page = c:\windows\system32\blank.htm mStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.7.254 FF - ProfilePath - c:\users\MONTANO\AppData\Roaming\Mozilla\Firefox\Profiles\n53618fo.default\ FF - prefs.js: browser.startup.homepage - hxxp://forums.malwarebytes.org/index.php?showtopic=110463&st=40 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS REMOVED - - - - . Toolbar-{f92a9fe4-2850-4198-b9d5-279880e49b16} - (no file) Toolbar-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) Toolbar-10 - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-Scholastic's I SPY Fun House - c:\progra~2\SCHOLA~1\ISPYFU~1\UNWISE.EXE AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet002\services\PCCUJobMgr] "ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-06-19 18:55:33 ComboFix-quarantined-files.txt 2012-06-19 23:55 ComboFix2.txt 2012-06-05 06:35 . Pre-Run: 184,955,625,472 bytes free Post-Run: 184,874,250,240 bytes free . - - End Of File - - A49F653739E2C4A22F08B73D54FBF5EF
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.