Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

printer network sharing (error 0x00000002) [Solved]

Started by salvar774 , Mar 11 2013 11:44 PM

  • This topic is locked This topic is locked

#1
salvar774
Posted 11 March 2013 - 11:44 PM

salvar774

    Member

  • Member
  • PipPip
  • 65 posts
OTL logfile created on: 3/11/2013 12:06:00 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Simon\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 49.76% Memory free
5.97 Gb Paging File | 4.71 Gb Available in Paging File | 78.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.59 Gb Total Space | 72.89 Gb Free Space | 32.60% Space Free | Partition Type: NTFS
Drive D: | 9.29 Gb Total Space | 1.27 Gb Free Space | 13.63% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 225.08 Gb Free Space | 48.33% Space Free | Partition Type: NTFS

Computer Name: SIMON-PC | User Name: Simon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/09 10:50:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Downloads\OTL.exe
PRC - [2013/02/13 10:18:54 | 002,115,416 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2013/02/13 10:18:54 | 001,124,184 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/11/29 21:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2012/11/08 16:14:16 | 000,122,032 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
PRC - [2012/11/08 16:02:28 | 000,015,552 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
PRC - [2012/11/08 16:01:30 | 001,516,680 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe
PRC - [2012/04/30 19:56:52 | 000,213,888 | ---- | M] (FileOpen Systems Inc.) -- C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe
PRC - [2012/04/30 19:56:50 | 000,836,480 | ---- | M] (FileOpen Systems Inc.) -- C:\Program Files\FileOpen\Services\FileOpenBroker32.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/01 09:54:27 | 000,557,368 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2013/02/13 04:11:17 | 001,838,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\b9fe069cd0848273acf2ef4468bc1838\Microsoft.VisualBasic.ni.dll
MOD - [2013/02/13 04:06:03 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll
MOD - [2013/01/09 04:28:03 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ba58d64562391191a22ad0133512ed6f\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 04:15:04 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013/01/09 04:14:58 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
MOD - [2013/01/09 04:14:55 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
MOD - [2013/01/09 04:14:41 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013/01/09 04:14:12 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013/01/09 04:14:03 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012/11/29 21:07:48 | 000,100,248 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2012/11/29 21:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2012/06/27 15:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Yontoo\Y2Desktop.Updater.exe C:\Users\Simon\AppData\Roaming\Yontoo\YontooDesktop.exe -- (Yontoo Desktop Updater)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2013/03/08 16:43:56 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/28 23:31:06 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/13 10:18:54 | 001,124,184 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/12/14 21:38:46 | 001,236,968 | ---- | M] (Lavasoft Limited) [Disabled | Stopped] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/11/08 16:02:28 | 000,015,552 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2012/09/20 06:39:12 | 003,677,000 | ---- | M] (GFI Software) [Disabled | Stopped] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/04/30 19:56:52 | 000,213,888 | ---- | M] (FileOpen Systems Inc.) [Auto | Running] -- C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe -- (FileOpenManagerSvc)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/03/01 09:54:26 | 000,055,448 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys -- (RapportIaso)
DRV - [2013/03/01 09:54:16 | 000,316,984 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_50414.sys -- (RapportCerberus_50414)
DRV - [2013/02/14 00:40:20 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
DRV - [2013/02/13 10:19:12 | 000,173,880 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2013/02/13 10:19:12 | 000,102,680 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2013/02/13 10:19:12 | 000,102,008 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2013/01/20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/08/01 13:13:40 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\pavboot.sys -- (pavboot)
DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/05/22 21:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/08 07:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 07:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/01/20 21:23:25 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2007/10/26 18:51:22 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/10/18 09:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {6341761b-babe-406d-b0d6-8d99b81c2ee5} - C:\Program Files\Answers.com\tbAnsw.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1401021

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 63 78 73 3F 1C CE 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {6341761b-babe-406d-b0d6-8d99b81c2ee5} - C:\Program Files\Answers.com\tbAnsw.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7AURU_enUS501
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1401021
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..backup.old.browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..backup.old.browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 58020
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Simon\AppData\Local\Roblox\Versions\version-e9bfa9d8c0b14dfb\\NPRobloxProxy.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/01/23 09:55:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/08 20:05:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/23 09:55:06 | 000,000,000 | ---D | M]

[2012/10/20 10:05:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\Mozilla\Extensions
[2009/04/01 15:35:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/03/08 22:34:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\extensions
[2012/02/01 02:23:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/10/17 18:35:22 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}(1825)
[2012/09/18 01:31:42 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\extensions\[email protected]
[2013/02/05 18:52:31 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/08/13 01:52:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\jetpack\[email protected]
[2012/08/13 01:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\jetpack\[email protected]\simple-storage
[2011/05/06 01:17:34 | 000,002,233 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\searchplugins\alot-search.xml
[2011/10/29 22:54:38 | 000,001,945 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\searchplugins\bing-zugo.xml
[2011/08/16 11:18:40 | 000,000,863 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\searchplugins\conduit.xml
[2012/11/21 20:33:08 | 000,001,982 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\4xigq62v.default\searchplugins\search-here.xml
[2012/11/11 00:51:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/08 16:43:57 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/05 20:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/16 18:46:08 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2013/02/20 19:47:08 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.searchnu.com/102
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-re...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.searchnu.com/102
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: YouTube = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Answers.com Toolbar) - {6341761b-babe-406d-b0d6-8d99b81c2ee5} - C:\Program Files\Answers.com\tbAnsw.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Answers.com Toolbar) - {6341761b-babe-406d-b0d6-8d99b81c2ee5} - C:\Program Files\Answers.com\tbAnsw.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Answers.com Toolbar) - {6341761B-BABE-406D-B0D6-8D99B81C2EE5} - C:\Program Files\Answers.com\tbAnsw.dll (Conduit Ltd.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DBAgent] C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [FileOpenBroker] C:\Program Files\FileOpen\Services\FileOpenBroker32.exe (FileOpen Systems Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [Uploader] C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Answers... - C:\Program Files\1-Click Answers\Html\atiemenu.htm ()
O8 - Extra context menu item: Download with Mipony - C:\Program Files\MiPony\Browser\IEContext.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{641CF3EB-4C4F-4B37-BD29-7F4BC0203EED}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/09 14:31:44 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2013/03/08 23:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2013/03/08 23:09:32 | 000,000,000 | ---D | C] -- C:\Brother
[2013/03/08 23:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\Browny02
[2013/03/08 23:08:53 | 000,217,088 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll
[2013/03/08 23:08:53 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll
[2013/03/08 23:08:53 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll
[2013/03/08 23:08:53 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll
[2013/03/08 23:08:44 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BroSNMP.dll
[2013/03/08 16:36:26 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\New Folder
[2013/03/01 19:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/03/01 07:39:34 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2013/02/28 23:30:18 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\Yontoo
[2013/02/28 23:30:17 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2013/02/14 00:39:02 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\adawarebp
[2013/02/13 10:19:12 | 000,102,008 | ---- | C] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2013/02/13 04:07:21 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/02/13 04:07:19 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/02/13 04:07:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/02/13 04:07:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/02/13 04:07:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/02/13 04:07:17 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/02/13 04:07:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/02/13 04:07:15 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/02/12 15:04:58 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/02/12 15:04:57 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013/02/12 15:04:51 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/02/12 15:04:51 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/01/02 23:41:25 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Simon\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/03/11 00:38:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/11 00:24:30 | 000,613,032 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/11 00:24:30 | 000,107,990 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/11 00:23:24 | 000,022,016 | ---- | M] () -- C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/11 00:16:25 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/11 00:12:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/11 00:12:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/10 09:38:20 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/09 14:12:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/08 23:11:20 | 000,001,927 | ---- | M] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2013/03/07 01:27:13 | 000,001,159 | ---- | M] () -- C:\Users\Simon\Desktop\ROBLOX Player.lnk
[2013/03/05 02:45:20 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/04 23:30:25 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/03/01 19:01:49 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/03/01 10:32:58 | 032,188,043 | ---- | M] () -- C:\Users\Simon\Desktop\iapmo.umc.2009.pdf
[2013/03/01 01:33:29 | 000,000,004 | ---- | M] () -- C:\Users\Simon\AppData\Roaming\skype.ini
[2013/02/28 23:30:53 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/02/28 23:30:52 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/02/27 12:40:18 | 000,946,712 | ---- | M] () -- C:\Users\Simon\Desktop\How_to_Create_Master2.pdf
[2013/02/27 12:30:46 | 000,163,389 | ---- | M] () -- C:\Users\Simon\Desktop\Put_Your_Success_On_Auto-Pilot_Webinar_Workbook.pdf
[2013/02/24 14:30:26 | 000,170,995 | ---- | M] () -- C:\Users\Simon\Desktop\Warranty Page - W10420382-W.pdf
[2013/02/21 15:08:15 | 000,083,709 | ---- | M] () -- C:\Users\Simon\Desktop\marsela and me.jpg
[2013/02/14 00:40:20 | 000,044,424 | ---- | M] (GFI Software) -- C:\Windows\System32\sbbd.exe
[2013/02/14 00:40:20 | 000,013,560 | ---- | M] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/02/14 00:14:09 | 000,001,356 | ---- | M] () -- C:\Users\Simon\AppData\Local\d3d9caps.dat
[2013/02/13 10:19:12 | 000,102,008 | ---- | M] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2013/02/13 04:33:24 | 000,251,920 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/02/10 13:00:02 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk

========== Files Created - No Company Name ==========

[2013/03/08 23:11:20 | 000,001,927 | ---- | C] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk
[2013/03/01 19:01:49 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/03/01 10:32:55 | 032,188,043 | ---- | C] () -- C:\Users\Simon\Desktop\iapmo.umc.2009.pdf
[2013/02/28 23:33:18 | 000,000,004 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\skype.ini
[2013/02/27 12:40:17 | 000,946,712 | ---- | C] () -- C:\Users\Simon\Desktop\How_to_Create_Master2.pdf
[2013/02/27 12:30:46 | 000,163,389 | ---- | C] () -- C:\Users\Simon\Desktop\Put_Your_Success_On_Auto-Pilot_Webinar_Workbook.pdf
[2013/02/24 14:30:26 | 000,170,995 | ---- | C] () -- C:\Users\Simon\Desktop\Warranty Page - W10420382-W.pdf
[2013/02/21 15:08:15 | 000,083,709 | ---- | C] () -- C:\Users\Simon\Desktop\marsela and me.jpg
[2012/11/02 20:25:11 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2012/11/02 20:25:10 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2012/11/02 20:25:08 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT
[2012/09/23 22:09:56 | 000,000,201 | ---- | C] () -- C:\Users\Simon\AppData\Local\p1.htm
[2012/09/15 10:56:36 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012/09/14 14:25:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/09/14 14:25:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/09/12 19:55:14 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/09/12 19:07:40 | 000,022,016 | ---- | C] () -- C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/12 18:43:57 | 000,157,639 | ---- | C] () -- C:\Windows\hpoins28.dat
[2012/09/12 18:43:57 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2012/09/11 23:20:53 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/05/28 18:23:24 | 000,302,425 | ---- | C] () -- C:\Users\Simon\AppData\Local\funmoods-speeddial.crx
[2012/01/17 17:01:50 | 000,008,499 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\5628f435
[2012/01/17 17:01:50 | 000,008,440 | ---- | C] () -- C:\Users\Simon\AppData\Local\8369c549
[2011/10/06 10:51:48 | 000,000,288 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\.backup.dm
[2011/08/30 23:32:50 | 000,000,000 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\9862140.exe
[2011/08/30 23:32:50 | 000,000,000 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\7842685.exe
[2011/08/30 23:32:49 | 000,000,000 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\4141646.exe
[2011/08/06 00:29:52 | 000,345,438 | ---- | C] () -- C:\Users\Simon\AppData\Local\census.cache
[2011/08/06 00:28:14 | 000,262,485 | ---- | C] () -- C:\Users\Simon\AppData\Local\ars.cache
[2010/01/06 18:23:09 | 000,000,036 | ---- | C] () -- C:\Users\Simon\AppData\Local\housecall.guid.cache
[2009/08/06 22:28:17 | 000,000,000 | ---- | C] () -- C:\Users\Simon\AppData\Local\rx_image.Cache
[2009/03/25 00:32:06 | 000,394,045 | ---- | C] () -- C:\Users\Simon\AppData\Local\p2.htm
[2009/03/23 14:04:04 | 000,000,035 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\SetValue.bat
[2009/03/23 14:04:03 | 000,000,691 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\GetValue.vbs
[2009/01/02 23:41:25 | 000,007,887 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\pcouffin.cat
[2009/01/02 23:41:25 | 000,001,144 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\pcouffin.inf
[2008/08/23 11:55:02 | 000,000,093 | ---- | C] () -- C:\Users\Simon\AppData\Local\fusioncache.dat
[2008/08/16 10:51:03 | 000,000,420 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\wklnhst.dat
[2008/08/14 13:57:43 | 000,001,356 | ---- | C] () -- C:\Users\Simon\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2013/02/28 23:07:49 | 000,002,048 | -HS- | M] () -- C:\$Recycle.Bin\S-1-5-18\$15211f5ad641c7709d0451caca1c3a66\@
[2013/02/28 23:07:49 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$15211f5ad641c7709d0451caca1c3a66\L
[2013/02/28 23:07:49 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$15211f5ad641c7709d0451caca1c3a66\U
[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\yoku.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\wistfull kill.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\When Thou Art Converted.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\war.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\walmart money card 10 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\virginia.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\userguide_bb8130_cdma.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\usana meeting.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\TX ac.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\trigos.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\tribe wars.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\tribe 2009.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\tribalkills.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\tresure island.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\treasue condo 06 18 09.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\tomasa house keeping.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\temple.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\TECL.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\TDLR Home beto license.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\sprint pay 08 15 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\sprint pay 0556 05 20 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\sprint pay 03 21 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\sprint paty 09 15 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\sprint 12 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\sprint 0109.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\spirt pay 11 25 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\spirnt pay 02 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Simon Alvarado dba.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\siliva flora.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\silencer.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\SA ACCOUNT.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rr pay 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rr pay 06 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rr pay 05 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rr pay 04 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rr pay 03 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rr pay 02 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rr pay 01 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rr pay 12 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rr acount.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\roy.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rock star gabi 06 18 09.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\RI_Secrets_Revealed.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\rgv rr pay 11 10 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\read 87 lorayn.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\read 61.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\prices lux air.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ppl pay.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ppl pay 02 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\posada.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\pi sevice.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\pi service2.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\patience.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Paradise lien.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\padres.avi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\oogs.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Office2007TrialActivationKey.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ocean motion 05 09.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Obama.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Motor Vehicle Bill of Sale.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\moto.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\moto 2009.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\moto 2.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\mota.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\mormon.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\moctezuma.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\mobi book buy 06 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\master license pay 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\LV Imagining.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\lv imagining 2.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\lmwd pay 04 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\LDS Library.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\LDS Library 2009.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\kri.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\judy new.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\judy brooks.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\jade pay 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Invoice that calculates total1.xls:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\huisache house.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\How to Develop your memory.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\gtrrl trineal.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Greetings President Mata.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\gemaie.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\gabi ice maker.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\gabi condesattion pump repar.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\gabi 06 05 09.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\gabi 05 28 09.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\fitness center.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\filters gabi 06 05 09.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\farms.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Electrical bid eduardo 06 09.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\electric contractor license.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\electric bill 06 23 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\edna.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\edna computor board job.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dtv coupon 02 28 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dolphin.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dish pay.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dish pay 12 19 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dish pay 10 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dish pay 09 08 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dish pay 04 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dish pay 11 10 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dish pay 0203 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dish 06 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dis pay 05 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\dillon science.ppt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\deli job.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Deli ac for virginia Vega.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\deli ac 2.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\DallasCowboys.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\CURSO DE FORMACIÓN PARA HOMBRES.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\confession of a half hearted home yeacher.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\charley brommer work.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\change out comp 02 09.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\change compre sot.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ced ac.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\caveman.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\CAve.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\cave enimies.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Camfrog.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\blackberry 2.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\black berry.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\beto license.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\beto 10 08 09 license.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Bert.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Being There-the Most Important Thing in Home Teaching .pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\AWAKE_O_SLEEPER.pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\APEX AIR ELECTRIC SERVICE.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\APEX AIR ELECTRIC SERVICE TECL-1.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ambit poay 02 90.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ambit pay 12c 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ambit pay 11 25 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ambit pay 09 18 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ambit pay 08 25 08.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ambit pay 07 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ambit pay 04 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ambit pay 01 09.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ActiveScan44.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ActiveScan 1.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\AC pi Clinic 01 09.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ac kicense.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ac island.txt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Ac golf pacific.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ac deli.doc:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\A Halfhearted Home Teacher Repents .pdf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\2009 invite.txt:Roxio EMC Stream
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:D2F2F703

< End of report >
  • 0

Advertisements

#2
Dakeyras
Posted 12 March 2013 - 04:36 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi,

I have bad news I'm afraid. :(

One or more of the identified infections is the extremely severe Zero Access Rootkit plus undoubtedly other comprising malware!

OK since we are dealing with the aforementioned infection(s) I would be providing your good self with a disservice if I did not make you aware of the ramifications below:

This allows hackers to remotely control your computer, steal critical system information and Download and Execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Although an attempt could be made to clean this machine, it could never be considered to be truly clean, secure, or trustworthy. We could not say definitively that unknown and unseen malware will have been removed, nor will your system be restored to its pre-infection state. We cannot remedy unknown changes the malware may likely have made in order to allow itself access, nor can we repair the damage it may possibly have caused to vital system files. Additionally, it is quite possible that changes made to the system by the malware may impact negatively on your computer during the removal process. In short, your system may never regain its former stability or its full functionality without a reformat. Therefore, your best and safest course of action is a reformat and reinstallation of the Windows Operating System, and that is the course we strongly recommend.

Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

I can attempt to clean this machine(anything I try may not be successful) but I can't guarantee that it will be at all secure afterwards.

Should you have any questions, please feel free to ask.

Please let myself know what you have decided to do in your next post.
  • 0

#3
salvar774
Posted 12 March 2013 - 08:01 AM

salvar774

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
I have a back up program that backs up daily . Once I format can I restore from back up or will that restore the problem too
  • 0

#4
Dakeyras
Posted 12 March 2013 - 08:32 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
It would all depend on what is actually backed up, if say it is similar to a actual system image then basically if that is used/invoked them your machine will be back to as is now and re-infected for example.

Or if it just say non system related files and documents should be fine. :)
  • 0

#5
salvar774
Posted 12 March 2013 - 09:16 AM

salvar774

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
I have a drive plugged into my usb port . It has seagate back up program that runs in the back ground backing thing up every day . I assume just my files and not system file . How do I know for sure . On another note my widows vista disk does not run in my cd rom . I have a copy on a flash drive . How can I install from my flash dr ?
  • 0

#6
Dakeyras
Posted 12 March 2013 - 03:37 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

With regard to this you posted:-

I have a drive plugged into my usb port . It has seagate back up program that runs in the back ground backing thing up every day . I assume just my files and not system file . How do I know for sure


According to my research if you have it set as the following:-

The default backup will backup all the user data files on the primary drive (ie, the C: drive in Windows) of the computer continuously.

This should be fine to invoke in theory. However too err on the side of caution before doing so after the reformat and reinstallation of the Windows Operating System, with what ever Anti-Virus software you opt to re-install right-click on the back-up file and scan it etc.

I have a copy on a flash drive . How can I install from my flash dr ?

Insert your Flash Drive and reboot your machine and depress and hold down the F12 function key. Then use the arrow keys to select USB Storage Device >> depress the Enter/Return key.

Your machine should now boot up via the Flash Drive.

Would you like some advice for after the reformat and reinstallation of the Windows Operating System is completed ?
  • 0

#7
salvar774
Posted 12 March 2013 - 09:11 PM

salvar774

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
Yes . I will probably do it this week end . I am freaking out . Never done a format and reinstall before . I hope every thing work out . Thank you very much
  • 0

#8
Dakeyras
Posted 13 March 2013 - 05:15 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Yes . I will probably do it this week end

Acknowledged, just let myself know when completed etc.

I am freaking out . Never done a format and reinstall before . I hope every thing work out

OK I both understand and appreciate this...

Below are two very good tutorials that explain the procedure:-

Windows Vista Install Guide

How to Do a Clean Install and Setup with a Full Version of Vista

Any problems encountered just inform myself OK.

Thank you very much

You're most welcome!
  • 0

#9
salvar774
Posted 13 March 2013 - 08:05 AM

salvar774

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
My computer does not do any thing different on start up when pressing f12 . It continues a normal start up .
  • 0

#10
Dakeyras
Posted 13 March 2013 - 02:40 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Disconnect all USB devices >> boot your machine up if not running and insert your USB Drive into a different USB port...

Click on Start(Vista Orb) >> Computer >> is the USB Drive denoted/recognised ? If so good and then:-

Reboot your machine >> this time continually depress/hit the F12 function key. Then use the arrow keys to select USB Storage Device >> depress the Enter/Return key.

Note: If this still does not work, please inform myself the exact make and modal your computer is please.
  • 0

Advertisements

#11
Dakeyras
Posted 17 March 2013 - 05:04 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Everything OK ?

Were you able to perform a reformat and reinstallation of the Windows Operating System or not ?

Do you still require further assistance and or the advice I mentioned prior ? :)
  • 0

#12
salvar774
Posted 17 March 2013 - 03:14 PM

salvar774

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
I was not able to get my dvd-rom to work so as to load my windows vista or my computer to recognize my usb flash drive on start up to boot into vista install . I am still using this system . Every thing works except the network and the dvd-rom . I am thinking about replacing mt dvd -rom . Not sure it is ok
  • 0

#13
salvar774
Posted 17 March 2013 - 03:52 PM

salvar774

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
Item Value
Motherboard
Manufacturer ASUSTek Computer INC.
Model IVY8
Version 2.00
Serial Number MS1C83R51501179
BIOS
Vendor Phoenix Technologies, LTD
Version 5.13
Release Date 1-Feb-2008
CPU
Name AMD Athlon™ Processor LE-1640
Family K8
Model - Extended model #7
Manufacturer AMD
Calculated Core Speed 2,712 MHz
CPU Socket Socket AM2
Graphics Card
Adapter Name NVIDIA GeForce 6150SE nForce 430
Video RAM 128 MB
Driver Version 7.15.11.7521
Network Adapters
Ethernet WAN Miniport (IPv6)
Administrative Status Enabled
Ethernet WAN Miniport (IPv6)-QoS Packet Scheduler-0000
Administrative Status Enabled
Ethernet WAN Miniport (IP)-QoS Packet Scheduler-0000
Administrative Status Enabled
Ethernet WAN Miniport (IP)
Administrative Status Enabled
Ethernet WAN Miniport (Network Monitor)-QoS Packet Scheduler-0000
Administrative Status Enabled
Ethernet NVIDIA nForce 10/100 Mbps Ethernet
Administrative Status Enabled
Ethernet NVIDIA nForce 10/100 Mbps Ethernet -QoS Packet Scheduler-0000
Administrative Status Enabled
Ethernet WAN Miniport (Network Monitor)
Administrative Status Enabled
PPP WAN Miniport (PPPOE)
Administrative Status Enabled
PPP RAS Async Adapter
Administrative Status Enabled
Loopback Software Loopback Interface 1
Administrative Status Enabled
WAN Miniport (L2TP)
Administrative Status Enabled
WAN Miniport (PPTP)
Administrative Status Enabled
isatap.rgv.rr.com
Administrative Status Enabled
Teredo Tunneling Pseudo-Interface
Administrative Status Enabled
WAN Miniport (SSTP)
Administrative Status Enabled
Operating System
Operating System Microsoft Windows Vista Home Premium Edition

Locale United States
Current Time Zone Central Daylight Time
System Up Time 23 Minutes, 11 Seconds
Internet Explorer Version 9.0.8112.16421
DirectX Version DirectX 9.0c
Memory
Total Memory (RAM) installed in this PC 2,942 MB
Memory Used 44 %
Total Page File Memory 6,119 MB
Available Page File Memory 4,868 MB
Total Virtual Memory 2,048 MB
Available Virtual Memory 1,828 MB
Hard Disks Info (IDE and Serial-ATA)
Drives (as showing in Windows)
Fixed Drive: C Total Capacity: 223.59 GB Used: 151 GB Free: 72.59 GB
Fixed Drive: D Total Capacity: 9.29 GB Used: 8.03 GB Free: 1.27 GB
DVD Writer: E Optiarc DVD RW AD-7201S5 1H0E
Fixed Drive: G Total Capacity: 465.76 GB Used: 320.58 GB Free: 145.18 GB
Antivirus
FireWall
Product Windows Firewall
AntiSpyWare
Vendor Safer Networking Ltd.
Product Spybot - Search and Destroy
Version 1.0.0.6
Up To Date Yes
Enabled No
State 2
Vendor Microsoft Corporation
Product Windows Defender
Version 1.1.1505.0
Up To Date Yes
Enabled Yes

Edited by salvar774, 17 March 2013 - 09:37 PM.

  • 0

#14
Dakeyras
Posted 19 March 2013 - 06:19 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

My apologies for the delay.

Can you confirm for myself please that your computer is a Asus and which exact modal would it be please.
  • 0

#15
salvar774
Posted 19 March 2013 - 09:43 PM

salvar774

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
The mother board is Asus the computer is compac
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP