Jump to content

Virus attacking my graphics


Recommended Posts

  • Replies 147
  • Created
  • Last Reply

Top Posters In This Topic

I was searching through my MMC (MS Mgmt Console) for any issues I might question you about, specifically anything I saw relative to Network security access. In my Local Security Policy settings there was a module that opened up and is called "Network Access: Named pipes the can be accessed anonymously". It explains that "This security setting determines which communication sessions (pipes) will have attributes and permissions that allow anonymous access." The default is: None. I have six entries COMNAP, COMNODE, SQL\QUERY, SPOOLSS, LLSRPC and browser. I was going to ask if I shoud set this back to default. Looked kind of suspicious to me also, and that is wht I asked.

Link to post
Share on other sites

Do you recognize that any of those commands might be necessary? I cannot turn them off, or define their use (as you can in the Guest account which is empty by the way). My only option is to delete them line by line if I wish. Would deleting them create problems? If I do delete, how will I find the ramifications?

I might have found another access point, as there is another similar module called "Network Access: Shares that can be accessed anonomously" Its default is "None Specified" but has definitions as well.

Both of these modules are in my local policy settings. Can these be accessed from "outside"? I haven't messed with the "IP Security Policies on Local Computer" as I am still reading up on this. The Console Root is showing no policy assigned?

I am using the "Security Configuration and Analysis" function to analyze and configure my security settings and then I read the logs for missing file or mismatch. Each time I do this, my logs show those are being reduced. I try and save those logs, but when re-reading them in their saved location, somehow they are reverted (changed dates and info from previous point in time). In the latest configuration the report in Console Root view shows, "Configure Password information, LSA anonomous name setting, existing (string) Configure anonomous lookup setting, Guest account is disabled." (Guest is currently "disabled") Then it configured System Access successfully.

In this same report I see a few files with description "Error setting security on (file name). What could this be?

Am I going in the right direction...can I be creating problems or playing into the virus' hand? I have a restore point set to return to if I do. I am really determined to find this "disease".

Link to post
Share on other sites

Good morning preconmanager,

I have been doing some research into these pipes.

browser is a new one that was added in an update Windows did, so it is legitimate.

If you take a look at the below link you will see that everything you listed is fine:

http://www.ultimatewindowssecurity.com/wiki/WindowsSecuritySettings/Network-access-Named-Pipes-that-can-be-accessed-anonymously

If you would like to disable them please see this Windows Article:

http://support.microsoft.com/kb/934539

In short, they are necessary components if you are connecting your computer to other computers or printers on a network.

=====

Could you please rerun OTL again, but this time please only post the section of the log that shows Windows Errors.

Link to post
Share on other sites

Onlt got a single report this time. Is that usual? Sorry, I wasn't sure which was the Windows Error section.

OTL logfile created on: 1/27/2013 5:17:17 PM - Run 4

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\HP_Administrator\My Documents\Downloads

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.48 Mb Total Physical Memory | 457.43 Mb Available Physical Memory | 47.72% Memory free

2.26 Gb Paging File | 1.84 Gb Available in Paging File | 81.52% Paging File free

Paging file location(s): C:\pagefile.sys 1437 1437 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 177.81 Gb Total Space | 148.79 Gb Free Space | 83.68% Space Free | Partition Type: NTFS

Drive D: | 8.49 Gb Total Space | 0.40 Gb Free Space | 4.73% Space Free | Partition Type: FAT32

Computer Name: PRECONMANAGER | User Name: HP_Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/23 21:37:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads\OTL.exe

PRC - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe

PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2012/07/11 10:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe

PRC - [2010/08/26 17:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe

PRC - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe

PRC - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe

PRC - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe

PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/09 01:17:38 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll

MOD - [2013/01/09 01:17:25 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll

MOD - [2013/01/09 01:17:08 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll

MOD - [2013/01/09 01:15:18 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

MOD - [2013/01/09 01:15:17 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

MOD - [2013/01/09 01:15:12 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2013/01/09 01:15:00 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

MOD - [2011/11/03 07:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll

MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll

MOD - [2010/08/26 17:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe

MOD - [2010/02/03 11:31:02 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll

MOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

MOD - [2005/08/02 23:19:16 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe -- (vToolbarUpdater13.3.2)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2013/01/19 23:09:01 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/01/18 17:59:58 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012/09/23 06:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2012/07/11 10:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)

SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)

SRV - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)

SRV - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)

SRV - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)

SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)

SRV - [2008/04/13 16:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)

SRV - [2008/04/13 16:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)

SRV - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\MFWCtwl.sys -- (SamsungMonitorFirmware)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)

DRV - [2011/07/22 08:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2011/07/12 13:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010/02/11 04:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)

DRV - [2009/11/06 08:26:36 | 000,642,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwlhigh5.sys -- (BCMH43XX)

DRV - [2009/08/13 15:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2009/06/22 03:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)

DRV - [2009/02/11 12:40:40 | 005,028,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2008/12/04 05:17:15 | 000,627,072 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)

DRV - [2008/05/08 06:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)

DRV - [2008/04/13 10:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2008/04/13 10:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)

DRV - [2005/12/12 15:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

DRV - [2005/11/21 16:27:15 | 000,021,120 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor 5 for Windows\pcd5srvc.pkms -- (PCD5SRVC{085326CB-51A3560A-05010003})

DRV - [2005/07/29 16:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2005/07/29 16:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2005/06/29 16:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)

DRV - [2005/03/09 12:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2004/08/09 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2004/08/09 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

DRV - [2004/08/03 13:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)

DRV - [2003/11/05 06:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\..\SearchScopes,DefaultScope = {580E20EE-5EC3-480C-8BB1-8065078D64D7}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{11DBEFBC-BDD6-450B-836B-726914EE0A20}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ARCD&o=102810&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8W&apn_dtid=YYYYYYT2US&apn_uid=7180f432-45bd-4b15-8dc2-2f441849a123&apn_sauid=FC0FEDBC-D4B3-4DC5-B80B-29957050ED6A

IE - HKCU\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SAVJ_enUS516

IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8ED78D72-5185-4E7A-BA8A-14F96E679640}&mid=dd84e028671247d19312d15e77eb6dc2-77ed74525ca4a002ea35700d50ae21a03af7db95〈=en&ds=AVG&pr=pr&d=2012-12-09 14:18:08&v=13.3.0.17&sap=dsp&q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"

FF - prefs.js..browser.search.selectedEngine: "Yahoo"

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1

FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.3.2\\npsitesafety.dll File not found

FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/18 18:00:00 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/01/21 13:24:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions

[2012/12/12 21:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nwhnc90v.default\extensions

[2013/01/18 17:59:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013/01/18 18:00:00 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/12/30 11:31:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/12/30 11:31:09 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://us.yahoo.com?fr=fpc-comodo

CHR - homepage: http://us.yahoo.com?fr=fpc-comodo

O1 HOSTS File: ([2013/01/26 09:09:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (no name) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - No CLSID value found.

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340928547156 (MUWebControl Class)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab (GMNRev Class)

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} https://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab (LogData Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E518782A-6667-464A-9A06-0CE54C8FA163}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F70B6B08-5B6D-4E73-A19F-A0A751D2F05B}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\viprotocol - No CLSID value found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/03/09 16:17:46 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/01/26 17:57:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2013/01/26 08:53:08 | 005,026,751 | R--- | C] (Swearware) -- C:\Documents and Settings\HP_Administrator\My Documents\ComboFix.exe

[2013/01/25 13:08:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\PCC

[2013/01/24 14:45:14 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0

[2013/01/22 15:06:49 | 000,642,432 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\bcmwlhigh5.sys

[2013/01/22 15:06:46 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys

[2013/01/22 15:06:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NETGEAR WNA3100 Smart Wizard

[2013/01/22 15:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\NETGEAR

[2013/01/22 15:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\InstallShield

[2013/01/21 10:40:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\AppVerifierLogs

[2013/01/21 10:32:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Application Verifier

[2013/01/21 10:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier

[2013/01/20 23:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem

[2013/01/20 22:20:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent

[2013/01/19 17:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Uninstaller Tool(Comodo Forums)

[2013/01/19 01:02:27 | 000,141,640 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\5DCF3DE2.sys

[2013/01/18 23:46:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2013/01/18 23:45:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2

[2013/01/18 23:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstall Information

[2013/01/18 23:34:09 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe

[2013/01/18 23:11:51 | 000,000,000 | ---D | C] -- C:\RegBackup

[2013/01/18 21:25:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft Antimalware

[2013/01/18 20:54:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LightScribe

[2013/01/18 20:45:24 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribe Diagnostic Utility

[2013/01/18 17:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013/01/18 17:05:49 | 000,000,000 | ---D | C] -- C:\Program Files\msn gaming zone

[2013/01/17 13:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\VSRevoGroup

[2013/01/17 12:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group

[2013/01/17 12:04:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Revo Uninstaller

[2013/01/17 10:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\ACW

[2013/01/17 09:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\HijackThis

[2013/01/17 08:32:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/01/17 08:32:25 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2013/01/16 07:02:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\SUPERAntiSpyware.com

[2013/01/15 15:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Windows Search

[2013/01/15 14:37:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Windows Desktop Search

[2013/01/15 14:35:51 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll

[2013/01/15 14:35:51 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll

[2013/01/15 14:35:51 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll

[2013/01/15 00:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware

[2013/01/15 00:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

[2013/01/15 00:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2013/01/14 11:29:04 | 000,000,000 | ---D | C] -- C:\Samsung

[2013/01/13 22:44:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll

[2013/01/13 22:05:54 | 000,181,064 | ---- | C] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE

[2013/01/13 22:04:59 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs

[2013/01/12 08:59:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HitmanPro

[2013/01/11 14:54:15 | 000,000,000 | ---D | C] -- C:\tdsskiller

[2013/01/11 14:18:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop\RK_Quarantine

[2013/01/10 21:20:17 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2013/01/10 13:30:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2013/01/10 13:30:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2013/01/10 13:30:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2013/01/10 13:30:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2013/01/10 13:29:52 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013/01/10 13:29:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt

[2013/01/10 13:03:38 | 000,000,000 | ---D | C] -- C:\_OTL

[2013/01/07 10:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\FixItCenter

[2013/01/07 10:32:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS

[2013/01/06 16:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Boot.ini File Copy

[2013/01/06 11:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2013/01/06 00:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData

[2013/01/06 00:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LightScribe Direct Disc Labeling

[2013/01/06 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LS Getting Started

[2013/01/06 00:17:46 | 000,000,000 | ---D | C] -- C:\swsetup

[2013/01/05 17:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Sonic

[2013/01/05 15:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\LUA Protocol

[2013/01/05 14:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads

[2013/01/04 18:46:01 | 000,450,352 | ---- | C] (Microsoft Corporation) -- C:\FixitCenter_Run.exe

[2013/01/04 18:39:35 | 000,000,000 | ---D | C] -- C:\MATS

[2013/01/04 09:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2013/01/04 09:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2013/01/03 10:55:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm

[2013/01/03 10:54:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$

[2013/01/03 10:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\WinUpdates

[2013/01/02 20:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\A&ADemo

[2013/01/02 20:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Atari

[2013/01/02 20:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Atari

[2013/01/02 10:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\GeekBuddyRSP

[2013/01/01 21:45:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer

[2012/12/31 23:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun

[2012/12/31 21:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2012/12/31 21:22:30 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012/12/31 21:22:30 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012/12/31 21:22:30 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012/12/31 21:22:19 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012/12/31 21:22:19 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012/12/31 21:22:19 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012/12/31 21:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee

[2012/12/30 11:46:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Favorites

[2012/12/29 18:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO

[2012/12/29 18:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\GeekBuddyRSP

[2012/12/29 18:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\COMODO

[2012/12/29 18:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo

[2012/12/29 18:01:07 | 000,000,000 | ---D | C] -- C:\CCE_Quarantine

[2011/11/25 12:52:11 | 068,771,184 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe

[2011/04/29 20:21:39 | 016,883,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe

[2011/04/14 07:24:16 | 038,808,920 | ---- | C] (Microsoft Corporation) -- C:\Program Files\FileFormatConverters.exe

[2011/04/04 11:25:21 | 287,796,859 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\aa_demo_setup.exe

========== Files - Modified Within 30 Days ==========

[2013/01/27 17:07:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013/01/27 13:30:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job

[2013/01/27 01:59:49 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013/01/27 00:37:13 | 000,016,948 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

[2013/01/26 23:55:55 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2013/01/26 23:55:46 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job

[2013/01/26 23:54:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/26 23:54:37 | 000,211,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013/01/26 18:14:28 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Hearts.lnk

[2013/01/26 13:33:29 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/01/26 12:09:20 | 000,000,791 | ---- | M] () -- C:\WINDOWS\orun32.ini

[2013/01/26 09:25:30 | 000,000,426 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut (2) to ComboFix.lnk

[2013/01/26 09:09:04 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2013/01/26 08:53:23 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to ComboFix.lnk

[2013/01/26 08:45:05 | 005,026,751 | R--- | M] (Swearware) -- C:\Documents and Settings\HP_Administrator\My Documents\ComboFix.exe

[2013/01/25 23:47:39 | 000,000,155 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Files named google.fnd

[2013/01/24 07:54:12 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Word 2003.lnk

[2013/01/23 21:44:29 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to OTL.exe.lnk

[2013/01/22 21:04:26 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013/01/22 15:11:29 | 000,588,324 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013/01/22 15:11:29 | 000,119,594 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013/01/22 15:07:36 | 000,000,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics

[2013/01/22 15:06:45 | 000,000,595 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk

[2013/01/22 15:06:45 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WNA3100 Smart Wizard.lnk

[2013/01/21 12:37:57 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif

[2013/01/21 10:34:19 | 000,001,597 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Application Verifier.lnk

[2013/01/21 00:10:13 | 000,001,125 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk

[2013/01/21 00:10:13 | 000,001,107 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/01/20 23:19:52 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif

[2013/01/20 23:19:45 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk

[2013/01/20 22:30:23 | 000,038,400 | ---- | M] () -- C:\WINDOWS\System32\pcdhdm.cpl

[2013/01/19 23:09:00 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2013/01/19 23:09:00 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2013/01/19 16:48:22 | 000,004,819 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/01/19 16:44:48 | 000,000,635 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk

[2013/01/19 16:44:47 | 000,000,617 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2013/01/19 16:44:40 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2013/01/19 16:44:02 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk

[2013/01/19 15:26:03 | 000,001,282 | RHS- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol

[2013/01/19 01:02:28 | 000,141,640 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\5DCF3DE2.sys

[2013/01/18 23:49:16 | 000,181,064 | ---- | M] (Sysinternals) -- C:\WINDOWS\PSEXESVC.EXE

[2013/01/18 23:42:31 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2013/01/18 23:42:31 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2013/01/18 21:05:50 | 000,001,785 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LightScribe.lnk

[2013/01/18 20:56:22 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2013/01/18 20:56:22 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2013/01/18 20:53:41 | 000,000,902 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to LSDiagnosticUtility.exe.lnk

[2013/01/17 13:29:47 | 000,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT

[2013/01/17 12:04:01 | 000,000,928 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Revo Uninstaller.lnk

[2013/01/16 06:41:09 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\SUPERAntiSpyware.lnk

[2013/01/15 14:37:29 | 000,001,798 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk

[2013/01/11 16:34:58 | 151,469,960 | ---- | M] () -- C:\setup_11.0.0.1245.x01_2013_01_12_03_36.exe

[2013/01/10 21:50:04 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts_bak_188

[2013/01/10 21:20:23 | 000,000,326 | RHS- | M] () -- C:\boot.ini

[2013/01/10 13:20:46 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Excel 2003.lnk

[2013/01/07 10:32:23 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk

[2013/01/06 19:44:12 | 003,153,920 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb

[2013/01/06 11:04:57 | 000,011,892 | ---- | M] () -- C:\WINDOWS\CUAppUsage.Dat

[2013/01/05 21:34:35 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll

[2013/01/05 15:51:11 | 000,001,324 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk

[2013/01/04 18:46:01 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\FixitCenter_Run.exe

[2013/01/03 22:32:49 | 000,027,678 | ---- | M] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip

[2013/01/02 20:31:36 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk

[2013/01/02 08:13:50 | 000,008,404 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip

[2013/01/02 05:34:21 | 000,007,221 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip

[2013/01/01 20:24:14 | 000,007,215 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip

[2012/12/31 21:21:48 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012/12/31 21:21:46 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012/12/31 21:21:46 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll

[2012/12/31 21:21:46 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012/12/31 21:21:46 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012/12/31 21:21:46 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012/12/31 21:21:46 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012/12/31 19:32:23 | 000,000,004 | ---- | M] () -- C:\WINDOWS\CSCCompactState

[2012/12/31 18:26:24 | 000,000,280 | ---- | M] () -- C:\Boot.bak

[2012/12/31 14:05:00 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Solitaire.lnk

[2012/12/30 12:44:10 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf

========== Files Created - No Company Name ==========

[2013/01/26 09:25:29 | 000,000,426 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut (2) to ComboFix.lnk

[2013/01/26 08:53:23 | 000,000,588 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to ComboFix.lnk

[2013/01/25 23:47:39 | 000,000,155 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Files named google.fnd

[2013/01/23 21:44:29 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to OTL.exe.lnk

[2013/01/22 20:25:20 | 000,016,948 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol

[2013/01/22 15:06:45 | 000,000,595 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk

[2013/01/22 15:06:45 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR WNA3100 Smart Wizard.lnk

[2013/01/21 12:37:57 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif

[2013/01/21 10:34:19 | 000,001,597 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Application Verifier.lnk

[2013/01/21 00:10:13 | 000,001,125 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk

[2013/01/20 23:23:05 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk

[2013/01/20 23:19:45 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk

[2013/01/20 15:21:41 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

[2013/01/19 16:44:48 | 000,000,635 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk

[2013/01/19 16:44:47 | 000,000,617 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk

[2013/01/19 16:44:02 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk

[2013/01/19 16:44:02 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Windows Media Player.lnk

[2013/01/18 21:05:50 | 000,001,785 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\LightScribe.lnk

[2013/01/18 20:56:22 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2013/01/18 20:56:22 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk

[2013/01/18 20:56:22 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2013/01/18 20:53:41 | 000,000,902 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to LSDiagnosticUtility.exe.lnk

[2013/01/18 17:02:05 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk

[2013/01/17 12:04:01 | 000,000,928 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Revo Uninstaller.lnk

[2013/01/17 08:32:34 | 000,001,107 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013/01/16 06:41:09 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\SUPERAntiSpyware.lnk

[2013/01/15 14:37:29 | 000,001,814 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk

[2013/01/15 14:37:29 | 000,001,798 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk

[2013/01/13 21:58:20 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013/01/11 16:28:50 | 151,469,960 | ---- | C] () -- C:\setup_11.0.0.1245.x01_2013_01_12_03_36.exe

[2013/01/10 13:30:02 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2013/01/10 13:30:02 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2013/01/10 13:30:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2013/01/10 13:30:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2013/01/10 13:30:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2013/01/07 10:36:06 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job

[2013/01/07 10:36:04 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job

[2013/01/07 10:32:23 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk

[2013/01/07 10:32:23 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk

[2013/01/06 19:44:11 | 003,153,920 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb

[2013/01/06 06:34:14 | 000,043,609 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb

[2013/01/05 15:47:22 | 000,001,324 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk

[2013/01/03 22:32:47 | 000,027,678 | ---- | C] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip

[2013/01/02 20:31:36 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk

[2013/01/02 08:13:49 | 000,008,404 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip

[2013/01/02 05:34:20 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip

[2013/01/01 20:24:13 | 000,007,215 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip

[2013/01/01 19:59:44 | 000,011,892 | ---- | C] () -- C:\WINDOWS\CUAppUsage.Dat

[2012/12/31 19:27:27 | 000,000,004 | ---- | C] () -- C:\WINDOWS\CSCCompactState

[2012/12/30 11:48:23 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2012/12/30 11:48:23 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk

[2012/12/28 15:49:52 | 000,005,956 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012/12/09 20:12:42 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config

[2012/12/09 10:12:29 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2012/12/06 16:39:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2012/12/06 16:38:32 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data

[2012/02/15 16:30:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/01/26 19:46:24 | 000,000,448 | ---- | C] () -- C:\Program Files\0126201219462482.bat

[2012/01/06 17:22:47 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EWF645.ini

[2011/11/25 19:49:45 | 000,000,458 | ---- | C] () -- C:\Program Files\1125201119494514.bat

[2011/11/25 13:33:00 | 000,042,836 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2011/05/17 09:29:13 | 000,001,282 | RHS- | C] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol

[2011/05/15 19:10:29 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini

[2011/05/15 19:10:29 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini

[2011/05/15 19:10:28 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini

[2011/05/15 19:10:28 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini

[2011/05/15 19:10:28 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini

[2011/05/15 19:10:28 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini

[2011/04/16 13:59:30 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini

[2011/04/16 13:59:15 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini

[2011/04/16 13:58:13 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini

[2009/05/23 15:06:03 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/05/23 14:55:22 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2005/08/30 19:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 16:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 04:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 16:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2006/03/09 16:17:46 | 000,000,100 | ---- | M] () -- C:\AUTOEXEC.BAT

[2012/12/31 18:26:24 | 000,000,280 | ---- | M] () -- C:\Boot.bak

[2013/01/10 21:20:23 | 000,000,326 | RHS- | M] () -- C:\boot.ini

[2004/08/09 13:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr

[2013/01/26 09:12:46 | 000,026,238 | ---- | M] () -- C:\ComboFix.txt

[2005/08/30 20:02:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2013/01/04 18:46:01 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\FixitCenter_Run.exe

[2012/01/07 20:53:06 | 069,744,132 | ---- | M] () -- C:\hpWebHelper.log

[2005/08/30 20:02:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2005/08/30 20:02:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/09 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2011/04/04 15:52:22 | 000,250,048 | RHS- | M] () -- C:\ntldr

[2013/01/26 23:54:31 | 1506,803,712 | -HS- | M] () -- C:\pagefile.sys

[2013/01/23 00:01:26 | 000,006,792 | ---- | M] () -- C:\resetlog.txt

[2013/01/11 16:34:58 | 151,469,960 | ---- | M] () -- C:\setup_11.0.0.1245.x01_2013_01_12_03_36.exe

[2013/01/19 11:27:39 | 000,066,282 | ---- | M] () -- C:\SIGNED.TXT

[2013/01/19 11:27:39 | 000,092,506 | ---- | M] () -- C:\SIGVERIF.TXT

[2004/06/11 15:33:28 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\subinacl.exe

[2013/01/06 21:31:56 | 000,093,816 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_06.01.2013_21.31.19_log.txt

[2013/01/11 14:55:53 | 000,003,768 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_11.01.2013_14.55.21_log.txt

[2013/01/11 15:40:03 | 000,356,756 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_11.01.2013_15.00.58_log.txt

[2013/01/19 11:27:39 | 000,000,172 | ---- | M] () -- C:\TOTALS.TXT

[2013/01/19 11:27:39 | 000,025,560 | ---- | M] () -- C:\UNSCANNED.TXT

[2013/01/19 11:27:34 | 000,002,124 | ---- | M] () -- C:\UNSIGNED.TXT

< %systemroot%\*. /mp /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\volsnap.sys:SummaryInformation

< End of report >

Link to post
Share on other sites

I still have the difficulties with the monitor, especially getting to the MSE and WDO Scan. I dont have any issues searching for anti-mal sites, just entering their site to download. So this status has not changed in a while, in fact it happened just a few minutes ago when I tried to download MSRT. I cannot get the K Rescue Disk to work.

I am running MMC and trying to solidify my security, and this seems to be going well. Would you like to see if there is anything in my secedit file log that may give some insight?

Link to post
Share on other sites

Microsoft Management Console is where you access the Console Root, which is a compilation of Device Manager, IIS, Event Viewer, Registry and Folder activities. It is used to set various security permission configuration on Local and Group levels like Administrator, Guests, ETC to access and make changes to alot of computer operations. At least that's the way I understand it.

It has a "snap-in" tool to do security diagnostics on all those levels. I run a system security analysis, and it provides a report on that analysis, then I run configuration utility and it works to modify security by program and I am provided another report on security status. Windows used to provide this in the secedit (security edit) command .

I was finding various issues using MMC and seeing Internet permissions, file access, event viewer commands that I questioned that were similar in the symptoms I described to you with regard to VIrus activity. I have a few files that Windows cannot set security permissions on by program because of issues (unknown yet) in the files it finds . I can give you the log file of what it finds in analysis and then a log after configuration is completed. These analysis and configeration reports were quite lengthy when I started, but they grow smaller each time. I have not made many manual modifications to the Console, I am watching what MMC is doing.

Link to post
Share on other sites

Hey preconmanager. :)

OK I see what you mean now. I am not very familiar with MMC; I suggest you try the BitDefender Disc below and in the meantime I am going to do a bit of research about MMC.

The Bitdefender Rescue CD is a bootable CD based version of Bitdefender Antivirus.

The download is in ISO format.

If you are not sure how to burn an image, please read How to write a CD/DVD image or ISO. If you need a FREE utility to burn the ISO image, download and use ImgBurn.

There is a tutorial on running it at How to Use the BitDefender Rescue CD to Clean Your Infected PC

Please download the Bitdefender Rescue CD:

http://download.bitdefender.com/rescue_cd/bitdefender-rescue-cd.iso

  • Burn the Bitdefender Rescue CD ISO image to CD.
  • Insert the Bitdefender Rescue CD into your CD/DVD drive and boot the computer (you may need to change the boot sequence in your system's BIOS to boot from the CD/DVD drive).
  • Select "Start Bitdefender Rescue CD in English", then press Enter.
  • Once the graphical interface starts, select "Continue".
  • Bitdefender Update will start automatically.
  • When finished updating, scanning will start automatically.
  • When finished scanning, if threats were detected, double-click the Desktop icon "Scan Logs".
  • In the window that opens, double-click the log file and open it with Firefox browser.
  • To save the log, go to File > Save Page As, enter a file name you will remember such as BDSCAN.TXT, then in the "Save in folder" field select your system drive, and click "Save".
  • The log will save in the root of your system drive (C:\).
  • Close the scanner, restart your system, and post the log in your next reply.

Link to post
Share on other sites

I received the following message that "Threats may be present on your system" It gave a list of files that "Failed to scan: Permission denied" There is no option to print or save the results, I am given the option to "Resolve Issues" but it will not let me go to the "Results Summary". I will try and record manually. Please advise.

BD identified some issues that I knew I had in my I/O (CD Drive) which I can work on but these should not be creating my issues.

Link to post
Share on other sites

I have run BD twice. Once it gets to about 45 minutes of scan if stops and then shows the message I last posted. I recognize why some files did not scan, as they are the DDS, MBAM, MSE, SAS anti-mal log files. The remaining are System Volume Information/_restore files {numbers}/.pif and there are 61 listed. BD does not appear to "finish", it stops and gives this info, then I have to try and close out of the program somehow. Now I am getting a nvsvc32.exe App Error message.

Link to post
Share on other sites

Found a way to retrieve the results that I was given by BD

====================================================

= Logging started on Tue 29 Jan 2013 12:06:48 AM UTC

====================================================

List of objects to be scanned:

- /media/HP_RECOVERY

- /media/HP_PAVILION

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Application Verifier.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/attach.txt': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/dds.txt': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/FSS.txt': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/LUA Protocol.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/mbam-log-2013-01-23 (00-59-45).txt': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Microsoft Security Essentials.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/reset.log': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Revo Uninstaller.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/RK_Quarantine/arpwrmsg.exe.vir': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/RK_Quarantine/arservice.exe.vir': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/RK_Quarantine/Eula.txt': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/RK_Quarantine/NewStartPanel_{20D04FE0-0.reg': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/RK_Quarantine/PhysicalDrive0_User.dat': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/RK_Quarantine/QuarantineReport.txt': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/RK_Quarantine/System_DisableReg0.reg': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Shortcut (2) to ComboFix.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Shortcut to ComboFix.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Shortcut to dds.com.pif': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Shortcut to hijackthis.log.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Shortcut to LSDiagnosticUtility.exe.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Shortcut to Msinfo32 after Winsock reset.txt.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Shortcut to Msinfo32.txt.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Shortcut to OTL.exe.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Shortcut to OTL.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/Shortcut to OTL.Txt.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/Documents and Settings/HP_Administrator/Desktop/SUPERAntiSpyware.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP25/A0024846.pif': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP44/A0027523.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP44/A0027524.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP44/A0027633.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042071.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042072.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042073.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042074.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042075.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042077.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042078.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042079.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042080.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042081.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042084.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042086.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP105/A0042082.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP13/A0023882.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP23/A0024573.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP24/A0024837.pif': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP24/A0024838.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP28/A0025866.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP28/A0025882.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP34/A0026111.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP34/A0026112.pif': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP34/A0026113.pif': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP34/A0026115.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP4/A0005619.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP46/A0027764.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP46/A0027765.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP47/A0027953.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP54/A0031448.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP56/A0033147.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP56/A0033096.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP56/A0033148.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP58/A0033943.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP58/A0033944.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP58/A0033945.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP58/A0033946.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP58/A0033947.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP58/A0033948.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP58/A0033949.pif': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP58/A0033950.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP67/A0034292.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP68/A0034486.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP68/A0034471.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP68/A0034477.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP68/A0034478.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP69/A0034529.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP69/A0034540.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP69/A0034543.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP69/A0034544.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP69/A0034575.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP69/A0034577.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP69/A0034578.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP69/A0034588.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP70/A0034622.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP71/A0035440.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP71/A0035443.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP72/A0035526.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP72/A0035935.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP72/A0035943.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP72/A0035946.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP72/A0035949.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP72/A0035950.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP73/A0035977.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036164.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036170.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036171.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036173.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036205.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036207.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036208.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036229.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036230.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036231.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036637.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036639.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036643.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036644.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036645.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP74/A0036646.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036818.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036824.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036825.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036827.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036857.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036861.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036862.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036863.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036885.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036886.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036887.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036893.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0036895.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037294.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037313.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037349.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037300.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037303.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037304.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037314.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037335.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037336.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037337.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037341.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037342.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037346.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037347.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037348.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP75/A0037357.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037640.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037784.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037790.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037791.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037793.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037795.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037796.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037797.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037818.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037819.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037820.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037825.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037826.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037830.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037831.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037832.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037833.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037843.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037844.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037865.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037866.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0037867.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038270.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038272.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038276.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038277.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038278.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038279.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038286.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038287.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038308.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038309.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038310.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038312.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038313.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038319.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038321.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038322.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038329.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038330.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038351.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038352.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038353.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038357.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP76/A0038320.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP8/A0022947.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP83/A0039492.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP93/A0040761.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP93/A0040764.lnk': Permission denied

Failed to scan '/media/HP_PAVILION/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP93/A0040771.lnk': Permission denied

Link to post
Share on other sites

Hey preconmanager,

So Kaspersky doesn't work, BD doesn't find anything, CF came up empty.

The link provided below is a guide from Trend Micro:

http://esupport.trendmicro.com/pages/how-to-restore-access-to-trend-micro-and-other-security-sites-that-have-been-blocked-by-malware-infections.aspx

Please follow the instructions listed. When you get to the part about editing your HOSTS file, please select a security site you know you have trouble accessing and complete the rest of the instructions. See if that improves accessibility to the site in question.

Link to post
Share on other sites

I follow the instructions for the TM program. When prompting for the notebook view, I do not see the message (example) just one line at the top.

My question: The TM program asks to stop the DNS cache, but I am seeing the mDNSResponder running during scans. Is there any correlation between DNS Cache and the mDNS Responder?

I used TM then MBAM to scan, I will also run the TM and use MSE to scan. Any other suggested Anti-Mal? Can I try the rescue disks?

Link to post
Share on other sites

I have uninstalled Bonjour where the mDNS derived. Still trying on Trend Micro

I am following TM instructions to the letter. After typing the notepad.exe to bring up the HOSTS file information this is all I get.

127.0.0.1 localhost (in the TM example this is the second to last line)

I do not see the information that TM says I should.

Link to post
Share on other sites

Yes. I was not sure what TM was to do, so I went to their website, downloaded various programs and ran some scans (Anti Threat Toolkit, HouseCall, RootKitBuster, and HiJackThis). I retrieved some logs, others were locked by password. I did not get any malware readings from them.

I did some more checking on why I couldn't get TM to report. I updated my I/O, TCP/IP and re-ran TM....still the same .txt result. But all this hasn't solved the main problem.

Would you like to see the reports I got from Trend? Some are quite big in size. I didn't understand them because the info is all bunched together.

Link to post
Share on other sites

Hello preconmanager,

That's won't be necessary. I just wanted to see if the issue was to do with the HOSTS file, which it isn't.

Please download MiniToolBox, save it to your Desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using the "Reset FF Proxy Settings" option Firefox should be closed.

Link to post
Share on other sites

NOTE: After running this program I received a Windows Security Alert.

MiniToolBox by Farbar Version:10-01-2013

Ran by HP_Administrator (administrator) on 30-01-2013 at 09:39:59

Running from "K:\"

Microsoft Windows XP Service Pack 3 (X86)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Could not flush the DNS Resolver Cache: Function failed during execution.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)

Wireless N-300 USB Adapter WNA3100 = Wireless Network Connection 39 (Connected)

NVIDIA nForce Networking Controller = Local Area Connection 2 (Media disconnected)

# ----------------------------------

# Interface IP Configuration

# ----------------------------------

pushd interface ip

# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp

set dns name="Local Area Connection 2" source=dhcp register=PRIMARY

set wins name="Local Area Connection 2" source=dhcp

# Interface IP Configuration for "Wireless Network Connection 39"

set address name="Wireless Network Connection 39" source=dhcp

set dns name="Wireless Network Connection 39" source=dhcp register=PRIMARY

set wins name="Wireless Network Connection 39" source=dhcp

popd

# End of interface IP configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : PRECONMANAGER

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : NVIDIA nForce Networking Controller

Physical Address. . . . . . . . . : 00-17-31-0F-84-31

Ethernet adapter Wireless Network Connection 39:

Connection-specific DNS Suffix . : home

Description . . . . . . . . . . . : Wireless N-300 USB Adapter WNA3100

Physical Address. . . . . . . . . : C4-3D-C7-BE-CB-57

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.9

Subnet Mask . . . . . . . . . . . : 255.255.255.0

IP Address. . . . . . . . . . . . : fe80::c63d:c7ff:febe:cb57%6

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

Lease Obtained. . . . . . . . . . : Wednesday, January 30, 2013 9:31:41 AM

Lease Expires . . . . . . . . . . : Thursday, January 31, 2013 9:31:41 AM

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-FB-F5-CD-D4-D9-9B

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 2001:0:9d38:6ab8:0:fbf5:cdd4:d99b

IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%5

Default Gateway . . . . . . . . . : ::

NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . : home

Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : C0-A8-01-09

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.9%2

Default Gateway . . . . . . . . . :

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

NetBIOS over Tcpip. . . . . . . . : Disabled

Server: Wireless_Broadband_Router.home

Address: 192.168.1.1

Name: google.com

Addresses: 173.194.33.3, 173.194.33.4, 173.194.33.5, 173.194.33.6

173.194.33.7, 173.194.33.8, 173.194.33.9, 173.194.33.14, 173.194.33.0

173.194.33.1, 173.194.33.2

Pinging google.com [173.194.33.4] with 32 bytes of data:

Reply from 173.194.33.4: bytes=32 time=14ms TTL=54

Reply from 173.194.33.4: bytes=32 time=17ms TTL=54

Ping statistics for 173.194.33.4:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 14ms, Maximum = 17ms, Average = 15ms

Server: Wireless_Broadband_Router.home

Address: 192.168.1.1

Name: yahoo.com

Addresses: 206.190.36.45, 98.138.253.109, 98.139.183.24

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=45ms TTL=51

Reply from 206.190.36.45: bytes=32 time=57ms TTL=51

Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 45ms, Maximum = 57ms, Average = 51ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x2 ...00 17 31 0f 84 31 ...... NVIDIA nForce Networking Controller

0x10004 ...c4 3d c7 be cb 57 ...... Wireless N-300 USB Adapter WNA3100

===========================================================================

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.9 20

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

192.168.1.0 255.255.255.0 192.168.1.9 192.168.1.9 20

192.168.1.9 255.255.255.255 127.0.0.1 127.0.0.1 20

192.168.1.255 255.255.255.255 192.168.1.9 192.168.1.9 20

224.0.0.0 240.0.0.0 192.168.1.9 192.168.1.9 20

255.255.255.255 255.255.255.255 192.168.1.9 2 1

255.255.255.255 255.255.255.255 192.168.1.9 192.168.1.9 1

Default Gateway: 192.168.1.1

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)

Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)

Catalog5 05 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)

ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"

Catalog5 06 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)

ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"

Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 29 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 30 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 31 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 32 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 33 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 34 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 35 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 36 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 37 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 38 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 39 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 40 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 41 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 42 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 43 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 44 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 45 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 46 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 47 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 48 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 49 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

Error: (01/30/2013 09:37:31 AM) (Source: MatSvc) (User: )

Description: The MATS service encountered a failure when uploading data. hr=0xC004F018

Error: (01/30/2013 09:37:31 AM) (Source: MatSvc) (User: )

Description: The MATS service encountered a web service failure. hr=0xC004F018

Error: (01/30/2013 09:32:40 AM) (Source: MatSvc) (User: )

Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070005

.

Error: (01/30/2013 09:31:53 AM) (Source: Media Center Extender Services) (User: )

Description: ERROR: Device Service Initialization - Unable to create or initialize Device Table. Error code 0x80004005.

Error: (01/30/2013 05:35:01 AM) (Source: MatSvc) (User: )

Description: The MATS service encountered a failure when uploading data. hr=0xC004F018

Error: (01/30/2013 05:35:01 AM) (Source: MatSvc) (User: )

Description: The MATS service encountered a web service failure. hr=0xC004F018

Error: (01/30/2013 05:30:15 AM) (Source: MatSvc) (User: )

Description: The MATS service encountered a failure when uploading data. hr=0xC004F018

Error: (01/30/2013 05:30:15 AM) (Source: MatSvc) (User: )

Description: The MATS service encountered a web service failure. hr=0xC004F018

Error: (01/30/2013 01:35:04 AM) (Source: MatSvc) (User: )

Description: The MATS service encountered a failure when uploading data. hr=0xC004F018

Error: (01/30/2013 01:35:04 AM) (Source: MatSvc) (User: )

Description: The MATS service encountered a web service failure. hr=0xC004F018

System errors:

=============

Error: (01/30/2013 09:34:34 AM) (Source: DCOM) (User: )

Description: The machine wide Default Launch and Activation security descriptor is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services administrative tool.

Error: (01/30/2013 09:33:54 AM) (Source: DCOM) (User: )

Description: The machine wide Default Launch and Activation security descriptor is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services administrative tool.

Error: (01/30/2013 09:33:53 AM) (Source: DCOM) (User: )

Description: The machine wide Default Launch and Activation security descriptor is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services administrative tool.

Error: (01/30/2013 09:33:13 AM) (Source: DCOM) (User: )

Description: The machine wide Default Launch and Activation security descriptor is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services administrative tool.

Error: (01/30/2013 09:33:13 AM) (Source: DCOM) (User: )

Description: The machine wide Default Launch and Activation security descriptor is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services administrative tool.

Error: (01/30/2013 09:32:33 AM) (Source: DCOM) (User: )

Description: The machine wide Default Launch and Activation security descriptor is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services administrative tool.

Error: (01/30/2013 09:32:33 AM) (Source: DCOM) (User: )

Description: The machine wide Default Launch and Activation security descriptor is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services administrative tool.

Error: (01/30/2013 09:32:01 AM) (Source: Service Control Manager) (User: )

Description: The Media Center Extender Service service terminated with service-specific error 2147500037 (0x80004005).

Error: (01/30/2013 09:32:01 AM) (Source: Service Control Manager) (User: )

Description: The vToolbarUpdater13.3.2 service failed to start due to the following error:

%%2

Error: (01/30/2013 09:32:01 AM) (Source: Service Control Manager) (User: )

Description: The NVIDIA Update Service Daemon service failed to start due to the following error:

%%1069

Microsoft Office Sessions:

=========================

Error: (01/30/2013 09:37:31 AM) (Source: MatSvc)(User: )

Description: hr=0xC004F018C:\Program Files\Microsoft Fix it Center\MATS\ReportCab\1d6d6027-073c-5f58-1005-9665e358cd34.cab

Error: (01/30/2013 09:37:31 AM) (Source: MatSvc)(User: )

Description: hr=0xC004F018IDataUploadService::UploadResultERROR_INTERNAL_SERVER_ERROR

Error: (01/30/2013 09:32:40 AM) (Source: MatSvc)(User: )

Description: hr=0x80070005

Error: (01/30/2013 09:31:53 AM) (Source: Media Center Extender Services)(User: )

Description: 0x80004005

Error: (01/30/2013 05:35:01 AM) (Source: MatSvc)(User: )

Description: hr=0xC004F018C:\Program Files\Microsoft Fix it Center\MATS\ReportCab\1d6d6027-073c-5f58-1005-9665e358cd34.cab

Error: (01/30/2013 05:35:01 AM) (Source: MatSvc)(User: )

Description: hr=0xC004F018IDataUploadService::UploadResultERROR_INTERNAL_SERVER_ERROR

Error: (01/30/2013 05:30:15 AM) (Source: MatSvc)(User: )

Description: hr=0xC004F018C:\Program Files\Microsoft Fix it Center\MATS\ReportCab\1d6d6027-073c-5f58-1005-9665e358cd34.cab

Error: (01/30/2013 05:30:15 AM) (Source: MatSvc)(User: )

Description: hr=0xC004F018IDataUploadService::UploadResultERROR_INTERNAL_SERVER_ERROR

Error: (01/30/2013 01:35:04 AM) (Source: MatSvc)(User: )

Description: hr=0xC004F018C:\Program Files\Microsoft Fix it Center\MATS\ReportCab\1d6d6027-073c-5f58-1005-9665e358cd34.cab

Error: (01/30/2013 01:35:04 AM) (Source: MatSvc)(User: )

Description: hr=0xC004F018IDataUploadService::UploadResultERROR_INTERNAL_SERVER_ERROR

=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)

Acrobat.com (Version: 1.1.377)

Adobe AIR (Version: 1.0.4990)

Adobe AIR (Version: 1.0.8.4990)

Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)

Adobe Flash Player 11 Plugin (Version: 11.5.502.146)

Adobe Reader X (10.1.5) (Version: 10.1.5)

Agere Systems PCI-SV92PP Soft Modem

Apple Application Support (Version: 2.1.6)

Apple Software Update (Version: 2.1.3.127)

Axis & Allies Demo (Version: 1.00.000)

Box Sync (Version: 3.2.65.0)

Canon Camera Access Library (Version: 8.5.0.2)

Canon DIGITAL CAMERA Solution Disk Software Guide (Version: 1.1.0.2)

CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.7.2.11)

Canon Internet Library for ZoomBrowser EX (Version: 1.6.3.9)

Canon MovieEdit Task for ZoomBrowser EX (Version: 3.4.0.8)

Canon Personal Printing Guide (Version: 1.1.0.2)

Canon PowerShot SD1300 IS_IXUS 105 Camera User Guide (Version: 1.0.0.2)

Canon Utilities CameraWindow (Version: 7.4.0.7)

Canon Utilities CameraWindow DC 8 (Version: 8.1.0.11)

Canon Utilities Movie Uploader for YouTube (Version: 1.0.0.11)

Canon Utilities MyCamera (Version: 7.3.0.5)

Canon Utilities PhotoStitch (Version: 3.1.22.46)

Canon Utilities ZoomBrowser EX (Version: 6.5.0.14)

Canon ZoomBrowser EX Memory Card Utility (Version: 1.3.0.4)

CCleaner (Version: 3.20)

Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)

Customer Experience Enhancement (Version: Customer Experience Enhancement -1.0.0.1680)

Destinations (Version: 60.0.155.000)

DocProc (Version: 5.2.0.0)

DocumentViewer (Version: 53.0.13.000)

DocumentViewerQFolder (Version: 1.00.0000)

GemMaster Mystic

HP Boot Optimizer (Version: 2.0.5.1)

HP DigitalMedia Archive (Version: 2.0)

HP Document Viewer 5.3 (Version: 5.3)

HP DVD Play 1.0

HP Games (Version: 1.0.2.5)

HP Imaging Device Functions 6.0 (Version: 6.0)

HP Multimedia Keyboard Software

HP Product Assistant (Version: 100.000.001.000)

HP Product Detection (Version: 11.14.0006)

HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)

HP Update (Version: 5.003.001.001)

HP Web Helper

HPProductAssistant (Version: 53.0.13.000)

HpSdpAppCoreApp (Version: 3.00.0000)

Internet Explorer (Enable DEP)

iTunes (Version: 10.5.3.3)

Java 7 Update 10 (Version: 7.0.100)

Java Auto Updater (Version: 2.1.9.0)

LightScribe Diagnostic Utility (Version: 1.18.26.7)

LightScribe System Software (Version: 1.18.26.7)

Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)

Microsoft .NET Framework 1.0 Hotfix (KB2604042)

Microsoft .NET Framework 1.0 Hotfix (KB2656378)

Microsoft .NET Framework 1.0 Security Update (KB2698035)

Microsoft .NET Framework 1.0 Security Update (KB2742607)

Microsoft .NET Framework 1.1 (Version: 1.1.4322)

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)

Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)

Microsoft Application Error Reporting (Version: 12.0.6012.5000)

Microsoft Fix it Center (Version: 1.0.0100)

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)

Microsoft Security Client (Version: 4.1.0522.0)

Microsoft Security Essentials (Version: 4.1.522.0)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)

Mozilla Maintenance Service (Version: 18.0.1)

MSN

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)

NETGEAR WNA3100 wireless USB 2.0 adapter (Version: 1.01.206)

NVIDIA Control Panel 306.81 (Version: 306.81)

NVIDIA Drivers (Version: 1.3)

NVIDIA Graphics Driver 306.81 (Version: 306.81)

NVIDIA Install Application (Version: 2.1002.85.551)

NVIDIA nView 136.28 (Version: 136.28)

NVIDIA PhysX (Version: 9.10.0129)

NVIDIA Update 1.10.8 (Version: 1.10.8)

NVIDIA Update Components (Version: 1.10.8)

Otto

PanoStandAlone (Version: 53.0.13.000)

PC-Doctor 5 for Windows (Version: 5.00.3311.03)

Polar Bowler (Version: 2.2.0.97)

PS2

Realtek High Definition Audio Driver

Revo Uninstaller 1.94 (Version: 1.94)

ScannerCopy (Version: 5.2.0.0)

SolutionCenter (Version: 50.0.152.000)

Sonic Express Labeler (Version: 2.1.0)

Sonic MyDVD Plus (Version: 6.2.0)

Sonic RecordNow Audio (Version: 2.0.4)

Sonic RecordNow Copy (Version: 2.0.4)

Sonic RecordNow Data (Version: 2.0.4)

Sonic Update Manager (Version: 3.0.0)

Status (Version: 53.0.13.000)

TrayApp (Version: 53.0.13.000)

Unload (Version: 6.0.0)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)

Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)

Update for Windows XP (KB2492386) (Version: 1)

Update for Windows XP (KB2661254-v2) (Version: 2)

Update for Windows XP (KB2718704) (Version: 1)

Update for Windows XP (KB2736233) (Version: 1)

Update for Windows XP (KB2749655) (Version: 1)

WebFldrs XP (Version: 9.50.7523)

WebReg (Version: 53.0.13.000)

Windows 7 Upgrade Advisor (Version: 2.0.5000.0)

Windows Internet Explorer 7 (Version: 20070813.185237)

Windows Internet Explorer 8 (Version: 20090308.140743)

Windows Management Framework Core

Windows Media Format Runtime

Windows Presentation Foundation (Version: 3.0.6920.0)

Windows Search 4.0 (Version: 04.00.6001.503)

Windows XP Media Center Edition 2005 KB2628259

Windows XP Media Center Edition 2005 KB925766

Windows XP Service Pack 3 (Version: 20080414.031525)

XML Paper Specification Shared Components Pack 1.0

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 49%

Total physical RAM: 958.48 MB

Available physical RAM: 483.55 MB

Total Pagefile: 2309.57 MB

Available Pagefile: 1914.71 MB

Total Virtual: 2047.88 MB

Available Virtual: 1971.26 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:177.81 GB) (Free:147.99 GB) NTFS

2 Drive d: (HP_RECOVERY) (Fixed) (Total:8.49 GB) (Free:0.4 GB) FAT32

8 Drive k: (WDO_Media32) (Removable) (Total:7.28 GB) (Free:6.51 GB) NTFS

========================= Users: ========================================

User accounts for \\PRECONMANAGER

Amanda1998 ASPNET Daughter

Daughters Dad HelpAssistant HP_Administrator

IUSR_Admin IUSR_CARL IWAM_Admin

IWAM_CARL SUPPORT_388945a0 SUPPORT_fddfa904

UpdatusUser

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.