|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 29 Sep 2013 | #1 |
|
|
HJT a little is help needed
Could you please help me decide what to remove with this logfile? Thank you.
Code:
Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 8:05:21 PM, on 9/29/2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Orbitdownloader\orbitdm.exe C:\Program Files (x86)\Orbitdownloader\orbitnet.exe C:\downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search tlbrid=ZoneAlarmSecurity&Lan=en&utid=44dd894b000000000000ac8112685fac R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: (no name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll" O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll" O4 - HKLM\..\RunOnce: [aswasOutExt64.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: ctfmon.lnk = C:\ProgramData\lsass.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13361 bytes |
My System Specs |
| . |
|
|
| 29 Sep 2013 | #2 |
|
|
Please only have one thread on one computer with one problem.
Next I highly recommend not doing anything until a security expert helps with that Hi jack log. In my opinion Micro HijackThis v2.0.5 should only be used under the supervision on qualified people. |
| My System Specs |
| 29 Sep 2013 | #3 |
|
|
well48,
Let's check deeper that what HilackThis can go...  Please go to the Farbar Recovery Scan Tool DownloadSelect the version that applies to your system. Save it to your Desktop. Double-click the downloaded file to run it. When the tool opens click Yes to the disclaimer. Press the Scan button. FRST64 makes a log (FRST.txt) in the same directory from which the tool is run (Desktop).  Please provide the FRST.txt in your reply. The first time the tool is run, it also makes another log: Addition.txt Also post the: Addition.txtin your reply.
|
| My System Specs |
| . |
|
|
| 29 Sep 2013 | #4 |
|
|
That didn't take long. Thanks for dropping by Cottonball.
well48 please follow Cottonball's instructions. |
| My System Specs |
| 29 Sep 2013 | #5 |
|
|
wlsidten.dll is normally not a good sign...like ransomware. Hopefully, I'm wrong.
|
| My System Specs |
| 29 Sep 2013 | #6 |
|
|
cottonball- here's the 2 logs you asked for. soory about taking so long to get back. I posted that other one on General board because I lost my way back here (forgot where)
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02 Ran by Tom (administrator) on THOMAS-KUSTUSZ on 29-09-2013 23:26:36 Running from C:\Users\Tom\Desktop Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Orbitdownloader.com) C:\Program Files (x86)\Orbitdownloader\orbitdm.exe (Orbitdownloader.com) C:\Program Files (x86)\Orbitdownloader\orbitnet.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation) HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation) HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN.com URLSearchHook: (No Name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = {searchterms} - Ask.com Search SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = {searchTerms} - Yahoo! Search Results SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = {searchTerms - Search results - Wikipedia, the free encyclopedia} SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = {searchTerms} | eBay SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = {searchterms} - Ask.com Search SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = {searchTerms} - Bing SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = {searchTerms} - Yahoo! Search Results SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = {searchTerms - Search results - Wikipedia, the free encyclopedia} SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = {searchTerms} | eBay SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll () Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File Toolbar: HKCU - No Name - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Tcpip\Parameters: [DhcpNameServer] 24.247.24.53 66.189.0.100 24.178.162.3 Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "hxxp://www.google.com/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google  riginalQueryForSuggestion}{google:assist edQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instant ExtendedEnabledParameter}ie={inputEncoding}CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{googl e:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC) CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (avast! Online Security) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0 CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc) ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 mr8980; C:\Windows\System32\DRIVERS\dwcamx64.sys [84992 2010-05-11] (Mars Semiconductor Corp.) ==================== NetSvcs (Whitelisted) =================== |
| My System Specs |
| 29 Sep 2013 | #7 |
|
|
==================== One Month Created Files and Folders ========
2013-09-29 23:26 - 2013-09-29 23:26 - 00000000 ____D C:\FRST 2013-09-29 23:24 - 2013-09-29 23:24 - 01953880 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe 2013-09-29 23:04 - 2013-09-29 23:04 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis-0929-2304 2013-09-29 22:59 - 2013-09-29 22:59 - 00003120 _____ C:\Windows\System32\Tasks\{E7573431-1646-4EE5-8F6A-C1B584DD0729} 2013-09-29 22:53 - 2013-09-29 22:53 - 00000000 ____D C:\ProgramData\Oracle 2013-09-29 22:53 - 2013-09-29 22:52 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-09-29 22:52 - 2013-09-29 22:52 - 00000000 ____D C:\Program Files (x86)\Java 2013-09-29 22:21 - 2013-09-29 22:21 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis 9-29=22-30 2013-09-29 21:52 - 2013-09-29 21:55 - 00010395 _____ C:\Users\Tom\Desktop\hijackthis.log 2013-09-29 21:02 - 2013-09-29 21:02 - 00001107 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Malwarebytes 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-29 21:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-29 20:04 - 2013-09-29 20:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tom\Desktop\HijackThis.exe ==================== One Month Modified Files and Folders ======= 2013-09-29 23:26 - 2013-09-29 23:26 - 00000000 ____D C:\FRST 2013-09-29 23:24 - 2013-09-29 23:24 - 01953880 _____ (Farbar) C:\Users\Tom\Desktop\FRST64.exe 2013-09-29 23:24 - 2011-06-09 20:50 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Orbit 2013-09-29 23:24 - 2011-06-09 20:49 - 00000000 ____D C:\Users\Tom\TUBES 2013-09-29 23:21 - 2013-01-10 21:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-29 23:04 - 2013-09-29 23:04 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis-0929-2304 2013-09-29 23:02 - 2009-07-14 00:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-29 23:02 - 2009-07-14 00:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-29 22:59 - 2013-09-29 22:59 - 00003120 _____ C:\Windows\System32\Tasks\{E7573431-1646-4EE5-8F6A-C1B584DD0729} 2013-09-29 22:58 - 2011-04-13 03:23 - 01479723 _____ C:\Windows\WindowsUpdate.log 2013-09-29 22:56 - 2013-05-30 09:53 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-29 22:55 - 2013-05-30 09:53 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-29 22:55 - 2011-04-13 03:42 - 00000000 ____D C:\ProgramData\PDFC 2013-09-29 22:55 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-29 22:55 - 2009-07-14 00:51 - 00048870 _____ C:\Windows\setupact.log 2013-09-29 22:53 - 2013-09-29 22:53 - 00000000 ____D C:\ProgramData\Oracle 2013-09-29 22:52 - 2013-09-29 22:53 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-09-29 22:52 - 2013-09-29 22:52 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-09-29 22:52 - 2013-09-29 22:52 - 00000000 ____D C:\Program Files (x86)\Java 2013-09-29 22:52 - 2012-09-18 23:41 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll 2013-09-29 22:52 - 2011-06-09 19:52 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-09-29 22:43 - 2011-07-14 01:20 - 00003230 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$ 2013-09-29 22:43 - 2011-07-14 01:20 - 00000354 _____ C:\Windows\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$.job 2013-09-29 22:21 - 2013-09-29 22:21 - 00010396 _____ C:\Users\Tom\Desktop\hijackthis 9-29=22-30 2013-09-29 22:18 - 2013-05-30 09:44 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-29 21:55 - 2013-09-29 21:52 - 00010395 _____ C:\Users\Tom\Desktop\hijackthis.log 2013-09-29 21:49 - 2011-06-09 17:42 - 00000000 ____D C:\Users\Tom\AppData\Local\VirtualStore 2013-09-29 21:36 - 2011-06-13 00:47 - 00000000 ____D C:\Users\Tom\AppData\Local\CrashDumps 2013-09-29 21:18 - 2011-04-13 05:35 - 00306852 _____ C:\Windows\PFRO.log 2013-09-29 21:16 - 2011-06-09 17:43 - 00000000 ___RD C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-29 21:02 - 2013-09-29 21:02 - 00001107 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Users\Tom\AppData\Roaming\Malwarebytes 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-29 21:02 - 2013-09-29 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-29 20:45 - 2013-05-30 09:58 - 00000000 ____D C:\Program Files\Google 2013-09-29 20:45 - 2013-05-30 09:53 - 00000000 ____D C:\Program Files (x86)\Google 2013-09-29 20:33 - 2013-05-30 23:31 - 00000000 ____D C:\Users\Tom\AppData\Local\Google 2013-09-29 20:03 - 2013-09-29 20:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tom\Desktop\HijackThis.exe 2013-09-29 19:32 - 2011-06-09 18:44 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-29 19:13 - 2011-09-17 02:00 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTom 2013-09-29 19:13 - 2011-09-17 02:00 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForTom.job 2013-09-29 18:42 - 2013-06-30 14:00 - 00000000 ____D C:\Users\Tom\AppData\Local\DoNotTrackPlus 2013-09-20 03:02 - 2013-08-15 03:05 - 00000000 ____D C:\Windows\system32\MRT 2013-09-20 03:02 - 2012-12-04 21:01 - 00743066 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-09-20 03:02 - 2012-12-04 21:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client 2013-09-20 03:00 - 2013-06-23 22:16 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-20 01:26 - 2013-01-10 21:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-20 01:26 - 2013-01-10 21:03 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-20 01:26 - 2011-07-28 19:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-30 03:48 - 2013-05-30 09:44 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-08-30 03:48 - 2013-05-30 09:44 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-08-30 03:48 - 2013-05-30 09:44 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-08-30 03:48 - 2011-06-09 18:45 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-08-30 03:48 - 2011-06-09 18:45 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-08-30 03:48 - 2011-06-09 18:44 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-08-30 03:48 - 2011-06-09 18:44 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-08-30 03:48 - 2011-06-09 18:44 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-08-30 03:47 - 2011-06-09 18:44 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-08-30 03:47 - 2011-06-09 18:44 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr Files to move or delete: ==================== C:\ProgramData\netdislw.pad Some content of TEMP: ==================== C:\Users\Tom\AppData\Local\Temp\ApnStub.exe C:\Users\Tom\AppData\Local\Temp\contentDATs.exe C:\Users\Tom\AppData\Local\Temp\install_flashplayer11x32axau_gtba_chra_dy_aih[1].exe C:\Users\Tom\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe C:\Users\Tom\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Tom\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Tom\AppData\Local\Temp\mssinstaller.exe C:\Users\Tom\AppData\Local\Temp\rsubea65.dll C:\Users\Tom\AppData\Local\Temp\SecurityScan_Release.exe C:\Users\Tom\AppData\Local\Temp\setup.exe C:\Users\Tom\AppData\Local\Temp\tbZon2.dll C:\Users\Tom\AppData\Local\Temp\Uninstall.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-04 15:51 ==================== End Of Log ============================ |
| My System Specs |
| 29 Sep 2013 | #8 |
|
|
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
Ran by Tom at 2013-09-29 23:27:08 Running from C:\Users\Tom\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C} AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe AIR (x32 Version: 1.5.3.9130) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Reader X (10.1.8) (x32 Version: 10.1.8) Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.620) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95) avast! Free Antivirus (x32 Version: 8.0.1497.0) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95) Bing Bar (x32 Version: 6.0.2282.0) Bing Bar Platform (x32 Version: 6.0.2282.0) Bing Rewards Client Installer (x32 Version: 16.0.345.0) Blackhawk Striker 2 (x32 Version: 2.2.0.95) Blasterball 3 (x32 Version: 2.2.0.95) Blio (x32 Version: 2.0.5350) Bounce Symphony (x32 Version: 2.2.0.95) Build-a-lot 2 (x32 Version: 2.2.0.95) Cake Mania (x32 Version: 2.2.0.95) Chuzzle Deluxe (x32 Version: 2.2.0.95) CyberLink DVD Suite Deluxe (x32 Version: 7.0.3210) D3DX10 (x32 Version: 15.4.2368.0902) Digital Wireless Camera (x32 Version: 1.00.0000) Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95) Dora's World Adventure (x32 Version: 2.2.0.95) DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412) Escape Rosecliff Island (x32 Version: 2.2.0.95) Farm Frenzy (x32 Version: 2.2.0.95) FATE (x32 Version: 2.2.0.95) Final Drive Nitro (x32 Version: 2.2.0.95) FlashPeak SlimBrowser (x32 Version: 5.01.035) Google Chrome (x32 Version: 28.0.1500.95) Google Update Helper (x32 Version: 1.3.21.153) Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95) Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000) HP Auto (Version: 1.0.12494.3472) HP Client Services (Version: 1.0.12656.3472) HP Customer Experience Enhancements (x32 Version: 6.0.1.7) HP Game Console (x32) HP Games (x32 Version: 1.0.1.5) HP MediaSmart DVD (x32 Version: 4.2.4725) HP MediaSmart Music (x32 Version: 4.2.4517) HP MediaSmart Photo (x32 Version: 4.2.4513) HP MediaSmart SmartMenu (Version: 3.1.2.4) HP MediaSmart Video (x32 Version: 4.2.4522) HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.4.0) HP MovieStore (x32 Version: 1.0.027) HP MovieStore (x32 Version: 2.0.2) HP Odometer (x32 Version: 2.10.0000) HP Setup (x32 Version: 8.4.4400.3525) HP Setup Manager (x32 Version: 1.0.12844.3519) HP Support Assistant (x32 Version: 6.0.5.4) HP Support Information (x32 Version: 10.1.1000) HP Update (x32 Version: 5.002.003.003) HP Vision Hardware Diagnostics (Version: 2.1.6.0) Hulu Desktop (HKCU Version: 0.9.13) Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2119) Java 7 Update 40 (x32 Version: 7.0.400) Java Auto Updater (x32 Version: 2.1.9.8) Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95) Junk Mail filter update (x32 Version: 15.4.3502.0922) Kobo (x32 Version: 1.6) LabelPrint (x32 Version: 2.5.3130) LightScribe System Software (x32 Version: 1.18.20.1) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Default Manager (x32 Version: 2.2.114.0) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0) Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Mystery P.I. - The London Caper (x32 Version: 2.2.0.95) Norton Online Backup (x32 Version: 2.1.17869) Orbit Downloader (x32) PDF Complete Special Edition (x32 Version: 4.0.57) Penguins! (x32 Version: 2.2.0.95) PhotoNow! (x32 Version: 1.1.7717) PictureMover (x32 Version: 3.5.0.33) Plants vs. Zombies (x32 Version: 2.2.0.95) PlayReady PC Runtime amd64 (Version: 1.3.0) PlayReady PC Runtime x86 (x32 Version: 1.3.0) Poker Superstars III (x32 Version: 2.2.0.95) Polar Bowler (x32 Version: 2.2.0.95) Polar Golfer (x32 Version: 2.2.0.95) Power2Go (x32 Version: 6.1.4329) PowerDirector (x32 Version: 8.0.3129) PressReader (x32 Version: 5.10.1102.0) Ralink RT2860 Wireless LAN Card (x32) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6196) Recovery Manager (x32 Version: 5.5.3219) RoxioNow Player (x32 Version: 1.9.5.101) TeamViewer 7 (x32 Version: 7.0.12979) Uniden Surveillance System 5.0.0.302 (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Virtual Families (x32 Version: 2.2.0.95) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95) VLC media player 1.1.10 (x32 Version: 1.1.10) Wheel of Fortune 2 (x32 Version: 2.2.0.95) Windows Driver Package - OEM (mr8980) Image (05/10/2010 1.0.0.0) (Version: 05/10/2010 1.0.0.0) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3502.0922) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3502.0922) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Zinio Reader 4 (x32 Version: 4.0.3184) ZoneAlarm LTD Toolbar Zuma Deluxe (x32 Version: 2.2.0.95) ==================== Restore Points ========================= 03-08-2013 03:41:45 Windows Update 07-08-2013 02:29:44 Windows Update 11-08-2013 03:18:50 Windows Update 15-08-2013 07:05:16 Windows Update 23-08-2013 00:44:54 Windows Update 27-08-2013 06:02:10 Windows Update 04-09-2013 19:51:26 Scheduled Checkpoint 04-09-2013 20:02:00 Windows Update 20-09-2013 05:26:16 Scheduled Checkpoint 20-09-2013 05:37:13 Windows Update 20-09-2013 07:00:23 Windows Update 29-09-2013 22:41:41 Windows Update 30-09-2013 02:46:07 Removed Java(TM) 6 Update 26 (64-bit) 30-09-2013 02:48:41 Removed Java 7 Update 25 30-09-2013 02:52:36 Installed Java 7 Update 40 ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {00388E65-2CFC-4F9C-905D-D76A97B93C6B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: {05ECD425-B176-4EDE-A657-8A20350A3181} - System32\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {608FB861-FD45-436A-ADBA-DAD008E8C26A} - System32\Tasks\HPCeeScheduleForTom => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {99E1B576-CB72-4310-87C9-A3683EF1C1E8} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] () Task: {9B6B10FF-F72E-4F18-85E2-B467D1B5ADE7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {9EABF3DC-01FB-4398-99C1-6AC05FF6479D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30] (Google Inc.) Task: {AB3E5344-07D5-4C04-AF47-58CB231E3AA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30] (Google Inc.) Task: {B909DF93-40EB-4B77-8985-8918C2D4A4D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated) Task: {C52CE892-5C72-4376-8CB5-9F0BF8CFBC8F} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-05] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForTHOMAS-KUSTUSZ$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\HPCeeScheduleForTom.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-29 18:41 - 2013-09-29 15:33 - 02102784 _____ () C:\Program Files\AVAST Software\Avast\defs\13092901\algo.dll 2011-06-09 17:44 - 2010-09-28 14:59 - 12286008 _____ () C:\Users\Tom\AppData\Roaming\PictureMover\Bin\Core.dll 2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2011-06-09 17:44 - 2010-09-28 15:10 - 01699384 _____ () C:\Users\Tom\AppData\Roaming\PictureMover\EN-US\Presentation.dll 2011-06-09 20:50 - 2011-06-07 13:47 - 00397312 _____ () C:\Program Files (x86)\Orbitdownloader\wtlctrl.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= |
| My System Specs |
| 29 Sep 2013 | #9 |
|
Let's get rid of the adware first. lease download AdwCleaner by Xplode and save to your Desktop.
Using AdwCleaner v3: Scan & Clean: Double click on AdwCleaner.exe to run the tool again.
|
| My System Specs |
| 30 Sep 2013 | #10 |
|
|
# AdwCleaner v3.005 - Report created 30/09/2013 at 01:29:55
# Updated 22/09/2013 by Xplode # Operating System : Windows 7 Home Premium (64 bits) # Username : Tom - THOMAS-KUSTUSZ # Running from : C:\Users\Tom\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk File Found : C:\Users\Public\Desktop\eBay.lnk File Found : C:\Users\Tom\AppData\Local\Temp\Uninstall.exe Folder Found C:\ProgramData\Ask Folder Found C:\Users\Tom\AppData\LocalLow\Conduit Folder Found C:\Users\Tom\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\AppDataLow\Software\Toolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKCU\Software\YahooPartnerToolbar Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : [x64] HKCU\Software\YahooPartnerToolbar Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Google Chrome v28.0.1500.95 [ File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4723 octets] - [30/09/2013 01:29:55] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4783 octets] ########## |
| My System Specs |
|
HJT a little is help needed
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Similar help and support threads | ||||
| Thread | Forum | |||
|
Please Help Needed! i have just installed win 7 to win 9 theme pack,, :) it was reali good n i loved it,but i wanted to remove n uninstall it, after he reboot. all the icons were left like that, not my windows 7 icons, non of them came back,, and normally the log on screen was ,, default and the bottom it was... |
General Discussion | |||
|
help needed hello all i would like to know is there any way to stop any process permanently and make it acessible when i want for example download accelerator plus in taskmanager i have seen that the process always keep on running even i have not opened the program its not that i dnt need it it but i want... |
General Discussion | |||
|
Help needed???? Hi everyone, my problem being i have installed w7 ultimate on my pc but installed the 32 bit by mistake but now i want to install my 64bit disk but i don't know how to do a clean inmstall, i read the tutorial but can't make head nor tail out of it because it really doesn't tell you how to perform... |
Installation & Setup | |||
|
Help Needed. Hiya first off, i am so happy to have found a forum like this. It is very much needed. Big thanks. Ok i bought windows 7 yesterday and followed the infomation just to upgrade from windows vista to the NEW O.S 7. Activated the product key and everything is great. But now What i want to... |
Installation & Setup | |||
|
Help needed I gave my computer to install Windows 7. Before Windows 7 installation i had 2 hard discs, C with Vista and D for my own files. After i got my computer back i saw only 1 C hard disc. Now i installed Take a ownership in order to make a full controll, because i am the only one user/administrator on... |
Drivers | |||
| Our Sites |
Site Links |
About Us |
Find Us |
|
Windows 7 Forums is an independent web site and has not been authorized,
sponsored, or otherwise approved by Microsoft Corporation.
"Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd All times are GMT -5. The time now is 07:08. |
|
