Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Droppers Found, Trojans


  • Please log in to reply
8 replies to this topic

#1 justmeandmycomputer

justmeandmycomputer

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 30 November 2014 - 03:26 PM

I ran a scan with avast and I knew my computer was act strange because when I start the system up it takes a while before you even see the compaq screen comes up. So I igorned that a couple of days and thinks got worse, It started taking longer and my web pages where not coming up with full websites and among other things. I ran a scan and it found 3 droppers/trojans but when I start my computer still takes a while before it loads. I am only seeing a black screen, When it finally comes up and I try to access the internet it takes a while for the internet to load. I have just about had it with this computer.

 

name                                             original location                                                                                    virus

73Nav3PrA124.wim                        D: Preload                                                                                   Win32.Droopper.gen [DRP]

 

MSNSUSll. EXE                 C://ProgramFiles/OnlineServices/MSN90                                                       Win32.Dropper.gen[DRP]

 

MSNSUSll.EXE                   C://ProgramFiles/OnlineServices/MSN90/PKGS/EN/US/MS                            Win32.Dropper.gen[DRP]

 

plugin-pagespeed.js           C://Users/StudentsoftheYear/AppData/Local/Temp?plugtm                          JS:Pdka-ADK[EXPL]   

 

 

THIS IS WHAT WAS FOUND COMPUTER STILL NOT PERFORMING RIGHT.  STILL INFECTED??


Edited by justmeandmycomputer, 30 November 2014 - 03:48 PM.


BC AdBot (Login to Remove)

 


m

#2 justmeandmycomputer

justmeandmycomputer
  • Topic Starter

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 30 November 2014 - 03:49 PM

I ran a scan with avast and I knew my computer was act strange because when I start the system up it takes a while before you even see the compaq screen comes up. So I igorned that a couple of days and thinks got worse, It started taking longer and my web pages where not coming up with full websites and among other things. I ran a scan and it found 3 droppers/trojans but when I start my computer still takes a while before it loads. I am only seeing a black screen, When it finally comes up and I try to access the internet it takes a while for the internet to load. I have just about had it with this computer.

 

name                                             original location                                                                                    virus

73Nav3PrA124.wim                        D: Preload                                                                                   Win32.Droopper.gen [DRP]

 

MSNSUSll. EXE                 C://ProgramFiles/OnlineServices/MSN90                                                       Win32.Dropper.gen[DRP]

 

MSNSUSll.EXE                   C://ProgramFiles/OnlineServices/MSN90/PKGS/EN/US/MS                            Win32.Dropper.gen[DRP]

 

plugin-pagespeed.js           C://Users/StudentsoftheYear/AppData/Local/Temp?plugtm                          JS:Pdka-ADK[EXPL]   

 

 

THIS IS WHAT WAS FOUND COMPUTER STILL NOT PERFORMING RIGHT.  STILL INFECTED??



#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:08 PM

Posted 05 December 2014 - 09:02 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#4 justmeandmycomputer

justmeandmycomputer
  • Topic Starter

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 07 December 2014 - 01:46 PM

Working on these scans and I am having a hard time. I am saving the scans to my desktop but when I get back to desktop they are not there. Trying this in safe mode with networking.



#5 justmeandmycomputer

justmeandmycomputer
  • Topic Starter

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 07 December 2014 - 01:53 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2014 01
Ran by Students of the Year (ATTENTION: The logged in user is not administrator) on SICKOFPEOPLE-PC on 07-12-2014 10:49:10
Running from C:\Users\Students of the Year\Downloads
Loaded Profile: Students of the Year (Available profiles: Sick of People & Students of the Year)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-27] (AVAST Software)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-187951703-2136618692-784419598-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKU\S-1-5-21-187951703-2136618692-784419598-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk
ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-187951703-2136618692-784419598-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Students of the Year\AppData\Roaming\Mozilla\Firefox\Profiles\jm7pj8r0.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2629 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 -> C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Students of the Year\AppData\Roaming\Mozilla\Firefox\Profiles\jm7pj8r0.default\searchplugins\youtube-video-search.xml
FF Extension: Form History Control - C:\Users\Students of the Year\AppData\Roaming\Mozilla\Firefox\Profiles\jm7pj8r0.default\Extensions\formhistory@yahoo.com [2014-08-28]
FF Extension: Clear Form History - C:\Users\Students of the Year\AppData\Roaming\Mozilla\Firefox\Profiles\jm7pj8r0.default\Extensions\{1e0fd655-5aea-4b4c-a583-f76ef1e3af9c}.xpi [2014-08-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-13]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-11-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-09]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-27]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-27] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-11-27] (Avast Software)
S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
S2 WSWNDA3100v2; C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe [303360 2011-12-14] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-27] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2014-11-27] (AVAST Software)
S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-27] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-27] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-27] (AVAST Software)
S1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2014-11-27] (AVAST Software)
S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-27] ()
R3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1074944 2011-12-12] (Broadcom Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows ® Codename Longhorn DDK provider)
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-11-27] (Avast Software)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 10:49 - 2014-12-07 10:49 - 00009020 _____ () C:\Users\Students of the Year\Downloads\FRST.txt
2014-12-07 10:48 - 2014-12-07 10:48 - 01111040 _____ (Farbar) C:\Users\Students of the Year\Downloads\FRST.exe
2014-12-07 10:47 - 2014-12-07 10:47 - 02119680 _____ (Farbar) C:\Users\Students of the Year\Downloads\FRST64(2).exe
2014-12-07 10:46 - 2014-12-07 10:46 - 02119680 _____ (Farbar) C:\Users\Students of the Year\Downloads\FRST64(1).exe
2014-12-07 10:36 - 2014-12-07 10:36 - 00000314 _____ () C:\Windows\PFRO.log
2014-12-07 10:31 - 2014-12-07 10:31 - 02153472 _____ () C:\Users\Students of the Year\Downloads\adwcleaner_4.104(1).exe
2014-12-07 08:30 - 2014-12-07 08:32 - 00346312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-06 09:52 - 2014-12-06 09:52 - 00003285 _____ () C:\Users\Students of the Year\Desktop\Tell_City - Shortcut.lnk
2014-12-06 09:30 - 2014-12-06 09:30 - 02119168 _____ (Farbar) C:\Users\Students of the Year\Downloads\FRST64.exe
2014-12-06 09:27 - 2014-12-07 10:31 - 00000110 _____ () C:\AdwCleanerDebug.txt
2014-12-06 09:26 - 2014-12-06 09:26 - 02153472 _____ () C:\Users\Students of the Year\Downloads\adwcleaner_4.104.exe
2014-12-06 09:23 - 2014-12-06 09:23 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-06 09:23 - 2014-12-06 09:23 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-06 09:23 - 2014-12-06 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-06 09:22 - 2014-12-06 09:22 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-06 09:22 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-06 09:22 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-06 09:22 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-06 09:21 - 2014-12-06 09:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Students of the Year\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-04 14:29 - 2014-12-04 14:30 - 138341666 _____ () C:\Users\Students of the Year\Desktop\Full system scan.txt
2014-11-28 19:17 - 2014-11-28 19:17 - 00000000 ____D () C:\Windows\pss
2014-11-28 19:14 - 2014-11-28 19:14 - 05162080 _____ (Piriform Ltd) C:\Users\Students of the Year\Downloads\ccsetup500.exe
2014-11-27 20:32 - 2014-11-27 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-11-27 19:37 - 2014-11-27 19:37 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-27 19:24 - 2014-11-27 19:24 - 00001877 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-27 19:22 - 2014-11-27 19:22 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-27 19:22 - 2014-11-27 19:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-13 13:31 - 2014-12-07 08:36 - 00581916 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 21:14 - 2014-11-10 21:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 10:49 - 2013-11-19 10:09 - 00000000 ____D () C:\FRST
2014-12-07 10:39 - 2014-09-29 14:03 - 00050128 _____ () C:\ProgramData\nvModes.001
2014-12-07 10:39 - 2006-11-02 05:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 10:39 - 2006-11-02 04:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 10:39 - 2006-11-02 04:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 10:35 - 2014-08-19 15:03 - 00000000 ____D () C:\AdwCleaner
2014-12-07 08:35 - 2014-09-29 14:03 - 00050128 _____ () C:\ProgramData\nvModes.dat
2014-12-07 08:32 - 2006-11-02 04:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-07 08:29 - 2006-11-02 05:01 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-30 01:05 - 2013-11-23 11:40 - 00000000 ____D () C:\Users\Students of the Year
2014-11-28 19:15 - 2014-10-19 10:18 - 00000810 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-28 19:15 - 2014-10-19 10:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-28 15:50 - 2013-11-11 15:47 - 00000000 ____D () C:\ProgramData\HP
2014-11-27 22:09 - 2006-11-02 02:33 - 00703388 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-27 19:23 - 2014-04-09 14:16 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-27 19:23 - 2014-04-09 14:16 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-27 19:22 - 2014-05-08 13:44 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-27 19:22 - 2014-04-09 14:16 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-27 19:22 - 2014-04-09 14:16 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-27 19:22 - 2014-04-09 14:16 - 00057928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-11-27 19:22 - 2014-04-09 14:16 - 00055240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswrdr.sys
2014-11-27 19:22 - 2014-04-09 14:16 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-13 16:46 - 2013-12-02 14:38 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-08 11:45 - 2006-11-02 02:23 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_46

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2014 01
Ran by Students of the Year at 2014-12-07 10:50:14
Running from C:\Users\Students of the Year\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
4500_G510gm_Help (Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version:  - Hewlett-Packard)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.00.4424.15 - PC-Doctor, Inc.)
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.1.0.2264 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.1.0.2269 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Photosmart Essential 2.0 (HKLM\...\HP Photosmart Essential) (Version: 2.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
LightScribe  1.4.142.1 (Version: 1.4.142.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)
Network (Version: 130.0.550.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
PSSWCORE (Version: 2.00.5000 - Hewlett-Packard) Hidden
Python 2.4.3 (HKLM\...\{75E71ADD-042C-4F30-BFAC-A9EC42351313}) (Version: 2.4.3150 - Martin v. Löwis)
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5377 - Realtek Semiconductor Corp.)
Rhapsody Player Engine (HKLM\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.4.0 - Roxio)
Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.4.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.4.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (HKLM\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.559 - Roxio)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.74.00 - Conexant Systems)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 02:23 - 2014-11-27 21:44 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
Task: {48A4FBFE-3B05-4397-974D-D6D46FAFB25B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation)
Task: {83534C25-672B-4A32-B38A-A38264AA3669} - \CCleanerSkipUAC No Task File <==== ATTENTION
Task: {E77A3D87-92F5-4151-9DDB-2B5B9B6CA36E} - \avast! Emergency Update No Task File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (whitelisted) =============

2014-11-10 21:14 - 2014-11-10 21:14 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: hpsysdrv => c:\hp\support\hpsysdrv.exe
MSCONFIG\startupreg: Launcher => %WINDIR%\SMINST\launcher.exe
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: NvSvc => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
MSCONFIG\startupreg: OsdMaestro => "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
MSCONFIG\startupreg: PCDrProfiler => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe -r
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

========================= Accounts: ==========================

Administrator (S-1-5-21-187951703-2136618692-784419598-500 - Administrator - Disabled)
Guest (S-1-5-21-187951703-2136618692-784419598-501 - Limited - Disabled)
Sick of People (S-1-5-21-187951703-2136618692-784419598-1000 - Administrator - Enabled) => C:\Users\Sick of People
Students of the Year (S-1-5-21-187951703-2136618692-784419598-1001 - Limited - Enabled) => C:\Users\Students of the Year

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2014 10:42:05 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (12/07/2014 10:37:30 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (12/07/2014 10:26:49 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============
Error: (12/07/2014 10:42:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
spldr
Wanarpv6

Error: (12/07/2014 10:42:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Computer BrowserServer%%1068

Error: (12/07/2014 10:42:10 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (12/07/2014 10:42:09 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/07/2014 10:42:05 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (12/07/2014 10:41:58 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/07/2014 10:41:46 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: C:\Windows\System32\bcmihvsrv.dll21

Error: (12/07/2014 10:37:36 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/07/2014 10:37:30 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (12/07/2014 10:37:22 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD Athlon™ 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 31%
Total physical RAM: 1917.76 MB
Available physical RAM: 1313.22 MB
Total Pagefile: 4078.05 MB
Available Pagefile: 3617.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.22 MB

==================== Drives ================================

Drive c: (COMPAQ) (Fixed) (Total:289.3 GB) (Free:264.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:8.79 GB) (Free:1.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

==================== End Of Log ============================



#6 justmeandmycomputer

justmeandmycomputer
  • Topic Starter

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 07 December 2014 - 02:04 PM

I promise I hate this computer. I have ran this scan at least 5 times and it will not give me the report. It is now saying 

"Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.



#7 justmeandmycomputer

justmeandmycomputer
  • Topic Starter

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 07 December 2014 - 02:38 PM

I am now on my daughters laptop because I got the blue screen of death. It want let me start my computer and it tells me to launch repair. I have tried launching repair twice and getting the same blue screen. It gives me STOP: 0X000000F4, 0X00000003, 0X87B79258, 0X87B93A4, 0X812A517E0

 

SO WHAT DO I DO NOW. I AM A COLLEGE STUDENT AND NEED MY DESKTOP.

 

THANKS



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:08 PM

Posted 07 December 2014 - 04:40 PM

The system is compromised.
May be harwdware problem.

See if you can get to Restore you Windows 7 to the Last good configuration
Follow the instructions on this page.

http://windows.microsoft.com/en-ca/windows/using-last-known-good-configuration#1TC=windows-7

#9 justmeandmycomputer

justmeandmycomputer
  • Topic Starter

  • Members
  • 190 posts
  • OFFLINE
  •  
  • Local time:03:08 PM

Posted 13 December 2014 - 06:58 PM

I am back what must I do here. I had to reinstall using the f8 button. I wasnt able to do a restore because it wasnt storing it restore dates I guess? UGGGH! Now I am having problems with my internet connection. I am not sure what is really going own but all of a sudden my internet connection is gone.--System Information---

Host Name:                 FAMILY1ST-PC
OS Name:                   Microsoftr Windows VistaT Home Premium
OS Version:                6.0.6000 N/A Build 6000
OS Manufacturer:           Microsoft Corporation
OS Configuration:          Standalone Workstation
OS Build Type:             Multiprocessor Free
Registered Owner:          Family 1st
Registered Organization:   Hewlett-Packard Company
Product ID:                89578-OEM-7332157-00061
Original Install Date:     11/11/2013, 3:21:37 PM
System Boot Time:          12/13/2014, 1:31:33 PM
System Manufacturer:       Compaq-Presario
System Model:              GC660AA-ABA SR5123WM
System Type:               X86-based PC
Processor(s):              1 Processor(s) Installed.
                           [01]: x64 Family 15 Model 107 Stepping 1 AuthenticAMD ~1800 Mhz
BIOS Version:              Phoenix Technologies, LTD 5.07 , 4/4/2007
Windows Directory:         C:\Windows
System Directory:          C:\Windows\system32
Boot Device:               \Device\HarddiskVolume1
System Locale:             en-us;English (United States)
Input Locale:              en-us;English (United States)
Time Zone:                 (GMT-08:00) Pacific Time (US & Canada)
Total Physical Memory:     1,918 MB
Available Physical Memory: 790 MB
Page File: Max Size:       4,060 MB
Page File: Available:      2,686 MB
Page File: In Use:         1,374 MB
Page File Location(s):     C:\pagefile.sys
Domain:                    WORKGROUP
Logon Server:              \\FAMILY1ST-PC
Hotfix(s):                 18 Hotfix(s) Installed.
                           [01]: KB925528
                           [02]: KB929399
                           [03]: KB929451
                           [04]: KB929615
                           [05]: KB929685
                           [06]: KB929735
                           [07]: KB929761
                           [08]: KB929762
                           [09]: KB929763
                           [10]: KB929777
                           [11]: KB930163
                           [12]: KB930568
                           [13]: KB930857
                           [14]: KB931573
                           [15]: KB933245
                           [16]: KB928089
                           [17]: KB929427
                           [18]: KB932246
Network Card(s):           2 NIC(s) Installed.
                           [01]: NVIDIA nForce Networking Controller
                                 Connection Name: Local Area Connection
                                 Status:          Media disconnected
                           [02]: NETGEAR WNA3100 N300 Wireless USB Adapter
                                 Connection Name: Wireless Network Connection
                                 Status:          Media disconnected



---System Network Information---

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Family1st-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : NETGEAR WNA3100 N300 Wireless USB Adapter
   Physical Address. . . . . . . . . : 6C-B0-CE-7F-AA-AF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
   Physical Address. . . . . . . . . : 00-1B-B9-52-F3-7D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{0423776E-9298-413D-BD8D-015E09188A53}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.gateway.2wire.net
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes



---Software Information---
Version:2.2.0.2/Driver Version:5.100.243.6


---Site survey Information---
Network Name (SSID)              Channel N     WPS   Security                  Signal     MAC Address                    Network Type                             
2WIRE347                            6(G)             WPA2-PSK                    85%      00:25:3C:2D:DE:59              Access Point                             
                                   11(G) N           WPA2-PSK                    30%      92:1A:CA:2D:A1:20              Access Point                             
DYQIILX4                            1(G) N     WPS   WPA2-PSK                    24%      A0:21:B7:9C:C7:6E              Access Point                             
HOME-A122                          11(G) N     WPS   WPA-PSK/WPA2-PSK            28%      90:1A:CA:2D:A1:20              Access Point                             
HP-Print-A3-Deskjet 3520 series    11(G) N           WPA2-PSK                    38%      C8:CB:B8:4C:15:A3              Access Point                             
knox                                2(G) N     WPS   WPA-PSK/WPA2-PSK            22%      A0:21:B7:9A:31:14              Access Point                             
tla0df00                            1(G) N     WPS   WPA2-PSK                    24%      00:25:F0:A0:DF:00              Access Point                             
xfinitywifi                        11(G) N           None                        32%      96:1A:CA:2D:A1:20              Access Point                             
xfinitywifi                         1(G) N           None                        32%      A6:B3:13:FF:BF:40              Access Point                             
maccat39                            6(G) N     WPS   WPA2-PSK                    12%      BC:EE:7B:7B:1F:90              Access Point                             
                                    6(G) N           WPA2-PSK                    14%      92:1A:CA:31:28:00              Access Point                             
HOME-2802                           6(G) N     WPS   WPA-PSK/WPA2-PSK            18%      90:1A:CA:31:28:00              Access Point                             
HOME-7BF6-2.4                       6(G) N     WPS   WPA-PSK/WPA2-PSK            14%      54:BE:F7:E5:AC:38              Access Point                             
Mahdi                              11(G) N     WPS   WPA2-PSK                     0%      AC:22:0B:30:32:E0              Access Point                       

 

 

 

 

 

 

This is the report from my netgear. Can you please inform me what is wrong. I am now showing that I have local access only and this is constantly happening.      Firewall, antivirus plus cache cleaner is needed please.

 

Thanks


Edited by justmeandmycomputer, 13 December 2014 - 07:01 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users