-
Posts
2,386 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by CWB
-
browser hijacked , many "odd" programs , pop-ups galore
CWB replied to CWB's topic in Resolved Malware Removal Logs
i'll pass the information along to my friend ... as much as she likes it when i chew on her about clicking on *cutesy* stuff , she's going to love the reading ! (if i run real fast she won't be able to hit me) thanks for your help . -
browser hijacked , many "odd" programs , pop-ups galore
CWB replied to CWB's topic in Resolved Malware Removal Logs
avast auto updates every time the comp is started ... odd . i did have defender turned off as it is not needed with vast . # DelFix v10.8 - Logfile created 17/10/2014 at 11:47:46 # Updated 29/07/2014 by Xplode # Username : jen - ASUSLAPTOP # Operating System : Windows 8.1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\zoek_backup Deleted : C:\AdwCleaner Deleted : C:\zoek-results.log Deleted : C:\Users\jen\Desktop\AdwCleaner.exe Deleted : C:\Users\jen\Desktop\esetsmartinstaller_enu.exe Deleted : C:\Users\jen\Desktop\FRST64.exe Deleted : C:\Users\jen\Desktop\JRT.exe Deleted : C:\Users\jen\Desktop\MB results.txt Deleted : C:\Users\jen\Desktop\SecurityCheck.exe Deleted : C:\Users\jen\Desktop\zoek.exe Deleted : HKLM\SOFTWARE\AdwCleaner ~ Cleaning system restore ... Deleted : RP #5 [scheduled Checkpoint | 10/01/2014 17:37:12] Deleted : RP #6 [installed HP Update. | 10/08/2014 05:27:21] Deleted : RP #7 [installed Adobe Reader XI. | 10/15/2014 01:28:31] Deleted : RP #8 [zoek.exe restore point | 10/16/2014 13:46:56] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ########## -
browser hijacked , many "odd" programs , pop-ups galore
CWB replied to CWB's topic in Resolved Malware Removal Logs
here ya go : Results of screen317's Security Check version 0.99.89 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender avast! Antivirus Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Secunia PSI (3.0.0.9016) Java 7 Update 67 Java 8 Update 25 Adobe Flash Player 15.0.0.152 Adobe Reader XI Mozilla Firefox 32.0.3 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` -
browser hijacked , many "odd" programs , pop-ups galore
CWB replied to CWB's topic in Resolved Malware Removal Logs
here are the results : eset results.txt MB results.txt -
browser hijacked , many "odd" programs , pop-ups galore
CWB replied to CWB's topic in Resolved Malware Removal Logs
"little yellow chick" ... folder on desktop ... full of files ... i deleted it . i looked back through both 32 and 64 bit program files ... the questionable programs are gone as are the icons on the desktop . the browser is working ok . what is next ? -
browser hijacked , many "odd" programs , pop-ups galore
CWB replied to CWB's topic in Resolved Malware Removal Logs
ok ... i reset FF and reinstalled theme restorer , traffic light , wot , zoom page and image zoom . i am able to navigate to this thread . there are still some questionable programs and files on this machine . ps ... FF is the "browser of choice" on this machine ... and on all of them that i own . -
browser hijacked , many "odd" programs , pop-ups galore
CWB replied to CWB's topic in Resolved Malware Removal Logs
i still cannot navigate into this portion of the forums ... transferring stuff back and forth . i believe that FF is being blocked or re-directed . "post too long" ... attaching files . zoek-results.txt FRST.txt Addition.txt -
browser hijacked , many "odd" programs , pop-ups galore
CWB replied to CWB's topic in Resolved Malware Removal Logs
nothing disastrous happened . however , for some reason the link to JRT wanted to run the file rather than save it ... i worked around it . (maybe look into this ?) here are the logs : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.3.3 (10.14.2014:1) OS: Windows 8.1 x64 Ran by jen on Thu 10/16/2014 at 5:54:08.87 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] 70e6ca8c Successfully deleted: [service] 70e6ca8c ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\driver support Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} ~~~ Files Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVERSUPPORT.EXE-D253C716.pf ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\driver support" Successfully deleted: [Folder] "C:\ProgramData\systweak" Successfully deleted: [Folder] "C:\Users\jen\AppData\Roaming\systweak" Successfully deleted: [Folder] "C:\Users\jen\AppData\Roaming\updaterex" Successfully deleted: [Folder] "C:\Users\jen\appdata\local\pc_drivers_headquarters" Successfully deleted: [Folder] "C:\Program Files (x86)\driver support" Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver support" ~~~ FireFox Successfully deleted: [File] C:\Users\jen\AppData\Roaming\mozilla\firefox\profiles\5whfq64m.default-1413167315136\user.js Successfully deleted the following from C:\Users\jen\AppData\Roaming\mozilla\firefox\profiles\5whfq64m.default-1413167315136\prefs.js user_pref("extensions.TrafficLightSettings.an", "1"); user_pref("extensions.TrafficLightSettings.date", "15 October 2014"); user_pref("extensions.TrafficLightSettings.firstTime", "3"); user_pref("extensions.TrafficLightSettings.ls_social", "0"); user_pref("extensions.TrafficLightSettings.ph_sign", "/****************************************************************************************\r\n**************************** ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 10/16/2014 at 5:57:16.83 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 02 Ran by jen (administrator) on ASUSLAPTOP on 16-10-2014 06:15:25 Running from C:\Users\jen\Desktop Loaded Profile: jen (Available profiles: jen) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE (ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-12] (AVAST Software) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers-x32: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://services.freshy.com/general/newhometab.php?hometab=home&partner=11087&guid={A6D596DB-6EC5-4C91-9EAE-663F442E3CAE}&i= StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKCU - {8D36C399-5D41-47E2-A28D-C6EDEA6AECD2} URL = http://search.yahoo.com/search?ei=utf-8&fr=tightropetb&type=11087_101414&p={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM - FindWide Toolbar - {1F0EC46C-3C39-4DF3-A4F7-83830EDF1797} - C:\Program Files (x86)\TNT2\Profiles\11087\passport64.dll No File Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - FindWide Toolbar - {1F0EC46C-3C39-4DF3-A4F7-83830EDF1797} - C:\Program Files (x86)\TNT2\Profiles\11087\passport.dll No File Toolbar: HKCU - FindWide Toolbar - {1F0EC46C-3C39-4DF3-A4F7-83830EDF1797} - C:\Program Files (x86)\TNT2\Profiles\11087\passport64.dll No File Tcpip\Parameters: [DhcpNameServer] 24.220.0.10 24.220.0.11 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\jen\AppData\Roaming\Mozilla\Firefox\Profiles\5whfq64m.default-1413167315136 FF NewTab: hxxp://services.freshy.com/general/newhometab.php?hometab=tab&partner=11087&guid={A6D596DB-6EC5-4C91-9EAE-663F442E3CAE}&i= FF DefaultSearchEngine: Yahoo: FF Homepage: hxxp://services.freshy.com/general/newhometab.php?hometab=home&partner=11087&guid={A6D596DB-6EC5-4C91-9EAE-663F442E3CAE}&i= FF Keyword.URL: hxxp://search.yahoo.com/search?ei=utf-8&fr=tightropetb&type=11087_101414&p= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Extension: WOT - C:\Users\jen\AppData\Roaming\Mozilla\Firefox\Profiles\5whfq64m.default-1413167315136\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-10-15] FF Extension: Classic Theme Restorer - C:\Users\jen\AppData\Roaming\Mozilla\Firefox\Profiles\5whfq64m.default-1413167315136\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-10-15] FF Extension: Fastest Notifier for Gmail™ - C:\Users\jen\AppData\Roaming\Mozilla\Firefox\Profiles\5whfq64m.default-1413167315136\Extensions\jid1-sqmEAwSoa3FZPc@jetpack.xpi [2014-10-12] FF Extension: TrafficLight - C:\Users\jen\AppData\Roaming\Mozilla\Firefox\Profiles\5whfq64m.default-1413167315136\Extensions\trafficlight@bitdefender.com.xpi [2014-10-15] FF Extension: Zoom Page - C:\Users\jen\AppData\Roaming\Mozilla\Firefox\Profiles\5whfq64m.default-1413167315136\Extensions\zoompage@DW-dev.xpi [2014-10-15] FF Extension: Image Zoom - C:\Users\jen\AppData\Roaming\Mozilla\Firefox\Profiles\5whfq64m.default-1413167315136\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2014-10-15] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com) R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-04-29] (ASUS) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-12] (AVAST Software) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed] R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation) S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-08-14] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-08-14] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation) S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-08-14] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-12] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-12] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-12] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-12] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-12] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-12] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-12] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-12] () R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-11-08] (ASUS Corporation) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows ® Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows ® Win 7 DDK provider) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( ) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-08-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-16 06:15 - 2014-10-16 06:15 - 00017959 _____ () C:\Users\jen\Desktop\FRST.txt 2014-10-16 06:14 - 2014-10-16 06:14 - 00003429 _____ () C:\Users\jen\Desktop\AdwCleaner[s0].txt 2014-10-16 06:09 - 2014-10-16 06:12 - 00000000 ____D () C:\AdwCleaner 2014-10-16 06:08 - 2014-10-16 06:06 - 01976320 _____ () C:\Users\jen\Desktop\AdwCleaner.exe 2014-10-16 06:03 - 2014-10-16 06:03 - 06791360 _____ (IvoSoft) C:\Users\jen\Desktop\ClassicShellSetup_4_1_0.exe 2014-10-16 05:57 - 2014-10-16 05:57 - 00002609 _____ () C:\Users\jen\Desktop\JRT.txt 2014-10-16 05:54 - 2014-10-16 05:54 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-10-16 05:53 - 2014-10-16 05:53 - 01705698 _____ (Thisisu) C:\Users\jen\Desktop\JRT.exe 2014-10-15 18:50 - 2014-10-16 06:15 - 00000000 ____D () C:\FRST 2014-10-15 18:47 - 2014-10-15 18:45 - 02111488 _____ (Farbar) C:\Users\jen\Desktop\FRST64.exe 2014-10-15 14:47 - 2014-10-15 18:49 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-10-15 14:47 - 2014-10-15 14:47 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-10-15 14:47 - 2014-10-15 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-10-15 14:46 - 2014-10-15 14:46 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-15 14:46 - 2014-10-15 14:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-10-15 14:46 - 2014-10-15 14:45 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\jen\Desktop\mbam-setup-2.0.3.1025.exe 2014-10-15 14:46 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-10-15 14:46 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-10-15 14:46 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-10-15 14:06 - 2014-10-15 14:25 - 00000000 ____D () C:\SUPERDelete 2014-10-15 14:03 - 2014-10-15 17:25 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware 2014-10-15 14:03 - 2014-10-15 14:03 - 00001782 _____ () C:\Users\jen\Desktop\SUPERAntiSpyware Free Edition.lnk 2014-10-15 14:03 - 2014-10-15 14:03 - 00000000 ____D () C:\Users\jen\AppData\Roaming\SUPERAntiSpyware.com 2014-10-15 14:03 - 2014-10-15 14:03 - 00000000 ____D () C:\Users\jen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2014-10-15 14:03 - 2014-10-15 14:03 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com 2014-10-15 14:02 - 2014-10-15 14:00 - 19906088 _____ (SUPERAntiSpyware) C:\Users\jen\Desktop\SUPERAntiSpyware.exe 2014-10-14 23:10 - 2014-10-14 23:10 - 00000000 ____D () C:\WINDOWS\PCHEALTH 2014-10-14 22:50 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-10-14 22:50 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-10-14 22:50 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-10-14 22:50 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-10-14 22:50 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-10-14 22:50 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-10-14 22:50 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-10-14 22:50 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-10-14 22:50 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-10-14 22:50 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-10-14 22:50 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-10-14 22:50 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-10-14 22:50 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-10-14 22:50 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-10-14 22:50 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-10-14 22:50 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-10-14 22:50 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-10-14 22:50 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-10-14 22:50 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-10-14 22:50 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-10-14 22:50 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-10-14 22:50 - 2014-09-18 19:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-10-14 22:50 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-10-14 22:50 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-10-14 22:50 - 2014-09-18 19:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-10-14 22:50 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-10-14 22:50 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-10-14 22:50 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-10-14 22:50 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-10-14 22:50 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-10-14 22:50 - 2014-08-15 20:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-10-14 22:50 - 2014-08-15 20:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-10-14 22:50 - 2014-08-15 20:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-10-14 22:50 - 2014-08-15 20:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-10-14 22:50 - 2014-08-15 19:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-14 22:49 - 2014-08-14 19:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys 2014-10-14 22:49 - 2014-07-29 20:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll 2014-10-14 22:49 - 2014-07-29 00:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll 2014-10-14 22:47 - 2014-09-27 17:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-10-14 22:47 - 2014-09-07 22:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-10-14 22:47 - 2014-09-07 20:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-10-14 22:47 - 2014-09-07 20:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-10-14 22:47 - 2014-09-07 19:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-10-14 22:47 - 2014-09-07 19:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-10-14 22:47 - 2014-09-07 19:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-10-14 22:47 - 2014-09-07 19:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-10-14 22:47 - 2014-09-07 19:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-10-14 22:47 - 2014-09-07 19:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-10-14 22:47 - 2014-09-07 19:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-10-14 22:47 - 2014-09-07 18:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-10-14 22:47 - 2014-09-07 18:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-10-14 22:47 - 2014-09-07 18:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-10-14 22:47 - 2014-09-07 18:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-10-14 22:47 - 2014-09-03 19:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-10-14 22:47 - 2014-09-03 18:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-10-14 22:47 - 2014-09-03 18:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-10-14 22:45 - 2014-09-13 01:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2014-10-14 22:45 - 2014-09-13 00:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2014-10-14 22:45 - 2014-08-15 23:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-10-14 22:45 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-10-14 22:45 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-10-14 22:45 - 2014-08-15 22:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-10-14 22:45 - 2014-08-15 22:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-10-14 22:45 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-10-14 22:45 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-10-14 22:45 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-10-14 22:45 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-10-14 22:45 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-10-14 22:45 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-10-14 22:45 - 2014-08-01 19:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2014-10-14 22:44 - 2014-09-03 19:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-10-14 22:44 - 2014-09-03 19:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-10-14 22:44 - 2014-08-23 02:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2014-10-14 22:44 - 2014-08-23 02:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2014-10-14 22:44 - 2014-08-23 01:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll 2014-10-14 22:44 - 2014-08-23 00:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll 2014-10-14 22:44 - 2014-08-22 23:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-10-14 22:44 - 2014-08-22 23:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-10-14 22:44 - 2014-08-22 23:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-10-14 22:44 - 2014-08-22 23:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-10-14 22:44 - 2014-08-22 23:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-10-14 22:44 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-10-14 22:44 - 2014-08-15 22:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-10-14 22:44 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-10-14 22:44 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-10-14 22:44 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-10-14 22:44 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2014-10-14 22:44 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-10-14 22:44 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2014-10-14 22:44 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll 2014-10-14 22:44 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-10-14 22:44 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2014-10-14 22:44 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll 2014-10-14 22:44 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2014-10-14 22:44 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2014-10-14 22:44 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-10-14 22:44 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-10-14 22:44 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-10-14 22:44 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-10-14 22:44 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-10-14 22:44 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-10-14 22:44 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-10-14 22:44 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-10-14 22:44 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-10-14 22:44 - 2014-07-31 18:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-10-14 22:42 - 2014-10-09 17:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-10-14 22:42 - 2014-10-08 17:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2014-10-14 22:42 - 2014-09-18 20:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-10-14 22:42 - 2014-09-13 01:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-10-14 22:42 - 2014-09-13 00:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-10-14 22:42 - 2014-09-04 21:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2014-10-14 22:42 - 2014-08-28 20:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-10-14 22:42 - 2014-08-28 18:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-10-14 22:42 - 2014-08-28 18:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-10-14 22:42 - 2014-07-23 22:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2014-10-14 22:42 - 2014-07-23 22:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2014-10-14 21:26 - 2014-10-15 13:54 - 00000100 _____ () C:\Users\jen\AppData\Roaming\WB.CFG 2014-10-14 20:29 - 2014-10-14 20:29 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-10-14 20:29 - 2014-10-14 20:29 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-10-14 20:29 - 2014-10-14 20:29 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-10-14 20:27 - 2014-10-14 22:14 - 00000000 ____D () C:\ProgramData\UAB 2014-10-14 20:27 - 2014-10-14 20:27 - 00000000 ____D () C:\Users\jen\Downloads\Driver Support 2014-10-14 20:26 - 2014-10-14 20:26 - 00002319 _____ () C:\Users\Public\Desktop\Driver Support.lnk 2014-10-14 20:25 - 2014-10-14 20:25 - 74696576 _____ (Adobe Systems Incorporated) C:\Users\jen\Downloads\AdbeRdr11007_en_US.exe 2014-10-14 20:24 - 2014-10-14 20:24 - 00800688 _____ ( ) C:\Users\jen\Desktop\Adobe_Reader_Setup.exe 2014-10-13 23:45 - 2014-10-14 20:03 - 00000000 ____D () C:\Users\jen\Desktop\little yellow chick_files 2014-10-12 19:50 - 2014-10-12 21:28 - 00000000 ____D () C:\Users\jen\Desktop\Old Firefox Data 2014-10-09 15:23 - 2014-10-14 22:29 - 00000000 ____D () C:\Users\jen\Documents\My Scans 2014-10-09 15:14 - 2014-10-16 05:57 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-10-09 15:14 - 2014-10-09 15:14 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-10-08 00:27 - 2014-10-08 00:27 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard 2014-10-01 11:49 - 2014-10-01 11:49 - 00000000 ____D () C:\Users\jen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP 2014-09-24 13:56 - 2014-09-24 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-22 14:55 - 2014-10-08 00:38 - 00000000 ____D () C:\Users\jen\AppData\Local\Windows Live ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-16 06:15 - 2014-08-13 07:08 - 00000000 ____D () C:\Users\jen\Desktop\larry - tools 2014-10-16 06:14 - 2014-08-12 05:46 - 00000062 _____ () C:\Users\jen\AppData\Roaming\sp_data.sys 2014-10-16 06:13 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-16 06:12 - 2014-08-14 16:25 - 01271417 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-16 06:12 - 2014-03-18 04:54 - 00166006 _____ () C:\WINDOWS\PFRO.log 2014-10-16 06:11 - 2014-08-12 05:52 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-13100095-2527919806-3038728838-1001 2014-10-16 06:07 - 2014-08-12 06:22 - 00000000 ____D () C:\Users\jen\AppData\Roaming\ClassicShell 2014-10-16 06:04 - 2014-08-12 06:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell 2014-10-16 06:04 - 2014-08-12 06:19 - 00000000 ____D () C:\Program Files\Classic Shell 2014-10-16 06:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-10-15 17:23 - 2012-07-26 00:26 - 00000336 _____ () C:\WINDOWS\win.ini 2014-10-15 14:50 - 2014-03-18 05:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-10-15 14:48 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-10-15 14:26 - 2013-08-22 09:44 - 00482568 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-10-15 14:24 - 2014-08-14 17:16 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-10-15 14:24 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-10-15 14:24 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-10-15 14:24 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-10-15 14:24 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-10-15 14:24 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-10-15 14:01 - 2013-08-22 09:46 - 00290899 _____ () C:\WINDOWS\setupact.log 2014-10-15 13:57 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-10-14 23:19 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-10-14 23:17 - 2014-08-13 17:08 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-10-14 23:16 - 2014-08-13 17:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-10-14 23:09 - 2014-08-14 17:24 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-10-14 22:46 - 2014-08-14 18:54 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-10-14 22:46 - 2014-08-14 18:54 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-10-14 22:46 - 2014-08-14 18:54 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-10-14 22:46 - 2014-08-14 18:54 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-10-14 22:46 - 2014-08-14 18:54 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-10-14 22:46 - 2014-08-14 18:54 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-10-14 22:46 - 2014-08-14 18:54 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-10-14 22:46 - 2014-08-14 18:39 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-10-14 22:46 - 2014-08-14 18:39 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-10-14 22:45 - 2014-08-14 18:54 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-10-14 22:45 - 2014-08-14 18:54 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-10-14 22:45 - 2014-08-14 18:54 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-10-14 22:45 - 2014-08-14 18:54 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-10-14 22:45 - 2014-08-14 18:54 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-10-14 22:45 - 2014-08-14 18:54 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-10-14 22:45 - 2014-08-14 18:54 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-10-14 22:04 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Resources 2014-10-14 21:53 - 2014-08-12 06:01 - 00001137 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-10-14 20:29 - 2013-05-01 04:34 - 00000000 ____D () C:\ProgramData\Adobe 2014-10-14 20:14 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-10-14 20:12 - 2014-08-12 07:26 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-14 20:11 - 2014-08-12 07:26 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-10-14 20:11 - 2014-08-12 07:26 - 00000000 ____D () C:\Program Files (x86)\Java 2014-10-13 23:06 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-10-12 20:20 - 2014-08-12 06:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-08 12:29 - 2014-09-12 11:00 - 00000000 ____D () C:\Users\jen\AppData\Roaming\HpUpdate 2014-10-08 00:28 - 2014-09-12 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2014-10-08 00:28 - 2014-09-12 10:13 - 00000000 ____D () C:\Program Files (x86)\HP 2014-10-07 22:29 - 2014-08-12 07:09 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2014-10-03 10:02 - 2014-08-14 17:24 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-09-29 17:45 - 2013-08-22 10:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-09-29 17:45 - 2013-08-22 10:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl Files to move or delete: ==================== C:\ProgramData\SetStretch.exe C:\ProgramData\SetStretch.VBS Some content of TEMP: ==================== C:\Users\jen\AppData\Local\Temp\CloudBackup7094.exe C:\Users\jen\AppData\Local\Temp\dllhelper.dll C:\Users\jen\AppData\Local\Temp\Quarantine.exe C:\Users\jen\AppData\Local\Temp\SfpcHelper_installFinish.exe C:\Users\jen\AppData\Local\Temp\SfpcHelper_installStart.exe C:\Users\jen\AppData\Local\Temp\sqlite3.dll C:\Users\jen\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-09 15:44 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-10-2014 02 Ran by jen at 2014-10-16 06:16:24 Running from C:\Users\jen\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) AIO_CDA_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDA_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.2 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.7 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.5710.52 - CyberLink Corp.) Hidden Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software) Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden C6100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden c6100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A532D06B-2752-4489-B33C-1B6F1292C3EF}) (Version: - Microsoft) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife) HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6804 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{689703D1-CC80-420B-92BD-4DA9D0CA19DE}) (Version: - Microsoft) Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{689703D1-CC80-420B-92BD-4DA9D0CA19DE}) (Version: - Microsoft) Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{689703D1-CC80-420B-92BD-4DA9D0CA19DE}) (Version: - Microsoft) Update for Microsoft Excel 2013 (KB2889941) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{689703D1-CC80-420B-92BD-4DA9D0CA19DE}) (Version: - Microsoft) Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{7DF13AFE-A484-4178-A82D-EF0689A24775}) (Version: - Microsoft) Update for Microsoft Lync 2013 (KB2889929) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5739A229-D2C6-4579-A21F-B7AFD1834DFD}) (Version: - Microsoft) Update for Microsoft Lync 2013 (KB2889929) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{5739A229-D2C6-4579-A21F-B7AFD1834DFD}) (Version: - Microsoft) Update for Microsoft Lync 2013 (KB2889929) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5739A229-D2C6-4579-A21F-B7AFD1834DFD}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{8C07AD38-38EB-4332-BCB3-F55A77C927DF}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760371) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{FFF87DE6-6602-4F65-BD75-D481E0539DCD}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881001) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{31849233-AD8B-42D7-9AE1-74C79C8E8C03}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881004) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{E30FBD0C-8EDB-4233-9B65-58FEA0C9A5BA}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881004) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E30FBD0C-8EDB-4233-9B65-58FEA0C9A5BA}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7A3EF4FF-A9C8-4F7E-8020-A45F7D319387}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F97A43AC-162A-4874-B1AD-0C98A411D12C}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2881039) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1B208923-2810-414F-82CC-AFFC1B19563F}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B8E73381-09B1-4895-ACD0-34385B0F526D}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1C6260FD-A280-49FE-89D0-CCEC647FBD8E}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{DA288EB3-648C-433C-88AC-71AEAAFAACF7}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{51865C36-97D4-4210-A33E-50BCC8CDDF72}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUSR_{C20FB0E0-31F6-4958-B94D-AEF3CC31FD87}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2883095) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7A9AB1AE-98B5-4B45-86B8-33A7B946D7CA}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2889927) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{8C5E45EF-C212-4DE2-AFEA-DA09B4E88FFB}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2889927) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{8C5E45EF-C212-4DE2-AFEA-DA09B4E88FFB}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2889940) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{8954CA3D-B2C9-41B3-B97C-38146FE13D0C}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2889942) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DA44AFB4-27ED-45F5-8499-1778400883B1}) (Version: - Microsoft) Update for Microsoft Office 2013 (KB2889942) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DA44AFB4-27ED-45F5-8499-1778400883B1}) (Version: - Microsoft) Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BCBDB9F1-18C8-473C-9989-0B66ECC7B306}) (Version: - Microsoft) Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{BCBDB9F1-18C8-473C-9989-0B66ECC7B306}) (Version: - Microsoft) Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{BCBDB9F1-18C8-473C-9989-0B66ECC7B306}) (Version: - Microsoft) Update for Microsoft OneDrive for Business (KB3000731) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{BCBDB9F1-18C8-473C-9989-0B66ECC7B306}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2883059) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BB860F2F-62A2-496D-8780-5A18B48F206A}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2883059) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{BB860F2F-62A2-496D-8780-5A18B48F206A}) (Version: - Microsoft) Update for Microsoft OneNote 2013 (KB2883059) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{BB860F2F-62A2-496D-8780-5A18B48F206A}) (Version: - Microsoft) Update for Microsoft Outlook 2013 (KB2986204) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{8C0211A0-1712-42C2-9F2B-D0356D437D02}) (Version: - Microsoft) Update for Microsoft Outlook 2013 (KB2986204) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{8C0211A0-1712-42C2-9F2B-D0356D437D02}) (Version: - Microsoft) Update for Microsoft PowerPoint 2013 (KB2889847) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F080A0ED-070F-4E33-833F-CF893968E6A8}) (Version: - Microsoft) Update for Microsoft PowerPoint 2013 (KB2889847) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F080A0ED-070F-4E33-833F-CF893968E6A8}) (Version: - Microsoft) Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft) Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2889939) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{549B6392-4113-45E8-908F-DBC9C13EEFF3}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2889939) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{549B6392-4113-45E8-908F-DBC9C13EEFF3}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2889939) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{549B6392-4113-45E8-908F-DBC9C13EEFF3}) (Version: - Microsoft) Update for Microsoft Word 2013 (KB2889939) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{549B6392-4113-45E8-908F-DBC9C13EEFF3}) (Version: - Microsoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows Driver Package - ASUS (ATP) Mouse (10/31/2013 1.0.0.191) (HKLM\...\15591935E93BF0A0E42CA53B578EE5E630971E15) (Version: 10/31/2013 1.0.0.191 - ASUS) Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) 影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden 照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-13100095-2527919806-3038728838-1001_Classes\CLSID\{1F0EC46C-3C39-4DF3-A4F7-83830EDF1797}\InprocServer32 -> C:\Program Files (x86)\TNT2\Profiles\11087\passport64.dll No File ==================== Restore Points ========================= 21-09-2014 20:23:32 Scheduled Checkpoint 01-10-2014 17:37:12 Scheduled Checkpoint 08-10-2014 05:27:21 Installed HP Update. 15-10-2014 01:28:31 Installed Adobe Reader XI. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0170782E-BD44-4A67-BBFB-ED58D67BC606} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {0E223054-F4CB-4FC5-8220-321712DC0B0B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-12] (AVAST Software) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {25834312-A1B2-4017-AB2D-2DE38E4EF77C} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {2818B8E4-C087-46B7-B810-BF6BF881EA13} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe Task: {2B5AB46E-A04A-4F51-9AF3-AD38EF581815} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3B6F4FD6-5F47-40B0-B0F7-BCCD28120ED3} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {3FB9549B-7B01-4370-9695-68F597538A47} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS) Task: {41657D6A-FCF9-4A62-99FA-16011F55F6D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation) Task: {468E006E-6410-414F-9F73-F617DBF753FE} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-11-08] (AsusTek) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {57A3C170-3BBE-4D54-96BC-66357959C65B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {5F2E1C07-C369-425B-8899-070362524D5D} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {779A849E-0E88-4DF3-9CC0-86FDD7F96807} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {93524D28-398B-4CE0-A7FE-66BFE2439EF2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-09] (Adobe Systems Incorporated) Task: {93BBED44-40FE-4635-89A9-453312E77654} - \TidyNetwork Update No Task File <==== ATTENTION Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A1A01FDC-B7A6-4EF5-A611-6C693A07758F} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-04-29] (ASUS) Task: {A769DE78-3DD1-4919-A5DC-154767ACCDE2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation) Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation) Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {E7C06FDC-4B85-4390-A61D-EE906531C3CC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-03] (Microsoft Corporation) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-09-16 13:50 - 2014-09-16 13:50 - 08896160 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-04-29 19:03 - 2013-04-29 19:03 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2014-08-12 07:08 - 2014-08-12 07:08 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-10-15 17:24 - 2014-10-15 17:24 - 02874368 _____ () C:\Program Files\AVAST Software\Avast\defs\14101506\algo.dll 2013-09-09 21:23 - 2013-09-09 21:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2013-10-08 23:41 - 2013-10-08 23:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-08-12 07:08 - 2014-08-12 07:08 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-02-19 19:02 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-13100095-2527919806-3038728838-500 - Administrator - Disabled) Guest (S-1-5-21-13100095-2527919806-3038728838-501 - Limited - Disabled) jen (S-1-5-21-13100095-2527919806-3038728838-1001 - Administrator - Enabled) => C:\Users\jen ==================== Faulty Device Manager Devices ============= Name: Photosmart C6100 series Description: Photosmart C6100 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart Plus B209a-m Description: Photosmart Plus B209a-m Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart C6100 series Description: Photosmart C6100 series Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: HP Service: StillCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (10/16/2014 06:03:14 AM) (Source: DCOM) (EventID: 10010) (User: asuslaptop) Description: {9AA46009-3CE0-458A-A354-715610A075E6} Error: (10/16/2014 06:02:44 AM) (Source: DCOM) (EventID: 10010) (User: asuslaptop) Description: {9AA46009-3CE0-458A-A354-715610A075E6} Error: (10/16/2014 06:01:16 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (10/16/2014 06:00:46 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Intel® Core i3-3110M CPU @ 2.40GHz Percentage of memory in use: 16% Total physical RAM: 6029.67 MB Available physical RAM: 5005.79 MB Total Pagefile: 6989.67 MB Available Pagefile: 5723.09 MB Total Virtual: 131072 MB Available Virtual: 131071.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:139.79 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (Data) (Fixed) (Total:258.34 GB) (Free:257.89 GB) NTFS Drive f: (UUI) (Removable) (Total:0.93 GB) (Free:0.5 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 0FE4DC0A) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 960 MB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=960 MB) - (Type=0C) ==================== End Of Log ============================ # AdwCleaner v4.000 - Report created 16/10/2014 at 06:12:04 # DB v2014-10-15.7 # Updated 12/10/2014 by Xplode # Operating System : Windows 8.1 (64 bits) # Username : jen - ASUSLAPTOP # Running from : C:\Users\jen\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : C:\WINDOWS\System32\roboot64.exe ***** [ Scheduled Tasks ] ***** Task Deleted : advanced-System Protector_startup Task Deleted : Driver Support-RTMRules Task Deleted : Driver Support-RTMScan Task Deleted : Driver Support-RTMScanRunOnce Task Deleted : Driver Support-RTMUpdater Task Deleted : LaunchApp Task Deleted : Optimizer Pro Schedule Task Deleted : RegClean Pro Task Deleted : UpdaterEX ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} Key Deleted : HKCU\Software\BRS Key Deleted : HKCU\Software\systweak Key Deleted : HKCU\Software\UpdaterEX Key Deleted : HKCU\Software\DriverSupport Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\SOFTWARE\InstallCore Key Deleted : HKLM\SOFTWARE\systweak Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{597FB4A5-DD86-4316-A410-7E8074CC2CCE} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17344 -\\ Mozilla Firefox v32.0.3 (x86 en-US) [5whfq64m.default-1413167315136] - Line Deleted : user_pref("extensions.TrafficLightSettings.ph_white", "thecrims.com\nhattrick.org\nraiffeisenonline.ro\nbrd-net.ro\ningonline.ro\nbancpost.ro\nbtrl.ro\ncrediteurope.ro\nalphabank.ro\nromexterra.ro\not[...] [5whfq64m.default-1413167315136] - Line Deleted : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_dnldstr_14_42_ff&cd=2XzuyEtN2Y1L1QzuyDyEtAyDtAtDtByB0FtBtD0B0A0EyDtDtN0D0Tzu0StCtDtCzztN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBz[...] [5whfq64m.default-1413167315136] - Line Deleted : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_dnldstr_14_42_ff&cd=2XzuyEtN2Y1L1QzuyDyEtAyDtAtDtByB0FtBtD0B0A0EyDtDtN0D0Tzu0StCtDtCzztN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEt[...] [5whfq64m.default-1413167315136] - Line Deleted : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda"); [5whfq64m.default-1413167315136] - Line Deleted : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda"); [5whfq64m.default-1413167315136] - Line Deleted : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast_dnldstr_14_42_ff&cd=2XzuyEtN2Y1L1QzuyDyEtAyDtAtDtByB0FtBtD0B0A0EyDtDtN0D0Tzu0StCtDtCzztN1L2XzutAtFtBtFtCtFyDtN1L1CzutCy[...] [5whfq64m.default-1413167315136] - Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0); ************************* AdwCleaner[R0].txt - [3482 octets] - [16/10/2014 06:09:16] AdwCleaner[s0].txt - [3285 octets] - [16/10/2014 06:12:04] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3345 octets] ########## -
reflow or bad motherboard or something else
CWB replied to nachobear's topic in General Windows PC Help
i have been very busy the last two days ... uuuggghhh . "so there is no way to test if the motherboard is bad or if its the gpu or something else?" i explained in my post how to check the GPU IC ... by applying pressure to it while the machine is tore apart and "hooked together" to make it run . this is difficult as one needs to make sure that the CPU cooler is still attached/working . the major problem with the video/graphics on these units was the failure of the GPU IC (it is not a card) . it ran so hot that many of them would become "un-soldered" (develop bad connections) ... this is why pressing on the IC itself might restore the video . in other cases , the GPU became so hot that it was ruined/destroyed ... there are no external indications of this , they look perfectly normal . i have seen a video on youtube of a guy using a heat gun and an aluminum foil shield ... here is a link that explains the procedure and shows what the GPU actually is : http://www.laptoprepair101.com/fix-laptop-motherboard-with-failed-nvidia-graphics-chip/ while this can work ... it can cause more problems , as have been outlined above . the video link that was posted above (joenathan ... i thought it was spelled "jonhathan" ?) has a few errors in it . for example , when he places the motherboard across the laptop bottom half to unscrew the heat pipe/sink and flexes the board three things can happen : traces/components can "crack" (the motherboard is multi-layered) his screwdriver has a good chance of slipping and causing damage when the motherboard flexes or slides around , the fine copper traces on the back can be gouged/cut and components broken ... even though there is a protective film on the back (solder mask) . this is what i meant by "having the skill set" ... if you do not know the basics and how to prevent damaging a piece of equipment , your chances of turning a repair into a disaster are very high . it is videos like these that give rookies a false sense of security and success . -
working on a friend's laptop ... an almost new laptop ... (sigh) ... ASUS X75a series/W8.1 with classic shell . there were/are many malware programs (including reg op pro !) . i cannot access this portion of the forum on it (browser chokes) so i am transferring stuff back and forth . i ran MBAM and SAS ... this cleared out some stuff but there is more buried in there . the FF browser was/has been reset to the "new" style ... i had run classic theme restorer and put it back to "pre-arora" ... i dl'ed what was needed and made it functional again . there are many bogus programs the start of this , as far as i can tell , was a damnable cutesy program called "little yellow chick" that was dl'ed and viewed on my friend's phone . heh ... she has her phone and the laptop synced ... and when she hit the sync button things went south real fast . i believe she actually "told" avast to "go ahead" and let the stuff in . i could not copy and paste the FRST log ... too long ... i am attaching them instead : FRST.txt Addition.txt
-
reflow or bad motherboard or something else
CWB replied to nachobear's topic in General Windows PC Help
i thought that model sounded familiar ... there have been problems with the/a couple of models of this particular family of GPUs used in different laptops (makes and models) . here is just one *discussion* : http://www.nvidiadefect.com/the-death-of-my-hp-tx2000-t2576.html a google search using "tx2000 graphics processor" or similar terms using "dead" , "no video" (etc) will produce many results . i do not know the current status of any legal actions/remedies ... do some checking . again , i am not saying it is impossible to reflow or remove and replace the gpu with a new IC and then reflow solder it to the MB ... however ... i have been at the electronic repair gig for about 40 years , and i have reflowed many ICs and completely replaced IC packages with 200+ pins (hand soldering) . i have some "specialized equipment" that one simply needs in order to help assure a "working outcome" . all the equipment in the world will not help if one does not have the skill sets in place to start with . (give a rookie a box of dynamite and a fist-full of crimp style blasting caps and the results tend to be a wee bit on the disastrous side) you might try looking for someone to do the job for you . the laptop will have to be stripped down and put back together ... the job is relatively labor intensive . you will have to weigh carefully whether or not you want to try a repair or invest that money you would have spent in a new machine . -
reflow or bad motherboard or something else
CWB replied to nachobear's topic in General Windows PC Help
yeppers ... you can try to reflow the solder on the graphics processor ... this is not a task for the uninitiated . in and of itself , reflow soldering is a *permanent fix* . if you mean to test the GPU by applying pressure and see if the video returns then you will have to tear the laptop down and dummy everything up ... again , this is not an easy task . reflow/reballing is a touchy process ... if you do not have a temperature limited heat gun with a tight pattern , you can do much damage to the MB . once the solder is up to temperature , applying pressure and keeping the GPU in alignment is crucial . if anything slips , full removal of the GPU , cleanup and alignment/soldering is the only fix . the alignment is critical ... if you are off by .01 inches ... forget it . i have seen a few of those reflow/reball videos on youtube ... many of these skip over the important stuff . they make it sound easy to do ... this is simply not the case . what is the make and model of the laptop ? -
"Rogueamp introduced me to Malwarebytes (and indirectly destroyed my computer when I followed his recommendation to use Combofix" kinda like playing with warm nitro ... combofix is a powerful tool ... in the right hands .
-
he lost me when he started using foul language . this is an issue between him and malwarebyes (et al) . i will not speculate nor comment on the "issue" .
-
i just dl'ed the latest to test on my W10 machine ... one can go in the back and turn things off .
-
oh baby , oh baby oh ! quick ... which buttons do i push ? here's the keys to my car ... you want the numbers to my bank accounts ... no problem ! duct tape me ... whip me ... beat me ... make me write bad checks ... (no ... wait ... that's something else entirely ... disregard) yeeeaaahhh ... riiight .
-
My PC flopy disc is noisy its initial start up.
CWB replied to Mehmet's topic in General Windows PC Help
i would say that most likely : it is hijacked in/by software it has a mechanical problem/failure of the cd/dvd drive that is not "malware/virus" related . once the malware and/or virus issue is cleared up this will eliminate one possible cause and will be more proof of the noisy drive being a physical problem . -
"I notice that, in almost all illegal , bogus and otherwise stolen games a virus is added." CFA .
-
My PC flopy disc is noisy its initial start up.
CWB replied to Mehmet's topic in General Windows PC Help
it does sound like two separate issues . remove the malware first and then fix the cd/dvd drive . (yep , DD1 you are correct on the sequence of events) -
My PC flopy disc is noisy its initial start up.
CWB replied to Mehmet's topic in General Windows PC Help
without further investigation of the matter ... this may be a true hardware issue along with a malware/infection issue and the two are not related . also ... a floppy drive is not contained in/a part of a cd/dvd drive , they are separate devices . (floppy drives are pretty much a thing of the past) -
sure ... "wait-n-see" ... there is no real way to tell which way the wind is going to be blowing down the line . there are some curious things that MS has gotten their fingers into and then dropped like a hot potato ... completely off the radar . one such *development* was "longhorn" it was supposedly a linux type OS . it was in the spotlight for some time and then _- BLIP-_ , no more information . interestingly enough a couple of days ago i had to download a "database manager" of some type and a couple of other things for a GPS program that interfaces with "google earth" . one of the packages that popped up with the installer was labeled as something to do with/a piece of "longhorn" ! MS does have a habit of re-using something that works ... eventually .
-
i don't believe i will be updating for some time . i can't fathom why *someone* would want to screw with a good working product . nothing new under the sun though .
-
nice pictures . and you got there before the snowballs started hitting you in the ... but , i shall digress .
-
you will continue to find XP in many environments . my doc , the hospital here and my dentist (clinic et al) are all *still* on XP ... MS has a deal for pay-as-you-go updates/support .
-
you might want to pull that anvisoft link down ... it is flagged by WOT and FF on my machine . yep ... that is a crap/mal/scumware application ... a piece of junk . CCleaner is good ... stay out of the registry cleaning portion .