![]() |
|
29 Sep 2013 | #1 |
|
HJT a little is help needed
Could you please help me decide what to remove with this logfile? Thank you.
Code:
Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 8:05:21 PM, on 9/29/2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Orbitdownloader\orbitdm.exe C:\Program Files (x86)\Orbitdownloader\orbitnet.exe C:\downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search tlbrid=ZoneAlarmSecurity&Lan=en&utid=44dd894b000000000000ac8112685fac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: (no name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll" O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll" O4 - HKLM\..\RunOnce: [aswasOutExt64.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: ctfmon.lnk = C:\ProgramData\lsass.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13361 bytes |
My System Specs![]() |
. |
|
29 Sep 2013 | #2 |
|
Please only have one thread on one computer with one problem.
Next I highly recommend not doing anything until a security expert helps with that Hi jack log. In my opinion Micro HijackThis v2.0.5 should only be used under the supervision on qualified people. |
My System Specs![]() |
29 Sep 2013 | #3 |
|
well48,
Let's check deeper that what HilackThis can go... ![]() Select the version that applies to your system. Save it to your Desktop. Double-click the downloaded file to run it. When the tool opens click Yes to the disclaimer. Press the Scan button. FRST64 makes a log (FRST.txt) in the same directory from which the tool is run (Desktop). ![]() The first time the tool is run, it also makes another log: Addition.txt ![]() |
My System Specs![]() |
. |
|
29 Sep 2013 | #4 |
|
That didn't take long. Thanks for dropping by Cottonball.
well48 please follow Cottonball's instructions. |
My System Specs![]() |
29 Sep 2013 | #5 |
|
wlsidten.dll is normally not a good sign...like ransomware. Hopefully, I'm wrong.
|
My System Specs![]() |
29 Sep 2013 | #6 |
|
cottonball- here's the 2 logs you asked for. soory about taking so long to get back. I posted that other one on General board because I lost my way back here (forgot where)
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02 Ran by Tom (administrator) on THOMAS-KUSTUSZ on 29-09-2013 23:26:36 Running from C:\Users\Tom\Desktop Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Orbitdownloader.com) C:\Program Files (x86)\Orbitdownloader\orbitdm.exe (Orbitdownloader.com) C:\Program Files (x86)\Orbitdownloader\orbitnet.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation) HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN.com URLSearchHook: (No Name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = {searchterms} - Ask.com Search SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = {searchTerms} - Yahoo! Search Results SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = {searchTerms - Search results - Wikipedia, the free encyclopedia} SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = {searchTerms} | eBay SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = {searchterms} - Ask.com Search SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = {searchTerms} - Bing SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = {searchTerms} - Yahoo! Search Results SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = {searchTerms - Search results - Wikipedia, the free encyclopedia} SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = {searchTerms} | eBay SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll () Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File Toolbar: HKCU - No Name - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Tcpip\Parameters: [DhcpNameServer] 24.247.24.53 66.189.0.100 24.178.162.3 Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "hxxp://www.google.com/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google ![]() CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{googl e:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC) CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (avast! Online Security) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0 CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc) ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 mr8980; C:\Windows\System32\DRIVERS\dwcamx64.sys [84992 2010-05-11] (Mars Semiconductor Corp.) ==================== NetSvcs (Whitelisted) =================== |
My System Specs![]() |
29 Sep 2013 | #7 |
|
==================== One Month Created Files and Folders ========
2013-09-29 23:26 - 2013-09-29 23:26 - 00000000 ____D C:\FRST 2013-09-29 23:24 - 2013-09-29 23:24 - 01953880 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe 2013-09-29 23:04 - 2013-09-29 23:04 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis-0929-2304 2013-09-29 22:59 - 2013-09-29 22:59 - 00003120 _____ C:\Windows\System32\Tasks\{E7573431-1646-4EE5-8F6A-C1B584DD0729} 2013-09-29 22:53 - 2013-09-29 22:53 - 00000000 ____D C:\ProgramData\Oracle 2013-09-29 22:53 - 2013-09-29 22:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-09-29 22:52 - 2013-09-29 22:52 - 00000000 ____D C:\Program Files (x86)\Java 2013-09-29 22:21 - 2013-09-29 22:21 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis 9-29=22-30 2013-09-29 21:52 - 2013-09-29 21:55 - 00010395 _____ C:\Users\Tom\Desktop\hijackthis.log 2013-09-29 21:02 - 2013-09-29 21:02 - 00001107 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Malwarebytes 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-29 21:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-29 20:04 - 2013-09-29 20:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tom\Desktop\HijackThis.exe ==================== One Month Modified Files and Folders ======= 2013-09-29 23:26 - 2013-09-29 23:26 - 00000000 ____D C:\FRST 2013-09-29 23:24 - 2013-09-29 23:24 - 01953880 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe 2013-09-29 23:24 - 2011-06-09 20:50 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Orbit 2013-09-29 23:24 - 2011-06-09 20:49 - 00000000 ____D C:\Users\Tom\TUBES 2013-09-29 23:21 - 2013-01-10 21:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-29 23:04 - 2013-09-29 23:04 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis-0929-2304 2013-09-29 23:02 - 2009-07-14 00:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-29 23:02 - 2009-07-14 00:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-29 22:59 - 2013-09-29 22:59 - 00003120 _____ C:\Windows\System32\Tasks\{E7573431-1646-4EE5-8F6A-C1B584DD0729} 2013-09-29 22:58 - 2011-04-13 03:23 - 01479723 _____ C:\Windows\WindowsUpdate.log 2013-09-29 22:56 - 2013-05-30 09:53 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-29 22:55 - 2013-05-30 09:53 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-29 22:55 - 2011-04-13 03:42 - 00000000 ____D C:\ProgramData\PDFC 2013-09-29 22:55 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-29 22:55 - 2009-07-14 00:51 - 00048870 _____ C:\Windows\setupact.log 2013-09-29 22:53 - 2013-09-29 22:53 - 00000000 ____D C:\ProgramData\Oracle 2013-09-29 22:52 - 2013-09-29 22:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-09-29 22:52 - 2013-09-29 22:52 - 00000000 ____D C:\Program Files (x86)\Java 2013-09-29 22:52 - 2012-09-18 23:41 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll 2013-09-29 22:52 - 2011-06-09 19:52 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-09-29 22:43 - 2011-07-14 01:20 - 00003230 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$ 2013-09-29 22:43 - 2011-07-14 01:20 - 00000354 _____ C:\Windows\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$.job 2013-09-29 22:21 - 2013-09-29 22:21 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis 9-29=22-30 2013-09-29 22:18 - 2013-05-30 09:44 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-29 21:55 - 2013-09-29 21:52 - 00010395 _____ C:\Users\Tom\Desktop\hijackthis.log 2013-09-29 21:49 - 2011-06-09 17:42 - 00000000 ____D C:\Users\Tom\AppData\Local\VirtualStore 2013-09-29 21:36 - 2011-06-13 00:47 - 00000000 ____D C:\Users\Tom\AppData\Local\CrashDumps 2013-09-29 21:18 - 2011-04-13 05:35 - 00306852 _____ C:\Windows\PFRO.log 2013-09-29 21:16 - 2011-06-09 17:43 - 00000000 ___RD C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-29 21:02 - 2013-09-29 21:02 - 00001107 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Malwarebytes 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-29 20:45 - 2013-05-30 09:58 - 00000000 ____D C:\Program Files\Google 2013-09-29 20:45 - 2013-05-30 09:53 - 00000000 ____D C:\Program Files (x86)\Google 2013-09-29 20:33 - 2013-05-30 23:31 - 00000000 ____D C:\Users\Tom\AppData\Local\Google 2013-09-29 20:03 - 2013-09-29 20:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tom\Desktop\HijackThis.exe 2013-09-29 19:32 - 2011-06-09 18:44 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-29 19:13 - 2011-09-17 02:00 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTom 2013-09-29 19:13 - 2011-09-17 02:00 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForTom.job 2013-09-29 18:42 - 2013-06-30 14:00 - 00000000 ____D C:\Users\Tom\AppData\Local\DoNotTrackPlus 2013-09-20 03:02 - 2013-08-15 03:05 - 00000000 ____D C:\Windows\system32\MRT 2013-09-20 03:02 - 2012-12-04 21:01 - 00743066 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-20 03:02 - 2012-12-04 21:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client 2013-09-20 03:00 - 2013-06-23 22:16 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-20 01:26 - 2013-01-10 21:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-20 01:26 - 2013-01-10 21:03 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-20 01:26 - 2011-07-28 19:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-30 03:48 - 2013-05-30 09:44 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-08-30 03:48 - 2013-05-30 09:44 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-08-30 03:48 - 2013-05-30 09:44 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-08-30 03:48 - 2011-06-09 18:45 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-08-30 03:48 - 2011-06-09 18:45 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-08-30 03:48 - 2011-06-09 18:44 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-08-30 03:48 - 2011-06-09 18:44 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-08-30 03:48 - 2011-06-09 18:44 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-08-30 03:47 - 2011-06-09 18:44 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-08-30 03:47 - 2011-06-09 18:44 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr Files to move or delete: ==================== C:\ProgramData\netdislw.pad Some content of TEMP: ==================== C:\Users\Tom\AppData\Local\Temp\ApnStub.exe C:\Users\Tom\AppData\Local\Temp\contentDATs.exe C:\Users\Tom\AppData\Local\Temp\install_flashplayer11x32axau_gtba_chra_dy_aih[1].exe C:\Users\Tom\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe C:\Users\Tom\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Tom\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Tom\AppData\Local\Temp\mssinstaller.exe C:\Users\Tom\AppData\Local\Temp\rsubea65.dll C:\Users\Tom\AppData\Local\Temp\SecurityScan_Release.exe C:\Users\Tom\AppData\Local\Temp\setup.exe C:\Users\Tom\AppData\Local\Temp\tbZon2.dll C:\Users\Tom\AppData\Local\Temp\Uninstall.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-04 15:51 ==================== End Of Log ============================ |
My System Specs![]() |
29 Sep 2013 | #8 |
|
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
Ran by Tom at 2013-09-29 23:27:08 Running from C:\Users\Tom\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C} AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe AIR (x32 Version: 1.5.3.9130) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Reader X (10.1.8) (x32 Version: 10.1.8) Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.620) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95) avast! Free Antivirus (x32 Version: 8.0.1497.0) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95) Bing Bar (x32 Version: 6.0.2282.0) Bing Bar Platform (x32 Version: 6.0.2282.0) Bing Rewards Client Installer (x32 Version: 16.0.345.0) Blackhawk Striker 2 (x32 Version: 2.2.0.95) Blasterball 3 (x32 Version: 2.2.0.95) Blio (x32 Version: 2.0.5350) Bounce Symphony (x32 Version: 2.2.0.95) Build-a-lot 2 (x32 Version: 2.2.0.95) Cake Mania (x32 Version: 2.2.0.95) Chuzzle Deluxe (x32 Version: 2.2.0.95) CyberLink DVD Suite Deluxe (x32 Version: 7.0.3210) D3DX10 (x32 Version: 15.4.2368.0902) Digital Wireless Camera (x32 Version: 1.00.0000) Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95) Dora's World Adventure (x32 Version: 2.2.0.95) DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412) Escape Rosecliff Island (x32 Version: 2.2.0.95) Farm Frenzy (x32 Version: 2.2.0.95) FATE (x32 Version: 2.2.0.95) Final Drive Nitro (x32 Version: 2.2.0.95) FlashPeak SlimBrowser (x32 Version: 5.01.035) Google Chrome (x32 Version: 28.0.1500.95) Google Update Helper (x32 Version: 1.3.21.153) Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95) Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000) HP Auto (Version: 1.0.12494.3472) HP Client Services (Version: 1.0.12656.3472) HP Customer Experience Enhancements (x32 Version: 6.0.1.7) HP Game Console (x32) HP Games (x32 Version: 1.0.1.5) HP MediaSmart DVD (x32 Version: 4.2.4725) HP MediaSmart Music (x32 Version: 4.2.4517) HP MediaSmart Photo (x32 Version: 4.2.4513) HP MediaSmart SmartMenu (Version: 3.1.2.4) HP MediaSmart Video (x32 Version: 4.2.4522) HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.4.0) HP MovieStore (x32 Version: 1.0.027) HP MovieStore (x32 Version: 2.0.2) HP Odometer (x32 Version: 2.10.0000) HP Setup (x32 Version: 8.4.4400.3525) HP Setup Manager (x32 Version: 1.0.12844.3519) HP Support Assistant (x32 Version: 6.0.5.4) HP Support Information (x32 Version: 10.1.1000) HP Update (x32 Version: 5.002.003.003) HP Vision Hardware Diagnostics (Version: 2.1.6.0) Hulu Desktop (HKCU Version: 0.9.13) Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2119) Java 7 Update 40 (x32 Version: 7.0.400) Java Auto Updater (x32 Version: 2.1.9.8) Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95) Junk Mail filter update (x32 Version: 15.4.3502.0922) Kobo (x32 Version: 1.6) LabelPrint (x32 Version: 2.5.3130) LightScribe System Software (x32 Version: 1.18.20.1) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Default Manager (x32 Version: 2.2.114.0) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0) Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Mystery P.I. - The London Caper (x32 Version: 2.2.0.95) Norton Online Backup (x32 Version: 2.1.17869) Orbit Downloader (x32) PDF Complete Special Edition (x32 Version: 4.0.57) Penguins! (x32 Version: 2.2.0.95) PhotoNow! (x32 Version: 1.1.7717) PictureMover (x32 Version: 3.5.0.33) Plants vs. Zombies (x32 Version: 2.2.0.95) PlayReady PC Runtime amd64 (Version: 1.3.0) PlayReady PC Runtime x86 (x32 Version: 1.3.0) Poker Superstars III (x32 Version: 2.2.0.95) Polar Bowler (x32 Version: 2.2.0.95) Polar Golfer (x32 Version: 2.2.0.95) Power2Go (x32 Version: 6.1.4329) PowerDirector (x32 Version: 8.0.3129) PressReader (x32 Version: 5.10.1102.0) Ralink RT2860 Wireless LAN Card (x32) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6196) Recovery Manager (x32 Version: 5.5.3219) RoxioNow Player (x32 Version: 1.9.5.101) TeamViewer 7 (x32 Version: 7.0.12979) Uniden Surveillance System 5.0.0.302 (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Virtual Families (x32 Version: 2.2.0.95) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95) VLC media player 1.1.10 (x32 Version: 1.1.10) Wheel of Fortune 2 (x32 Version: 2.2.0.95) Windows Driver Package - OEM (mr8980) Image (05/10/2010 1.0.0.0) (Version: 05/10/2010 1.0.0.0) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3502.0922) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3502.0922) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Zinio Reader 4 (x32 Version: 4.0.3184) ZoneAlarm LTD Toolbar Zuma Deluxe (x32 Version: 2.2.0.95) ==================== Restore Points ========================= 03-08-2013 03:41:45 Windows Update 07-08-2013 02:29:44 Windows Update 11-08-2013 03:18:50 Windows Update 15-08-2013 07:05:16 Windows Update 23-08-2013 00:44:54 Windows Update 27-08-2013 06:02:10 Windows Update 04-09-2013 19:51:26 Scheduled Checkpoint 04-09-2013 20:02:00 Windows Update 20-09-2013 05:26:16 Scheduled Checkpoint 20-09-2013 05:37:13 Windows Update 20-09-2013 07:00:23 Windows Update 29-09-2013 22:41:41 Windows Update 30-09-2013 02:46:07 Removed Java(TM) 6 Update 26 (64-bit) 30-09-2013 02:48:41 Removed Java 7 Update 25 30-09-2013 02:52:36 Installed Java 7 Update 40 ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {00388E65-2CFC-4F9C-905D-D76A97B93C6B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: {05ECD425-B176-4EDE-A657-8A20350A3181} - System32\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {608FB861-FD45-436A-ADBA-DAD008E8C26A} - System32\Tasks\HPCeeScheduleForTom => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {99E1B576-CB72-4310-87C9-A3683EF1C1E8} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] () Task: {9B6B10FF-F72E-4F18-85E2-B467D1B5ADE7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {9EABF3DC-01FB-4398-99C1-6AC05FF6479D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30] (Google Inc.) Task: {AB3E5344-07D5-4C04-AF47-58CB231E3AA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30] (Google Inc.) Task: {B909DF93-40EB-4B77-8985-8918C2D4A4D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated) Task: {C52CE892-5C72-4376-8CB5-9F0BF8CFBC8F} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-05] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\HPCeeScheduleForTom.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-29 18:41 - 2013-09-29 15:33 - 02102784 _____ () C:\Program Files\AVAST Software\Avast\defs\13092901\algo.dll 2011-06-09 17:44 - 2010-09-28 14:59 - 12286008 _____ () C:\Users\Tom\AppData\Roaming\PictureMover\Bin\Core.dll 2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2011-06-09 17:44 - 2010-09-28 15:10 - 01699384 _____ () C:\Users\Tom\AppData\Roaming\PictureMover\EN-US\Presentation.dll 2011-06-09 20:50 - 2011-06-07 13:47 - 00397312 _____ () C:\Program Files (x86)\Orbitdownloader\wtlctrl.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= |
My System Specs![]() |
29 Sep 2013 | #9 |
![]() |
Let's get rid of the adware first. lease download AdwCleaner by Xplode and save to your Desktop.
Using AdwCleaner v3: Scan & Clean: Double click on AdwCleaner.exe to run the tool again.
|
My System Specs![]() |
30 Sep 2013 | #10 |
|
# AdwCleaner v3.005 - Report created 30/09/2013 at 01:29:55
# Updated 22/09/2013 by Xplode # Operating System : Windows 7 Home Premium (64 bits) # Username : Tom - THOMAS-KUSTUSZ # Running from : C:\Users\Tom\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk File Found : C:\Users\Public\Desktop\eBay.lnk File Found : C:\Users\Tom\AppData\Local\Temp\Uninstall.exe Folder Found C:\ProgramData\Ask Folder Found C:\Users\Tom\AppData\LocalLow\Conduit Folder Found C:\Users\Tom\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AppDataLow\Software\Toolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKCU\Software\YahooPartnerToolbar Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : [x64] HKCU\Software\YahooPartnerToolbar Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Google Chrome v28.0.1500.95 [ File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4723 octets] - [30/09/2013 01:29:55] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4783 octets] ########## |
My System Specs![]() |
![]() |
Thread Tools | |
Similar help and support threads | ||||
Thread | Forum | |||
Please Help Needed! i have just installed win 7 to win 9 theme pack,, :) it was reali good n i loved it,but i wanted to remove n uninstall it, after he reboot. all the icons were left like that, not my windows 7 icons, non of them came back,, and normally the log on screen was ,, default and the bottom it was... |
General Discussion | |||
help needed hello all i would like to know is there any way to stop any process permanently and make it acessible when i want for example download accelerator plus in taskmanager i have seen that the process always keep on running even i have not opened the program its not that i dnt need it it but i want... |
General Discussion | |||
Help needed???? Hi everyone, my problem being i have installed w7 ultimate on my pc but installed the 32 bit by mistake but now i want to install my 64bit disk but i don't know how to do a clean inmstall, i read the tutorial but can't make head nor tail out of it because it really doesn't tell you how to perform... |
Installation & Setup | |||
Help Needed. Hiya first off, i am so happy to have found a forum like this. It is very much needed. Big thanks. Ok i bought windows 7 yesterday and followed the infomation just to upgrade from windows vista to the NEW O.S 7. Activated the product key and everything is great. But now What i want to... |
Installation & Setup | |||
Help needed I gave my computer to install Windows 7. Before Windows 7 installation i had 2 hard discs, C with Vista and D for my own files. After i got my computer back i saw only 1 C hard disc. Now i installed Take a ownership in order to make a full controll, because i am the only one user/administrator on... |
Drivers |
Our Sites |
Site Links |
About Us |
Find Us |
Windows 7 Forums is an independent web site and has not been authorized,
sponsored, or otherwise approved by Microsoft Corporation.
"Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd All times are GMT -5. The time now is 07:08. |
![]() ![]() ![]() ![]() ![]() |