|
Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
|
Topic Tools |
#1
|
|||
|
|||
slllllllllloooooowwwwwww computer
Please help am running windows 7 and the past few weeks my computer has been running real slow..what to do? Thank You
|
#2
|
||||
|
||||
Howdy kickers,
Let's take a look. To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types" If you know how, it's best to disable your antivirus while doing these steps. Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
|
#3
|
|||
|
|||
fst
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-06-2017
Ran by Debbie (administrator) on DEBBIE-PC (11-06-2017 23:35:22) Running from C:\Users\Debbie\Desktop Loaded Profiles: Debbie & UpdatusUser (Available Profiles: Debbie & UpdatusUser) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Two Pilots) C:\Windows\VPDAgent_x64.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt. exe (Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService .exe (Acer Incorporated) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe ( ) C:\Windows\System32\lxdacoms.exe (The Neat Company) C:\Program Files (x86)\Neat\exec\NeatStartupService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\System32\LogonUI.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_25_ 0_0_171_ActiveX.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE () C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKU\S-1-5-21-144859163-3101515412-1175464348-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-144859163-3101515412-1175464348-1001\...\RunOnce: [ScrSav] => C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [154144 2010-07-29] () HKU\S-1-5-21-144859163-3101515412-1175464348-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\eMachines.scr [456224 2010-07-29] () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{BA4EE3B1-E485-46FC-88E6-D5D1F7BF8524}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-144859163-3101515412-1175464348-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-144859163-3101515412-1175464348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp.myway.com/fromdoctopdf/ttab02ie/index.html?n=7839E897&p2=^Y6^xpu005^TTAB02^us&ptb= 4E5D4E96-301E-44DC-9591-03631FEF66D1&si=2004&coid=674224b75f12457eac48cf91 55905eeb HKU\S-1-5-21-144859163-3101515412-1175464348-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> DefaultScope value is missing SearchScopes: HKLM -> {32CDCC52-BC6F-47B4-AFFA-3781CB945611} URL = SearchScopes: HKLM -> {A526E8A3-451D-4A8B-8ADD-B93DA7CD69AF} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-144859163-3101515412-1175464348-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-144859163-3101515412-1175464348-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-12] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-12] (Oracle Corporation) Toolbar: HKU\S-1-5-21-144859163-3101515412-1175464348-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} hxxp://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab DPF: HKLM-x32 {95B5D20C-BD31-4489-8ABF-F8C8BE748463} hxxp://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab DPF: HKLM-x32 {9BDF4724-10AA-43D5-BD15-AEA0D2287303} hxxp://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab DPF: HKLM-x32 {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} hxxp://cdn3.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File FireFox: ======== FF ProfilePath: C:\Users\Debbie\AppData\Roaming\Songbird2\Profiles \onzt21q8.default [2013-12-11] FF NetworkProxy: Songbird2\Profiles\onzt21q8.default -> no_proxies_on", "127.0.0.1;localhost" FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.co m [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\concerts@songbirdnest.co m [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest .com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest. com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest. com [not found] FF HKU\S-1-5-21-144859163-3101515412-1175464348-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => not found FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_ 171.dll [2017-05-10] () FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-20] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_ 171.dll [2017-05-10] () FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1. dll [2015-03-12] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-12] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-01-26] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-01-26] (NVIDIA Corporation) FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgames player.dll [No File] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-144859163-3101515412-1175464348-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.24 .15\npGoogleUpdate3.dll [No File] FF Plugin HKU\S-1-5-21-144859163-3101515412-1175464348-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Debbie\AppData\Local\Google\Update\1.3.24 .15\npGoogleUpdate3.dll [No File] Chrome: ======= CHR Profile: C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default [2016-10-17] CHR Extension: (Google Slides) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2016-08-14] CHR Extension: (Google Docs) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2016-08-14] CHR Extension: (Google Drive) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2016-08-14] CHR Extension: (YouTube) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2016-08-14] CHR Extension: (Google Sheets) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2016-08-14] CHR Extension: (Google Docs Offline) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2016-08-18] CHR Extension: (Chrome Web Store Payments) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2016-08-14] CHR Extension: (Gmail) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2016-08-14] CHR Extension: (Chrome Media Router) - C:\Users\Debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2016-08-18] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Agent; C:\Windows\VPDAgent_x64.exe [148480 2013-06-25] (Two Pilots) [File not signed] R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt. exe [626208 2009-08-10] () R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService .exe [89352 2014-09-15] (Hewlett-Packard Company) R2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated) R2 lxda_device; C:\Windows\system32\lxdacoms.exe [566192 2007-04-26] ( ) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [6144 2014-08-06] (The Neat Company) [File not signed] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed] S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] () R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [49584 2016-02-23] () R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [File not signed] S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) S3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [340992 2007-12-26] (NETGEAR Inc.) S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2017-06-07] () U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-02-20] () S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X] S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-06-11 23:35 - 2017-06-11 23:36 - 00017662 _____ C:\Users\Debbie\Desktop\FRST.txt 2017-06-11 23:35 - 2017-06-11 23:35 - 00000000 ____D C:\FRST 2017-06-11 23:34 - 2017-06-11 23:34 - 02438656 _____ (Farbar) C:\Users\Debbie\Desktop\FRST64.exe 2017-06-11 23:23 - 2017-06-11 23:23 - 00000000 ____D C:\Users\Debbie\AppData\Local\{615E4DED-1288-4B5E-8739-D929A32B79DD} 2017-06-11 22:56 - 2017-06-11 22:56 - 00125952 _____ C:\Users\Debbie\Desktop\debmat.PSproj 2017-06-11 22:45 - 2017-06-11 22:45 - 01373546 _____ C:\Users\Debbie\Desktop\297219784071546.htm 2017-06-11 22:14 - 2017-06-11 22:14 - 00000000 ____D C:\Program Files (x86)\MysticIsland.net 2017-06-11 18:01 - 2017-06-11 18:01 - 00000553 _____ C:\Users\UpdatusUser\Desktop\Mystic Island.lnk 2017-06-11 18:01 - 2017-06-11 18:01 - 00000553 _____ C:\Users\Debbie\Desktop\Mystic Island.lnk 2017-06-11 18:01 - 2017-06-11 18:01 - 00000000 ____D C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Mystic Island Gaming Park 2017-06-11 18:01 - 2001-03-13 14:53 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.011 2017-06-11 18:01 - 2001-03-13 14:47 - 00598288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00C 2017-06-11 18:01 - 2001-03-13 14:47 - 00164112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00D 2017-06-11 18:01 - 2001-03-13 14:47 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00F 2017-06-11 18:01 - 2001-03-13 14:45 - 00147728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00E 2017-06-11 18:01 - 2000-08-20 21:00 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.010 2017-06-11 18:01 - 1998-04-24 00:00 - 00368912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbar332.dll 2017-06-10 23:32 - 2017-06-10 23:32 - 00000000 __SHD C:\Users\Debbie\AppData\Roaming\wyUpdate AU 2017-06-10 23:32 - 2017-06-10 23:32 - 00000000 ____D C:\Users\Debbie\AppData\Local\Mystic_Island 2017-06-10 15:26 - 2017-06-10 15:26 - 00000000 ____D C:\Users\Debbie\AppData\Local\FromDocToPDFTooltab 2017-06-08 14:01 - 2017-06-08 14:02 - 46809448 _____ (MysticIsland.net) C:\Users\Debbie\Documents\setup110r5.exe 2017-06-06 10:14 - 2017-06-06 10:39 - 00000000 ____D C:\ProgramData\Mystic Island 2017-06-06 10:14 - 2001-03-13 15:53 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00B 2017-06-06 10:14 - 2001-03-13 15:47 - 00598288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.006 2017-06-06 10:14 - 2001-03-13 15:47 - 00164112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.007 2017-06-06 10:14 - 2001-03-13 15:47 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.009 2017-06-06 10:14 - 2001-03-13 15:45 - 00147728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.008 2017-06-06 10:14 - 2000-08-20 22:00 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00A 2017-06-06 10:13 - 2017-06-11 18:04 - 00000000 ____D C:\Program Files (x86)\Mystic Island 2017-06-06 10:13 - 2017-06-11 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystic Island Gaming Park 2017-06-06 10:13 - 2001-03-13 15:53 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.005 2017-06-06 10:13 - 2001-03-13 15:47 - 00598288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000 2017-06-06 10:13 - 2001-03-13 15:47 - 00164112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.001 2017-06-06 10:13 - 2001-03-13 15:47 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.003 2017-06-06 10:13 - 2001-03-13 15:45 - 00147728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.002 2017-06-06 10:13 - 2000-08-20 22:00 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.004 2017-06-06 10:13 - 1998-09-11 09:14 - 00021504 _____ () C:\Windows\SysWOW64\WBCustomizer.dll 2017-06-06 10:13 - 1997-12-22 15:47 - 00080896 _____ (Dolphin Systems Inc.) C:\Windows\SysWOW64\Dssock32.ocx 2017-06-06 10:12 - 2017-06-06 10:12 - 13475060 _____ C:\Users\Debbie\Desktop\mystic386b.exe 2017-06-05 09:49 - 2017-06-07 09:49 - 00013920 _____ C:\Windows\system32\Drivers\SWDUMon.sys 2017-06-05 09:48 - 2017-06-08 15:06 - 00000000 ____D C:\Users\Debbie\AppData\Local\SlimWare Utilities Inc 2017-06-01 10:35 - 2017-06-01 13:47 - 02267136 _____ C:\Users\Debbie\Desktop\My Project (1).PSproj 2017-05-28 10:30 - 2017-05-28 10:30 - 00000128 _____ C:\Windows\wininit.ini 2017-05-28 10:30 - 2017-05-28 10:30 - 00000000 ____D C:\Users\Debbie\AppData\Local\Downloaded Installers 2017-05-25 07:47 - 2017-05-25 07:47 - 00000000 ____D C:\Windows\Minidump 2017-05-24 14:36 - 2017-05-24 14:36 - 04110280 _____ C:\Users\Debbie\Desktop\adwcleaner_6.047.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-06-11 10:03 - 2009-07-14 00:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-06-11 10:03 - 2009-07-14 00:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-06-09 15:12 - 2014-09-17 14:25 - 00000000 ____D C:\Users\Debbie\AppData\Local\CrashDumps 2017-06-08 15:46 - 2011-12-12 12:42 - 00000000 ____D C:\Windows\system32\Macromed 2017-06-08 15:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf 2017-06-08 15:09 - 2012-07-06 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2017-06-08 14:03 - 2014-09-27 14:45 - 00000000 ____D C:\Users\Debbie\AppData\Local\Downloaded Installations 2017-06-07 07:35 - 2012-07-06 11:23 - 00000000 ____D C:\Program Files (x86)\HP 2017-06-05 09:53 - 2009-07-14 01:13 - 00783424 _____ C:\Windows\system32\PerfStringBackup.INI 2017-06-05 09:48 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-06-05 09:48 - 2009-07-07 04:14 - 00000000 ____D C:\ProgramData\NVIDIA 2017-06-04 01:00 - 2014-09-25 14:55 - 00000000 ____D C:\Users\Debbie\AppData\Local\ElevatedDiagnostics 2017-05-30 16:45 - 2010-11-20 23:27 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2017-05-25 07:47 - 2009-07-07 04:11 - 00301373 ____N C:\Windows\Minidump\052517-20264-01.dmp 2017-05-24 14:42 - 2013-04-12 03:03 - 00000000 ____D C:\Users\UpdatusUser 2017-05-24 14:39 - 2016-03-09 16:44 - 00000000 ____D C:\AdwCleaner 2017-05-24 03:08 - 2013-08-15 03:01 - 00000000 ____D C:\Windows\system32\MRT 2017-05-24 03:01 - 2011-09-15 20:11 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-05-20 15:10 - 2017-01-26 13:34 - 00000000 ____D C:\Users\Debbie\Desktop\New folder ==================== Files in the root of some directories ======= 2014-04-22 08:59 - 2014-04-22 00:39 - 0197000 _____ () C:\Program Files (x86)\8eres.dll 2013-12-19 14:15 - 2014-08-28 00:32 - 0000148 _____ () C:\Users\Debbie\AppData\Roaming\WB.CFG 2012-07-06 11:23 - 2017-06-08 15:45 - 0028828 _____ () C:\ProgramData\hpzinstall.log 2016-05-11 15:09 - 2016-05-11 15:09 - 0000016 _____ () C:\ProgramData\mntemp 2016-05-11 15:09 - 2016-05-11 15:09 - 0005008 _____ () C:\ProgramData\olmshzqo.mcy Some files in TEMP: ==================== 2016-02-19 19:30 - 2016-01-22 02:09 - 1314328 _____ (Microsoft Corporation) C:\Users\Debbie\AppData\Local\Temp\dllnt_dump.dll 2017-06-11 10:46 - 1999-06-25 08:55 - 0149504 _____ () C:\Users\Debbie\AppData\Local\Temp\GLB1A2B.EXE 2016-07-20 09:25 - 2016-07-20 09:25 - 0741440 _____ (Oracle Corporation) C:\Users\Debbie\AppData\Local\Temp\jre-8u101-windows-au.exe 2016-10-22 07:20 - 2016-10-22 07:20 - 0737856 _____ (Oracle Corporation) C:\Users\Debbie\AppData\Local\Temp\jre-8u111-windows-au.exe 2017-01-21 08:20 - 2017-01-21 08:20 - 0739904 _____ (Oracle Corporation) C:\Users\Debbie\AppData\Local\Temp\jre-8u121-windows-au.exe 2017-04-22 07:20 - 2017-04-22 07:20 - 0739904 _____ (Oracle Corporation) C:\Users\Debbie\AppData\Local\Temp\jre-8u131-windows-au.exe 2016-04-23 07:20 - 2016-06-25 07:20 - 0739904 _____ (Oracle Corporation) C:\Users\Debbie\AppData\Local\Temp\jre-8u91-windows-au.exe 2016-03-03 05:50 - 2015-07-29 16:08 - 0681097 _____ (SQLite Development Team) C:\Users\Debbie\AppData\Local\Temp\sqlite3.dll 2016-05-11 15:09 - 2016-05-11 15:09 - 0429280 _____ () C:\Users\Debbie\AppData\Local\Temp\xuninst.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-06-02 02:10 ==================== End of FRST.txt ============================ |
#4
|
|||
|
|||
addt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2017
Ran by Debbie (11-06-2017 23:36:53) Running from C:\Users\Debbie\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2011-09-14 20:35:13) Boot Mode: Normal ================================================== ======== ==================== Accounts: ============================= Administrator (S-1-5-21-144859163-3101515412-1175464348-500 - Administrator - Disabled) Debbie (S-1-5-21-144859163-3101515412-1175464348-1000 - Administrator - Enabled) => C:\Users\Debbie Guest (S-1-5-21-144859163-3101515412-1175464348-501 - Limited - Disabled) UpdatusUser (S-1-5-21-144859163-3101515412-1175464348-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.) Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Contrôle ActiveX Windows Live Mesh pour connexions ŕ distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden D4300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden DJ_SF_03_D4300_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated) eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated) eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0221.2011 - Acer Incorporated) Flash Player Pro V5.4 (HKLM-x32\...\Flash Player Pro_is1) (Version: - FlashPlayerPro.com) Free Editor (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66B4}_is1) (Version: 1.0 - Blue Labs, LLC) FromDocToPDF Internet Explorer Homepage and New Tab (HKU\S-1-5-21-144859163-3101515412-1175464348-1000\...\FromDocToPDFTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== ATTENTION Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden HP Deskjet D4300 Printer Driver Software 13.0 Rel. 3 (HKLM\...\{382300D4-777B-4233-A98C-99EA0F6B881F}) (Version: 13.0 - HP) HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060F0}) (Version: 7.0.600 - Oracle) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mystic Island Casino (HKLM-x32\...\{C09280E9-C208-4438-933B-579B9BBFFE53}) (Version: 1.10.0000 - MysticIsland.net) Mystic Island v3.86 (HKLM-x32\...\Mystic Island v3.86) (Version: - ) Neat (HKLM-x32\...\Neat) (Version: 5.5.2.7 - The Neat Company) Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.5 - The Neat Company) Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.5 - The Neat Company) Neat Core Files (x32 Version: 5.5.2.7 - The Neat Company) Hidden Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.5 - The Neat Company) Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.4 - The Neat Company) Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company) NeatConnect Scanner Driver (HKLM\...\{6895EF47-6BD8-468E-BA09-B33636C65B7C}) (Version: 2.0.2.26 - The Neat Company) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation) NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation) NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6684 - NVIDIA Corporation) NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company) SmartDraw 2012 (HKLM-x32\...\SmartDraw 2012) (Version: - SmartDraw.com) The Print Shop 3.0 Deluxe (HKLM-x32\...\{49B3B2D8-3429-492D-BAB5-5542048D5030}) (Version: 3.0.6 - Encore) The Print Shop 3.0 Fonts (HKLM-x32\...\{2C3060F6-F0DC-4F63-A70F-2070BE57EEDC}) (Version: 1.0 - Encore) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2009-08-10 19:01 - 2009-08-10 19:01 - 00626208 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt. exe 2009-08-10 19:00 - 2009-08-10 19:00 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.d ll 2009-08-10 19:01 - 2009-08-10 19:01 - 00578592 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase .dll 2009-08-10 19:01 - 2009-08-10 19:01 - 00206880 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe 2013-09-21 06:24 - 2013-06-25 12:08 - 00054784 _____ () C:\Windows\System32\sdtnpm.dll 2010-02-28 05:33 - 2010-02-28 05:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe 2013-04-12 03:02 - 2013-01-31 05:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118] AlternateDataStreams: C:\ProgramData\TEMP:A31FAD21 [118] AlternateDataStreams: C:\ProgramData\TEMP:B9000539 [133] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-144859163-3101515412-1175464348-1000\...\localhost -> localhost ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2016-02-19 19:21 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-144859163-3101515412-1175464348-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Debbie\AppData\Roaming\Microsoft\Windows\ Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{BE357E37-9C27-4A6F-B6A0-E419414D17A3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{B17E6805-35EB-47BF-AA20-DDD0A69F8A80}] => (Allow) LPort=2869 FirewallRules: [{A81C3C55-CE89-4131-A8FC-71151D2CAD43}] => (Allow) LPort=1900 FirewallRules: [{53A6FFD9-F922-4A55-B4FA-61D8D6857B47}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{9381C372-7838-47F9-B83C-85AB316C517F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{AEE5192C-F04D-4F61-A1D3-A7A561AE29F5}] => (Allow) C:\Windows\System32\lxdacoms.exe FirewallRules: [{8AB9C8A4-2DE9-49D6-8B05-E3B455AB8752}] => (Allow) C:\Windows\System32\lxdacoms.exe FirewallRules: [{FB136E93-09D0-4E5A-88D0-75E4873E9596}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{DFFB6A7C-82DE-40E9-ABC4-32E0427FBEFB}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{41CC433D-00F0-46F6-AC00-F29622BDCB6A}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{D4A796B6-5A9D-42AE-88FF-E344F4248CDD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{90583F21-8A32-432F-AEED-C4AFCD283E8D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{6C29CC21-22B3-4B65-9813-9C29828D1546}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS46E6\HPDiagn osticCoreUI.exe FirewallRules: [{41769EFC-2EA2-4C2F-B599-79E1B66226F3}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS46E6\HPDiagn osticCoreUI.exe FirewallRules: [{10873C50-1A2B-4BE3-8A64-4525FF9833F8}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS4CBF\hppiw.e xe FirewallRules: [{C6AB512D-3B58-4512-B1FB-02E8FCE78CFC}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS4CBF\hppiw.e xe FirewallRules: [{784ED75B-6CA2-48DD-8214-85150B8FA961}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS4EDD\hppiw.e xe FirewallRules: [{A28D8707-D539-424B-99F1-2873B513FB05}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\7zS4EDD\hppiw.e xe FirewallRules: [TCP Query User{2654584A-704B-49FB-BF01-C5727EA0DC22}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [UDP Query User{0702E934-FA03-4AC6-84A8-CEC27B7317CA}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [{09B58C06-E9EA-40A0-A48C-266EA4FB8570}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{3BADBF65-7BDA-46ED-9401-138A083A7B85}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{C7BF89E7-4C20-48BA-A315-5208900B1B73}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{99D6F12B-1575-42E6-9F22-B0D715F3D71B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{F6BCCDE2-7439-4805-8F0E-B00CD1793D9A}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\nsgA8A4.tmp\Ins taller-10522282.exe FirewallRules: [{ACE9BCC5-6B96-450B-A118-927F59936D67}] => (Allow) C:\Users\Debbie\AppData\Local\Temp\nsgA8A4.tmp\Ins taller-10522282.exe FirewallRules: [{EA97FDED-98A5-4083-89F1-8F8C30BDCA4F}] => (Allow) C:\Users\Debbie\AppData\Local\Chromium\Application \chrome.exe ==================== Restore Points ========================= 17-05-2017 03:52:13 Windows Update 21-05-2017 03:51:10 Windows Update 24-05-2017 03:00:13 Windows Update 27-05-2017 03:48:44 Windows Update 30-05-2017 07:59:46 Windows Update 03-06-2017 03:49:04 Windows Update 06-06-2017 09:59:53 Windows Update 08-06-2017 14:03:41 Installed Mystic Island Casino. 08-06-2017 15:06:19 Removed DriverUpdate 10-06-2017 06:12:21 Windows Update 11-06-2017 10:47:48 Removed Mystic Island Casino. 11-06-2017 22:13:48 Installed Mystic Island Casino. ==================== Faulty Device Manager Devices ============= Name: ZAM Guard Driver Description: ZAM Guard Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ZAM_Guard Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: ZAM Helper Driver Description: ZAM Helper Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ZAM Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (06/11/2017 10:40:07 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.18666 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2e8 Start Time: 01d2e21f1fc98de0 Termination Time: 1543 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: Error: (06/09/2017 11:27:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18666, time stamp: 0x58f30f27 Faulting module name: MSHTML.dll, version: 11.0.9600.18666, time stamp: 0x58f3218f Exception code: 0xc0000005 Fault offset: 0x006b750b Faulting process id: 0x1080 Faulting application start time: 0x01d2e08fe0fd5e60 Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\system32\MSHTML.dll Report Id: 28f61928-4d28-11e7-93d1-f80f4121c140 Error: (06/07/2017 08:15:02 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18666, time stamp: 0x58f30f27 Faulting module name: MSHTML.dll, version: 11.0.9600.18666, time stamp: 0x58f3218f Exception code: 0xc0000005 Fault offset: 0x00fbfe19 Faulting process id: 0x1724 Faulting application start time: 0x01d2df87a83c5940 Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\system32\MSHTML.dll Report Id: ee1b43b8-4b7a-11e7-93d1-f80f4121c140 Error: (06/05/2017 10:48:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18666, time stamp: 0x58f30f27 Faulting module name: MSHTML.dll, version: 11.0.9600.18666, time stamp: 0x58f3218f Exception code: 0xc0000005 Fault offset: 0x004d6405 Faulting process id: 0x53c Faulting application start time: 0x01d2de049a372f48 Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\system32\MSHTML.dll Report Id: 05de96e0-49fe-11e7-93d1-f80f4121c140 Error: (06/05/2017 09:49:10 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/04/2017 09:28:02 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.18666 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 25f0 Start Time: 01d2dd35d61f9588 Termination Time: 0 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: Error: (06/04/2017 09:24:04 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.18666 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1fe8 Start Time: 01d2dd356d283f08 Termination Time: 1575 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: Error: (06/04/2017 09:21:08 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.18666 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1a68 Start Time: 01d2dd3523b74828 Termination Time: 18 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: Error: (06/03/2017 06:36:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.18666, time stamp: 0x58f30f27 Faulting module name: Flash32_25_0_0_171.ocx, version: 25.0.0.171, time stamp: 0x590169a6 Exception code: 0x40000015 Fault offset: 0x0075b9a1 Faulting process id: 0x15a8 Faulting application start time: 0x01d2d7e6ab1454e0 Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: C:\Windows\SysWOW64\Macromed\Flash\Flash32_25_0_0_ 171.ocx Report Id: 8f9e3d98-4848-11e7-89a1-f80f4121c140 Error: (06/02/2017 09:08:11 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program IEXPLORE.EXE version 11.0.9600.18666 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 12fc Start Time: 01d2db9b75e9a938 Termination Time: 1605 Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Report Id: System errors: ============= Error: (06/09/2017 03:14:03 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (06/06/2017 03:09:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (06/06/2017 03:04:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (06/02/2017 08:28:53 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (05/25/2017 07:47:31 AM) (Source: BugCheck) (EventID: 1001) (User: ) Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa80021c8660, 0xfffff80004461740). A dump was saved in: C:\Windows\Minidump\052517-20264-01.dmp. Report Id: 052517-20264-01. Error: (05/25/2017 07:47:29 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 7:46:02 AM on 5/25/2017 was unexpected. Error: (05/24/2017 02:38:59 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. Error: (05/24/2017 02:38:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s). Error: (05/24/2017 02:38:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (05/24/2017 02:38:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2016-02-19 18:20:41.739 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-19 18:20:41.646 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-19 18:20:41.552 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-19 18:20:41.458 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-08 10:20:53.861 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-08 10:20:53.705 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-08 10:20:53.565 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-08 10:20:53.424 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-09-01 22:39:08.352 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-09-01 22:39:08.274 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X2 220 Processor Percentage of memory in use: 72% Total physical RAM: 2815.37 MB Available physical RAM: 779.42 MB Total Virtual: 5896.9 MB Available Virtual: 1550.98 MB ==================== Drives ================================ Drive c: (eMachines) (Fixed) (Total:911.88 GB) (Free:856.27 GB) NTFS ==================== MBR & Partition Table ================== ================================================== ====== Disk: 0 (Size: 931.5 GB) (Disk ID: 35D5C1F3) Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================ |
#5
|
||||
|
||||
Go to Start - Control Panel - Programs - Programs and Features/Uninstall, then click on each of the following programs, if they show there, and click "Uninstall/Change". Do not use Revo to uninstall these please.
Flash Player Pro V5.4 FromDocToPDF Internet Explorer Homepage and New Tab ------------- Go to Start, Search, type notepad in the Search box, and hit Enter. In the open Notepad text box, copy and past the following (inside the Code box): Code:
start Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{BA4EE3B1-E485-46FC-88E6-D5D1F7BF8524}: [DhcpNameServer] 172.20.10.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-144859163-3101515412-1175464348-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-144859163-3101515412-1175464348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp.myway.com/fromdoctopdf/ttab02ie/index.html?n=7839E897&p2=^Y6^xpu005^TTAB02^us&ptb= 4E5D4E96-301E-44DC-9591-03631FEF66D1&si=2004&coid=674224b75f12457eac48cf91 55905eeb SearchScopes: HKLM -> DefaultScope value is missing SearchScopes: HKLM -> {32CDCC52-BC6F-47B4-AFFA-3781CB945611} URL = SearchScopes: HKLM -> {A526E8A3-451D-4A8B-8ADD-B93DA7CD69AF} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-144859163-3101515412-1175464348-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File Toolbar: HKU\S-1-5-21-144859163-3101515412-1175464348-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File FF NetworkProxy: Songbird2\Profiles\onzt21q8.default -> no_proxies_on", "127.0.0.1;localhost" FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.co m [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\concerts@songbirdnest.co m [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest .com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest. com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest. com [not found] FF HKU\S-1-5-21-144859163-3101515412-1175464348-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => not found S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X] S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [49584 2016-02-23] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X] S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X] 2017-06-11 23:23 - 2017-06-11 23:23 - 00000000 ____D C:\Users\Debbie\AppData\Local\{615E4DED-1288-4B5E-8739-D929A32B79DD} 2017-06-11 18:01 - 2001-03-13 14:53 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.011 2017-06-11 18:01 - 2001-03-13 14:47 - 00598288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00C 2017-06-11 18:01 - 2001-03-13 14:47 - 00164112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00D 2017-06-11 18:01 - 2001-03-13 14:47 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00F 2017-06-11 18:01 - 2001-03-13 14:45 - 00147728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00E 2017-06-11 18:01 - 2000-08-20 21:00 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.010 2017-06-06 10:14 - 2017-06-06 10:39 - 00000000 ____D C:\ProgramData\Mystic Island 2017-06-06 10:14 - 2001-03-13 15:53 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00B 2017-06-06 10:14 - 2001-03-13 15:47 - 00598288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.006 2017-06-06 10:14 - 2001-03-13 15:47 - 00164112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.007 2017-06-06 10:14 - 2001-03-13 15:47 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.009 2017-06-06 10:14 - 2001-03-13 15:45 - 00147728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.008 2017-06-06 10:14 - 2000-08-20 22:00 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00A 2017-06-06 10:13 - 2001-03-13 15:53 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.005 2017-06-06 10:13 - 2001-03-13 15:47 - 00598288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000 2017-06-06 10:13 - 2001-03-13 15:47 - 00164112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.001 2017-06-06 10:13 - 2001-03-13 15:47 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.003 2017-06-06 10:13 - 2001-03-13 15:45 - 00147728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.002 2017-06-06 10:13 - 2000-08-20 22:00 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.004 2014-04-22 08:59 - 2014-04-22 00:39 - 0197000 _____ () C:\Program Files (x86)\8eres.dll 2016-05-11 15:09 - 2016-05-11 15:09 - 0005008 _____ () C:\ProgramData\olmshzqo.mcy AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118] AlternateDataStreams: C:\ProgramData\TEMP:A31FAD21 [118] AlternateDataStreams: C:\ProgramData\TEMP:B9000539 [133] IE trusted site: HKU\S-1-5-21-144859163-3101515412-1175464348-1000\...\localhost -> localhost end Then open FRST, and click the Fix button. Once it is done a text will open - post that back here please. ------------- Download ADWCleaner and run it, then click Scan. When the scan completes, click Logfile, and copy/paste that back here please. Best not to click Clean - ADWCleaner makes mistakes. |
#6
|
|||
|
|||
fix
not sure of what you want,,,pulled up far recovery and said first was not there what yo want me to fix?
|
#7
|
||||
|
||||
Debbie, this:
Quote:
|
#8
|
|||
|
|||
fixq
ok I did all that an clicked fix..
|
#9
|
|||
|
|||
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by Debbie (17-06-2017 20:14:18) Run:1 Running from C:\Users\Debbie\Desktop Loaded Profiles: Debbie & UpdatusUser (Available Profiles: Debbie & UpdatusUser) Boot Mode: Normal ============================================== fixlist content: ***************** start Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{BA4EE3B1-E485-46FC-88E6-D5D1F7BF8524}: [DhcpNameServer] 172.20.10.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-144859163-3101515412-1175464348-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-144859163-3101515412-1175464348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp.myway.com/fromdoctopdf/ttab02ie/index.html?n=7839E897&p2=^Y6^xpu005^TTAB02^us&ptb= 4E5D4E96-301E-44DC-9591-03631FEF66D1&si=2004&coid=674224b75f12457eac48cf91 55905eeb SearchScopes: HKLM -> DefaultScope value is missing SearchScopes: HKLM -> {32CDCC52-BC6F-47B4-AFFA-3781CB945611} URL = SearchScopes: HKLM -> {A526E8A3-451D-4A8B-8ADD-B93DA7CD69AF} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-144859163-3101515412-1175464348-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File Toolbar: HKU\S-1-5-21-144859163-3101515412-1175464348-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File FF NetworkProxy: Songbird2\Profiles\onzt21q8.default -> no_proxies_on", "127.0.0.1;localhost" FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.co m [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\concerts@songbirdnest.co m [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest .com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest. com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com [not found] FF Extension: (No Name) - C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest. com [not found] FF HKU\S-1-5-21-144859163-3101515412-1175464348-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => not found S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X] S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [49584 2016-02-23] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X] S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X] 2017-06-11 23:23 - 2017-06-11 23:23 - 00000000 ____D C:\Users\Debbie\AppData\Local\{615E4DED-1288-4B5E-8739-D929A32B79DD} 2017-06-11 18:01 - 2001-03-13 14:53 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.011 2017-06-11 18:01 - 2001-03-13 14:47 - 00598288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00C 2017-06-11 18:01 - 2001-03-13 14:47 - 00164112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00D 2017-06-11 18:01 - 2001-03-13 14:47 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00F 2017-06-11 18:01 - 2001-03-13 14:45 - 00147728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00E 2017-06-11 18:01 - 2000-08-20 21:00 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.010 2017-06-06 10:14 - 2017-06-06 10:39 - 00000000 ____D C:\ProgramData\Mystic Island 2017-06-06 10:14 - 2001-03-13 15:53 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00B 2017-06-06 10:14 - 2001-03-13 15:47 - 00598288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.006 2017-06-06 10:14 - 2001-03-13 15:47 - 00164112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.007 2017-06-06 10:14 - 2001-03-13 15:47 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.009 2017-06-06 10:14 - 2001-03-13 15:45 - 00147728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.008 2017-06-06 10:14 - 2000-08-20 22:00 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.00A 2017-06-06 10:13 - 2001-03-13 15:53 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.005 2017-06-06 10:13 - 2001-03-13 15:47 - 00598288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000 2017-06-06 10:13 - 2001-03-13 15:47 - 00164112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.001 2017-06-06 10:13 - 2001-03-13 15:47 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.003 2017-06-06 10:13 - 2001-03-13 15:45 - 00147728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.002 2017-06-06 10:13 - 2000-08-20 22:00 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.004 2014-04-22 08:59 - 2014-04-22 00:39 - 0197000 _____ () C:\Program Files (x86)\8eres.dll 2016-05-11 15:09 - 2016-05-11 15:09 - 0005008 _____ () C:\ProgramData\olmshzqo.mcy AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118] AlternateDataStreams: C:\ProgramData\TEMP:A31FAD21 [118] AlternateDataStreams: C:\ProgramData\TEMP:B9000539 [133] IE trusted site: HKU\S-1-5-21-144859163-3101515412-1175464348-1000\...\localhost -> localhost end ***************** HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\\DhcpNameServer => value removed successfully HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}\\NameServer => value removed successfully HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0}\\DhcpNameServer => value removed successfully HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{BA4EE3B1-E485-46FC-88E6-D5D1F7BF8524}\\DhcpNameServer => value removed successfully HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully HKU\S-1-5-21-144859163-3101515412-1175464348-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully HKU\S-1-5-21-144859163-3101515412-1175464348-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{32CDCC52-BC6F-47B4-AFFA-3781CB945611} => key removed successfully HKLM\Software\Classes\CLSID\{32CDCC52-BC6F-47B4-AFFA-3781CB945611} => key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A526E8A3-451D-4A8B-8ADD-B93DA7CD69AF} => key removed successfully HKLM\Software\Classes\CLSID\{A526E8A3-451D-4A8B-8ADD-B93DA7CD69AF} => key not found. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-21-144859163-3101515412-1175464348-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key removed successfully HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key removed successfully HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found. HKU\S-1-5-21-144859163-3101515412-1175464348-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found. HKLM\Software\Classes\PROTOCOLS\Handler\linkscanne r => key removed successfully HKLM\Software\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => key not found. Firefox Proxy settings were reset. C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.co m => not found. C:\Program Files (x86)\Songbird\extensions\concerts@songbirdnest.co m => not found. C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com => path removed successfully C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com => path removed successfully C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest .com => not found. C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest. com => not found. C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com => path removed successfully C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest. com => not found. HKU\S-1-5-21-144859163-3101515412-1175464348-1001\Software\Mozilla\Firefox\Extensions\\smartweb printing@hp.com => value removed successfully HKLM\System\CurrentControlSet\Services\ZAMSvc => key removed successfully ZAMSvc => service removed successfully HKLM\System\CurrentControlSet\Services\hitmanpro37 => key removed successfully hitmanpro37 => service removed successfully HKLM\System\CurrentControlSet\Services\catchme => key removed successfully catchme => service removed successfully HKLM\System\CurrentControlSet\Services\ZAM => key removed successfully ZAM => service removed successfully HKLM\System\CurrentControlSet\Services\ZAM_Guard => key removed successfully ZAM_Guard => service removed successfully C:\Users\Debbie\AppData\Local\{615E4DED-1288-4B5E-8739-D929A32B79DD} => moved successfully C:\Windows\SysWOW64\temp.011 => moved successfully C:\Windows\SysWOW64\temp.00C => moved successfully C:\Windows\SysWOW64\temp.00D => moved successfully C:\Windows\SysWOW64\temp.00F => moved successfully C:\Windows\SysWOW64\temp.00E => moved successfully C:\Windows\SysWOW64\temp.010 => moved successfully C:\ProgramData\Mystic Island => moved successfully C:\Windows\SysWOW64\temp.00B => moved successfully C:\Windows\SysWOW64\temp.006 => moved successfully C:\Windows\SysWOW64\temp.007 => moved successfully C:\Windows\SysWOW64\temp.009 => moved successfully C:\Windows\SysWOW64\temp.008 => moved successfully C:\Windows\SysWOW64\temp.00A => moved successfully C:\Windows\SysWOW64\temp.005 => moved successfully C:\Windows\SysWOW64\temp.000 => moved successfully C:\Windows\SysWOW64\temp.001 => moved successfully C:\Windows\SysWOW64\temp.003 => moved successfully C:\Windows\SysWOW64\temp.002 => moved successfully C:\Windows\SysWOW64\temp.004 => moved successfully C:\Program Files (x86)\8eres.dll => moved successfully C:\ProgramData\olmshzqo.mcy => moved successfully C:\ProgramData\TEMP => ":373E1720" ADS removed successfully. C:\ProgramData\TEMP => ":A31FAD21" ADS removed successfully. C:\ProgramData\TEMP => ":B9000539" ADS removed successfully. HKU\S-1-5-21-144859163-3101515412-1175464348-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\ZoneMap\Domains\localhost => key removed successfully ==== End of Fixlog 20:14:41 ==== |
#10
|
||||
|
||||
ssues we atill need to correct please.
Then download and run Eset's online scanner. Agree to the prompts, and place a check next to:
Enable detection of potentially unwanted applications When the scan finishes, have it delete anything it found. Then post back on any issues we still need to address please. |
#11
|
||||
|
||||
I wouldn't mind viewing the ADWCleaner log as well.
|
#12
|
|||
|
|||
the ther scan said it was fine,,and what adware cleaner yo talkig about I thnk I have already deleted all?
|
#13
|
||||
|
||||
So how are things running now?
|
Bookmarks |
«
Previous Topic
|
Next Topic
»
Topic Tools | |
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
Sony Vaio Computer - computer light flashing but won't start. | Rach33140 | Hardware | 1 | September 18th, 2007 08:38 PM |
Computer Boots, Windows Loads, Computer Restarts.. | makaveli_420 | Windows XP | 3 | August 25th, 2007 10:36 PM |
Computer randomly jumps to 100% computer usage with no explaination. | Brienze | Hardware | 8 | May 2nd, 2007 06:16 PM |
Help! Computer virus is rendering my computer slow and popup madness | pallaver | Windows XP | 1 | September 26th, 2006 12:09 AM |
computer freezes, *presses restart*, computer doesn't turn back on | neoness | Windows XP | 6 | December 27th, 2002 06:16 AM |
All times are GMT +1. The time now is 07:08 PM.