Done! Seems to be better, but might need to give it a reboot to feel the full effect.
Many thanks for your help. It's been along process, but we got there and I learned a few new things along...
Type: Posts; User: brispie; Keyword(s):
Done! Seems to be better, but might need to give it a reboot to feel the full effect.
Many thanks for your help. It's been along process, but we got there and I learned a few new things along...
Kaspersky log
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, May 31, 2007 11:07:42 AM
Operating System: Microsoft...
Hijack this log
Logfile of HijackThis v1.99.1
Scan saved at 11:08:14, on 31/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running...
Hi
It ran fine :-) Lots of problems though :-(
KASPERSKY ONLINE SCANNER REPORT
Wednesday, May 30, 2007 2:59:39 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2...
At this stage I feel I should point out that when I double click on addperms/addperms2 it never asks me to do anything.
Username: PHIL\PHIL
SID: S-1-5-21-1606980848-1547161642-1801674531
...
Is this the one?
Username: PHIL\PHIL
SID: S-1-5-21-1606980848-1547161642-1801674531
Days since last password change: 811
Privilege: 2 (USER_PRIV_ADMIN)
Home directory:
Comment: ''...
Hi.
Wasn't sure which log you wanted to see. This is the addperms log.
Granting SeDebugPrivilege to Phil ... successful
Granting SeTakeOwnershipPrivilege to Phil ... successful
...
Username: PHIL\PHIL
SID: S-1-5-21-1606980848-1547161642-1801674531
Days since last password change: 810
Privilege: 2 (USER_PRIV_ADMIN)
Home directory:
Comment: ''
Flags: 66049...
Username: PHIL\PHIL
SID: S-1-5-21-1606980848-1547161642-1801674531
Days since last password change: 808
Privilege: 2 (USER_PRIV_ADMIN)
Home directory:
Comment: ''
Flags: 66049...
I can't install it as I apparently haven't got administrator rights.
Don't understand why not as this is a home pc.
What do I need to do?
All done?
REGEDIT4
; RegSrch.vbs © Bill James
; Registry search results for string "cmdService" 24/05/2007 20:56:02
; NOTE: This file will be deleted when you close WordPad.
; You must...
1&2 deleted OK. 3 was 'Access Denied'. 4&5 didn't appear.
REGEDIT4
; RegSrch.vbs © Bill James
; Registry search results for string "cmdService" 24/05/2007 19:02:08
; NOTE: This file will...
This is all from regkey. Regperms was empty.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wmi]
"Description"="Provides systems management information to and from drivers."
"DisplayName"="Windows Management Instrumentation Driver...
5f,\
48,a1,92,fc,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Winsock2 - Google Desktop Search Backup Before Last Install\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005]...
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Winsock2 - Google Desktop Search Backup Before First Install\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007]...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Winsock2 - Google Desktop Search Backup Before First Install\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003]...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008]
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,\...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003]
"PackedCatalogItem"=hex:25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,\...
00,31,00,33,00,2d,00,41,00,35,00,33,00,43,00,2d,00,42,00,31,00,45,00,34,00,\
45,00,34,00,43,00,35,00,32,00,43,00,42,00,45,00,7d,00,00,00,5c,00,44,00,65,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wdmaud]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\upnphost]
"Type"=dword:00000020
"Start"=dword:00000004
"ErrorControl"=dword:00000001...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{CE5FA0D0-384D-4387-9E47-D25184030D99}]
"UseZeroBroadcast"=dword:00000000
"EnableDeadGWDetect"=dword:00000001...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\symc8xx]
"ErrorControl"=dword:00000001
"Group"="SCSI miniport"
"Start"=dword:00000004
"Type"=dword:00000001
"Tag"=dword:00000036
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srservice\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\seclogon\Parameters]
"ServiceDll"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RemoteAccess\Policy\Pipeline\12]
@="IAS.AuthorizationHost"
"Requests"="0 1 2"
"Responses"="0 1 2 4"
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Rdbss\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ql10wnt\Parameters]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ql10wnt\Parameters\PnpInterface]
"5"=dword:00000001
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCIIde]
"ErrorControl"=dword:00000001
"Group"="System Bus Extender"
"Start"=dword:00000000
"Tag"=dword:00000003
"Type"=dword:00000001...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NwlnkFwd\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces]
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ms_mpu401\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mraid35x]
"ErrorControl"=dword:00000001
"Group"="SCSI miniport"
"Start"=dword:00000004
"Tag"=dword:0000002b
"Type"=dword:00000001
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lanmanserver\Linkage]
"Bind"=hex(7):5c,44,65,76,69,63,65,5c,4e,65,74,62,69,6f,73,53,6d,62,00,5c,44,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IpFilterDriver]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ftdisk\Enum]
"0"="Root\\ftdisk\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\TCPMon]
"TypesSupported"=dword:00000007
"EventMessageFile"="%SystemRoot%\\System32\\tcpmon.dll"
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\Nla]
"EventMessageFile"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\dmboot]
"EventMessageFile"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Security\Security Account Manager]
"ParameterMessageFile"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\mnmsrvc]
"EventMessageFile"="%SystemRoot%\\System32\\nmevtmsg.dll"
"TypeSupported"=hex:07,00,00,00
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dnscache\Parameters]
"ServiceDll"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Creative Service for CDROM Access\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BITS\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\
...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\audstub]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001...
"VSyncControl_DEF"="1"
"SwapEffect_DEF"="0"
"TemporalAAMultiplier_DEF"="0"
"ExportCompressedTex_DEF"="1"
"PixelCenter_DEF"="0"
"ForceZBufferDepth_DEF"="0"
"EnableTripleBuffering_DEF"="0"...
20,20,20,20,20,20,20,00,4d,61,78,74,6f,72,20,37,33,34,35,20,20,20,20,20,20,\
20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,00,4d,\
...