Help
Ok, here is the link to the mini-toolbox scan log:
http://www.filedropper.com/resultvirusscan_1
Help in removing web watcher, please My girlfriend installed it, violated my privacy!
Back to top
#17
- The Coolest BC Computer
-
- Group: BC Advisor
- Posts: 22,167
- Joined: 01-February 08
- Gender:Male
- Location:Daly City, CA
Posted 19 July 2011 - 07:51 PM
MiniToolBox by Farbar
Ran by HP_Administrator (administrator) on 18-07-2011 at 18:44:43
Microsoft Windows XP Service Pack 3 (X86)
***************************************************************************
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
========================= FF Proxy Settings: ==============================
========================= Hosts content: =================================
# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
# Start of entries inserted by Spybot - Search & Destroy
[omitted]
# This list is Copyright 2000-2008 Safer Networking Limited
# End of entries inserted by Spybot - Search & Destroy
========================= IP Configuration: ================================
# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip
# Interface IP Configuration for "Awsome"
set address name="Awsome" source=dhcp
set dns name="Awsome" source=dhcp register=PRIMARY
set wins name="Awsome" source=dhcp
# Interface IP Configuration for "Wireless Network Connection 7"
set address name="Wireless Network Connection 7" source=dhcp
set dns name="Wireless Network Connection 7" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 7" source=dhcp
popd
# End of interface IP configuration
Windows IP Configuration Host Name . . . . . . . . . . . . : diningroom Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Awsome: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC Physical Address. . . . . . . . . : 00-13-D3-B5-05-C7Ethernet adapter Wireless Network Connection 7: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : D-Link WDA-1320 Desktop Adapter #2 Physical Address. . . . . . . . . : 00-04-F2-13-12-17 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.3.196 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.3.1 DHCP Server . . . . . . . . . . . : 192.168.3.1 DNS Servers . . . . . . . . . . . : 192.168.3.1 Lease Obtained. . . . . . . . . . : Monday, July 18, 2011 5:40:37 PM Lease Expires . . . . . . . . . . : Tuesday, July 19, 2011 5:40:37 PMDNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.3.1
Name: google.com
Addresses: 74.125.229.114, 74.125.229.115, 74.125.229.116, 74.125.229.112
74.125.229.113
Pinging google.com [74.125.229.116] with 32 bytes of data:Reply from 74.125.229.116: bytes=32 time=44ms TTL=54Reply from 74.125.229.116: bytes=32 time=45ms TTL=54Ping statistics for 74.125.229.116: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 44ms, Maximum = 45ms, Average = 44msDNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.3.1
DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 209.191.122.70, 67.195.160.76, 69.147.125.65, 72.30.2.43
98.137.149.56
Pinging yahoo.com [67.195.160.76] with 32 bytes of data:Reply from 67.195.160.76: bytes=32 time=79ms TTL=48Reply from 67.195.160.76: bytes=32 time=78ms TTL=48Ping statistics for 67.195.160.76: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 78ms, Maximum = 79ms, Average = 78msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 d3 b5 05 c7 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
0x3 ...00 04 f2 13 12 17 ...... D-Link WDA-1320 Desktop Adapter #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.3.1 192.168.3.196 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.3.196 192.168.3.196 1
192.168.3.0 255.255.255.0 192.168.3.196 192.168.3.196 25
192.168.3.196 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.3.255 255.255.255.255 192.168.3.196 192.168.3.196 25
224.0.0.0 240.0.0.0 192.168.3.196 192.168.3.196 25
255.255.255.255 255.255.255.255 192.168.3.196 2 1
255.255.255.255 255.255.255.255 192.168.3.196 192.168.3.196 1
Default Gateway: 192.168.3.1
===========================================================================
Persistent Routes:
None
========================= Event log errors: ===============================
Application errors:
==================
Error: (07/18/2011 05:49:55 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
Error: (07/09/2011 03:07:56 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
Error: (07/06/2011 05:23:29 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
Error: (07/01/2011 00:35:33 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
Error: (06/30/2011 06:35:38 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
Error: (06/24/2011 08:16:01 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x041a251c.
Processing media-specific event for [explorer.exe!ws!]
Error: (06/07/2011 06:37:43 PM) (Source: MsiInstaller) (User: HP_Administrator)HP_Administrator
Description: Product: NVIDIA PhysX -- Installation terminated
Error: (06/05/2011 04:15:27 PM) (Source: MsiInstaller) (User: HP_Administrator)HP_Administrator
Description: Product: Microsoft .NET Framework 2.0 -- Setup cannot continue because this version of the .NET Framework is incompatible with a previously installed one. For more information, see http://support.microsoft.com/support/kb/articles/q312/5/00.asp
Error: (05/14/2011 08:12:57 PM) (Source: Application Error) (User: )
Description: Faulting application setup.exe, version 15.0.0.498, faulting module setup.exe, version 15.0.0.498, fault address 0x000262f3.
Processing media-specific event for [setup.exe!ws!]
Error: (05/14/2011 08:12:29 PM) (Source: Application Error) (User: )
Description: Faulting application setup.exe, version 15.0.0.498, faulting module setup.exe, version 15.0.0.498, fault address 0x000262f3.
Processing media-specific event for [setup.exe!ws!]
System errors:
=============
Error: (07/18/2011 05:41:04 PM) (Source: Service Control Manager) (User: )
Description: The HID Input Service service terminated with the following error:
%%2
Error: (07/12/2011 01:27:18 AM) (Source: 0) (User: )
Description: {9A2AB50A-63CC-4837-83E0-69B5C654C641}
Error: (07/11/2011 08:51:45 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.3.196 on the
Network Card with network address 0004F2131217.
Error: (07/10/2011 07:26:37 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.3.196 on the
Network Card with network address 0004F2131217.
Error: (07/09/2011 03:49:58 PM) (Source: Service Control Manager) (User: )
Description: The HID Input Service service terminated with the following error:
%%2
Error: (07/09/2011 03:15:50 PM) (Source: Service Control Manager) (User: )
Description: The HID Input Service service terminated with the following error:
%%2
Error: (07/09/2011 03:12:39 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 29 minutes.
NtpClient has no source of accurate time.
Error: (07/09/2011 03:12:39 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 30
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Error: (07/09/2011 02:57:51 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
Error: (07/09/2011 02:57:51 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Microsoft Office Sessions:
=========================
Error: (07/18/2011 05:49:55 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
Error: (07/09/2011 03:07:56 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.
Error: (07/06/2011 05:23:29 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
Error: (07/01/2011 00:35:33 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
Error: (06/30/2011 06:35:38 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
Error: (06/24/2011 08:16:01 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512unknown0.0.0.0041a251c
Error: (06/07/2011 06:37:43 PM) (Source: MsiInstaller)(User: HP_Administrator)HP_Administrator
Description: Product: NVIDIA PhysX -- Installation terminated(NULL)(NULL)(NULL)
Error: (06/05/2011 04:15:27 PM) (Source: MsiInstaller)(User: HP_Administrator)HP_Administrator
Description: Product: Microsoft .NET Framework 2.0 -- Setup cannot continue because this version of the .NET Framework is incompatible with a previously installed one. For more information, see http://support.microsoft.com/support/kb/articles/q312/5/00.asp(NULL)(NULL)(NULL)
Error: (05/14/2011 08:12:57 PM) (Source: Application Error)(User: )
Description: setup.exe15.0.0.498setup.exe15.0.0.498000262f3
Error: (05/14/2011 08:12:29 PM) (Source: Application Error)(User: )
Description: setup.exe15.0.0.498setup.exe15.0.0.498000262f3
========================= Memory info: ===================================
Percentage of memory in use: 35%
Total physical RAM: 2814.48 MB
Available physical RAM: 1804.48 MB
Total Pagefile: 5722.58 MB
Available Pagefile: 4890.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1993.1 MB
========================= Partitions: =====================================
1 Drive c: (HP_PAVILION) (Fixed) (Total:449.73 GB) (Free:367.46 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:16.02 GB) (Free:8.81 GB) FAT32
========================= Users: ========================================
User accounts for \\DININGROOM
Administrator Guest HelpAssistant
HP_Administrator SUPPORT_388945a0 SUPPORT_fddfa904
UpdatusUser
== End of log ==
============================================================================
Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
No installation required.
Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
Go File>Save, and save it as AutoRuns.txt file to know location.
You must select Text from drop-down menu as a file type:
Upload the file(s) here: http://www.filedropper.com/
Post download link (copy URL: link):
Ran by HP_Administrator (administrator) on 18-07-2011 at 18:44:43
Microsoft Windows XP Service Pack 3 (X86)
***************************************************************************
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
========================= FF Proxy Settings: ==============================
========================= Hosts content: =================================
# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
# Start of entries inserted by Spybot - Search & Destroy
[omitted]
# This list is Copyright 2000-2008 Safer Networking Limited
# End of entries inserted by Spybot - Search & Destroy
========================= IP Configuration: ================================
# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip
# Interface IP Configuration for "Awsome"
set address name="Awsome" source=dhcp
set dns name="Awsome" source=dhcp register=PRIMARY
set wins name="Awsome" source=dhcp
# Interface IP Configuration for "Wireless Network Connection 7"
set address name="Wireless Network Connection 7" source=dhcp
set dns name="Wireless Network Connection 7" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 7" source=dhcp
popd
# End of interface IP configuration
Windows IP Configuration Host Name . . . . . . . . . . . . : diningroom Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Awsome: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC Physical Address. . . . . . . . . : 00-13-D3-B5-05-C7Ethernet adapter Wireless Network Connection 7: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : D-Link WDA-1320 Desktop Adapter #2 Physical Address. . . . . . . . . : 00-04-F2-13-12-17 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.3.196 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.3.1 DHCP Server . . . . . . . . . . . : 192.168.3.1 DNS Servers . . . . . . . . . . . : 192.168.3.1 Lease Obtained. . . . . . . . . . : Monday, July 18, 2011 5:40:37 PM Lease Expires . . . . . . . . . . : Tuesday, July 19, 2011 5:40:37 PMDNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.3.1
Name: google.com
Addresses: 74.125.229.114, 74.125.229.115, 74.125.229.116, 74.125.229.112
74.125.229.113
Pinging google.com [74.125.229.116] with 32 bytes of data:Reply from 74.125.229.116: bytes=32 time=44ms TTL=54Reply from 74.125.229.116: bytes=32 time=45ms TTL=54Ping statistics for 74.125.229.116: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 44ms, Maximum = 45ms, Average = 44msDNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.3.1
DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 209.191.122.70, 67.195.160.76, 69.147.125.65, 72.30.2.43
98.137.149.56
Pinging yahoo.com [67.195.160.76] with 32 bytes of data:Reply from 67.195.160.76: bytes=32 time=79ms TTL=48Reply from 67.195.160.76: bytes=32 time=78ms TTL=48Ping statistics for 67.195.160.76: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 78ms, Maximum = 79ms, Average = 78msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 d3 b5 05 c7 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
0x3 ...00 04 f2 13 12 17 ...... D-Link WDA-1320 Desktop Adapter #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.3.1 192.168.3.196 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.3.196 192.168.3.196 1
192.168.3.0 255.255.255.0 192.168.3.196 192.168.3.196 25
192.168.3.196 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.3.255 255.255.255.255 192.168.3.196 192.168.3.196 25
224.0.0.0 240.0.0.0 192.168.3.196 192.168.3.196 25
255.255.255.255 255.255.255.255 192.168.3.196 2 1
255.255.255.255 255.255.255.255 192.168.3.196 192.168.3.196 1
Default Gateway: 192.168.3.1
===========================================================================
Persistent Routes:
None
========================= Event log errors: ===============================
Application errors:
==================
Error: (07/18/2011 05:49:55 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
Error: (07/09/2011 03:07:56 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
Error: (07/06/2011 05:23:29 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
Error: (07/01/2011 00:35:33 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
Error: (06/30/2011 06:35:38 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
Error: (06/24/2011 08:16:01 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x041a251c.
Processing media-specific event for [explorer.exe!ws!]
Error: (06/07/2011 06:37:43 PM) (Source: MsiInstaller) (User: HP_Administrator)HP_Administrator
Description: Product: NVIDIA PhysX -- Installation terminated
Error: (06/05/2011 04:15:27 PM) (Source: MsiInstaller) (User: HP_Administrator)HP_Administrator
Description: Product: Microsoft .NET Framework 2.0 -- Setup cannot continue because this version of the .NET Framework is incompatible with a previously installed one. For more information, see http://support.microsoft.com/support/kb/articles/q312/5/00.asp
Error: (05/14/2011 08:12:57 PM) (Source: Application Error) (User: )
Description: Faulting application setup.exe, version 15.0.0.498, faulting module setup.exe, version 15.0.0.498, fault address 0x000262f3.
Processing media-specific event for [setup.exe!ws!]
Error: (05/14/2011 08:12:29 PM) (Source: Application Error) (User: )
Description: Faulting application setup.exe, version 15.0.0.498, faulting module setup.exe, version 15.0.0.498, fault address 0x000262f3.
Processing media-specific event for [setup.exe!ws!]
System errors:
=============
Error: (07/18/2011 05:41:04 PM) (Source: Service Control Manager) (User: )
Description: The HID Input Service service terminated with the following error:
%%2
Error: (07/12/2011 01:27:18 AM) (Source: 0) (User: )
Description: {9A2AB50A-63CC-4837-83E0-69B5C654C641}
Error: (07/11/2011 08:51:45 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.3.196 on the
Network Card with network address 0004F2131217.
Error: (07/10/2011 07:26:37 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.3.196 on the
Network Card with network address 0004F2131217.
Error: (07/09/2011 03:49:58 PM) (Source: Service Control Manager) (User: )
Description: The HID Input Service service terminated with the following error:
%%2
Error: (07/09/2011 03:15:50 PM) (Source: Service Control Manager) (User: )
Description: The HID Input Service service terminated with the following error:
%%2
Error: (07/09/2011 03:12:39 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 29 minutes.
NtpClient has no source of accurate time.
Error: (07/09/2011 03:12:39 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 30
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Error: (07/09/2011 02:57:51 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
Error: (07/09/2011 02:57:51 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Microsoft Office Sessions:
=========================
Error: (07/18/2011 05:49:55 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
Error: (07/09/2011 03:07:56 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.
Error: (07/06/2011 05:23:29 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
Error: (07/01/2011 00:35:33 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
Error: (06/30/2011 06:35:38 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
Error: (06/24/2011 08:16:01 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512unknown0.0.0.0041a251c
Error: (06/07/2011 06:37:43 PM) (Source: MsiInstaller)(User: HP_Administrator)HP_Administrator
Description: Product: NVIDIA PhysX -- Installation terminated(NULL)(NULL)(NULL)
Error: (06/05/2011 04:15:27 PM) (Source: MsiInstaller)(User: HP_Administrator)HP_Administrator
Description: Product: Microsoft .NET Framework 2.0 -- Setup cannot continue because this version of the .NET Framework is incompatible with a previously installed one. For more information, see http://support.microsoft.com/support/kb/articles/q312/5/00.asp(NULL)(NULL)(NULL)
Error: (05/14/2011 08:12:57 PM) (Source: Application Error)(User: )
Description: setup.exe15.0.0.498setup.exe15.0.0.498000262f3
Error: (05/14/2011 08:12:29 PM) (Source: Application Error)(User: )
Description: setup.exe15.0.0.498setup.exe15.0.0.498000262f3
========================= Memory info: ===================================
Percentage of memory in use: 35%
Total physical RAM: 2814.48 MB
Available physical RAM: 1804.48 MB
Total Pagefile: 5722.58 MB
Available Pagefile: 4890.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1993.1 MB
========================= Partitions: =====================================
1 Drive c: (HP_PAVILION) (Fixed) (Total:449.73 GB) (Free:367.46 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:16.02 GB) (Free:8.81 GB) FAT32
========================= Users: ========================================
User accounts for \\DININGROOM
Administrator Guest HelpAssistant
HP_Administrator SUPPORT_388945a0 SUPPORT_fddfa904
UpdatusUser
== End of log ==
============================================================================
Download Autoruns for Windows: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
No installation required.
Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
Go File>Save, and save it as AutoRuns.txt file to know location.
You must select Text from drop-down menu as a file type:
Upload the file(s) here: http://www.filedropper.com/
Post download link (copy URL: link):
#19
- The Coolest BC Computer
-
- Group: BC Advisor
- Posts: 22,167
- Joined: 01-February 08
- Gender:Male
- Location:Daly City, CA
Posted 19 July 2011 - 08:16 PM
I don't see any Web Watcher active items.
You may have some leftovers.
We'll look for them.
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE
You may have some leftovers.
We'll look for them.
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE
- Double-click SystemLook.exe to run it.
- Vista\Win 7 users:: Right click on SystemLook.exe, click Run As Administrator
- Copy the content of the following box into the main textfield:
:folderfind atww
- Click the Look button to start the scan.
- When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
#20
- New Member
-
- Group: Members
- Posts: 12
- Joined: 20-June 11
Posted 19 July 2011 - 08:26 PM
SystemLook 04.09.10 by jpshortstuff
Log created at 21:20 on 19/07/2011 by HP_Administrator
Administrator - Elevation successful
========== folderfind ==========
Searching for "atww"
No folders found.
-= EOF =-
Ok, thanks, that's PC #1, which I found a keystroke logger manually attached to the PS2 port for the keyboard. I also suspect my other PC, as she's managing to get my passwords for all my email accounts. I'll start that project soon. Thanks, again.
Log created at 21:20 on 19/07/2011 by HP_Administrator
Administrator - Elevation successful
========== folderfind ==========
Searching for "atww"
No folders found.
-= EOF =-
Ok, thanks, that's PC #1, which I found a keystroke logger manually attached to the PS2 port for the keyboard. I also suspect my other PC, as she's managing to get my passwords for all my email accounts. I'll start that project soon. Thanks, again.
#21
- The Coolest BC Computer
-
- Group: BC Advisor
- Posts: 22,167
- Joined: 01-February 08
- Gender:Male
- Location:Daly City, CA
Posted 19 July 2011 - 08:34 PM
Yeah, nothing found, so I wouldn't worry about it.
Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.
=============================================================================
Please run a free online scan with the ESET Online Scanner
Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.
=============================================================================
Please run a free online scan with the ESET Online Scanner
- Disable your antivirus program
- Tick the box next to YES, I accept the Terms of Use
- Click Start
- Accept any security warnings from your browser.
- Check Scan archives
- Click Start
- ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
- When the scan completes, push List of found threats
- Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
